5 Ways to Protect Your Financial Info from Hackers

Information breaches that would have been difficult to fathom years ago are now common. And people are rightfully worried. After all, if the federal government can get hacked and its employees’ data stolen, how vulnerable is a personal account held at a bank or brokerage?

So what actions can you take to protect yourself in what feels like an endless battle to keep your data secure? Here are five steps to consider:

 1. Diversify your passwords – and change them.

For the user’s convenience they often use the same password across multiple websites, which is a big mistake. It’s like giving an intruder a key that opens every lock. You want to make it extremely difficult for a hacker to access your sensitive information. Create unique password combinations (including letters, numbers and symbols) for each of the financial websites you log into, and establish a bi-annual schedule to change them.

2. Use an online password manager.

All of those hard to crack passwords can be a nightmare to remember and store, so utilize a reputable password manager. The best managers include password generators that create strong and unique choices. Most password managers allow you to sync your passwords across all electronic devices, making it easy to maintain multiple passwords.

3. Make life hard for crooks.

Shredding confidential documents, avoiding simple passwords, and keeping sensitive information off of unsecured channels are all effective actions. Thoroughly checking credit card statements for suspicious activity, and being aware of your surroundings when using ATMs, are security measures that remain effective. Don’t let your guard down. Learn more about preventing fraud at the ATM here.

4. Check your credit reports at least annually.

Periodically checking your credit report is a smart way to stay ahead of the bad guys, but many people don’t because of common misconceptions like the belief that you have to pay a fee to see your report, or that you must subscribe to a service.

The goal is to check for discrepancies, inconsistences and inaccuracies that might suggest identity theft. Annualcreditreport.com is a great (free) place to start.

5. Keep your guard up when it comes to emails.

Be wary of any email that requires you to click on a hyperlink to update a password or confirm confidential material. These emails are often “phishing” attempts seeking to scam you. They appear to come from familiar places such as your bank, an online retailer, or even the IRS. But – they are not legitimate, so be very careful before you open them!

It’s understandable to feel helpless in an age of smart criminals who conduct endless assaults on privacy. But simply putting the threat out of mind is not a solution, or thinking it can’t happen to you. Think first because there’s harm in not knowing!

Don’t wait until it’s too late! Be sure to enroll in First Financial’s Identity Theft Protection Program from Sherpa today. The best part? You can enroll right online, 24/7. You can trust in First Financial and Sherpa to help keep your personal information protected. Packages begin at just $5.99 per month – so click here to enroll today!

Article Source: Richard Rosso for nerdwallet.com

Top 10 Ways to Prevent Cyber Crime at Work and Home

Cyberattacks are unfortunately a common occurrence and on the increase. In fact, an average of 200,000 new malware samples are discovered daily, presenting an ominous threat to consumers at work and at home.  The following is a list of the top 10 cyber security tips.

1. Don’t click on emailed links. Instead, type the website URL directly into the web browser’s address bar, or search for the site using a search engine like Google.

2. Avoid opening any attachments you were not expecting. However, if you must – scan the attachment first for viruses.

3. Keep computers patched and up to date. This includes operating systems like Windows and iOS, and applications such as Adobe and Java. Keep antivirus software up to date on all devices, including phones.

4. Clean your desktop and your desk. Lock your screen whenever you leave your workstation or office. When you leave work for the day, lock all paperwork in your file cabinets. Everyone has a smartphone camera today, you always want to be cautious with sensitive documents and information.

5. Double check your work. Breaches can easily occur due to simple miscommunication. For example, someone within a company thinks another person has changed the password – and vice versa.

6. Shred it. This goes for any paperwork you are no longer using at work and at home.

7. Use different passwords for different sites. For personal use, consider using a password tool that allows you to set different passwords for each site you frequent, while only requiring you to remember one strong password.

8. Beware of phishing scams. Unlike common spam, a phishing email is after personal data and will likely have a sense of urgency, asking you to click here, act right away – the offer is time limited. Delete any emails that don’t sound right to you.

9. Avoid oversharing. The most common consumer threat today is social engineering in unexpected places like Facebook. Don’t answer questions on where you went to school, whether you have ever done something, or what your nickname is. This information can be used to break into your accounts.

10. Consider turning Siri off, and Amazon Echo, Alexa, and all the new devices that are listening and recording. You need to have a healthy suspicion of where this data is going. It might not be going where you think it is.

Ultimately, we should all strive to be good net neighbors, protecting our own identity at work and at home. This means taking care of ourselves so we don’t get infected and harm others. The threat is real, but following the right security protocols can dramatically reduce our risks.

Article Source: Colette L’Heureux-Stevens for Co-Op Financial Services

Important Member Alert: Publishers Clearing House Scam

Who wouldn’t love to be that winner you see on TV holding a great big sweepstakes check? That’s what con artists are counting on when they claim to be Publishers Clearing House. This trick is an oldie but goodie for scammers.

The scam starts with a call or letter saying you’ve won the Publishers Clearing House sweepstakes. But to collect your prize, they say, you need to send money to pay for fees and taxes. Typically you’ll be asked to send money by Western Union or MoneyGram, or by getting a reloadable card or gift card. Scammers ask you to pay these ways because it’s nearly impossible to trace the money — and you’ll almost never get it back.

But that’s not the only way scammers get your money with this scam. Some will send you a realistic-looking fake check in the mail. You’re told that, to claim your prize, you need to deposit the check and send some of the money back for made-up expenses. But when the check you deposit bounces — even after it seemed to clear, you may be on the hook for the money you sent.

If you think you’ve won a prize, here are a few things to know:

  • Never send money to collect a prize, sweepstakes check, or lottery winnings. If you have to pay, it’s a scam.
  • Never deposit a check and send back money, even if the funds appear in your account. That’s a sure sign of a scam.
  • If anyone calls asking you to pay for a prize, hang up and report it to the FTC.

Still think this sweepstakes is real? The real Publishers Clearing House says it will never ask you to pay a fee to collect a prize.

If at any time you feel any of your First Financial accounts may have been compromised in a similar scam, contact our Member Relationship Center right away at 732.312.1500. If your First Financial credit or debit cards were compromised in a scam, call the 24/7 toll-free number on the back of your card to report the incident and replace your card. All important phone numbers for members can be found on our website: https://www.firstffcu.com/contact-us.htm

Article Source: Emma Fletcher for FTC.gov

Phishing Scam Alert: Fake Invoices

Scammers have been relentless lately – here they are, back at it with a new twist on an old phishing scam.

Recently, scammers have been posing as well known tech companies and emailing phony invoices which show that you purchased music or apps from them. Check out our recent blog on these types of scams here. The scam emails tell you to click on a link if you did not authorize the purchase. If you get one of these emails, do NOT click on the link! This is a phishing attempt scheme.

What is phishing? When a scammer uses fraudulent emails, copycat websites, or texts to get you to share valuable information. The fraudsters then use this information to commit identity theft or other fraud in your name.

Scammers are also using phishing emails to get access to your computer or network – then they install programs like ransomware that can lock you out of important files on your computer.

Here are some tips to help keep your information secure:

  • Be suspicious if a business, government agency, or organization asks you to click on a link that then asks for your username or password or other personal data. Instead, type in the web address for the organization or call them. The link in the email may look right, but if you click on it you may go to a copycat website run by a scammer.
  • Be cautious about opening attachments. A scammer could even pretend to be a friend or family member, sending messages with malware from a spoofed account.
  • Set your security software to update automatically, and back up your files to an external hard drive or cloud storage. Back up your files regularly and use security software you trust to protect your data.

Lastly, report phishing emails and texts by forwarding them to spam@uce.gov and file a report with the FTC.

If you feel that any of your First Financial accounts may have been compromised as a result of a scam, please contact Member Services at 732-312-1500 Monday through Friday 8am-6pm EST, or Saturday 8:30am-1pm.

Article Source: Ari Lazarus for FTC.gov

Scammers Impersonating the Social Security Administration

Your Social Security number is an important key for an identity thief. Scammers want it, and they think of all sorts of ways to trick you into giving it away.

The Federal Trade Commission has been getting reports about calls from scammers claiming to be from the Social Security Administration. They say there’s been a computer problem, and they need to confirm your Social Security number.

Others have come across spoof websites that look like the place where you would apply for a new Social Security card – but these websites are actually a setup to steal your personal information.

If you get a phone call or are directed to a website other than ssa.gov that is claiming to be associated with the Social Security Administration, don’t respond. It’s most likely a scam.

Here are some tips to deal with these government imposters:

  • Don’t give the caller your information. Never give out or confirm sensitive information – like your bank account, credit card, or Social Security Number – unless you know who you’re dealing with. If someone has contacted you, you can’t be sure who they are.
  • Don’t trust a name or number. Con artists use official-sounding names to make you trust them. To make their call seem legitimate, scammers use internet technology to spoof their area code – so although it may seem they are calling from Washington DC, they could be calling from anywhere in the world.
  • Check with the Social Security Administration. The SSA has a warning about these scams and suggests you contact them directly at 1-800-772-1213 to verify the reason for the contact and the person’s identity prior to providing any information to the caller.

If you come across one of these scams, please report it to the Social Security Administration’s Fraud Hotline at 1-800-269-0271 and then tell the FTC about it.

Article Source: Ari Lazarus for the Federal Trade Commission