Customer Security

The fraudulent e-mails are part of a scam known as "phishing." Phishing is the fraudulent scheme of sending an email to a user falsely claiming to be a legitimate company. The e-mail attempts to con the user into surrendering private information that could later be used for identity theft. The e-mail directs the user to visit a web site where they are asked to update personal information, such as name, account and credit card numbers, passwords, social security numbers and other information. The Web site, however, is bogus and set up only to steal the user's information.

If you get an e-mail that warns you, with little or no notice, that an account of yours will be shut down unless you reconfirm your billing information, do not reply or click on the link in the e-mail. Instead, contact the company cited in the email using a telephone number or Web site address you know to be genuine. Avoid e-mailing personal and financial information. Before submitting financial information through a Web site, look for the "lock" icon on the browser's status bar. It signals that your information is secure during transmission.

Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances. Report suspicious activity to the FTC. Send the actual spam to uce@ftc.gov. If you believe you’ve been scammed, file your complaint with the Federal Trade Commission on their external site, www.ftc.gov, and then visit the FTC's Identity Theft Micro Site to learn how to minimize your risk of damage from identity theft.

Jefferson Bank will continue to educate and alert our customers so reasonable precautions in the use of their personal financial information can be taken.

Surprising to most people is that identity theft is actually a very easy crime to commit. In fact, over 1,400 people are victimized each day. That being the case, it is important for you to know how these thieves operate so you can protect your personal information.

At the heart of the crime is the thief obtaining information that most people would assume only the true owner of the information would know. Common examples are social security numbers, driver's license numbers, financial institution account numbers, mother's maiden names, and passports.

Thieves obtain this information in numerous ways. Some thieves will steal wallets, purses, and even mail. Others will listen and/or watch a person conduct personal business, such as talking on the telephone or getting cash from an automated teller machine. Thieves will also deceive or trick people into disclosing personal information through phone scams, via the mail, or on the Internet.

Very aggressive thieves will even obtain personal information by using a process referred to as "pretext calling." Pretext calling occurs when an individual contacts an entity in possession of a customer's personal information and cons the entity into releasing the information by acting as the customer or someone authorized to have the customer's information.

Once a thief has possession of the information, the thief will apply for credit cards, loans, phone services, or just about any other service where economic gain can be realized without actual payment. When applying for credit cards, loans, or other services, thieves will often intentionally use incorrect addresses or complete change of address forms on existing accounts so the victim will not be immediately aware of the crime.

Identity theft can cause its victims numerous problems. Most significantly, it can destroy the financial history you have worked so hard to obtain. Repairing your credit history can require significant time and money. You may not be able to stop a thief until thousands of dollars of debt have been attributed to you.

The following are just some of the ways you can reduce the risk of identity theft:

• Keep your credit cards, debit cards, personal identification numbers (PINs) and other passwords, checks, social security cards, or documents which bear your social security number, health insurance cards, driver's license and number, and other personal information where they will be safe. When disposing of these items, do so by shredding.
• Keep your deposit and withdrawal slips, credit card purchase receipts, financial institution statements, credit card statements, utility bills, medical bills, insurance information, investment updates, and credit card solicitations where they will be safe. When disposing of them, do so by shredding.
• Don't put your trash out until shortly before it will be picked up.
• Mail bill payments and other items that contain personal information at a U.S. Postal Service drop box rather than in your curbside mailbox. Don't put any mail in your curbside mailbox until shortly before it will be picked up.
• Take your mail out of your curbside mailbox as soon as possible after it has been delivered. If you are traveling, have the U.S. Postal Service hold your mail or have someone you trust pick it up daily.
• Limit the information on your checks, and don't carry around any more cards than necessary.
• Don't give any of your personal information to any web sites that do not use encryption or other secure methods to protect it.
• Use a firewall if you have a high-speed Internet connection. This software can be purchased online or from most software retailers.
• Don't use PIN's or passwords that are easy to guess (for example, don't use birth dates or spouse, child, or pet names.
• Examine your credit card and financial institution statements immediately upon receipt to determine whether there were any unauthorized transactions. Report any that you find immediately to the financial institution.
• Make prompt inquiry if bills or statements are not received in a timely fashion - this could mean that they are being diverted by an identity theft.
• Obtain copies of your credit report annually from each of the three major credit-reporting agencies (identified in item 2) to be sure that they are accurate.
• You may also wish to do the following Request not to receive any further pre-approved offers of credit by calling 1-888-5-OPT-OUT.
• Ask to be removed from national direct mail lists by writing to the DMA Mail Preference Service, P.O. Box 9008, Farmingdale, NY 11735-9008. Include your name and address.
• Ask not to receive telephone solicitations from national marketers by writing to the DMA Telephone Preference Service, P.O. Box 9014, Farmingdale, NY 11735-9014. Include your name, address, and telephone number.

In the event that you suspect your identity has been stolen or you are, in fact, certain that it has been stolen, follow these simple steps:

1. Immediately contact the Federal Trade Commission:
   • http://www.ftc.gov
   • 1-877-IDTHEFT (877-438-4338)
   • Consumer Response Center, F.T.C.
     600 Pennsylvania Avenue NW
     Washington, DC 20580
2. Contact the three credit reporting agencies to put yourself on Fraud Alert and request a copy of your credit report:
   • Equifax - P.O. Box 740250, Atlanta, GA 30374-0250, or call 800-525-6285.
   • Experian - P.O. Box 1017, Allen, TX 75013, or call 888-EXPERIAN (888-397-3742)
   • TransUnion - P.O. Box 6790, Fullerton, CA 92634, or call 800-680-7289
3. Cancel all accounts that have fraudulent activity or are at risk,
4. Contact your local law enforcement agency,
5. If you know or suspect that your mail has been stolen, contact the United States Postal Service,
6. Keep detailed records of any theft of your identity and of your efforts to resolve the same.
   • Log the date, time, and amount of any unauthorized activity on your accounts.
   • Log the date, time, duration, and cost of any phone calls.
   • Log the date and cost of any mailings and keep copies.

The second scheme involves Fraudulent ANTI-TERRORIST STOP ORDER letters, purportedly sent by the Financial Crimes Enforcement Network (FinCEN). These letters are being sent to bank customers. Copies of these ANTI-TERRORIST letters have been received by FinCEN that notify consumers that mandatory fees, in amounts of approximately $25,000, are required for the issuance of a ANTI-TERRORIST CERTIFICATE before transactions may continue to be conducted.

These letters were NOT sent by FinCEN and represent a fraudulent attempt to elicit funds from customers. Please see FinCEN's Website to see an example of one of these letters. Consumers should NOT provide any information nor send any funds, to any address as indicated in these letters. Further, consumers should NOT follow any instructions contained in these letters to access their accounts on-line.

Further, there are instances in which other letters are being circulated which claim that FinCEN is freezing assets and endorsing investment schemes. FinCEN does NOT have authority to freeze assets and does NOT endorse investment schemes.

FinCEN is working closely with law enforcement agencies to identify the source of these letters and disrupt these scams. Until this is accomplished, if consumers receive any letters such as these, or experience any similar attempts to obtain account information or funds, they are requested to notify FinCEN at webmaster@fincen.treas.gov

A fraudulent email purporting to be from the American Bankers Association is asking consumers to provide personal account information, including their Social Security numbers and credit card information. ABA did not - and would not - authorize such a communication. Similar so-called "phishing" incidents have been increasingly common on the Internet, targeting banks and other institutions - and even the FDIC recently. ABA is working with law enforcement officials to identify the source of the emails and to disrupt transmission.

The association advises consumers:

• Never give out personal financial information to anyone unless you have initiated the call, email or contact;
• If you have responded to this bogus email, contact your financial institution immediately to protect your account; and
• Forward fraudulent emails that use ABA's name to alert@aba.com.

ABA members may want to alert their customer service representatives and other customer-contact personnel to the existence of the fraudulent email so that they can answer customers' questions.

The next time you order checks you may want to have only your initials (instead of first name) and last name put on them. If someone takes your checkbook they will not know if you sign your checks with just your initials or your first name but your bank will know how you sign your checks.

When you are writing checks to pay on your credit card accounts, DO NOT put the complete account number on the "For" line. Instead, just put the last four numbers. The credit card company knows the rest of the number.

Use another phone number on your checks instead of your home phone. If you have a P.O. Box, use that instead of your home address. Never have your Social Security number printed on your checks. You can add it if it is necessary. But if you have it printed, anyone can get it.

Place the contents of your wallet on a photocopy machine, do both sides of each license, credit card, etc. You will know what you had in your wallet and all of the account numbers and phone numbers to call and cancel. Keep the photocopy in a safe place. Also carry a photocopy of your passport when traveling either here or abroad.
If your wallet is ever lost or stolen here is some critical information to limit the damage:

• Cancel your credit cards immediately. Have the toll free numbers and your card numbers handy so you know whom to call. Keep those where you can find them.
• File a police report immediately in the jurisdiction where it was lost or stolen, this proves to credit providers you were diligent, and is a first step toward an investigation.
• Call the three national credit-reporting organizations immediately to place a fraud alert on your name and Social Security number. The numbers are:
  
  Equifax: 1-800-525-6285
  Experian (formerly TRW): 1-888-397-3742
  Trans Union: 1-800-680-7289
  Social Security Administration (fraud line): 1-800-269-0271

The Fair and Accurate Credit Transaction (FACT) Act, passed by Congress in 2003, now offers free access to credit reports. You can request one free credit report every 12 month-period from each of the three national reporting agencies, Experian, Equifax and TransUnion. You must use either the new toll-free telephone number (877) 322-8228, the annualcreditreport.com website or a special mailing address - Annual Credit Report Request Service, P.O. Box 105281, Atlanta Georgia 30348-5281.

Educating yourself is the first step-just reading this means you're on the right track!

What you can do:

• Don't click on links in unsolicited emails, especially those asking for personal information.
• Go directly to our site. The best way to get to any site is to type in the address (URL) directly into your browser and then bookmark it. Be careful with your spelling.
• Make sure you only conduct web-based transactions on a "secure" page.
• Change your password frequently. Every 30-60 days is recommended.
• Keep your operating system and browser up-to-date.
• If you have any suspicion, contact us immediately at info@jeffersonbank.com

"Spyware" or "spy software" are programs installed on your computer, without your knowledge, to track your activity.

These programs may go unnoticed by some anti-virus software, since spyware is not a computer virus. However, since spyware uses memory and disk space, you may notice slow performance of your Internet browser or other software. Pop-up ads and unexpected toolbars are also warning signs of spyware.

• Update your computer operating system on a regular basis.
• Keep your browser current with the latest security updates.
• Use updated anti-virus software. Common programs include: McAfee VirusScan and Symantec Norton AntiVirus
• Use updated anti-spyware software - and consider using more than one, to ensure the most thorough scan. Common programs include: McAfee AntiSpyware and Symantec Norton SystemWorks
• Change your passwords on a regular basis, as a good practice, to help prevent unauthorized access.
• Download free software only from websites you know and trust.
• Do not install software without knowing exactly what it is or what it will do (read the end-user-license-agreement).
• Close pop-up ads by clicking the "X" instead of clicking within the advertisement itself.
• Review your browser security settings and set them to a high enough level to help detect unauthorized downloads. (Click your browser's "Help" menu for steps).
• Do not click links inside spam e-mail, especially e-mails claiming to offer anti-spyware software.
• Install a personal firewall on your computer. A firewall works like a filter that prevents access to information on your computer.

To remove spyware from your computer:

• Install an anti-spyware program from a trusted source
• Set it to scan your computer on a regular basis
• Remove unwanted software it detects

• Deposit outgoing mail at the Post Office.
• Remove incoming mail from your personal mailbox as soon as possible, or use a P.O. Box or locked, secure mailbox.
• Request a mail hold (online from the United States Postal Service or call them
• at 1-800-275-8777) if you plan to be away from home for an extended period.
• Know your billing cycles. If bills are late or missing, contact your creditors.
• Watch for your new or replacement Checkcard from us. You should receive it within five business days.

Do not give out personal information, such as your account numbers, card numbers, Social Security/tax identification numbers, passwords, or PINs, unless you have initiated the call.

If you ever believe you are not talking to a representative of a legitimate company, hang up and call the phone number listed in the telephone book.