Be Safe Online
It's the most wonderful time of the year - if your shopping smart online. The following are some helpful tips when shopping online this holiday season and all year round.
- Watch for mobile malware - especially deals for black Friday and cyber Monday.
- Be cautious when looking for free mobile apps - may be an attempt to steal information.
- Watch for malicious screensavers, ring tones and e-cards.
- Watch for purchase offers of fake anti-virus software - this scam may trick you into purchasing the software.
- Secure your computer - at a minimum, have anti-virus, anti-spyware and a firewall.
- Remember to turn off your computer when you're done shopping.
- Watch for social media scams - phony Facebook and Twitter sites or other online promotions and contests.
- Beware of scammers advertising popular holiday items.
- Check out the seller of items - research before you buy.
- Don't fall for the mystery shopping scam asking you to shop for $XX dollars (ex: $100). Online coupon scams may ask for your personal or financial information using email.
- Holiday phishing scams - Don't fall for emails, text messages or phone calls asking for personal or financial information.
- Monitor credit, debit and account numbers used for your holiday shopping to help identify any unauthorized usage.
- Vacation scams - don't post holiday pictures until you are back home.
- Lighted parking lots - survey the parking lot surroundings. Make sure you have your car keys in your hands before entering the parking lot.
If an offer or item sounds too good to be true, it's probably a scam.
Be Safe When Banking Online
Visions Federal Credit Union makes every effort to ensure that our members' information is safe and secure. We have taken steps to enhance and secure your Visionline access. At this time we wanted to educate you about a potential threat involving online account access. E-mail and Internet-related fraudulent schemes, such as "phishing" are being perpetrated with increasing frequency, creativity and intensity. Phishing involves the use of seemingly legitimate e-mail messages and Internet websites to deceive members into disclosing sensitive information, such as bank account information, Social Security Numbers, credit card numbers, passwords and personal identification numbers (PINs). Financial institutions have reported an increase in fraud attempts involving the exploitation of valid online banking credentials. These recent attacks are being referenced as "Spear Phishing," which usually comes in an e-mail. Below is a description of the attacks and prevention tips to help keep your online banking and internet transactions safe from "phishing" attacks.
A "spear phishing" e-mail contains either an infected file or a link to an infectious Web site. The e-mail recipient is usually a person within a company who has initiated funds transfers. Once the user opens the attachment or navigates to the website, malware is installed on your computer. This malware contains a key logger, which in turn will compromise the users' online authentication credentials. The attacker will then initiate a funds transfer by logging into your internet banking accounts. * There is no guarantee that you can protect yourself from a "spear phishing" attack. It is important to educate yourself and be wary of any e-mails received containing attachments or directed to links through e-mails. You should never assume that just because you know the address the e-mail was sent from, that the e-mail is safe. Any e-mail that contains an attachment that arrives unexpectedly could contain malware, even if its not "spear phishing" malware. Simply requesting that friends and co-workers notify you before they send you an attachment will reduce the risk of becoming a victim in these fraudulent attacks. Don't take any chances.
Educate yourself to stay safe online using these prevention tips:
- Dedicated Computer: Carry out all Visionline activities from a stand-alone or dedicated computer from which e-mail and Web browsing are not possible, if possible. Protect the computer with a firewall and antivirus software.
- Bootable Operating System: Use a bootable read-only operating system to conduct financial transactions online. The operating system is written to a read-only USB flash drive. The bootable system would be configured with only the services and applications needed to perform financial transactions. When the user needs to access the online banking system to initiate electronic funds transfers, they would boot the read only USB flash drive on their existing computer or the dedicated computer established for this purpose. Any malware that exists on the computer would not impact the user using the bootable flash drive.
- Password Strength: Use strong passwords. Strong online banking passwords are at least seven characters in length, alphanumeric, case sensitive and require the use of at least one special character (e.g., !,#,$,%, etc.).
- Change Passwords: Change your passwords every 45-60 days.
- Security Software: Protect your home computer with anti-virus and spy-ware software and a firewall. Update your software frequently.
- Time and Date of Last Access: You should check the date and time of your account was last accessed after logging into your account. This may help you identify unauthorized access.
- Public Access Computers: Please be aware of the risks of using computers that are accessible to the public to access our credit union accounts. Computers accessible to the public may be infected with viruses and/or malicious software, such as keyloggers.
- Logout Procedures: Always logout of your online banking session by clicking the logout button rather than just simply closing the browser window or using the "backspace" key. Please keep in mind that if you are using Visionline and Bill Pay, you must log out of each session to fully be logged out.
- Reconcile Accounts: Reconcile all accounts and transactions on a daily basis instead of monthly.
- Type the URL: Never access a website from a link in an e-mail, especially a site asking for personal information.
- Be Alert Online: Beware of e-mails offering a prize or discount, then asking you to enter a user ID and password (thieves will collect login information, since most login's are the same for all sites). Be aware that fraudulent e-mails often contain poor grammar or misspelled words.
- Email is Not Secure: Do not include personal or sensitive data in an e-mail.