Online Fraud Prevention Tips
Protecting Your Business Against Online Fraud Schemes
Banking online is convenient and saves hours of valuable time, but it can also leave you vulnerable to cybercriminals who are constantly looking for ways to access your accounts.
Understanding how online fraud works can help you take immediate steps to protect your business.
“Phishing”: How criminals target victims
A criminal who steals your credentials can pose as you or one of your employees, then withdraw funds from your account and cause devastating results. When you’re online, these credentials include your login and password information. To access that data, criminals engage in a practice known as “phishing” for information, which tricks you into revealing information in several ways:
By email: You might receive an email that appears to come from a legitimate and trusted source, such as the Better Business Bureau, a government agency, a reputable company, or even your bank. The logos, design, and even the “from” address seem to be genuine, but they’re not.
Typically, these emails warn of a serious problem that requires immediate attention and asks you to click a link or open an attachment. If you do, your computer may be immediately infected with malicious software (or “malware”) that is designed to obtain your login credentials and sent directly to criminals without your knowledge.
Website pop-up windows: Beware of a pop-up window that quickly appears on a company's legitimate website and requests you to update or validate account or personnel information that can be used to verify your identity by phone.
Other sources: Criminals may pass infectious software through popular social networking site accounts that becomes active the next time you access your online account.
If your login and password information is revealed, criminals can easily transfer funds from your account or engage in other illegal activities before you realize your account has been compromised.
Identifying a phishing scam
Remember that California Bank & Trust will never send you an email asking for login information, passwords, or any other sensitive information such as a Social Security number, ATM or debit card PIN.
Opening email attachments or clicking links from any source can install malicious software designed to steal your sensitive and private information without your knowledge.
To protect your business:
- Never open file attachments in any email unless you are sure it comes from a legitimate sender
- Beware of any email message that:
- Tells you that an online banking service session has timed out and that services will be suspended unless account information is updated
- Makes some form of urgent appeal for you to respond quickly to update security or account information online
- Claims that your account may be closed or suspended for failure to confirm, verify or authenticate personal information immediately
- Offer too-good-to-be-true advertisements or cash offers
- Includes typos, poor grammar or design, are often a sign of fraudulent emails or websites
And never access your CB&T account online by clicking on a link. Either type the calbanktrust.com web address into your browser or use a bookmark you’ve previously set up.
Report suspicious emails
If you receive a suspicious email that uses California Bank & Trust's name, forward it immediately to firstname.lastname@example.org and then delete the email. Do not click on any links it includes or send a reply.
Add another layer of security:
IBM® Security Trusteer Rapport® Software
Offered free to CB&T online banking customers, this software works with your antivirus software to add an extra level of security to protect your login information and prevent fraudulent transactions. Learn more.
More tips to prevent online fraud
To further protect your accounts, follow these best practices:
- Adopt a dual approval system so that the online authorization of two employees is necessary to transfer funds from your accounts.
- Install a dedicated, actively managed firewall plus commercial anti-virus, firewall and spyware detection software on all computer systems and update them routinely and reconcile all bank transactions (including online electronic transfers) daily.
- Create strong passwords (at least 10 characters) and update them several times per year.
- Never leave a computer unattended while using any online banking or investing service.
- Never access bank, brokerage, or other financial services information at public locations.
What to do if you become a victim of online fraud
- Immediately contact your branch or call (800) 254-2265, Monday through Friday, 7 a.m. to 7 p.m. and Saturday 9 a.m. to 5 p.m. Pacific Time, excluding federal holidays.
- Forward all fraudulent email that uses the California Bank & Trust name to email@example.com and then delete the email.
- Report suspicious emails or phone calls to the Federal Trade Commission at Consumer ID Theft or call 1-877-ID-THEFT (877-438-4338).
- If you have disclosed sensitive information in a phishing attack, contact the three major credit bureaus below to discuss placing a fraud alert on your file to help prevent thieves from opening a new account in your name:
P.O. Box 2000
Chester, PA 19022