3/30/2012_Law enforcement officials are investigating what appears to be a massive theft of U.S. consumers’ credit card data, MasterCard and Visa confirmed Friday.
The computer security expert who first reported the theft said it might involve as many as 10 million MasterCard and Visa accounts, making it one of the largest known credit card heists. MasterCard is currently investigating a potential account data compromise event of a U.S.-based entity and, as a result they have alerted payment card issuers regarding certain MasterCard accounts that are potentially at risk. Law enforcement has been notified of this matter and the incident is currently the subject of an ongoing forensic review by an independent data security organization.
In an effort to protect your account with the Homestead or with any other institution be alert to signs that require immediate attention:
• Calls or letters about purchases you did not make
• Bills that do not arrive as expected
• Balance changes on your accounts
St. Landry Homestead Federal Savings Bank has been serving the financial needs of its clients since 1922. Our reputation is built upon a tradition of strength and stability, and to uphold that tradition we are continually monitoring the latest methods and techniques used by hackers and thieves to fraudulently obtain personal information. We want to pass that information to our clients to help them protect their identities. Please read below.
It could happen to you…
When J.D. made a New Year’s resolution to get fit, the last thing he worried about was putting himself at risk for identity theft. After all, J.D. was cautious about how he shares financial information and he tracks the balance in his bank account.
So J.D. was taken aback when, a few weeks after joining a gym, he tried to withdraw $40 from the ATM and was told “no funds available”. Then a light bulb went off.
J.D. was a victim of fraud…
When the ATM indicated he was overdrawn, J.D quickly checked his bank account activity. Over the past three weeks, $2,000 had been withdrawn, and a third $1,000 was set to be paid that day.
A visit to his local bank branch revealed that someone had gotten his name and bank account number and was making withdrawals using a fraudulent online payment check.
Tips on Protecting Your Identity
Think twice before sharing information…
When J.D. reported the theft, the police sergeant opened with one question: “Have you recently joined a gym or health club?” Of course J.D had, and he’d given the club attendant – not the manager or owner – a check marked “void” so that the monthly membership fee could be withdrawn automatically from his bank account. It had never occurred to J.D that he was sharing financial information.
J.D. has since resolved to be vigilant when handling every kind of financial transaction and to monitor his accounts frequently. One of the ways he stays secure is to make payments using trusted and secure websites whenever he can. Consumers are advised to find out if they can shop without sharing any financial information with merchants, and to learn how to track online spending.
A spoof or phishing (pronounced “fishing”) email is an email that is designed to look like it comes from a well-known company and that tells some story to get you to click a link or button in the email.
The links or buttons in the email take you to a website that is also called a “spoof” because it, too, fakes the appearance of a popular website or company. The spoof site asks you to input personal information, such as your credit card number, Social Security number or account password.
You think you are giving information to a trusted company, when in fact; you are supplying it to a criminal.
Customers should be cautious about e-mailing personal or financial information since e-mail IS NOT a secure communication channel. Be wary of anyone calling you to ask for bank account or personal information over the phone. A trusted financial institution will never call you to ask for confidential information.
Warning Signs of a Spoof Email…
Many spoof emails look very real. While there are some telltale signs, it can often be difficult to identify fake emails.
You can count on the fact that a spoof email will take you to a fake website. You can also be sure that this spoof site will ask you to type in personal information, such as credit card number, Social Security number or account password.
One warning sign of a spoof site is that often the link in the email will not match up with the URL of the site it takes you to. Some sites may fake the URL bar to hide the mismatch, but don’t include a secure lock icon at the bottom of the browser window.
What to Do About Spoof Emails and Websites…
The good news about spoof emails is that you are in control — you can protect your personal financial information by ignoring the spoof email altogether. You should never provide contact, sign-in or other sensitive personal information to any page you get to by clicking a link in an email.
Smishing is a type of social engineering that uses cell phone text messages to persuade victims to provide personal information such as card number, CVV2 and PINs. The text message may contain either a website address or more commonly, a phone number that connects to an automated voice response system, which then asks for personal information. Please note that we will never ask for CVV2 or PIN
Pharming (pronounced “farming”) is when hackers redirect internet traffic from one website to a different, identical looking site to trick you into entering your personal information in order to gain access to your bank account, steal your identity, or commit other kinds of fraud in your name.
Remember that most financial institutions follow strict rules and will never ask for the following personal information in emails.
- Credit and debit card numbers
- Bank account numbers
- Driver’s license numbers
- Email addresses
- Your full name
With the following precautions, you can help protect your accounts and personal information from fraudulent web sites:
- Never give your Password to anyone
- Change your Password regularly
- Never provide your Username to a site or service provider that you do not recognize and fully trust
- Avoid clicking on links provided in an email. Instead, open a new browser window and type the Web site’s address (URL) directly into the address bar of your browser
- Save or “bookmark” frequently visited and Trusted Web Sites to your list of favorites, then access those sites through your saved links
- Be very suspicious of web sites that display an IP Address, or numerical address (e.g. 192.168.2.1), in your web browser’s address bar instead of a domain name
- The Federal Reserve Board has published a brochure with information to help consumers identify and combat this new type of Internet scam. Please click on the link below to access additional information and the brochure http://www.federalreserve.gov/boarddocs/press/other/2004/20040908/
- By clicking here http://www.occ.gov/Consumer/idtheft.htm you will be able to view important information from the Office of the Comptroller of the Currency about identity theft
Please contact the Homestead if you believe your identity has been compromised.