Online Fraud Protection
A Guide to Make You Aware of Online Fraud Schemes and Ways to Protect Yourself
How online fraud activity takes place
Across the country, online criminals have been aggressively targeting victims by hijacking and exploiting valid online banking credentials. These online criminals are responsible for consumer losses ranging from thousands up to millions of dollars.
Typically, an account owner is compromised when they become a victim of “phishing” emails which appear to come from a legitimate and trusted source such as the Better Business Bureau, US Court System, UPS or even companies with which you have an established business relationship, such as your bank. The email will probably warn you of a serious problem that requires your immediate attention and contain either an infected file or a link to an infectious website. When you click on the file or embedded link, malicious software is installed.
The next time you log into any of your online accounts, the malicious software obtains your login credentials through keystroke loggers. By doing this, the fraudster is able to hijack legitimate online banking credentials and can either create a new account or initiate funds transfers.
More recently, online criminals have developed an additional method of delivering the malicious software. The infectious software is passed via popular social networking site accounts and becomes active the next time you access your online financial accounts.
Here are some things to beware of when trying to identify phishing scams:
- Remember: California Bank & Trust emails will never ask you for personal information or data, or any other sensitive information.
- Use of a false "from" address or the use of seemingly legitimate bank logos, web links and graphics may be used in the email to mislead you into thinking you are viewing a legitimate communication.
- You may be re-directed to a phony website that looks legitimate. At times, you may actually be on the company's legitimate website and a pop-up window will quickly appear for the purpose of taking your financial information. You will then be asked to update or validate your financial or personal information such as bank account information, social security numbers, credit card numbers, passwords, personal identification numbers (PINs), or the information you use to verify your identity over the phone, such as your mother's maiden name or your place of birth.
- Be aware of fake email messages advising that your Internet Banking Service session has timed out and that your services will be suspended unless you update their account information. The email message includes a hyperlink to a fraudulent website that looks similar to the bank's legitimate website and asks for confidential information, including bank account information and Social Security numbers.
Consumers who fall prey to such email and online fraudulent schemes face real and immediate risks. These thieves will act quickly to gain unauthorized access to financial accounts, commit identity theft, or engage in other illegal acts before the victim realizes that fraud has occurred and can take action to stop it.
Protecting yourself from online fraud schemes
There are many best practices that you can implement to help protect yourself or your business from becoming a victim of identity theft and online fraud.
To help mitigate increased risk of online fraud, download IBM® Security Trusteer Rapport® Software today for free. This software application provides an extremely important layer of security to protect your account funds from fraudulent attack.
General Best Practices for Online Security:
- Exercise extreme caution when confronted with any request to divulge account information or banking access credentials. California Bank & Trust emails will never ask you for personal information or data, such as your Social Security number, ATM or Check Card PIN, or any other sensitive information.
- Never open file attachments or click on website links if you are unsure of the source. California Bank & Trust's webpage should only be accessed by typing the official website name, or URL address, into the web browser or by using a page previously bookmarked that directs the web browser to California Bank & Trust's website.
- Beware of an email that makes some form of urgent appeal so that you will respond quickly. Beware of requests for updating security information online or claims that the bank has lost important security information. For example, the email may claim that your account may be closed or suspended if you fail to confirm, verify, or authenticate your personal information immediately. California Bank & Trust and most other financial institutions will never ask you to verify information in this way.
- Look out for typos or poor grammar. Typographical or spelling errors, poor grammar or writing, and lack of design quality may be the mark of fraudulent emails or phony websites.
- Don't fall for too-good-to-be-true advertisements or offers of cash. Fraudulent activity may be perpetuated by emails or web advertisements that offer you money or cash bonuses for transferring cash or engaging in other financial transactions.
- Don't respond to an email claiming to be from California Bank & Trust that appears to be suspicious. If you receive a suspicious email using California Bank & Trust's name and asking for personal information or California Bank & Trust account information, please forward the email to CBTCentralizedServices@calbt.com. Do not click on any links it provides or reply to it - simply delete it.
Business Best Practices for Online Security:
- Implement dual approval for all money movement transaction.
- Install a dedicated, actively managed firewall.
- Reconcile all bank transactions (including checking online for electronic transfers) on a daily basis.
- Create strong passwords (at least 10 characters) and update them several times per year.
- Install commercial anti-virus and desktop firewall software on all computer systems and ensure that they are updated regularly.
- Consider installing spyware detection programs.
- Never leave a computer unattended while using any online banking or investing service.
- Never access bank, brokerage or other financial services information at Internet cafes public libraries, etc.
Reporting suspicious emails
To report a suspicious email that uses California Bank & Trust's name, please forward it to CBTCentralizedServices@calbt.com and then delete the email.
Report all suspicious emails or calls to the Federal Trade Commission through the Internet at Consumer ID Theft, or by calling 1-877-ID-THEFT (877-438-4338).
What to do if you become a victim of an email or internet-related scheme
- Immediately contact your branch of account or call (800) 254-2265, Monday through Friday, 7 a.m. to 7 p.m. and Saturday 9 a.m to 5 p.m. (Select 0 to speak to a customer service representative).
- Forward all fraudulent email that uses California Bank & Trusts' name to CBTCentralizedServices@calbt.com.
- If you have disclosed sensitive information in a phishing attack, you should contact the three major credit bureaus listed below to discuss whether you need to place a fraud alert on your file, which will help prevent thieves from opening a new account in your name.
P.O. Box 2000
Chester, PA 19022