Protect Your Identity and Money from Scams

Identify Theft – What to do if it happens to you

If you think someone is using your personal information to open accounts, file taxes, or make purchases, visit IdentityTheft.gov to report and recover from identity theft. If you do have fraudulent charges, call us ASAP!

We are here to help you and you do NOT have to handle this alone!

To learn more, go to these sites from the Federal Trade Commission:

Contact the credit bureaus for a fraud alert:

• Equifax: 1 (800) 525 – 6285 www.equifax.com/personal/credit-report-services/credit-fraud-alerts
• Experian: 1 (888) 397 – 3742 www.experian.com/fraud/center.html
• Trans Union: 1 ( 888) 909 – 8872 www.transunion.com/fraud-alerts

Contact the credit bureaus to obtain a credit freeze:

• Equifax: 1 (800) 525 – 6285 www.equifax.com/personal/credit-report-services/credit-freeze/
• Experian: 1 (888) 397 – 3742 www.experian.com/freeze/center.html
• Trans Union: 1 ( 888) 909 – 8872 www.transunion.com/credit-freeze

Consumers Have the right to Obtain a Security Freeze or Fraud Alert

The security freeze is designed to prevent credit, loans, and services from being approved in your name without your consent. Placing a security freeze on your credit report will prohibit a consumer reporting agency from releasing information in your credit report without your express authorization.  Only the credit bureaus can provide security freezes or fraud alert services. Do not contact any other consumer reporting agency. You should be aware that using a security freeze to take control over who gets access to the personal and financial information in your credit report may delay, interfere with, or prohibit the timely approval of any subsequent request or application you make regarding a new loan, credit, mortgage, or any other account involving the extension of credit. As an alternative to a security freeze, you have the right to place an initial or extended fraud alert on your credit file at no cost. An initial fraud alert is a 1-year alert that is placed on a consumer’s credit file. Upon seeing a fraud alert display on a consumer’s credit file, a business is required to take steps to verify the consumer’s identity before extending a new credit. If you are a victim of identify theft, you are entitled to an extended fraud alert, which is a fraud alert lasting 7 years. A security freeze does not apply to a person or entity, or its affiliates, or collection agencies acting on behalf of the person or entity, with which you have an existing account that requests information in your credit report for the purposes of reviewing or collecting the account. Reviewing the account includes activities related to account maintenance, monitoring, credit line increases, and account upgrades and enhancements.

Best Practices for Secure Online Banking

Online banking is an extremely valuable tool in today's high-paced business world.  Having access to your personal or business bank account via the Internet affords you numerous conveniences. However, online banking also brings increased chances of fraud, breeched security, and the possibility that someone can hack into your account. Here are some important best practices to help make your online banking experience a secure one.

10 Best Practices for a Consumer:

1. Set a cryptic password and username. Cryptic passwords are usually comprised of upper- and lowercase letters, numbers, and symbols. Cryptic passwords decrease the chance of someone accessing your accounts. Avoid using obvious words or numbers that will be easy for others to figure out, allowing them easy access to your account. Also, do not use the same username and password that you use for other accounts or websites.
2. Always sign out of your account and close your internet connection when you are finished with your online banking. Never leave the account open on your computer screen where others can see it
3. Only open your online banking account from trusted internet / Wi-Fi sources. Do not open your account from public/free Wi-Fi zones commonly found in hotels, restaurants and airports.
4. Only open your account using a private, secure computer. Do not open your account on a public computer, such as one rented at a café or copy center.
5. Remain wary of phishing scams, which send you emails that appear to have come from Western Bank or other seemingly legitimate businesses. These fraudulent emails are sent in an attempt to obtain personal information from you. Should you receive an authentic looking email that is asking for personal information, do not provide the information and contact us at (575) 542-3521 immediately.
6. Contact us immediately if your computer or online banking account has been compromised in any way.
7. Keep your personal information private and secure.
8. Do not write down your password or reveal it to anyone.
9. Disable auto-complete or similar features on any computer you use for online banking.
10. Only use your credit card number, Social Security number or other sensitive information online when it's absolutely necessary. Also, read the Web site's privacy policy to be sure the information you send is being "encrypted" (scrambled) so it can't be read by outsiders.

Commercial Users

Commercial Users should follow the above best practices for consumers with the following additional recommendations:

1. Limit the number of employees that have access to your account if you are running a business. There may be a reason that a manager or supervisor needs access to your online banking information, but make sure to limit their access and teach them safe online banking practices.
2. Train employees!  Social engineering is still often used to obtain sensitive information. For example, never trust e-mails requesting personal information such as user names or passwords. If there is no one in the office qualified to provide this type of training, find a trusted IT professional or consultant to educate employees.
3. Secure systems: Ensure your business systems (PCs, file servers, and mail servers) are protected by trustworthy internet security business products and are using the latest updates. Consumer solutions (paid or free) are not sufficient to provide adequate coverage for the security of your business.
4. If possible dedicate an online banking PC. Designate a single computer to use as your business's online account computer. This computer should solely be used for online banking and not for other online activities such as e-mail, web browsing, or file sharing.

Secure Online Shopping from 10-D Security

Tips on how to protect your bank account and identity while shopping online.  

1. Use unique passwords for storefront logins (Amazon, Target, ebay, etc.). If your password is compromised from a new site, email service or a blog the first thing attackers do is try the compromised login information on sites like Amazon, ebay, and PayPal. Making sure you use unique login information for various sites can help keep you secure.
2. Be careful what you click! Emails can be easily spoofed to appear to be from major sites. Strategy: If you see an item in your inbox that is “on sale” or you find a posting on a third party site; always go to the company’s homepage and search for the item yourself to ensure you are not clicking on malicious links.
3. All legitimate online storefronts use HTTPS login and require CVC codes at checkout.  If the site you are making a purchase on does not use both of these methods, we advise making your purchase elsewhere.
4. Trust your instincts. If the price appears too good to be true or the company is one you have not heard of and cannot easily find information about it, most likely it is a company you want to avoid.

Cyber Security Tips from Department of Homeland Security

The majority of cybercriminals do not discriminate; they target vulnerable computer systems regardless of whether they are part of a government agency, Fortune 500 company, small business, or belong to a home user. However, there are steps you can take to minimize your chances of an incident.

1. Set strong passwords, change them regularly, and don’t share them with anyone.
   • Do not include your name, your kids' or pets' names, or other well-known information about yourself in your password;
   • Avoid using common words in your passwords or passphrases. Instead, break up words with numbers and punctuation marks or symbols. For example, @ can replace the letter "A" and an exclamation point (!) can replace the letters "I" and "L"; and
   • Use a combination of upper and lower case letters.
2. Optimize your operating system, browser, and other critical software by installing updates.
3. Maintain an open dialogue with your friends, family, colleagues and community about Internet safety.
4. Use privacy settings and limit the amount of personal information you post online.
5. Be cautious about offers online – if it sounds too good to be true, it probably is.

Criminals use many techniques to try to trick you into giving them personal information, including:

• Phishing: criminals trick you into giving them information, often through email
• Vishing: phishing by phone
• Smishing: phishing by text
• Spear phishing: targeted form of phishing in which criminals try to trick groups of people that have something in common
• Pharming: criminals trick you by setting up fake websites that appear legitimate
• Skimming: criminals steal your credit or debit card number
• Social media approaches: criminals trick you into giving them personal information on social  media sites, chat

For more cyber tips and resources, visit the Stop.Think.Connect. Toolkit.

Elder Fraud from FDIC Money Smart

What is elder financial exploitation?
Financial exploitation is the fraudulent or otherwise illegal, unauthorized, or improper actions by a caregiver, fiduciary, or other individual in which the resources of an older person are used by another for personal profit or gain; or actions that result in depriving an older person of the benefits, resources, belongings, or assets to which they are entitled. Elder financial exploitation is the theft of money, property or belongings.

Who is at risk for elder financial exploitation?
Anyone can be the victim of financial exploitation. Financial exploitation crosses all social, educational, and economic boundaries.

Why are older adults at risk of financial exploitation?
The following circumstances or conditions, especially in combination, can make an older adult more vulnerable to financial exploitation. Some older adults may:

• Have regular income and accumulated assets.
• Be trusting and polite.
• Be lonely and socially isolated.
• Be vulnerable due to grief from the loss of a spouse, family member, friend, or pet.
• Be reluctant to report exploitation by a family member, caregiver, or someone they depend on.
• Be dependent on support from a family member or caregiver to remain independent.
• Be receiving care from a person with substance abuse, gambling or financial problems, or mental health issues.
• Fear retaliation by the exploiter.
• Be unfamiliar with managing financial matters.
• Not have planned for the potential loss of decision-making capacity.
• Be cognitively impaired with diminished ability to make financial decisions or detect a fraud or scam.
• Be dependent on a family member, caregiver or another person who may pressure them for money or control of their finances.

What are some examples of financial exploitation?

• Exploitation by an agent under a power of attorney or person in another type of fiduciary relationship (see glossary for definition of fiduciary)
• Theft of money or property, often by a family member, caregiver or in-home helper
• Investment fraud and scams, including deceptive “free lunch seminars” selling unnecessary or fraudulent financial services or products
• Lottery and sweepstakes scams
• Grandparent/imposter scams
• Tax and debt collection scams
• Charity scams
• Scams by telemarketers, mail offers or door-to-door salespersons
• Computer and Internet scams
• Identity theft
• Reverse mortgage fraud
• Contractor fraud and home improvement scams

Who are the abusers?

Perpetrators of financial exploitation can be:

• Family members and caregivers
• Friends, neighbors or acquaintances
• Agents under a power of attorney or others with legal authority to manage your money or property
• Telephone and mail scammers
• Fraudulent debt collectors
• Financial advisers
• Internet scammers
• Home repair contractors
• Medicare scam operators
• Other persons known or unknown to the older adult

Tips for Avoiding Telephone Scams

Scammers can be very convincing. If something seems unusual, check it out.

• You usually cannot win a sweepstakes or a lottery that you did not enter.
• Never “pay to play.” A legitimate sweepstakes will not ask for money upfront.
•  Be suspicious of any pressure to send funds via wire transfer or a pre-paid reloadable card.
• Pay attention to warnings from your financial institution telling you that a request sounds like a scam. Your banker may have encountered similar scams in the past.
• Scammers often claim an emergency, hoping you will respond quickly without checking out the situation first.
• Before offering your help to someone who claims to be a grandchild (or any other relative/friend), be sure to telephone your grandchild or his/her parents at a number you know to be valid to find out if the request is legitimate. If a caller claims to be from an established organization such as a hospital, a charity, or a law enforcement agency, look up the number of the organization yourself.
• Consider it a red flag if the caller insists on secrecy. Never allow anyone to discourage you from seeking information, verification, support and counsel from family members, friends or trusted advisers before you make a financial transaction.

What should you do if you or someone you know becomes a victim of financial exploitation or another form of elder abuse?

In most instances of suspected elder abuse, including financial exploitation, you should contact Adult Protective Services, generally a part of your county or state department of social services.

You can find information about reaching your local Adult Protective Services office at the Eldercare Locator at eldercare.acl.gov, a public service provided by the U.S. Administration for Community Living, or by calling 1-800-677-1116.

For cases of identity theft, contact your local police and the Federal Trade Commission (FTC) at 1-877-438-4338 or identitytheft.gov.

If the loss involves funds held in a financial institution, such as a bank or credit union, report the problem to the financial institution immediately. If the loss involves credit products, such as a credit card or loan, contact the creditor immediately. Remember that you are often not responsible for credit card charges or payments out of your bank account if you did not authorize them.

For more information go to consumerfinance.gov/askcfpb.