5 Ways to Protect Your Financial Info from Hackers

Information breaches that would have been difficult to fathom years ago are now common. And people are rightfully worried. After all, if the federal government can get hacked and its employees’ data stolen, how vulnerable is a personal account held at a bank or brokerage?

So what actions can you take to protect yourself in what feels like an endless battle to keep your data secure? Here are five steps to consider:

 1. Diversify your passwords – and change them.

For the user’s convenience they often use the same password across multiple websites, which is a big mistake. It’s like giving an intruder a key that opens every lock. You want to make it extremely difficult for a hacker to access your sensitive information. Create unique password combinations (including letters, numbers and symbols) for each of the financial websites you log into, and establish a bi-annual schedule to change them.

2. Use an online password manager.

All of those hard to crack passwords can be a nightmare to remember and store, so utilize a reputable password manager. The best managers include password generators that create strong and unique choices. Most password managers allow you to sync your passwords across all electronic devices, making it easy to maintain multiple passwords.

3. Make life hard for crooks.

Shredding confidential documents, avoiding simple passwords, and keeping sensitive information off of unsecured channels are all effective actions. Thoroughly checking credit card statements for suspicious activity, and being aware of your surroundings when using ATMs, are security measures that remain effective. Don’t let your guard down. Learn more about preventing fraud at the ATM here.

4. Check your credit reports at least annually.

Periodically checking your credit report is a smart way to stay ahead of the bad guys, but many people don’t because of common misconceptions like the belief that you have to pay a fee to see your report, or that you must subscribe to a service.

The goal is to check for discrepancies, inconsistences and inaccuracies that might suggest identity theft. Annualcreditreport.com is a great (free) place to start.

5. Keep your guard up when it comes to emails.

Be wary of any email that requires you to click on a hyperlink to update a password or confirm confidential material. These emails are often “phishing” attempts seeking to scam you. They appear to come from familiar places such as your bank, an online retailer, or even the IRS. But – they are not legitimate, so be very careful before you open them!

It’s understandable to feel helpless in an age of smart criminals who conduct endless assaults on privacy. But simply putting the threat out of mind is not a solution, or thinking it can’t happen to you. Think first because there’s harm in not knowing!

Don’t wait until it’s too late! Be sure to enroll in First Financial’s Identity Theft Protection Program from Sherpa today. The best part? You can enroll right online, 24/7. You can trust in First Financial and Sherpa to help keep your personal information protected. Packages begin at just $5.99 per month – so click here to enroll today!

Article Source: Richard Rosso for nerdwallet.com

Are You Smart About Smartphone Financial Security?

All of us are creatures of convenience, and that extends to our finances. It’s not enough to access online banking, budgeting tools, and retailer websites from home — we want them on our mobile devices, too. But, just as browsing the web from home can expose our finances to ever-evolving cyber threats, using mobile apps can too. Though personal devices may seem more secure than a public computer, hackers can still find ways to get into our phones and steal sensitive financial information.

Are you smart about smartphone financial security? If not, following these tips is a good place to start.

1. Use Those Optional Security Measures Like Touch ID

Are you someone who’s been stubborn about setting up a passcode or Touch ID to open your phone? It’s a little less convenient, but the extra step is also the first line of defense for your personal information.

2. Add Extra Security Measures to Financial Apps

Besides your smartphone’s overall security, it’s important to protect access to financial information on your phone housed in banking account apps, account linked financial management apps, and digital wallets. Setting up additional features like passcodes (or Touch ID) for each financial app provides another line of defense if your phone is lost or hacked. As with all personal accounts, choose unique passwords, update them regularly, and keep them in a secure location (a.k.a., not in your phone!).

Some smartphones also allow you to at least partially block Internet access and ad tracking mechanisms on a per-app basis to protect your information from outside threats.

3. Know Your Smartphone’s Vulnerabilities

Whenever there’s a major data breach, tech companies inform the public of who could have been affected where, when, and how. There’s similar information available on which smartphone operating systems, browsers, and other tools have been (or could be) vulnerable to various types of cyber threats and attacks. You don’t have to be super tech-savvy to search for your phone’s systems and look at the risk scale and number of vulnerabilities. You can also check out consumer-focused technology blogs and news sites.

4. If You’re in the Market for a New Smartphone, Consider Security Features

The older your phone is, the less security features it’s likely to have and the more vulnerable it is to hackers. If you’re already due for a new smartphone, make security a priority. Some features will be standard, but smartphone security differs widely based on model and operating system (OS). Check for reviews and explanation of security features, and choose the level of security that best fits the way you use your smartphone.

A simple (and free) thing you can do in between upgrades is to promptly install any system updates. Some of them are just for new features or speed, but others could be correcting security vulnerabilities.

If at any time you feel any of your First Financial accounts may have been compromised due to a smartphone or online vulnerability, contact our Member Relationship Center right away at 732.312.1500. If your First Financial credit or debit cards were compromised in a scam, call the 24/7 toll-free number on the back of your card to report the incident and replace your card. All important phone numbers for members can be found on our website: https://www.firstffcu.com/contact-us.htm

Article Source: Jessica Sommerfield for Moneyning.com

Lost Cell Phone? Here’s How to Keep Your Finances Safe

We depend on our cell phone for so many day-to-day tasks that go beyond communication. We keep track of our appointments, monitor our healthy lifestyle, and stay updated on breaking news. Additionally, our cell phones have become a hub for managing our finances.

The Federal Reserve reports that Americans use their smart phones or other mobile devices for a variety of monetary activities.

    • 51% of smartphone users had used mobile banking.
    • 24% of smartphone users had made a mobile payment.
    • 38% of mobile phone users had deposited a check using their phone.

Financial apps have made it faster and easier than ever to access your money on the go, and view all your financial information right from the palm of your hand.  But, what dangers could arise if you are one of the 5.2 million people who, in a year’s time, lose their smart phone or have their smart phones stolen? How can you protect your finances in the event that your cell phone ever goes missing?

Before your phone is ever compromised, take these precautions to prevent strangers from accessing your phone or the programs and apps it holds.

Passcode Protection: 62% of smartphone owners don’t have a passcode set to protect their phone. You should always set your phone or mobile device to lock when it’s not in use, and set a secure passcode or password for access to your phone. Some smartphones now let you take security even further and utilize your thumbprint or facial recognition to unlock your phone.

Activate Find My Phone: The Find My Phone feature on your smartphone allows you to quickly trace your phone’s location if it ends up missing. Your operating systems may also offer a lost mode. With this feature, you can send a message to your home screen asking anyone who finds your phone to call to you at a specified number.

If your smartphone is lost, quick action can be the difference between saving your financial information or months of headache if your accounts are accessed by a stranger. Take these actions as soon as you realize your phone is gone.

Contact Your Financial Institution: Let your financial institution, credit card companies, and lenders know your phone or device is missing and someone may have access to your account information. They can flag your account as “compromised,” freeze your accounts, or monitor suspicious activity.

Change Your Passwords: Use your desktop computer or another mobile device to reset the passwords for your online banking or payment tools. Also reset your email password. This way if someone uses the “Forgot My Password” feature on any financial app or website, they cannot access your email and reset your passwords themselves.

A Final Tip: Always log out of financial websites or apps before you close out of them. Keeping yourself logged in or enabling auto sign-in means that your information is easily accessible, even if you’re not the one holding your device.

If you feel that any of your First Financial accounts may have been compromised as a result of a lost or stolen cell phone, please contact Member Services at 732-312-1500 Monday through Friday 8am-6pm EST, or Saturday 8:30am-1pm.

Article Source: Kara Vincent for CUInsight.com

Top 10 Ways to Prevent Cyber Crime at Work and Home

Cyberattacks are unfortunately a common occurrence and on the increase. In fact, an average of 200,000 new malware samples are discovered daily, presenting an ominous threat to consumers at work and at home.  The following is a list of the top 10 cyber security tips.

1. Don’t click on emailed links. Instead, type the website URL directly into the web browser’s address bar, or search for the site using a search engine like Google.

2. Avoid opening any attachments you were not expecting. However, if you must – scan the attachment first for viruses.

3. Keep computers patched and up to date. This includes operating systems like Windows and iOS, and applications such as Adobe and Java. Keep antivirus software up to date on all devices, including phones.

4. Clean your desktop and your desk. Lock your screen whenever you leave your workstation or office. When you leave work for the day, lock all paperwork in your file cabinets. Everyone has a smartphone camera today, you always want to be cautious with sensitive documents and information.

5. Double check your work. Breaches can easily occur due to simple miscommunication. For example, someone within a company thinks another person has changed the password – and vice versa.

6. Shred it. This goes for any paperwork you are no longer using at work and at home.

7. Use different passwords for different sites. For personal use, consider using a password tool that allows you to set different passwords for each site you frequent, while only requiring you to remember one strong password.

8. Beware of phishing scams. Unlike common spam, a phishing email is after personal data and will likely have a sense of urgency, asking you to click here, act right away – the offer is time limited. Delete any emails that don’t sound right to you.

9. Avoid oversharing. The most common consumer threat today is social engineering in unexpected places like Facebook. Don’t answer questions on where you went to school, whether you have ever done something, or what your nickname is. This information can be used to break into your accounts.

10. Consider turning Siri off, and Amazon Echo, Alexa, and all the new devices that are listening and recording. You need to have a healthy suspicion of where this data is going. It might not be going where you think it is.

Ultimately, we should all strive to be good net neighbors, protecting our own identity at work and at home. This means taking care of ourselves so we don’t get infected and harm others. The threat is real, but following the right security protocols can dramatically reduce our risks.

Article Source: Colette L’Heureux-Stevens for Co-Op Financial Services

Important Member Alert: Mobile Phone Port-Out Scams

Fraudsters are impersonating mobile phone users to have phones transferred to a different carrier – effectively stealing the user’s mobile phone number. This is being coined as a port-out scam. Once transferred to a different carrier, the fraudster receives all calls and texts that were intended for the user – including those that can be used to takeover a member’s account via online banking. Fraudsters have successfully intercepted one-time passcodes used to authenticate members logging into their account or to initiate transactions within online banking.

How can you prevent this scam from happening to you?  You can place a “port validation password” on your mobile phone account to help prevent having your phone fraudulently transferred to a different carrier.

Call your wireless carrier and ask for PIN authentication for your accounts. Sprint requires customers to create a PIN when they open a new account. Here’s what to do with the other major carriers.

  • AT&T: Log into your ATT.com account, go to your profile by clicking your name, and under the wireless passcode drop down menu, click on “manage extra security.”
  • T-Mobile: Call 611 from your cellphone or (800) 937-8997 to speak with customer service.
  • Verizon: Visit vzw.com/PIN or call (800) 922-0204.

Scam Levels and Details

Mobile phone users switch carriers for a variety of reasons, and can carry their phone number with them to the new carrier. Meanwhile, fraudsters are exploiting this capability by impersonating mobile phone users to have the mobile phones ported to a different carrier. The fraudsters harvest the user’s personally identifiable information and use this information to impersonate users in having the mobile phones transferred to a different carrier.

The port-out scam can take place at a wireless store or online, but in both cases, the imposters have enough information to convince the phone company that they are who they claim to be and have that person’s phone service transferred to their mobile device.

“And with a smartphone, if you’re on Wi-Fi, everything’s going to work except the actual calling and texting, so you may not even notice right away that something’s wrong with your phone — which can give the scammers a few hours of lead time,” said Katherine Hutt, director of communications for the Council of Better Business Bureaus. “If that ever happens, if you can’t make calls or receive calls, immediately contact the phone company and see if your number has been ported.”

Online Banking Fraud: A fraudster often ports a user’s mobile phone to a different carrier after the fraudster has stolen the user’s account login credentials. This could increase the risk of account takeovers through online banking, which involves sending a one-time-passcode via text message for login attempts as well as to validate transactions initiated within online banking. Members must enter the one-time-passcode to complete the login or transaction. By transferring a member’s mobile phone to a different carrier, the fraudster would receive the one-time-passcode intended for the member.

Card Fraud: This scam could also result in fraudulent transactions using credit and debit cards. A fraudster, who has ported a cardholder’s mobile phone to a new carrier, could use a counterfeit or stolen credit or debit card belonging to the cardholder to conduct fraudulent transactions. If a card processor’s fraud management system detects a suspicious transaction, a fraud analyst could attempt to contact the cardholder to confirm the legitimacy of the transaction by calling the cardholder’s mobile phone. However, the call is made to the fraudster who confirms the transaction as legitimate.

Card fraud could be worsened when, after confirming a suspicious transaction as legitimate, the card is suppressed for a period of time – usually seven days. It is common practice for card processors to suppress a card when the fraud management system identifies a suspicious transaction that a cardholder confirms is legitimate. When a card is suppressed, transactions on the card are not monitored by the fraud management system.

Email Fraud: Many public email service providers also offer out-of-band authentication using one-time passcodes that are sent via text message to user’s mobile phones. This could easily lead to a compromise of a member’s personal email account after a fraudster ports the member’s mobile phone to a different carrier.

Read more about mobile port-out scams from NBC News.

If at any time you feel any of your First Financial accounts may have been compromised in a similar scam, contact our Member Relationship Center right away at 732.312.1500. If your First Financial credit or debit cards were compromised in a scam, call the 24/7 toll-free number on the back of your card to report the incident and replace your card. All important phone numbers for members can be found on our website: https://www.firstffcu.com/contact-us.htm

Article Source: CUNA Mutual Risk Alert, and Herb Weisbaum for NBCNews.com

 

How to Protect Your Mobile Phone from Scammers

Keep your cell phone number to yourself. “The new Social Security number … is your cell number,” said Thomas Martin, president of Martin Investigative Services and author of “Seeing Life Through Private Eyes.” Your smartphone “is a gateway to your living room to your bedroom, to your life.”

Beware of text messages. Scammers may send text messages that look as if they come from a legitimate source, like a bank, a practice known as smishing. It could be an offer for a coupon, a free gift card, or a text that says you won a prize.

The link could direct you to a website where you’ll be tricked to share your personal information or one that can install malware on your phone. A hacker can try to encourage you to download an application that can compromise your phone. Don’t click on a text!

Make sure you update your phone’s operating system. It will make it harder for a hacker to exploit your smartphone’s software. “Attackers just need to find one way in,” said Janne Lindqvist, an assistant professor of electrical and computer engineering at Rutgers University in New Brunswick. “It could be malicious apps that are exploiting a vulnerability that hasn’t been patched yet.”

Once opened, a hacker could read text messages and emails, have access to passwords or take over your mobile phone.

Protect your smartphone with a passcode. (And don’t make it something unsecure, like 1234.) “You should make sure if someone steals your phone, they can’t unlock it right away,” Lindqvist said.

Activate your smartphone’s tracker, such as Find My Phone, and the ability to wipe your phone remotely. If someone takes it, you’ll have a way to track it down or delete your data.

Control your risk. Try not to share a mobile phone number. Lindqvist only uses his cell phone to make calls or send texts. ”

If you think you are the victim of a scam, don’t wait until it’s too late! Be sure to enroll in First Financial’s Identity Theft Protection Program from Sherpa today. The best part? You can enroll right online, 24/7. You can trust in First Financial and Sherpa to help keep your personal information protected. Packages begin at just $5.99 per month – so click here to enroll today!

Article Source: David P. Willis for the Asbury Park Press, http://www.app.com/story/money/business/consumer/press-on-your-side/2017/07/21/heres-how-protect-your-mobile-phone/489922001/