Safe Banking Tips
We are committed to helping ensure the safety of your financial identity, your financial assets, and your personal information, but we need your help. We ask that you observe the following best practices.
- Never give out personal information, passwords or PIN numbers over the Internet. The bank will not call or email you for your information. Do not disclose any part of your login credentials to anyone - especially while on the telephone or while using the Internet.
- Do not leave your account information in an area accessible by others. This includes not leaving your computer unattended while connected to Belmont Savings Bank Online Banking.
- Please remember many e-mail systems are not secure. Do not send your password or sensitive account information in any public or general e-mail system.
- You are responsible for the security of your computer. You should install a personal firewall or use firewall software on your computer and/or your network. Also purchase and install anti-virus and anti-spyware software and perform regular scans of your computer.
- Change your passwords on a regular basis and choose passwords that are difficult to guess. Include punctuation, special characters, numbers and upper and lower-case letters when creating a password.
- Don't write down your password. Memorize it.
- When you are finished accessing Online Banking, make sure you logout and close the browser.
- Beware of Phishing! Phishing involves the use of seemingly legitimate email messages and websites to trick customers into disclosing sensitive information, such as bank account information, social security numbers, credit card numbers, passwords, and personal identification numbers (PINS). Some fraudulent email messages request the customer to update or validate their financial or personal information in order to maintain their accounts. But what it is really doing is directing to a fake website that may look like the website of a legitimate business.
- Review and reconcile your accounts on a daily basis and report any suspicious activity to Belmont Savings Bank immediately.
- Establish internal controls, set transaction limitations, and impose a dual control environment.
- Prohibit the use of “shared” usernames and passwords.
- Always verify use of a secure session by noting the https (not http) in the browser’s web address bar. You can also look for the lock either next to the address bar or at the bottom right-hand corner of your browser.
- If you believe that your accounts or security codes have been compromised, contact the bank immediately at 740-676-1165.
When signing up for many online accounts, security questions are sometimes required. The questions are used to authenticate the user, recover or reset a password. However, due to the vast amounts of personal info available on social media and the internet, many of those questions can be easily guessed.
If a website requires security questions, don't answer them truthfully. Instead, use something unique, random, and treat it like a strong password. Avoid common words or phrases, and the longer, the better. It would be best to use a random mix of uppercase, lowercase, numbers & special characters, or a passphrase, which is a sentence like a string of random words. If you must answer more than one security question, you could use the same complicated answer for each question to make it easier to manage.
You should always limit the amount of personal information you post on Social Media.
Online Social Media quizzes should never be completed. Those seemingly harmless quizzes are sometimes apps designed to gain access to your personal information. In many cases, data mining does not stop when you finish taking the quiz. Once an app or website has connected to your Facebook account, the developer can maintain that connection for months and continue to request information about your profile and posts.
What is the harm in answering a few questions to prove how well you know a friend or fun facts about yourself? Some of the mixed questions are common security questions for Online Banking, credit cards, and other personal accounts.
Those questions that get shared by many of your friends may very well have originated by fraudsters wanting to steal identities, hack online banking accounts, or gather enough information to be able to impersonate unaware Facebook users.
Be mindful of social engineering. Social engineering happens when a malicious actor manipulates someone on the internet into providing confidential information. It usually occurs when they impersonate a friend or family member on social media. You should never accept friend requests from people you are already connected to or don't know. It is wise to remove personal details from your profile like phone number or address.
Review your privacy settings and be strict about what info you share.
What is identity theft?
Identity theft occurs when skilled identity thieves, without your knowledge, gain access to a piece of your non-public personal information and use it to commit fraud.
How does identity theft occur?
Access to your personal information is gained through a variety of means. For example:
- Stealing records from businesses or other institutions.
- Rummaging through your trash (dumpster diving).
- Obtaining credit reports by abusing access or posing as an employer.
- Stealing credit and debit card numbers.
- Stealing wallets or purses containing identification.
- Completing change of address forms to divert your mail to another location.
- Stealing personal information from your home.
- Scamming information from you by posing as a legitimate business person.
What should I do if I think I could be a victim of identity theft?
- Notify your banking institution immediately.
- Close any accounts that have been tampered with or opened fraudulently.
- Place a fraud alert on your credit reports and review your credit reports..
- File a report with your local police or the police in the community where the identity theft took place.
- File a complaint with the Federal Trade Commission (FTC).
You may also call 1-877-IDTHEFT, the Federal Trade Commission's toll-free ID Theft Hotlink, where counselors help consumers who want or need more information about dealing with the consequences of identity theft.
You should also contact the three major credit bureaus and have them place a fraud alert on your file.
Tips to help prevent Tax ID Fraud
Tax identity fraud takes place when a criminal files a false tax return using a stolen Social Security number in order to fraudulently claim the refund. Identity thieves generally file false claims early in the year and victims are unaware until they file a return and learn one has already been filed in their name.
Belmont Savings Bank is offering the following tips to help prevent tax identity fraud:
- File early. File your tax return as soon as you are able - giving criminals less time to use your information to file a false return.
- File on a protected Wi-Fi network. If you are using an online service to file your return, be sure you’re connected to a password-protected personal network. Avoid using public networks like a Wi-Fi hotspot at a coffee shop.
- Use a secure mailbox. If you are filing by mail, drop your tax return at the post office or an official postal box instead of your mailbox at home. Some criminals look for completed tax return forms in home mailboxes during tax season.
- Find a tax preparer you trust. If you are planning to hire someone to do your taxes, get recommendations and research a tax preparer thoroughly before handing over all your financial information.
- Shred what you do not need. Once you have completed your tax return, shred the sensitive documents that you no longer need and safely file the ones you do.
- Beware of phishing scams by email, text, or phone. Scammers may try to solicit sensitive information by impersonating the IRS. Know that the IRS will not contact you by email, text, or social media. If the IRS needs information, they will contact you by mail first.
- Keep an eye out for missing mail. Fraudsters look for W-2s, tax refunds or other mail containing your financial information. If you do not receive your W-2s, and your employer indicates they’ve been mailed, or it looks like it has been previously opened upon delivery, contact the IRS immediately.
If you believe you are a victim of tax identity theft or if the IRS denies your tax return because one has previously been filed under your name, alert the IRS Identity Protection Specialized Unit at 1-800-908-4490.
Belmont Savings Bank takes a number of precautions to ensure that our customers have a safe environment, but there is no substitute for good, cautious behavior on the part of our customers. We recommend that customers follow these safety tips when using any ATM.
- Always protect your PIN number - keep it a secret. Never write it down or share it - not even family members.
- Be aware of your surroundings, particularly at night. Make sure the ATM is free of obstructions. If you observe suspicious persons or circumstances, do not use the machine.
- Do not hesitate to use a different ATM if you feel uncomfortable about the instructions or if something appears out of the ordinary.
- Bring someone with you when using an ATM at night. If you can't, use an ATM that is located in a public area like a bank or grocery store.
- Have your ATM card ready and in your hand as you approach the ATM.
- Use your body to "shield" the ATM keyboard as you enter your PIN.
- Always take your receipts or transaction records with you.
- Do not count or visually display any money you received from the ATM. Immediately put your money into your pocket or purse and count it later.
- When using a drive-up ATM, be sure passenger windows are rolled up and all doors are locked. If you leave your car and walk to the ATM, lock your car.
- Do not swipe your card in machines that look like they have been tampered with.
- Check your account frequently and if you find any irregularities in your statement, contact us immediately.
Every year millions of dollars are lost to Social Engineering. It is a type of fraud that's hard to detect and stop; it's based on a criminal's ability to exploit the basic human tendency to trust. It is fraud by deception.
The fraudsters pose as trusted sources and manipulate victims into taking specific actions, like sending wire transfers or giving out confidential information.
Social Engineers use a wide array of tactics to get information that helps them win over their victims' trust. They do things like phishing or dumpster diving, website spoofing, retest calling, or impersonating a company employee or business associate. It could look like an email, phone call, or a text from a friend or other trusted source. Once the criminals gather enough information to appear legitimate, they contact their victims to set the scheme into motion.
How can you stop it?
Become a human firewall. It is important to be vigilant. Slow down. Spammers want you to act first and think later. NEVER EVER provide any sensitive financial information until you have verified to whom you are speaking. One easy way of doing that is by reaching out to us. If someone calls you saying they are from Belmont Savings Bank and you're suspicious, ask their name and location and hang up the phone. Then you call us back at 740-676-1165. You can do the same if you receive a text or an email.
Do not ever get pressured into giving out sensitive information. It’s important to remember to never, under any circumstances give sensitive information like User Name, Password, debit card PIN or Secure Access Code. Belmont Savings Bank Bank does not ask for that information.
On the Web, there are new types of criminals called “phishers”. These people may send very realistic e-mails pretending to be from your bank or some other organization you trust.
They are also using screens that pop up while you are on someone’s website trying to place an order. They may tell you your account is blocked until you update your files. Then they may ask you to provide sensitive account information like a PIN, social security number, accounts and card numbers or passwords.
- Be alert for fraudulent emails, even though they appear to be from a reputable source.
- Delete any email that requests your personal information immediately. Do not respond to it. Reputable businesses never request personal information in an email.
- Never send your personal information via an unsecured email.
- Do not open email attachments from unknown or unsolicited senders.
- Be careful when clicking on a link in an email. Even though it is identical to the actual company’s website, it could be fraudulent. To check, open a new browser window and manually type in the URL provided in the email. If they don’t match, delete the email with the suspicious link immediately.
- If you visit a website that is not what it claims to be, leave it immediately.
- Be sure to do business only with companies you know and trust.
- Watch carefully for imitation websites designed to trick you into giving out personal information.
- Any sites that you do business with should have their Privacy and Security Statements listed on the website. Read them carefully.
- Only provide sensitive personal or financial information when you have initiated it and only if the page is secure.
- Choose passwords or Personal Identification Numbers (PINs) that are difficult to guess and use a different password for each of your Internet accounts. Change these passwords often.
- Make sure the website is certified with a digital security certificate by clicking on the “closed lock” or "solid key” image located in the bottom bar of your browser window. A small frame with site security information will appear. Click the word “Subject” for Internet Explorer to verify that you are on the correct website. To verify the site certification authority, click the “Issuer” tab.
Online Crime Prevention Tips:
The FBI urges consumers to protect themselves when shopping online. Here are a few tips for staying safe:
- Be cautious if you lose an auction on an auction site, but the seller contacts you later saying original bidder fell through.
- Make sure websites are secure and authenticated before you purchase an item online. Use only well-known escrow services.
- Research to determine if a car dealership is real and how long it has been in business.
- Be wary if the price for the item you would like to buy is severely undervalued; if it is, the item may be fraudulent.
- Scan files before downloading them to your computer.
- Keep your computer software, including the operating system, updated with the latest patches.
- Ensure your anti-virus software and firewalls are current - they can help prevent malware infections.
- Keep current versions of your computer’s operating system and Internet browsers.
- Make sure you promptly disconnect from the Internet when you are not online.
- Keep your anti-virus software up to date to guard against new viruses. Download the anti-virus updates as soon as you are notified.
- Always back up the files on your computer.
What is Skimming?
Skimming is a method used by thieves to capture data from the magnetic strip on the back of the ATM/Debit Card. Sometimes thieves will install a small, almost unnoticeable "skimmer" to the machine that can read the magnetic strip on a card. The device can also be rigged to "capture" your card, holding onto it instead of just reading it. Other times, workers in retail establishments may utilize a handheld skimmer.
Where does skimming occur?
Skimming can occur at gas pumps, ATM's, retail outlets, etc. The skimming devices are very small and when used on an outside source, like an ATM or a gas pump, are normally only attached for a few hours.
How to protect yourself?
- Raise your awareness when you are using your card
- Inspect the ATM, gas pump, or credit card reader before using it. Look for any devices on the face of it where you slide your card through.
- If anything looks suspicious like a change in the appearance of the PIN pad, something inserted in the magnetic strip reader, don't use it and advise us right away.
- Notify your financial institution of any ATM that is not working correctly or acting strange.
- Make sure your card stays in sight if possible. If you are in a retail store, and they need to go to another counter to run the card, follow them.
- Review your receipts and check them carefully against your statements.
Social Security Number Tips
5 Don'ts to help protect your SSN
- Do not carry your SSN card with you daily or any documents that display your SSN - Keep them in a safe place and only bring them with you when you need them.
- Do not put your SSN on your checks or other identifying documents.
- Do not give out your SSN (or any other personal information) if YOU did not initiate the conversation with the contact.
- Do not use your SSN as an ID number on payroll or any other documents.
- Do not use your SSN as your pin or the last four digits as a pin.
What is it?
Phishing is an attempt to acquire sensitive information such as usernames, passwords, online banking information, credit or debit card details for malicious reasons.
You could receive an email or a text that appears to be from a credible source says something like this:
- We suspect an unauthorized transaction on your account. To ensure your account is not compromised, please click the link below and confirm your identity.
- Please review your account with a link that appears credible.
What should you do?
Do not click any links, do not reply, and do not give them any personal information. You can also forward phishing emails to [email protected] AND to the company, bank or organization that is impersonated in the text or email.
If you have clicked on a link in a phishing text or email and submitted your Belmont Savings Bank account or debit card information, please contact us at 740-676-1165. We will assist you in protecting yourself from fraud.
For more information about phishing, visit https://www.consumer.ftc.gov/articles/0003-phishing
Protecting Your Privacy
To limit unsolicited marketing material you may receive from various companies through the mail, telephone, or e-mail, write the Direct Marketing Association at the appropriate address listed below. You must provide your name, address, and telephone number with your request (visit the Direct Marketing Association for more information).
Mail Preference Service
Data & Marketing Association
PO Box 643
Carmel, NY 10512
or online at www.dmachoice.org
E-Mail Preference Service
Do Not Call
1 (888) 382-1222
To opt out of prescreened credit card offers, call: 1 (888) 567-8688
Online Dating Scams
Social media networks and dating websites have become increasingly popular tools for meeting and communicating. Unfortunately, fraudsters have capitalized on this trend and often create fake profiles to lure in victims, establish relationships and eventually extort money. Has an online love interest asked you for money? If so, that is most likely a scam. If you are concerned that you or a loved one are being scammed, we recommend taking the following precautions:
- Slow down – and talk to someone you trust. Do not let a scammer rush you.
- Never wire money, put money on a gift or cash reload card, or send cash to an online love interest. You will not get it back.
- Contact your bank right away if you think you have sent money to a scammer.
Report your experience to:
- The online dating site