At Belmont Federal Savings and Loan, we take Internet Security seriously. We value our Customers and the relationships we have built with you and your family and hope that you never become the victim of Cyber-Fraud or Identity Theft. Because Cyber-Fraud and Identity Theft are such fast-growing crimes, we want you to be aware of the basic precautions you can take to protect yourself.

Internet fraud can be any type of scheme that uses the Internet-chat rooms, email, message boards or websites-to deceive prospective victims. These schemes, scams and frauds take advantage of the Internet’s unique capabilities-sending email messages worldwide in seconds or posting website information that is readily accessible from anywhere in the world - to carry out fraud quicker than ever possible in the past.

Phishing
Phishing is a high-tech scam that uses spam or pop-up messages to trick you into disclosing your personal credit card numbers, bank account information, Social Security number, passwords or other sensitive information.

Phishers send an email or pop-up message that claims to be from business or organization that you deal with. For example, the email may purport to be from your Internet service provided (ISP), bank, online payment service, or even a government agency.

The message usually says that you need to “update” or “validate” your account information. It might threaten some dire consequence if you don’t respond. The message usually contains a link to what appears to be the bank WEB site that looks just like a legitimate organization’s site but is in fact a bogus site created to STEAL your identity and account information.

Listed are a few tips to help you avoid getting hooked by a phishing scam:

CYBER–DEFENSE TACTICS:

If you receive an email that warns you, with little or no notice, that your account will be shut down unless you reconfirm certain information, do not click on the email link. Instead, use a phone number or enter the web address yourself. Clicking on a link that looks legitimate may in fact direct you to a fraudulent website where crooks will steal your personal information. Remember, your bank or a government agency will never send you an alert asking you to disclose your personal information.

Before submitting any financial information to a legitimate website, look for the “lock” icon on the browser status bar, or look for “https” in the web address. Both are indications that the information is secure and encrypted during Transmission.

Report suspicious activity to the Federal Trade Commission (FTC) Consumer Response Center (www.ftc.gov).

You can file a complaint with the FTC against a company or organization that you believe has cheated you by contacting the Consumer Response Center by phone:

toll free 877-FTCHELP (382-4357) – TTY: 202-326-2502

Spoofing
Web spoofing allows an attacker to create a “shadow copy” of any legitimate website. Access to the shadow web is funneled through the attacker’s machine, allowing the attacker to monitor all of the victim’s activities, including any passwords or account numbers the victim enters. The attacker can also cause false or misleading data to be sent to web servers in the victim’s name, or to the victim in the name of any web server. In spoofing, an attacker gains unauthorized access to a computer or a network by making it appear that a malicious message has come from a trusted machine be “spoofing” the address of that machine. Phishing and spoofing often go hand-in hand in Internet fraud.

CYBER-DEFENSE TACTICS:

Be wary of unsolicited or unexpected emails from all sources.

If an unsolicited email arrives, treat it as you would a phishing source. Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.

Identity Theft Frauds
Internet fraudsters often use identity theft as a starting point for larger crimes. In one case, criminals obtained the names and social security numbers of military personnel then used them to apply to a bank over the internet for credit cards. In another case, stolen personal data was used to submit car loan applications online.

CYBER-DEFENSE TACTICS:

Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.

Your personal information can be obtained by “phishing,” “spoofing,” or the old fashioned way – dumpster diving. Make sure your unused checks, bills, credit/debit card receipts, credit card applications you receive in the mail where you have already been pre-qualified and statements are shredded before discarding.

General Tips Against Cyber-Fraud
Use Anti-Virus Software and keep it up to date. Some phishing emails contain Software that can harm your computer or track your activities on the Internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications or troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.

A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It’s especially important to run a firewall if you have a broadband connection. Finally, your operating system (like Windows or Linux) may offer free software “patches” to close holes in the system that hackers or phishers could exploit.