YOUR ACCESS TO FREE CREDIT REPORTS
THIS NOTICE IS REQUIRED BY LAW. Read more at www.ftc.gov.
You have the right to a free credit report from www.annualcreditreport.com or 877-322-8228, the ONLY authorized source under federal law.
The Fair Credit Reporting Act (FCRA) requires each of the nationwide consumer reporting companies, Equifax, Experian, and TransUnion to provide you with a free copy of your credit report, at your request, once every 12 months. The Federal Trade Commission is the nation’s consumer protection agency that enforces the FCRA with respect to consumer reporting agencies. Beware of “imposter” websites that claim to offer “free credit reports,” or “free credit scores,” which may come with strings attached. To learn more about consumer protection and identity theft tips, visit, www.ftc.gov.
The 3 nationwide consumer reporting companies have set up a central website, a toll-free telephone number, and a mailing address through which you can order your free annual credit report. Only one website is authorized to fill orders for the free annual credit report you are entitled to under law, visit –
www.annualcreditreport.com or call 1-877-322-8228, or fill out the Annual Credit Report Request form and mail it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281. No matter how you request your report, you have the option to request all three reports at once or to order one report at a time. By requesting the reports separately, you can monitor your credit more frequently throughout the year.
FDIC Warns of Fraudulent E-mail
Please be aware that the Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mail that uses the FDIC name.
The messages exhibit variations in the "subject" line, but the content of each makes reference to suspension of the recipient's ability to conduct transfers via ACH and wire. Recipients are encouraged to install a software update by clicking on a link provided.
Recipients should consider the provided link to be an attempt to load malicious software or collect personal information. Please note that FDIC does not send unsolicited e-mails to consumers or business account holders.
New and enhanced consumer education resources on cybersecurity are now available on the FDIC website.
There are 2 separate brochures, one for consumers and one for businesses that address the safety precautions that should be taken to reduce various cyber threats.
A Bank Customer’s Guide to Cybersecurity:
A Cybersecurity Guide for Businesses:
MORE IMPORTANT SECURITY TIPS FOR INTERNET BANKING AND MOBILE BANKING!
Always use the app created by the bank or the organization
Always update your mobile apps when necessary. If mobile banking users don't update the mobile apps on their devices when updates are issued-and if those devices also store unencrypted account or personal information on the device or in the app-the security risk magnifies.
Make sure you are not connected to a Public Wi-Fi network. If you're using a smartphone or other mobile device, disabling Wi-Fi and switching to a cellular network is always a better option.
Always have a PIN to enter your smart device.
Be careful what apps you download.
Treat your phone like your PC. Make sure you have an anti-virus on your smart device.
Delete any text messages from your bank once you have read them.
Never respond to any requests asking you for personal information
Neither this institution nor its service providers will contact you by telephone, email or text messaging requesting personal information, such as your acess ID, passcode, credit card number, ATM card number or ATM PIN. If you are contacted by anyone requesting this type of information, do not provide any information and contact our Bookkeeping Department immediately.
In the event you notice suspicious account activity or experience customer information security-related events contact:
Bookkeeping Department 407-365-6611
Security Officer, Tiffany Broome, 407-365-6611
Keep your password top secret and change it often
Changing passwords often helps in protecting your account even if inadvertently you may have disclosed it to someone.
Make your password difficult to decode
When you create your password, make it at least 6 characters long. Include at least one capital letter, one numeral (0-9) and one special character (like @, #, $, etc). This makes the password very difficult to decode.
Never use cyber cafes to access your internet banking accounts
Computers at cyber cafes may be infested with viruses and Trojans that can capture and transmit your personal data to fraudsters. The easiest way to grab information is key logging software, which record all the keystrokes you typed, to be retrieved later for fraudulent usage. Beware of typing passwords on unknown computers.
Keep your computer secure
Some phishing emails or other spam may contain software that can record information on your Internet activities (spyware) or open a 'backdoor' to allow hackers access to your computer (Trojans). Installing anti-virus software and keeping it up to date will help detect and disable malicious software, while using anti-spam software will stop phishing emails from reaching you. It is also important, particularly for users with a broadband connection, to install a firewall. This will help keep the information on your computer secure while blocking communication from unwanted sources. Make sure you keep up- to-date and download the latest security patches for your browser. If you don't have any patches installed, visit your browser's website, for example users of Internet Explorer should go to the Microsoft website.
Check the website you are visiting is secure
Before submitting your bank details or other sensitive information there are a couple of checks you can do to help ensure the site uses encryption to protect your personal data:
- If the address bar is visible, the URL should start with 'https://' ('s' for secured) rather than the usual 'http://'.
- If the address bar is not visible as in our Internet Banking website, look for a lock icon on the browser's status bar. You can check the level of encryption, expressed in bits, by hovering over the icon with your cursor.
- Note that the fact that the website is using encryption doesn't necessarily mean that the website is legitimate. It only tells you that data is being sent in encrypted form.
Validate the SSL Certificate
If you are in any doubt, click on the lock icon at the bottom of the secured page. This opens up a new window, displaying the SSL certificate information. Ensure that there isn't a red cross mark preceding the title 'Certificate Information'. If you are unsure whether a contact is legitimate, go to the company's Website by typing in the site address or using a page you have previously book marked, instead of using a link provided by the e-mail.
You can get more information by clicking on the other tabs in the certificate window. Following the above steps would help you to protect yourself. However, please remember, fraudsters are always trying to stay a step ahead. To ensure that you remain protected at all times:
- Never let anyone know your PINS or passwords
- Do not write them down
- Do not use the same password for all your online accounts
- Avoid opening or replying to spam e-mails, as this will give the sender confirmation they have reached a live address.
Report suspicious emails or calls to the Federal Trade Commission through the Internet at
http://www.ftc.gov/bcp/edu/microsites/idtheft/, or by calling 1-877-IDTHEFT (1-877-438-4338)
Citizens Bank of Florida's Account Masking feature protects your sensitive data and defends against online fraud by revealing only the last few digits of your account number during Internet Banking. This masking feature better protects you against unnecessary exposure and risk of fraud.
Phishing is a scam where Internet fraudsters send spam or pop-up messages to lure personal and financial information from unsuspecting victims. To avoid getting hooked:
- Don't reply to email or pop-up messages that ask for personal or financial information, and don't click on links in the message. Don't cut and paste a link from the message into your Web browser, phishers can make links look like they go one place, but that actually send you to a different site.
- Some scammers send an email that appears to be from a legitimate business and ask you to call a phone number to update your account or access a "refund." Because they use Voice Over Internet Protocol technology, the area code you call does not reflect where the scammers really are. If you need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card, or type in the web address yourself.
- Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly.
- Don't email personal or financial information.
- Review credit card and bank account statements as soon as you receive them to check for unauthorized charges.
- Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.
- Forward spam that is phishing for information to email@example.com and to the company, bank, or organization impersonated in the phishing email. You also may report phishing email to firstname.lastname@example.org. The Anti-Phishing Working Group, a consortium of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.
- If you've been scammed, visit the Federal Trade Commission's Identity Theft website at www.ftc.gov/bcp/edu/microsites/idtheft/.
From the US government site at OnGuardOnline.gov
Internet Crime Complaint Center www.ic3.gov
Financial Fraud Enforcement Task Force www.stopfraud.gov
The American Bankers Association released information containing tips to help bank customers avoid becoming accomplices in a growing “card cracking” scam. Card cracking, which originates online on social media platforms and targets young consumers, is estimated to have cost banks $11.6 million in stolen funds.
Card cracking happens when a fraudster reaches out to a bank customer promising quick cash. The customer provides account credentials to the scammer, who then deposits a fake check in the customer’s account. The fraudster then makes an immediate ATM withdrawal, sharing some of the funds with the customer. Meanwhile, the customer is instructed to report the card or credentials lost or stolen so that the bank will reimburse the stolen money -- making the customer a criminal accomplice.
Tips to help you avoid becoming an accomplice in card cracking scams are:
- Do not respond to online solicitations for "easy money."
- Never share your account and PIN number.
- Do not file false fraud claims with your bank.
- Report suspicious posts linked with scams.
ATM SAFETY TIPS
As issuers of Automated Teller Machine (ATM) access devices, we have provided for your information a list of safety precautions regarding the use of automated teller machines. Please read the following safety tips:
- Be aware of your surroundings, particularly at night.
- Consider having someone accompany you when the automated teller machine is used.
- It is appropriate to politely ask someone who is uncomfortably close to you to step back before you complete your transaction.
- Refrain from displaying your ATM access device. Pocket it as soon as your transaction is completed.
- Do not reveal your Personal Identification Number (PIN) to others. Avoid allowing others to view your PIN entry into an ATM. Memorize your PIN and do not carry your PIN on your person.
- Refrain from displaying your cash. Pocket it as soon as your transaction is completed. Count the cash later in the safety of your car or home.
- Consider using another automated teller machine or coming back later if you notice anything suspicious. If you are in the middle of a transaction and you notice something suspicious, cancel the transaction, pocket your ATM access device and leave.
- Go to the nearest public area where people are located if you are followed after making a transacton.
- Report all crimes to law enforcement officials immediately.