Online Fraud Protection
This page includes categories on:
- Learn about e-mail and online fraud.
- Report e-mail and online fraud.
- More about privacy and security.
E-mail and Online Fraud
What is online fraud
Phony e-mail messages sent to you for the purpose of stealing personal and financial information are among the most common types of e-mail fraud.
Disguised as legitimate e-mail and claiming to be from sources you trust, these messages attempt to entice you to provide various types of personal and confidential information, including online IDs and passcodes, Social Security numbers and account numbers.
This is the most common type of online fraud, and is called "phishing and spoofing". Criminals send these phony email messages or direct someone to a fraudulent website for one goal, to steal personal and financial information. Community Bank and Bank of America e-mails will never ask you for any personal data such as your SSN, ATM/debit card number or PIN. To report suspicious e-mails that utilize Community Bank or Bank of America's name, please forward the e-mail as an attachment to abuse@bankofamerica.com
Enhanced security with your personal image
Enhanced security login features quick and easy security measures that help prevent fraud and identity theft whenever you sign in to Online Banking.
These features include a personal image and phrase that we will always display before you are asked to enter your password. By verifying that your personal image and phrase are correct, you'll know that the site you are visiting is the actual Community Bank website and not a "spoof" site. At the time you establish your personal image and phrase or any time you log in, you'll also have the opportunity to have online banking remember your computer. This allows us to evaluate your computer to ensure that the sign in is not a fraudulent attempt to access your account information.
When you sign up for your personal image and phrase, we ask you to provide answers to 2 challenge questions. If there is ever an attempt to access your account(s) that we do not recognize, we will ask these questions.
What you need to remember to benefit from these new security features is simple: Once you've signed up, never enter your password without seeing your personal image and phrase first.
Recognizing e-mail fraud
Spotting phony e-mail messages is not always easy. And the criminals who use them are becoming more sophisticated about creating them.
Phony e-mail messages may ask you to reply directly or click on a link that takes you to a fraudulent Web site that appears legitimate. In either case, they will generally ask you to provide sensitive personal, financial or account information.
Here are some tips for spotting phony e-mails:
- Urgent appeals. Frequently, these e-mails claim that your account may be closed if you fail to confirm, verify or authenticate your personal information immediately.
- Requests for security information. Fraudulent e-mails often claim that the bank has lost important security information that needs to be updated. They also may request that the user visit and update this information online.
- Typos and other errors. Fraudulent e-mails or Web sites may contain typographical or grammatical errors. The writing may also be awkward, stilted or inappropriate. The visual or design quality may be poor.
Protecting yourself against e-mail or online fraud
- Make sure the security features of your computer software, including your Web browser, are up-to-date. Software companies continuously provide security updates to their products. To learn more about keeping your computer security current, get tips and information from Microsoft (http://www.microsoft.com/security/protect/) or visit the National Cyber Security Alliance (http://www.staysafeonline.info).
- Don't take anything for granted. Always keep in mind that forging e-mails and creating fraudulent Web sites is not difficult.
- Confirm the validity of all requests for sensitive personal, financial or account information, particularly if they are made with an urgent or threatening tone.
- Call the company directly to confirm requests for updating or verifying personal or account information.
- Confirm requests for personal or account information by going to the company Web site directly. Open a new browser window, type the Web address and check to see if you must actually perform any activity that an e-mail may be asking you to do, such as change a passcode.
- Do not share your IDs or passcodes with anyone. Choose passcodes that are difficult for others to guess and use a different passcode for each of your online accounts. Use both letters and numbers and a combination of lowercase and capital letters if the passcodes or personal identification numbers (PINs) are case sensitive. Change your passcode often.
- If you think you may have provided personal or account information in response to a fraudulent e-mail or Web site, report the fraud immediately, change your passcodes and monitor your account activity frequently.
- Always sign off Web sites or secure areas of Web sites (for example, Online Banking) for which you use an ID and passcode to enter.
- When your computer is not in use, shut it down or disconnect it from the Internet.
- Be careful and selective before providing your e-mail address to a questionable Web site. Sharing your e-mail address makes you more likely to receive fraudulent e-mails.
- Review your monthly credit card and bank account statements thoroughly. Investigate suspicious items immediately to head off any possible fraud before it occurs.
Protecting against online viruses
In addition to protecting yourself against e-mail and online fraud, you should also be aware of the danger of online viruses to damage or compromise the security of your computer.
- Anti-virus protection. If your computer becomes infected with a virus, you could possibly lose information and incur repair expenses. Make sure your computer has an anti-virus protection program installed to reduce the risk of your computer becoming infected.
- Automatic upgrades. We recommend that you purchase a program that automatically upgrades your virus protection on a recurring basis. If you do not have this automatic upgrade feature, make sure you update your virus detection program weekly and when you hear of a new virus.
- Attachments. We advise you not to open attachments or diskettes unless you are certain that you can trust the source. Learn how to manually screen diskettes and attachments if your anti-virus software does not automatically screen for viruses.
- Contact your ISP. Your Internet Service Provider (ISP) may have additional recommendations and technical support for protecting yourself against online viruses, e-mail fraud and spam. We suggest that you contact your ISP for recommendations specific to your computer and network.
Reporting Fraud
Identity theft
If you suspect that someone has gained access to important personal information such as your Community Bank account number or your Social Security Number and may use that information for illegal purposes or to withdraw money from your account, immediately call the phone number on your account statement or contact your nearest banking center.
Learn about protecting yourself against identity theft.
The Federal Trade Commission (FTC) provides a variety of useful information and resources related to identity theft, including an ID Theft Affidavit for disputing accounts opened in your name without your authorization. Visit the FTC ID Theft Web Site. (http://www.ftc.gov/bcp/edu/microsites/idtheft/index.html)
Alerting a credit bureau
If you suspect you might be a victim of identity theft, contact any of the three major credit bureaus to place a fraud alert on your credit file. You also can order a credit report to identify any unauthorized activity.
Lost or stolen ATM card or Debit Card
Report your lost or stolen ATM card or Debit Card immediately by calling 1-800-239-9427 and select Option 6 from the Main Menu and Option 1 from the sub-menu. Your call will be transferred to our Lost and Stolen Department.
