Identity theft is a insidious form of online fraud wherein a person steals your personal and/or financial information, including your name, social security number or bank account number, and then uses this information to:
- Open credit accounts in your name, or run existing accounts.
- Obtain loans in your name, which will not be repaid.
- Open bank accounts in your name in order to write bad checks.
- Commit crimes, which results in arrest warrants being issued in your name.
E-mail and Website Fraud (Phishing)
One of the most common types of e-mail fraud is sending a phony e-mail message that directs the recipient to a fraudulent website. These e-mail’s can look very convincing. There are some common features among many of these types of e-mail.
- Urgent appeal. The message may threaten some consequence if you do not respond.
- Request for Information. There may be a request to update or validate certain personal information.
- Typos and errors. Often the message is poorly written or has spelling errors within the message.
How to Prevent Being Phished
- Don’t reply to any suspect or suspicious e-mail, even if it seems urgent.
- Don’t click on links inside of e-mail
- Don’t call telephone numbers from e-mail. Instead call the number on the company website, phone book, statement, or back of a Credit/Debit card.
Protecting Your Personal Information
- Carry only necessary identification. Do not carry your social security card with you.
- Take steps to reduce the amount of mail you receive that displays personal information.
- Be cautious when providing your Social Security Number. It’s okay to ask whether it is needed for the application or transaction.
- Check your credit report annually at a minimum.
- Never provide personal information over the phone or internet unless you have initiated the contact and have confirmed the business or person’s identity.
- Avoid leaving any personal information in your car.
- Shred unnecessary documents and eliminate as many paper documents containing your personal information as possible.
- Take your outgoing mail to the post office rather than using street-side mailboxes.
Other Ways to Protect Your Information
- Never give out personal information, such as checking account numbers, credit card numbers and especially your Social Security number. Never give out any of this information over the phone or on the Internet unless you can be certain who you are dealing with, you are the one initiating contact or know that your connection is secure.
- Never carry any of your personal information with you, including Social Security cards or bank account cards.
- Do not preprint your Social Security number, driver’s license number or phone numbers on your checks.
- Only purchase checks and deposit slips from an approved check vendor.
- Do not throw away any mail that contains personal information unless you tear or shred it first.
- Contact major credit reporting companies periodically. Check all credit card statements and inspect them for any improprieties.
- Cancel all unused credit cards, and cut them up before disposing of them.
- Be wary at ATMs. Someone looking over your shoulder can obtain your PIN number and gain access to your account.
- If any financial information is stored on a laptop, be sure to protect it with a password system, with a password that could not easily be guessed.
- Be cautious of any promotions you choose to participate in on the phone or in the mail. Always be on guard and never take any unnecessary risks with your private and personal information.
- Don’t leave outgoing mail in your mailbox. Drop it off at the Post Office or in a secured official Postal Service collection box.
- Review your Credit Report annually. By law you can receive a free credit report each year. Look through the report carefully to see if there is any suspicious activity. If so, contact your credit card company immediately. This report can be requested online at www.annualcreditreport.com, via telephone at 877.322.8228, and via mail at:
Annual Credit Report Request Service
P.O. Box 105281
Atlanta, GA 30348.5281.
Protecting Yourself at the ATM
- Limit time spent at the machine.
- Protect your PIN and passwords — don't keep them in your wallet.
- Keep receipts and compare to monthly statement.
- Treat your ATM card like cash by always protecting it.
- Be aware of strangers when you enter or exit an ATM site. If you notice anything suspicious or unsafe, report it.
- Shield the ATM keypad with your hand or body while entering your PIN (Personal Identification Number).
- Put away your card and cash immediately after completing your transaction.
- Do not let strangers assist you with a malfunctioning ATM, exit to another ATM for use.
- Be extra cautious when using an ATM at night.
What to do if You Become a Victim of Identity Theft
If you believe that you have been the victim of identity theft. The following actions will help minimize your exposure.
ISF Bank customers should contact us immediately at 773.624.2000. We will secure your ISF Bank accounts and help with an identity theft toolkit for other financial relationships.
- File a police report with local authorities.
- Contact the fraud departments of the 3 credit bureaus below. Place a fraud alert and request a copy of your credit report.
Trans Union: 800.680.7289
- File a complaint with the Federal Tract Commission. Either at www.consumer.gov/idtheft or via telephone at 877.438.4338
For more information on Identity Theft and other account fraud you can visit the following websites.
- National Fraud Information Center: www.fraud.org
- Federal Deposit Insurance Corporation: www.fdic.gov
- Federal Trade Commission: www.consumer.gov/idtheft
- Anti-Phishing Working Group: www.antiphising.org
- Microsoft: www.microsoft.com/athome/security
Warning about Phishing Attacks!
Please be warned that fraudulent e-mails are being circulated asking for personal account information. These e-mails appear to come from the Bank or other Regulatory Entities with the subject of Important Message and they ask for you to update your account with a security enhancement. These e-mails are part of a large scam to acquire confidential account information, and no email from ISF Bank or other Regulatory Entities will ask you for that information. PLEASE DO NOT CLICK ON ANY LINK!
ISF Bank will NEVER send you an email, or call you, asking you to provide any confidential account information through an email link, or phone number.
If you receive any emails that appear to be from ISF Bank or any Regulatory Entity asking for confidential information you should:
- Treat the email with suspicion. Do not reply to the email or respond by clicking on a link within the email message. Do not dial any phone numbers contained in the email.
- Do not open any attachments contained in the e-mail, they may contain malicious code that will infect your computer.
- Contact your local banking center to report the suspicious email as soon as possible. If the email claims to be from ISF Bank you may report by phone or by emailing us through our website by visiting our Contact Us page.
Please be aware that ISF Bank takes every precaution to protect your account information. If you have any questions about how ISF Bank handles your confidential information, please read our Privacy Notice.
Common Password Practices
- Don't reuse passwords. One ultra-secure one won't be any good if someone finds it.
- Good advice is to make a long but memorable "passphrase". String a few words together that you can remember with a visual.
- Never give out your password to anyone.
- Don’t use dictionary words. If it’s in the dictionary, there is a chance someone will guess it. There’s even software that criminals use that can guess words used in dictionaries.
- Don’t post it in plain sight. This might seem obvious but studies have found that a lot of people post their password on their monitor with a sticky note. Bad idea. If you must write it down, hide the note somewhere where no one can find it.
- Doesn’t Rely on Obvious Substitutions: Don’t use common substitutions, either — for example, “H0use” isn’t strong just because you’ve replaced an o with a 0. That’s just obvious.
- Don’t fall for “phishing” attacks. Be very careful before clicking on a link (even if it appears to be from a legitimate site) asking you to log in, change your password or provide any other personal information. It might be legit or it might be a “phishing” scam where the information you enter goes to a hacker. When in doubt, log on manually by typing what you know to be the site’s URL into your browser window.