Lost Cell Phone? Here’s How to Keep Your Finances Safe

We depend on our cell phone for so many day-to-day tasks that go beyond communication. We keep track of our appointments, monitor our healthy lifestyle, and stay updated on breaking news. Additionally, our cell phones have become a hub for managing our finances.

The Federal Reserve reports that Americans use their smart phones or other mobile devices for a variety of monetary activities.

    • 51% of smartphone users had used mobile banking.
    • 24% of smartphone users had made a mobile payment.
    • 38% of mobile phone users had deposited a check using their phone.

Financial apps have made it faster and easier than ever to access your money on the go, and view all your financial information right from the palm of your hand.  But, what dangers could arise if you are one of the 5.2 million people who, in a year’s time, lose their smart phone or have their smart phones stolen? How can you protect your finances in the event that your cell phone ever goes missing?

Before your phone is ever compromised, take these precautions to prevent strangers from accessing your phone or the programs and apps it holds.

Passcode Protection: 62% of smartphone owners don’t have a passcode set to protect their phone. You should always set your phone or mobile device to lock when it’s not in use, and set a secure passcode or password for access to your phone. Some smartphones now let you take security even further and utilize your thumbprint or facial recognition to unlock your phone.

Activate Find My Phone: The Find My Phone feature on your smartphone allows you to quickly trace your phone’s location if it ends up missing. Your operating systems may also offer a lost mode. With this feature, you can send a message to your home screen asking anyone who finds your phone to call to you at a specified number.

If your smartphone is lost, quick action can be the difference between saving your financial information or months of headache if your accounts are accessed by a stranger. Take these actions as soon as you realize your phone is gone.

Contact Your Financial Institution: Let your financial institution, credit card companies, and lenders know your phone or device is missing and someone may have access to your account information. They can flag your account as “compromised,” freeze your accounts, or monitor suspicious activity.

Change Your Passwords: Use your desktop computer or another mobile device to reset the passwords for your online banking or payment tools. Also reset your email password. This way if someone uses the “Forgot My Password” feature on any financial app or website, they cannot access your email and reset your passwords themselves.

A Final Tip: Always log out of financial websites or apps before you close out of them. Keeping yourself logged in or enabling auto sign-in means that your information is easily accessible, even if you’re not the one holding your device.

If you feel that any of your First Financial accounts may have been compromised as a result of a lost or stolen cell phone, please contact Member Services at 732-312-1500 Monday through Friday 8am-6pm EST, or Saturday 8:30am-1pm.

Article Source: Kara Vincent for CUInsight.com

Watch Out for Card Skimming at Gas Pumps

The FTC is warning drivers about skimming scams at the pump. Typically, we New Jersey drivers don’t pump our own gas – but if you plan to take any Fall road trips to enjoy the foliage in another state, you might want to be on the lookout for the following gas pump scam.

Skimmers are illegal card readers attached to payment terminals. These card readers grab data off a credit or debit card’s magnetic stripe without your knowledge. Criminals then sell the stolen data or use it to buy items online. You won’t know your information has been stolen until you get your statement or an overdraft notice.

Here are a few tips to help you avoid a skimmer when you fuel up out of state:

Make sure the gas pump panel is closed and doesn’t show signs of tampering. Many stations now put security seals over the cabinet panel. If the pump panel is open, the label will read “void.”

Look at the card reader itself. Does it look different than other readers at the station? For example, the card reader on the left has a skimmer attached, the reader on the right does not.

Try to wiggle the card reader before you put your card in. If it moves, report it to the attendant. Then use a different pump.

  • If you use a debit card at the pump, run it as a credit card instead of entering your PIN. That way, the PIN is safe and the money isn’t deducted immediately from your account if there is a card skimmer attached. Better yet, if you have a credit card on you – use that instead.
  • If you’re really concerned about skimmers, pay inside rather than at the pump.
  • Monitor your credit card and bank accounts regularly to spot unauthorized charges.

If you feel that any of your First Financial accounts may have been compromised as a result of a scam, please contact Member Services at 732-312-1500 Monday through Friday 8am-6pm EST, or Saturday 8:30am-1pm. Learn more about card skimming by reading our user guide.

Article source: Colleen Tressler for the Federal Trade Commission

Important Member Alert: Mail Fishing Scams

In recent months, there has been a fraud concern growing in New Jersey called Mail Fishing. Tools covered with sticky substances are being utilized to pluck bank documents and checks out of large blue postal collection boxes. The post office claims they are implementing innovative methods to protect mail, such as replacing collection boxes with new models. Here’s how to keep your mail safe, and additional precautions to take if you’re using a collection box.

5 ways to protect your mail

  • Don’t use a collection box. Instead, use the letter slots inside a post office to drop off mail, or hand it to a letter carrier.
  • Don’t leave mail in your mailbox overnight, especially if you’re expecting checks or credit cards. The U.S. Postal Service discourages sending cash through the mail.
  • Ask your bank for “secure” checks that can’t be altered.
  • If you can’t be there to pick up your mail, make arrangements for someone you trust to pick it up, or contact your post office to hold your mail while you are out of town.
  • Didn’t get that check you were waiting for? Report suspected mail theft immediately to police, then call Postal Inspectors at 877-876-2455 (press 3).

3 ways to use collection boxes safely

Police are discouraging the public from using collection boxes altogether due to these recent security concerns. However, if you must use a collection box, here are the best practices according to police and the U.S. Postal Service.

  • Pay attention to collection times. Last collection for the day is typically at 5pm. If mail is deposited afterward, it will sit vulnerable until the next business day.
  • Avoid dropping mail in collection boxes over holiday weekends, or on nights before holidays. Fishing incidents are most common on Sunday night, according to police.
  • Speak with your local post office or mail carrier to determine which collection boxes in your area are up-to-date with security regulations. Certain collection boxes in New York have been retrofitted with security measures after a rash of mail fishing in the area in 2017.

If you think you were a victim of fraud, identity theft or another mail-related crime, report it at postalinspectors.usps.gov, or call 877-876-2455.

We encourage our members to utilize online banking resources to monitor statements electronically, and pay bills right online, so as to not fall victim to this type of fraud.

If you feel that any of your First Financial accounts may have been compromised as a result of a scam, please contact Member Services at 732-312-1500 Monday through Friday 8am-6pm EST, or Saturday 8:30am-1pm.

Article Source: Jessica Presinzano for northjersey.com

 

How to Protect Your Money After the Equifax Data Breach

If you haven’t already, the first, best, and fastest way to protect yourself from the Equifax data breach is to place a security freeze on your credit files at the big three credit reporting bureaus.

Consumers should apply the freeze to Equifax, and also to Experian, and TransUnion. For extra security, you can apply a freeze to a fourth, lesser-known consumer reporting agency, Innovis.

You can do this by contacting each bureau either through their website or through the customer service number. There may be a fee for placing the freeze.

Equifax stated it would not charge for credit freezes for those affected by the breach.

The massive data breach involves the potential compromise of the personal data of 143 million consumers, including names, addresses, Social Security numbers, and birth dates.

Equifax said in a news release that it was fixing its website so customers could more easily determine if their information had been compromised. The release also specified that the binding arbitration clause and class-action waiver were only applicable to the credit monitoring services, and did not apply to the data breach. Equifax later dropped the restrictions for the free credit-monitoring service as well, claiming that customers who sign up because of the data breach are not subject to the clause and would not be prevented from joining class action suits.

Many details about the data breach are still unclear, but the potential consequences for consumers are severe.

In addition to the credit freeze, there are four more steps to put an iron wall around your money.

Activate Two-Factor Authentication

In today’s world of digital crime and internet fraud, two-factor authentication is an important extra layer of safety. It requires not just a password but a second element, such as a code texted to your smart phone, which you have but a crook can’t easily get. Set up and activate two-factor authentication on all of your existing mobile banking, savings, credit card, home equity line of credit, and other financial accounts that offer it.

Maximize Your Mutual Fund Security

Although the Securities and Exchange Commission requires mutual funds companies to identify, detect, and respond to red flags of identity theft, unlike FDIC-insured banks and NCUA-insured credit unions, these investment firms aren’t required to restore assets stolen by hackers.

You should call your 401(k) plan provider and other investment managers to learn their fraud protection policies, as they can vary from company to company. If your investment company doesn’t explicitly reimburse stolen funds, consider moving your money elsewhere.

Place a Fraud Alert on Credit Reports

A fraud alert is different from a credit freeze. The fraud alert is a notice on your credit report that warns both current and prospective lenders that they must take reasonable steps to verify your identity before granting credit, such as a new credit card or loan, or extending credit on an existing account.

You need to request a fraud alert at one of the big three credit bureaus, which will then pass it on to the other two, and separately place another alert with Innovis. An alert lasts 90 days. If you’re an ID-theft victim, you can get a fraud alert that stays in place for seven years. But you may be better off with the 90-day alert, because that allows you to get a free credit report from each of the four credit bureaus each time you renew the alert, which means you can get up to 16 free reports per year.

Secure Your Smartphone + Email

How you manage your smartphone and email accounts can be critical to your online security. Your phone is where all your second-factor text message codes are sent and where your mobile banking and other money apps live. Email is where your financial institutions send alerts and password reset links.

Here’s how you can make your phone and email harder targets:

  • Activate two-factor authentication on your email account. When you log into your email on an unfamiliar computer or phone, you’ll get a text with the necessary code to complete login. A hacker would need that code, too, but can’t get it without your phone. Better yet, download an authenticator app such as Google Authenticator or Microsoft Authenticator, which generates these codes without the need for texts, which can be intercepted.
  • Use a password management app such as LastPass on your computer’s browser and on your phone. LastPass creates and plugs different passwords into each of your accounts when you log in, so you don’t have to invent and keep track of dozens of passwords. This eliminates the temptation of using the same password for multiple accounts, which can provide a master key for hackers.
  • Never click unsolicited, unexpected, or suspicious-looking links sent to you by email or text. They could download malware capable of spying on your phone or personal computer activity.
  • Follow other security tips for your phone’s specific operating system using the FCC Smartphone Security Checker, a customizable interactive tool.

Don’t wait until it’s too late! Be sure to enroll in First Financial’s Identity Theft Protection Program from SherpaThe best part? You can enroll right online, 24/7. You can trust in First Financial and Sherpa to help keep your personal information protected. Packages begin at just $5.99 per month – so click here to enroll today! Learn more about safeguarding your identity with our consumer identity theft protection guide.

Article Source:  Jeff Blyskal for Consumer Reports

Important Member Alert: Equifax Data Breach

On September 7, 2017 Equifax disclosed that they discovered a data breach on July 29, 2017 and it may have impacted 143 million consumers in the United States. Equifax is one of the 3 main organizations in the U.S. that calculates credit scores, so it has access to an extraordinary amount of personal and financial data for virtually every American adult.

The company stated that hackers accessed data between mid-May and July through a vulnerability in a web application. They were able to obtain names, Social Security Numbers, birth dates, addresses, some driver’s license numbers, and about 209,000 credit card numbers.  Additionally 182,000 “dispute documents” containing personal identifying data were compromised in the breach. They have not indicated who is behind the breach and the investigation is ongoing. Equifax is maintaining that its core credit reporting databases were unaffected.

The reason why this data breach is so severe is because nearly half of the U.S. population has been impacted and most likely will feel the impact of the breach for years to come, especially when it comes to information that does not change, i.e. your Social Security Number.

Equifax has established a dedicated website, www.equifaxsecurity2017.com – to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection. The offering, called TrustedID Premier, includes 3-Bureau credit monitoring of Equifax, Experian and TransUnion credit reports; copies of Equifax credit reports; the ability to lock and unlock Equifax credit reports; identity theft insurance; and Internet scanning for Social Security numbers – all complimentary to U.S. consumers for one year. The website also provides additional information on steps consumers can take to protect their personal information.

Equifax recommends that consumers with additional questions visit www.equifaxsecurity2017.com or contact a dedicated call center at 866-447-7559, which the company set up to assist consumers. The call center is open every day (including weekends) from 7:00 a.m. – 1:00 a.m. Eastern standard time. In addition to the website, Equifax will send direct mail notices to consumers whose credit card numbers or dispute documents with personal identifying information were impacted.

Additional information on the data breach can be found here. To see if you may have been impacted, get started here.

Don’t wait until it’s too late! Be sure to enroll in First Financial’s Identity Theft Protection Program from Sherpa. The best part? You can enroll right online, 24/7. You can trust in First Financial and Sherpa to help keep your personal information protected. Packages begin at just $5.99 per month – so click here to enroll today! Learn more about safeguarding your identity with our consumer identity theft protection guide.

Enroll your First Financial Debit/Credit Cards in Visa Purchase Alerts – you’ll get an email each time your Debit Card is used over an amount you set, when your card is used outside the country, or when your card is used to make a purchase online or over the phone. Credit Cardholders also have the additional option of adding a text alert, this can be set-up in Online Banking under your Credit Card account (select the Communications tab and then Visa Transaction Alerts).

As always, First Financial monitors our member accounts for suspicious activity. If you have any additional questions or concerns, please give us a call at 732.312.1500 or email us at info@firstffcu.com.

*9/11/17 Update – Please be advised that should you elect to sign up for Equifax’s one year of credit monitoring, you may be giving up your right to sue the company for the incident, and you could be prevented from joining a class-action lawsuit.

The language was laid out in the original terms of service by Equifax:

AGREEMENT TO RESOLVE ALL DISPUTES BY BINDING INDIVIDUAL ARBITRATION. PLEASE READ THIS ENTIRE SECTION CAREFULLY BECAUSE IT AFFECTS YOUR LEGAL RIGHTS BY REQUIRING ARBITRATION OF DISPUTES (EXCEPT AS SET FORTH BELOW) AND A WAIVER OF THE ABILITY TO BRING OR PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, OR OTHER REPRESENTATIVE ACTION. ARBITRATION PROVIDES A QUICK AND COST EFFECTIVE MECHANISM FOR RESOLVING DISPUTES, BUT YOU SHOULD BE AWARE THAT IT ALSO LIMITS YOUR RIGHTS TO DISCOVERY AND APPEAL.

On 9/11/17 Equifax provided an update on their website to state: 

Adjusted the TrustedID Premier and Clarified Equifax.com
“We’ve added an FAQ to our website to confirm that enrolling in the free credit file monitoring and identity theft protection that we are offering as part of this cybersecurity incident does not waive any rights to take legal action. We removed that language from the Terms of Use on the website, www.equifaxsecurity2017.com. The Terms of Use on www.equifax.com do not apply to the TrustedID Premier product being offered to consumers as a result of the cybersecurity incident. 
We are listening to issues consumers have experienced and their suggestions. These are helping to further inform our actions, and we are now sharing regular updates on this website. Thank you for your continued patience and feedback as we continue to improve this process.”

Article source: https://www.cnbc.com/2017/09/08/were-you-affected-by-the-equifax-data-breach-one-click-could-cost-you-your-rights-in-court.html 

4 Items You Should Never Carry in Your Wallet

When it comes to your wallet – there are some things you should surely throw away, and there are others you should take out and file away immediately to prevent identity theft.

Social Security Card

It may seem obvious to not carry this with you, but many people have long kept their SS card in their wallet. But think about it, if you have your number memorized, which most of us do, when do you actually need your card? Have you ever had to present your card to someone? Carrying this information around with you is a bad idea. If the wrong person gets ahold of your social security number, you could end up with loans opened up in your name and new credit card accounts.

Passwords

It seems every website we visit now requires a password. How are we ever supposed to keep up with them all? It’s a great idea to have a cheat sheet where all your passwords are kept, but do not be tempted to keep this information in your wallet. Instead, keep your notes at your desk, locked in your phone, or filed away somewhere at home with other sensitive information.

Credit Cards

Many of us are way past the point of having a credit card just for “emergencies.”  It’s hard to check out at any retail store without being asked if we’d like to “save 10% by opening up a store credit card.” No matter how many cards you have, it’s wise not to carry all of them in your wallet at once. Think about it: if your wallet is stolen or lost, would you want someone to have access to every account you have? Instead, keep one card with you for those emergencies and leave the others at home in a safe place – unless you are specifically going to that particular store. This can also keep you from making spur of the moment purchases you’ll likely regret.

Receipts

Once you get home from a store after making a purchase, decide right then if you need to hold on to the receipt. Is there a chance you’re going to return the item? If not, then toss the receipt right away. If it is a larger purchase or some type of home technology, you may want to keep the receipt until after the purchase shows on your next credit card statement, to ensure you were charged the correct amount and that the item functions properly.

Don’t wait until it’s too late! Be sure to enroll in First Financial’s Identity Theft Protection Program from Sherpa today. The best part? You can enroll right online, 24/7. You can trust in First Financial and Sherpa to help keep your personal information protected. Packages begin at just $5.99 per month – so click here to enroll today!

Article Source: Wendy Bignon for CUInsight.com