1. The FDIC does not directly contact bank customers (especially related to ACH and wire transactions, account suspension, or security alerts), nor does the FDIC request bank customers to install software upgrades. Such messages should be treated as fraudulent and the account holder should permanently delete them and not click on any links.
2. Messages or inquiries from the Internal Revenue Service, Better Business Bureau, NACHA, and almost any other organization asking the customer to install software, provide account information or access credentials is probably fraudulent and should be verified before any files are opened, software installed, or information is provided.
3. Phone calls and text messages requesting sensitive information are fraudulent. If in doubt, account holders should contact the organization at the phone number the customer obtained from a different source (such as the number they have on file, that is on their most recent statement, or that is from the organization’s website). Account holders should not call phone numbers (even local prefixes) that are listed in the suspicious email or text message.
Fake Mobile Banking apps
Criminals may develop and publish fake mobile banking applications that look like official Grinnell State Bank apps but are in truth designed to steal your online banking credentials. Here are tips for recognizing an unofficial Grinnell State Bank app.
- The developer or author of the applications is not Fiserv Solutions, Inc.
- The app is being promoted on a third-party site, somewhere other than the official app store for your mobile device
- There is a charge for downloading the app—Grinnell State Bank does not currently charge for mobile app downloads.
To help protect your accounts and information, never download or install a Grinnell State Bank Mobile Banking app if you spot any of these warning signs.
SMShing and smishing are like phishing (which typically happens via email), but take place via SMS text message. A criminal sends you a text message that tries to trick you into replying with financial or personal information or clicking on links that will sneak viruses onto your mobile device. Don’t respond to a text message that requests personal or financial information. Grinnell State Bank will never ask you to provide your information in this way.
Lost and stolen devices
Mobile phones and tablet devices offer convenience, but they’re also easy to lose or steal, which can put your information at risk. Here are some ways you can protect yourself now in the even your device is lost or stolen later:
- Password-protect your device so it can’t be accessed unless the password is entered
- Enable an automatic screen locking mechanism to lock the device when it’s not actively being used
- Consider using a remote wipe program that gives you the ability to send a command to your device that will delete any data
- Keep a record of the device’s make, model and serial number in case it’s stolen
Traditional online threats
Viruses, malware and other programs intended to steal your personal information or financial details can infect some mobile devices. If your table supports a traditional anti-virus product, consider installing that software. Backup the device’s data and keep the copy in a safe and secure location. This will allow you to restore your data in the event you need to wipe the device clean to remove a harmful software threat.
Free Public Wifi is everywhere.. hotels, airports, coffee shops, restaurants and even stores; but should you use it?
Experts advise that you should never enter personal and confidential information into your phone or laptop while using public wifi and to avoid public wifi altogether when dealing with confidential information. This includes credit card information, logins, passwords, etc. Hackers can set up a bogus wifi access and name it “free public wifi” and have instant access to your phone or laptop once you connect.
A business offering wifi access that requires a password, that is a much safer bet; but you are usually much better off waiting to do anything with sensitive information until you are on your cellular service or at home.
With more commerce occurring online the Cybersecurity and Infrastructure Security Agency (CISA) reminds shoppers to remain vigilant. Be especially cautious of fraudulent sites spoofing reputable businesses, unsolicited emails claiming to be from charities, and unencrypted financial transactions.
CISA encourages online holiday shoppers to review the following resources:
- CISA’s Online Shopping Tip
- CISA’s Holiday Online Shopping page
- CISA’s Social Engineering and Phishing Attacks Tip
- The Federal Bureau of Investigation’s (FBI’s) ‘Tis the Season for Holiday Online Shopping Scams – Don’t Be a Victim Announcement
If you believe you are a victim of a scam, consider the following actions:
- Report the incident to your local police, and file online reports at the Federal Trade Commission’s Report Fraud page and the FBI’s Internet Crime Complaint Center (IC3) page.
- Watch for unexpected or unexplained charges to your account. If any appear, contact your financial institution immediately and close any accounts that may have been compromised.
- See CISA’s Preventing and Responding to Identity Theft Tip for more information.
- Change any passwords you might have revealed immediately. Avoid reusing passwords.
- See CISA’s Choosing and Protecting Passwords Tip for more information.