Your Security

Phishing, Vishing, Mishing, & Smishing – Don't Fall For It!

Phishing

Refers to emails sent to you by scammers, which are designed to trick you into providing your personal and banking information.

Examples of this type of email would be something claiming to be from your bank stating that they need you to verify account and/or personal information.

Often times there are spelling or grammar mistakes. They will also copy an institution's logo and message format. Call to verify any suspicious email before submitting information. Often times they will refer to you as ‘account holder’ or ‘customer’ rather than by your name. They will also sign the email with a fake employee name or just ‘online banking team.' 

Vishing

A combination of the words voice and phishing, vishing involves voice or telephone communication. In a majority of these, the telephone call will be automated. There are many different examples for this type of scam including fake charities, relief funds and lotteries.

Mishing

A combination of the words mobile and phishing, mishing involves the use of mobile phones in a scam. A typical mishing call or message involves a scammer posing as an employee from your financial institution or organization, claiming to need your personal details. Scammers can use mishing to verify your account information or to authorize purchases.

Smishing

If you receive a TEXT that appears to be from FSB asking you to confirm or decline a Zelle transfer, that’s a scam. Please delete those messages. Call FSB with any questions (do NOT use the contact information in the text.) FSB does not notify customers via text about potentially fraudulent Zelle transactions.

If you suspect phishing, vishing, mishing or smishing, contact your financial institution or the company to verify the call or email. Never use the contact information provided in either the call or email. Find the information yourself to verify it is correct. Sometimes the scammer will ask you to respond quickly, don’t. Their goal is to not give you time to think.

Protect Yourself

Strong passwords tips:

• Use length and complexity. Avoid using personal information in the password. For example, don’t use your name and birth date.
• Use at least one number.
• Use at least one capital letter.
• Use at least one symbol.
• Recommended minimum of 12 characters in length for strong passwords, and 15 characters for highly confidential sites.
• Think of a sentence, and use the first letter of each word in your password. For example:
  My 2nd son was born at 1:15 St. Lukes in May = M2swb@115SLiM
• Multifactor authentication is a system where you set up a password and possibly a text or an email confirmation to access your site. If any of the sites you use offer this, it is strongly recommended to use it.

Don’t get hacked

Make sure your computer is actively protected.

• Use different passwords for different accounts.
• Never share your password with anyone else.
• Never use a public computer (hotel, library, etc.) to log into an account.
• If you write down your password, be sure to store it in a secure location, never in public view. You may want to look into one of the software password manager tools that are available.

Scams

How to recognize them:

• If a financial institution sends you an email about account or personal info, contact them immediately before sending any information to insure its legitimacy. It is standard practice that Farmers State Bank does not request confidential information through email. Please report any such requests to Farmers State Bank.
• Avoid ‘pay now, get it later’ exchanges.
• Online sales – A scammer will purchase an item from you online, and send you a cashier’s check or money order, which is fake, and they will ask you to cash it first, and then send some of the money back to them.
• If you receive a notice that you are a winner in a lottery that you never entered, but in order to claim your prize, you must first send money in for taxes, this is a scam! Taxes are always taken out before you receive your prize.
• Relief fund scams – With the large number of catastrophic events around the world (tornados, hurricanes, etc.), it is easy for a scammer to pose as someone working for a relief fund that asks you to send money as a donation, often via phone. Always use caution in this type of situation.
• You are responsible and liable for items you cash or deposit into your account – whether it is a check, money order, transfer, etc.
• Do not accept payments for more than the amount of the service with the expectation that you send the buyer the difference.
• Be cautious when accepting checks from individuals you’ve only met online.
• Do not accept jobs in which you are paid or receive commission for facilitating money transfers through your account.

How to report a scam

If you think you are a victim, contact your financial institution immediately. They will help you take the proper precautions. Remember, if it sounds too good to be true, it probably is.

The power of AI

As technology advances, Artificial Intelligence (AI) is becoming more and more prevalent in our daily lives. Unfortunately, scammers have found a way to use this technology to their advantage by cloning the voice of their loved ones. They only need a short audio clip of their voice, which they can quickly obtain from online content, and a voice-cloning program. This means that when they call you, they'll sound just like your loved one.

So, how can you distinguish if it's them or a scammer using a cloned voice?

It's important to rely on something other than the voice. Instead, call the person who supposedly contacted you and verify the story using a phone number you know is theirs. If you can't reach your loved one, try to contact them through another family member or their friends.

Be aware that scammers often ask you to pay or send money in ways that make it hard to get your money back. If the caller requests you to wire money, send cryptocurrency, or buy gift cards and give them the card numbers and PINs, these could be signs of a scam.

Identity Theft

Identity theft is defined as someone stealing another’s personal information such as social security number or credit card to use as their own with no authority. There are additional forms of identity theft including: Skimming machines (copies the magnetic strip off of a card), credit cards (using someone else’s credit card/number), social networks, computer hacking, dumpster diving (finding important docs in the trash), and more.

• If you are a victim, keep detailed records of all correspondence.
• Close all accounts that have been tampered with immediately.
• If a social security number has been compromised, put a credit hold on it to stop any further misuse.
• Shred all important documents that have personal information if they are no longer needed, otherwise keep them in a safe spot. If documents containing personal information are thrown away, it is now in the hands of dumpster divers.
• It is important to increase your education on preventing identity fraud because no one can guarantee that they will never become a victim.

Online & Computer Security

• Protect your privacy. Be cautious about posting personal information such as date of birth, phone number, email address, home address, etc.
• Protect your online reputation. Businesses will often look online for more information about job seekers. A lot can be said about pictures and posts, so don’t put anything up that could be misleading or cost you your job.
• Remember, once it’s online, it’s there for the whole world to see.
• Back up all your information on an external hard drive, CD, DVD, or USB flash drive.
• Clear all personal data from your computer before donating or disposing of it. Manually deleted computer files can still be recovered, so contact the computer manufacturer’s technical services department and ask how to properly delete personal files.
• Make sure to promptly apply any security patches for your system as well as security updates to any software you run.

For this information and more on safety and security, visit:

• Microsoft/Protect
• US Government's Website for Identity Theft
• Banks Never Ask That
• TransUnion
  Phone: 1-800-680-7289
• Equifax
  Phone: 1-800-525-6285
• Experian
  Phone: 1-800-397-3742

Fraud Prevention Articles