Protecting your personal and financial information at Shore United Bank is our number one priority. 

In addition to the security features included in our online banking products and services, there are security measures you can take to protect your personal and financial data.

  • Select passwords that are difficult for others to uncover
  • Change your passwords frequently
  • Do not share your passwords
  • Keep personal documents in a safe at home or a safe deposit box
  • Shred personal documents before throwing them away
  • Monitor your credit
  • Review your bank accounts monthly
  • Protect your purse or wallet at all times
  • Protect your computer with up to date anti-spyware and anti-virus software
  • Don’t reveal personal information to unverified sources on the phone or the internet
  • Technology changes quickly but there are four fundamental things you can always do to stay secure: Four Steps to Staying Secure
  • If you think you provided personal information to a perpetrator, change your password immediately, monitor your account activity and contact us

Additional resources to take action against Identity Theft can be found at the Maryland Attorney General website.

  • Closely monitor your accounts for unauthorized transactions
  • Always use the log out button to end a browser session
  • Be wary of email as well as their attachments and links
  • Always contact us at the number on your account statement
  • Be cautious of clicking on pop-up windows
  • Be sure that your computer has the latest security updates available
  • Monitor your account activity by setting up alerts
  • Optional Visa Purchase Alerts- Anytime a qualified Visa transaction takes place that meets our defined parameters, you will receive an alert in seconds via e-mail and or text message. You can set alerts for amount thresholds, online orders, international transactions and more here: Visa Purchase Alerts.
  • The bank will NEVER call or email you asking for account numbers, personal information, debit or credit card information
  • Never give out your account information, PIN or debit or credit card information
  • Know and trust with whom you are doing business
  • Beware of bogus credit report solicitations
  • Typographical errors in emails are often signs of fraud
  • Beware of Scams - if it is too good to be true, it probably is and you should be aware of potential problems

Learn More About Online Fraud Scams

  • Maintain up to date virus protection on your computer
  • To insure that your computer has the latest security updates available, visit Microsoft website
Pass It On is the Federal Trade Commission's consumer education campaign designed to encourage older adults to talk to their friends, neighbors, and relatives about scams. Chances are good that someone you know has been scammed. They may not talk about it, but the statistics do. The truth is that sharing what you know can help protect someone who you know from a scam. The FTC has several articles that you can use to start a conversation. Click on the link below and pass on some information that could help someone you know.


Fraud Prevention Tips

  • Be suspicious of any unexpected email, even if it appears to be from someone you know. It is very easy for a criminal to forge any aspect of an email.
  • Never click on a link in an email without first hovering over the link and looking to see where it leads. If it doesn’t match the text of the link, do not click!
  • Whenever you have any questions about an email, contact the sender by phone or another means to verify whether they meant to send it to you.
  • If a link takes you to a sign in page, be certain you are at the correct place. Better yet, open a new browser window or tab and go to the website directly to log into your account.
  • Be especially wary of replies and forwards, especially replies to messages you never sent.
  • Watch out for messages that you are CC’d on, especially when it’s a large group or you don’t know any of the other people that the message was sent to.
  • If the message urges you to act immediately to avoid a negative consequence or offers to reward you with something of value, be skeptical. This is one of the most common tactics used by criminals.
  • If you receive an email from an online service or business partner that you are not expecting, proceed with caution (click to learn more).

I’ve been hearing about the Equifax breach in the news. What happened?

Equifax, one of the three major credit bureaus, experienced a massive data breach. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people.

Was my information stolen?

If you have a credit report, there’s a good chance it was. Go to a special website set up by Equifax to find out: https://www.equifaxsecurity2017.com/ . Scroll to the bottom of the page and click on “Potential Impact,” enter some personal information and the site will tell you if you’ve been affected. Be sure you’re on a secure network (not public wi-fi) when you submit sensitive data over the internet.

How can I protect myself?

Enroll in Equifax's services. Equifax is offering one year of free credit monitoring and other services, whether or not your information was exposed. You can sign up at https://www.equifaxsecurity2017.com/ .

• Monitor your credit reports. In addition, you can order a free copy of your credit report from all three of the credit reporting agencies at annualcreditreport.com. You are entitled to one free report from each of the credit bureaus once per year.

•  Monitor your bank accounts.  We also encourage you to monitor your financial accounts regularly for fraudulent transactions. Use online and mobile banking to keep a close eye on your accounts.

•  Watch out for scams related to the breach.  Do not trust e-mails that appear to come from Equifax regarding the breach. Attackers are likely to take advantage of the situation and craft sophisticated phishing e-mails.

Should I place a credit freeze on my files?

Before deciding to place a credit freeze on your accounts, consider your personal situation. If you might be applying for credit soon or think you might need quick credit in an emergency, it might be better to simply place a fraud alert on your files with the three major credit bureaus. A fraud alert puts a red flag on your credit report which requires businesses to take additional steps, such as contacting you by phone before opening a new account. 

How do I contact the three major credit bureaus to place a freeze on my files?

Equifax: Call 800-349-9960 or visit its website .

Experian: Call 888-397-3742 or visit its website .

TransUnion: Call 888-909-8872 or visit its website .

Where can I get more information about the Equifax breach?

You can learn more directly from Equifax at https://www.equifaxsecurity2017.com/. You can also learn more by visiting the Federal Trade Commission’s web page on the breach at https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do. To learn more about how to protect yourself after a breach, visit  https://www.identitytheft.gov/Info-Lost-or-Stolen. 

In response to media reports concerning cyberattacks leveraging Automated Teller Machines (ATMs), Financial Services Information Sharing and Analysis Center (FS-ISAC), American Bankers Association (ABA), Credit Union National Association (CUNA) and Independent Community Bankers of America (ICBA) developed this paper to explain how
cybercriminals conduct attacks and actions financial institutions may take to protect consumers.


Attacks Against ATMs

Cybercriminals target ATMs through both physical and computer-based means to steal funds for a cybercrime gang or a nation-state. These attacks often occur around holidays in an attempt to circumvent or delay detection. This may involve the creation of fraudulent payment cards at one or more financial institutions.


Four Types of ATM Attacks

  • Skimming attacks – Skimmers are devices that may sit on top of the ATM PIN pad and/or card slot or they may be inserted deeply into the card slot. Sometimes, criminals use a camera to capture a consumer’s PIN as it is entered.  Usually, the information captured from the skimmer and camera is used to create cloned cards.
  • Shimming attacks – These are similar to skimming attacks, except that criminals use special mechanisms inserted deeply within the ATM to capture the chip information on newer chip-enabled cards. Again, this information is used to create cloned cards.
  • Cash-out schemes – Criminals use ATMs either locally or globally to drain funds from multiple accounts held at one financial institution. These attacks use legitimate card numbers that were stolen in another campaign and involves the manipulation of the account balances and withdrawal limits to perform the theft. This attack is also referred to as an “unlimited operation”.
  • Jackpotting attacks – Like it sounds, in this attack criminals use physical and/or logical methods to force one ATM to dispense all the cash, just like a slot machine.

Common Misunderstandings About ATM Attacks

In many cases, the news media assumes that attacks against ATMs, no matter the type, result in the loss of funds to customers. However, most ATM attacks do not result in the loss of funds to customers as a result of consumer protection laws and business practices. The primary target of cash-out schemes and jackpotting, for example, is the financial institution, not consumers’ accounts. That said, if criminals have used legitimate payment card information (e.g., numbers, PINs), then the financial institution will replace the funds and may reissue cards for its customers. This is protection for both the institution and the consumers whose accounts were affected.


How Institutions Protect Their Consumers’ Accounts

Financial institutions around the globe are experienced at information security and leveraging industry best practices. Your financial institutions’ customer protections likely include the following:
  • Encryption of confidential information;
  • Restrictions on who can access systems where confidential information is stored;
  • Requirements for more than one person to approve high-risk procedures;
  • Systems that will detect and prevent network intrusions;
  • Settings and rules to prevent the loss of sensitive data;
  • Anti-virus and anti-malware applications to prevent malicious files from infecting the systems;
  • Programs that will prevent unauthorized applications or files from running on workstations;
  • Monitoring for anomalous behavior or activities on networks and ATM systems;
  • A regular cycle to manage patching or updating systems;
  • Alerts that will notify institution staff if of abnormal activity, such as an ATM being disarmed or disabled; and
  • Implementation of chip and PIN procedures for debit cards.
It is part of an institution’s cybersecurity program to keep the specific protections and programs they use confidential.
However, FS-ISAC works with a large number of financial institutions domestically and around the world, helping them
determine the best security practices to put in place and connecting them with their peers for further recommendations and
insights.
 

Steps Consumers Can Take

  • Customers are not responsible for unauthorized charges; however, there are steps consumers can take to help protect their
    accounts.
    Protect your debit and/or credit cards at all times; don’t share cards or PINs with others.
  • When using ATMs, be aware of your surroundings. Before using the ATM, look closely at the card slot and PIN pad
    for any abnormalities and glance up and around to see if you notice any cameras. If anything looks strange or
    unusual, do not use the ATM.
  • If you notice odd or peculiar behavior by others at an ATM (inserting a cable or using multiple cards to withdraw
    funds at one time), contact local law enforcement and the institution; do not use that ATM.
  • Be aware that institutions usually won’t contact you via text message or email about your debit or credit card, unless
    you have previously agreed to this method of communication; if you receive a suspicious text or email message
    claiming to come from your financial institution, contact your institution to check the legitimacy using the number on
    the back of the card.
  • Be aware that phone calls you receive may not actually be from your bank or credit union. You should not provide
    the full card number, PIN or CVV code over the phone. When in doubt, call the number on the back of your card to
    verify contact.
  • Be on guard against phishing attacks and do not open attachments or click links in emails you were not expecting.
  • Use two-factor authentication and other security features offered by your financial institution to protect your
    accounts.
  • Sign up for text or email alerts from your financial institution for certain types of transactions, such as online
    purchases or transactions of more than $500.
  • Notify your FI as soon as possible if you suspect that your card PIN or electronic banking credentials have been
    compromised.
  • Review account statements for any transactions you do not recognize; promptly notify your FI if you notice any
    unauthorized account activity. A small transaction (e.g. $0,01 or other small amounts) may be indicative of a criminal
    “checking” the card information to see if it is legitimate. A larger fraudulent charge typically follows.
Article Provided By:  Financial Services | Information Sharing and Analysis Center
Understanding ATM Attacks | © 2018 FS-ISAC, Inc. | All rights reserved. | fsisac.com | TLP WHITE
 

Protect yourself from identity theft and fraud.

Get The Facts about online scams