Important Member Alert: Equifax Data Breach

On September 7, 2017 Equifax disclosed that they discovered a data breach on July 29, 2017 and it may have impacted 143 million consumers in the United States. Equifax is one of the 3 main organizations in the U.S. that calculates credit scores, so it has access to an extraordinary amount of personal and financial data for virtually every American adult.

The company stated that hackers accessed data between mid-May and July through a vulnerability in a web application. They were able to obtain names, Social Security Numbers, birth dates, addresses, some driver’s license numbers, and about 209,000 credit card numbers.  Additionally 182,000 “dispute documents” containing personal identifying data were compromised in the breach. They have not indicated who is behind the breach and the investigation is ongoing. Equifax is maintaining that its core credit reporting databases were unaffected.

The reason why this data breach is so severe is because nearly half of the U.S. population has been impacted and most likely will feel the impact of the breach for years to come, especially when it comes to information that does not change, i.e. your Social Security Number.

Equifax has established a dedicated website, www.equifaxsecurity2017.com – to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection. The offering, called TrustedID Premier, includes 3-Bureau credit monitoring of Equifax, Experian and TransUnion credit reports; copies of Equifax credit reports; the ability to lock and unlock Equifax credit reports; identity theft insurance; and Internet scanning for Social Security numbers – all complimentary to U.S. consumers for one year. The website also provides additional information on steps consumers can take to protect their personal information.

Equifax recommends that consumers with additional questions visit www.equifaxsecurity2017.com or contact a dedicated call center at 866-447-7559, which the company set up to assist consumers. The call center is open every day (including weekends) from 7:00 a.m. – 1:00 a.m. Eastern standard time. In addition to the website, Equifax will send direct mail notices to consumers whose credit card numbers or dispute documents with personal identifying information were impacted.

Additional information on the data breach can be found here. To see if you may have been impacted, get started here.

Don’t wait until it’s too late! Be sure to enroll in First Financial’s Identity Theft Protection Program from Sherpa. The best part? You can enroll right online, 24/7. You can trust in First Financial and Sherpa to help keep your personal information protected. Packages begin at just $5.99 per month – so click here to enroll today! Learn more about safeguarding your identity with our consumer identity theft protection guide.

Enroll your First Financial Debit/Credit Cards in Visa Purchase Alerts – you’ll get an email each time your Debit Card is used over an amount you set, when your card is used outside the country, or when your card is used to make a purchase online or over the phone. Credit Cardholders also have the additional option of adding a text alert, this can be set-up in Online Banking under your Credit Card account (select the Communications tab and then Visa Transaction Alerts).

As always, First Financial monitors our member accounts for suspicious activity. If you have any additional questions or concerns, please give us a call at 732.312.1500 or email us at info@firstffcu.com.

*9/11/17 Update – Please be advised that should you elect to sign up for Equifax’s one year of credit monitoring, you may be giving up your right to sue the company for the incident, and you could be prevented from joining a class-action lawsuit.

The language was laid out in the original terms of service by Equifax:

AGREEMENT TO RESOLVE ALL DISPUTES BY BINDING INDIVIDUAL ARBITRATION. PLEASE READ THIS ENTIRE SECTION CAREFULLY BECAUSE IT AFFECTS YOUR LEGAL RIGHTS BY REQUIRING ARBITRATION OF DISPUTES (EXCEPT AS SET FORTH BELOW) AND A WAIVER OF THE ABILITY TO BRING OR PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, OR OTHER REPRESENTATIVE ACTION. ARBITRATION PROVIDES A QUICK AND COST EFFECTIVE MECHANISM FOR RESOLVING DISPUTES, BUT YOU SHOULD BE AWARE THAT IT ALSO LIMITS YOUR RIGHTS TO DISCOVERY AND APPEAL.

On 9/11/17 Equifax provided an update on their website to state: 

Adjusted the TrustedID Premier and Clarified Equifax.com
“We’ve added an FAQ to our website to confirm that enrolling in the free credit file monitoring and identity theft protection that we are offering as part of this cybersecurity incident does not waive any rights to take legal action. We removed that language from the Terms of Use on the website, www.equifaxsecurity2017.com. The Terms of Use on www.equifax.com do not apply to the TrustedID Premier product being offered to consumers as a result of the cybersecurity incident. 
We are listening to issues consumers have experienced and their suggestions. These are helping to further inform our actions, and we are now sharing regular updates on this website. Thank you for your continued patience and feedback as we continue to improve this process.”

Article source: https://www.cnbc.com/2017/09/08/were-you-affected-by-the-equifax-data-breach-one-click-could-cost-you-your-rights-in-court.html 

4 Items You Should Never Carry in Your Wallet

When it comes to your wallet – there are some things you should surely throw away, and there are others you should take out and file away immediately to prevent identity theft.

Social Security Card

It may seem obvious to not carry this with you, but many people have long kept their SS card in their wallet. But think about it, if you have your number memorized, which most of us do, when do you actually need your card? Have you ever had to present your card to someone? Carrying this information around with you is a bad idea. If the wrong person gets ahold of your social security number, you could end up with loans opened up in your name and new credit card accounts.

Passwords

It seems every website we visit now requires a password. How are we ever supposed to keep up with them all? It’s a great idea to have a cheat sheet where all your passwords are kept, but do not be tempted to keep this information in your wallet. Instead, keep your notes at your desk, locked in your phone, or filed away somewhere at home with other sensitive information.

Credit Cards

Many of us are way past the point of having a credit card just for “emergencies.”  It’s hard to check out at any retail store without being asked if we’d like to “save 10% by opening up a store credit card.” No matter how many cards you have, it’s wise not to carry all of them in your wallet at once. Think about it: if your wallet is stolen or lost, would you want someone to have access to every account you have? Instead, keep one card with you for those emergencies and leave the others at home in a safe place – unless you are specifically going to that particular store. This can also keep you from making spur of the moment purchases you’ll likely regret.

Receipts

Once you get home from a store after making a purchase, decide right then if you need to hold on to the receipt. Is there a chance you’re going to return the item? If not, then toss the receipt right away. If it is a larger purchase or some type of home technology, you may want to keep the receipt until after the purchase shows on your next credit card statement, to ensure you were charged the correct amount and that the item functions properly.

Don’t wait until it’s too late! Be sure to enroll in First Financial’s Identity Theft Protection Program from Sherpa today. The best part? You can enroll right online, 24/7. You can trust in First Financial and Sherpa to help keep your personal information protected. Packages begin at just $5.99 per month – so click here to enroll today!

Article Source: Wendy Bignon for CUInsight.com

3 New Consumer Scams to Be Aware Of

New twist on an old phone scam:

Phone scams are nearly as old as Alexander Graham Bell, but fraudsters have invented a new trick to beware of. It’s called the “can you hear me” con.

Scammers will call your phone and ask if you can hear them, but if you answer yes, they’ll record you and use it as “proof” that you signed up for whatever fraudulent service they’re offering.

The safest thing you can do if you receive one of these calls is to simply hang up, or if you don’t know the number – don’t answer it in the first place.

When heart meets wallet – dating scam:

Nothing says I love you less than an empty bank account, yet that might be your fate if you go looking for love in all the wrong places.

According to the FBI, scammers are preying on people’s hearts and wallets in a new growing trend called romance scams. It starts off simply enough — you meet someone through the service that seems a likely match and contact is made. Things intensify quickly. It seems like a dream romance. It’s not.

Beware anyone you meet through online dating services who asks for financial gifts or favors (even if he or she is the “love of your life.”) This could be a play to get access to your checking account.

These scammers will leave you broke and broken hearted if you’re not careful. Use your head and be a bit suspicious. If it seems too good to be true, it probably is.

Don’t fall for the bait with phishing:

The chairman of Hillary Clinton’s presidential campaign, fell for a phishing scheme last year when he reportedly received an email from Google asking him to verify his account.

Unfortunately, the email wasn’t from Google, but was from a scammer — a scammer who now had all the info he needed to hack this Google account.

Software like Photoshop makes it easy for even a mediocre hacker to convince you that they are with a trusted organization like Google, your bank, or another company who handles sensitive matters for you.

Before you give over info, even basic info – remember the painful lesson learned: email isn’t secure. Never share sensitive information over email.

If you think you are the victim of a scam, don’t wait until it’s too late! Be sure to enroll in First Financial’s Identity Theft Protection Program from Sherpa today. The best part? You can enroll right online, 24/7. You can trust in First Financial and Sherpa to help keep your personal information protected. Packages begin at just $5.99 per month – so click here to enroll today!

Also, don’t miss our identity theft protection guide.

Article Source: Jennifer Reynolds for CUInsight.com

4 Signs That a Charity is Probably a Scam

Many of us donate to a worthy cause year round. Unfortunately, just as there are good people trying to help others, there are also plenty of scammers out there. You want to feel good about where your money is going, and you want to make sure that you aren’t just lining the pockets of some fraudster. As you field phone calls and receive information from those purporting to help the less fortunate, watch out for the following red flags that might indicate you are dealing with a scam:

1. High-Pressure Phone Tactics

Someone insisting that you give money now, over the phone, is a huge red flag that you are probably dealing with a scam. Most legitimate charities don’t employ high-pressure sales tactics that make you feel like you need to donate immediately.

In some cases, scammers insist that you have to just donate, and they tell you time is too short to send you literature or let you look at a website. If a caller gets frustrated and tries to tell you that you need to donate immediately, hang up the phone.

Legit charities usually have no problem with you saying no. The caller might tell you they are under a deadline for a match, but they won’t pressure you, and once you say you need time to think about it, most legit charities will thank you and move on.

2. No Website

Who doesn’t have a website these days? Scammers, that’s who. If you get a phone call from an organization, and you can’t find a website, that’s a red flag. Most legit charities have websites that describe their mission, who they help, and even include success stories. Even local charities usually have a basic website that allows you to see where they are located and what their needs are.

If an organization doesn’t have a website, that’s an immediate red flag. That’s not to say that every worthy cause would have a website, but it simply means you need to investigate further. Legit charities want people to know they are out there and accept donations.

3. They Won’t Provide You with Their Tax ID

Charities have to apply to be tax-exempt organizations and you can call IRS to verify their legitimacy. If someone over the phone just cannot provide their Tax ID or there’s no way to find that out before you send money, then this is a major red flag. And it’s not totally safe just because they gave you a bunch of numbers either. Call 877-829-5500 to see if the charity is claiming to be who they are. This is also the definitive source for making sure your donation is tax deductible.

4. No One Wants to See You

Watch out if a caller doesn’t want to let you know where they are located. Ask to stop by if they claim to be local. Or, you can ask for a mailing address to send a donation. Legitimate charities are happy to let you have a tour or send them a donation through the mail.

Scammers, though, don’t usually have a mailing address. And they certainly don’t want you anywhere near their base of operations. When an organization comes up with an excuse as to why you can’t visit or send a donation to an address, you should watch out. There’s a good chance you’re dealing with a scammer.

If you are still unsure, you can check Charity Navigator or GuideStar for information about charities and how effective they are, including how much of their resources go toward actually helping others.

There are many worthy causes that deserve your dollar’s attention, but you need to pay attention in order for the real charities to benefit the world. Do your part by taking time to vet out the details and you won’t be sorry to hear that your donations only enriched someone without really helping those in need.

Article Source: Miranda Marquit for MoneyNing.com

6 Things to Do if Your Identity is Stolen

Smartphone in hand, concept of data protection, blue

The best line of defense against identity theft is prevention, but when that fails you need to handle the situation correctly and swiftly. If you notice any mysterious purchases or your bank contacts you about confirming charges, your account may be compromised. If you believe that someone has stolen your identity, minimize the damage by following these steps.

1. Identify and close the account in question

The most common (and sometimes the only) way to discover compromised accounts is noticing fraudulent charges after they’ve posted. When you become aware of the situation, contact your financial institution as soon as possible, dispute the charges, and ask to either lock or close your account.

2. Look for other unauthorized charges

Next, you need to pull up your other accounts and scan old statements for additional charges you don’t recognize. If you find any questionable charges, call your financial institution and alert them of the problem. You may have to put a lock on a number of your accounts if your identity has in fact been stolen.

3. Review your credit report

When assessing whether you’re a victim of credit card fraud or identity theft, your last stop should be your credit report. By law, you’re entitled to at least one free credit report from each credit reporting agency every year. Request your reports and look for any account that you don’t recognize.

4. File a report with the FTC

After you have a pretty good handle on the extent of your problem, you need to file a report with the Federal Trade Commission. You only need to do this if you think that your identity has been stolen. The FTC doesn’t handle credit card fraud, so if only one account was touched you probably aren’t a victim of identity theft and don’t need to submit a report.

5. Set up a fraud alert

A fraud alert puts a red flag on your credit report and notifies both lenders and creditors that they should take extra steps to verify your identity before extending credit. All you have to do is call one of the three credit reporting agencies to place a 90-day alert on your reports. Don’t worry about any potential stigma that could come with this, it is a rather common practice nowadays.

6. Open new accounts and move forward

Most financial institutions advise opening up new accounts following identity theft, even those that might not have been compromised. After all is done, make sure that you implement preventative measures going forward. There are plenty of ways to make yourself a less likely target and they all take less work than recovering from being a victim.

Don’t wait until it’s too late! Be sure to enroll in First Financial’s Identity Theft Protection Program from Sherpa today. The best part? You can enroll right online, 24/7. You can trust in First Financial and Sherpa to help keep your personal information protected. Packages begin at just $5.99 per month – so click here to enroll today!

Article Source: Tyler Atwell for CUInsight.com

 

5 Things You Should Never Keep in Your Wallet

walletMore than 40% of identity fraud cases stem from a lost or stolen wallet or purse, according to insurance company Travelers’ claim data. If you’re carrying around these things in your wallet, you’re likely putting your identity and finances at risk.

1. Social Security Card

The #1 thing you should never carry in your wallet is your Social Security card.

“Your Social Security Number is the most vital piece of information for identity thieves, and the damage resulting from identity theft can impact your finances for years to come,” said Michael Bruemmer, vice president of consumer protection at credit reporting company, Experian.

If someone gets your number, he or she can use it to apply for credit in your name, file a tax return and claim a refund, or get a job and earn income that’s reported to the IRS — which will create problems for you at tax time, according to the Social Security Administration. For these reasons, losing a Social Security card can be devastating. While you can get a new Social Security Number, you must have evidence that someone is using your current one. However, some government agencies and businesses might still associate you with the old number — even after you make the switch.

2. Birth Certificate or Passport

When you go out, it’s best to leave your birth certificate and passport at home.

“Like your Social Security Number, these items contain some vital, personally identifiable information, and losing these will make it all too easy for thieves to steal your identity,” Bruemmer said.

Unfortunately, more than half of travelers surveyed by Experian said they carry their passports in their wallets. If you’re traveling overseas, opt to leave your passport locked in the hotel safe rather than keeping it with you while you’re out on the town.

3. Extra Credit Cards

A 2015 survey by Experian’s ProtectMyID identity service found that 47% of consumers don’t remove unnecessary credit cards from their wallets before traveling. Carrying numerous cards doesn’t just put you at risk on vacation, though. It’s also a dangerous habit.

“If your wallet is stolen and you have eight credit cards in it, that means you will have to cancel eight credit cards, dispute with eight different card companies if fraud does occur, as well as reset any autopay you had for those eight cards,” Bruemmer said. “The more cards you carry, the more opportunities you are giving a thief to steal your money or information, and the more work you are putting on yourself to reestablish accounts after a theft.”

It is recommended that you only carry your main credit card and perhaps a backup one. Only carry retailer cards in your wallet when you are headed to those specific stores. And make sure you have a record of your credit card account numbers and contact information for each card issuer stored at home, in case a card is stolen.

4. PINs and Passwords

Some people write down their debit card PIN and passwords for accounts in case they forget them and carry them in their wallets. However, this information should always be left at home in a secure place.

“If someone has access to your bank PIN or financial account passwords, they can easily steal money from your accounts or make purchases under your name,” Bruemmer said.

5. Checks

If you prefer writing checks to using a debit card, avoid carrying your entire checkbook around with you. Otherwise, thieves have easy access to your money in the event that your purse or wallet is stolen.

Checking account fraud can be especially difficult to resolve, according to the Identity Theft Resource Center. You should report your stolen checkbook to the police and keep a copy of the report to submit to any merchants or financial institutions at which your stolen checks were used.

Unfortunately, putting a stop payment on the checks that were stolen probably won’t be enough to fix the problem. According to the Identity Theft Resource Center, you’ll likely need to close your account to prevent further damage.

Don’t wait until it’s too late! Be sure to enroll in our Identity Theft Protection Program from Sherpa today. The best part? You can enroll right online, 24/7. You can trust in First Financial and Sherpa to help keep your personal information protected. Packages begin at just $5.99 per month – so click here to enroll today!

Article Source: Cameron Huddleston for Go Banking Rates, https://www.gobankingrates.com/personal-finance/things-never-keep-wallet/