NEW Debit Card Security |
|||
Fraudulent emails/websites |
|||
Identity Theft
Identity Theft continues to be among the nation’s fastest-growing types of fraud, impacting millions of people each year. Central Valley Community Bank is committed to helping our customers protect their personal information with these tips:
- Don’t carry your Social Security number, memorize it and keep the card at home
- Watch for the timely arrival of monthly bills and statements in the mail
- Mail your bills inside the post office, rather than using a mailbox near the street
- Don’t share your account numbers over the phone or anywhere others can hear you
- Keep your eye on your credit card at all times while making purchases – a dishonest clerk may distract you and swipe it through a second scanner that records your information
- Keep track of all credit card receipts and shred any you don’t need
- Shred any unneeded documents that contain bar codes, account numbers or other sensitive data
If you would like more information on Identity Theft, you can do the following:
- View our Identity Theft Quick Guide
- Visit any one of our Central Valley Community Bank Office locations to pick up an Identity Theft Packet or download it here
- Visit the Federal Trade Commission
- Consumers who want to learn more about computer security and online scams can find additional information at FDIC - Don't Be An Online Victim or On Guard Online.
- Business and local government agencies can find cyber security resources at US - Cert.
What is Phishing?
Phishing is a high-tech scam that uses spam e-mail or pop-up messages that appear to be from a legitimate source, and deceive you into disclosing your Social Security number, bank account information, credit card numbers, passwords, or other sensitive information. Phishing e-mails or pop-up messages are sent claiming to be from a business or organization that you associate with like your bank, Internet service provider, online payment service, or a government agency. Although they can be difficult to spot, the phishing e-mails usually ask you to click a link back to a fraudulent website to provide, update or confirm your personal information. What you need to know:
- Don't open e-mails if you do not know the sender
- Delete any suspicious e-mails as soon as you receive them
- If you receive an e-mail that looks legitimate, but asks for personal or financial information, do not reply or click on the link in the message
- Legitimate companies do not ask for this information through e-mail.
- Do not e-mail personal or financial information, because e-mail is not a secure method to transmit personal information
- Review bank account statements and credit card statements as soon as you receive them to determine if there are any unauthorized charges
- Use anti-virus software on your computer and keep it updated. E-mails could contain viruses that can harm your computer or monitor your activities on the Internet
What is Vishing?
Vishing is also known as "voice phishing," vishing attacks attempt for you to provide personally identifiable information either over the phone or by using the phones Internet browser. Vishing schemes involving a phone call are often directed to an automated "bank" greeting that prompts the caller to provide credit card or bank numbers. Here is some advice on how to protect yourself:
- Be aware and suspicious of unknown callers asking for your personal information
- Don't trust your caller ID
- If someone is asking for your personal or financial information, ask them to identify who they work for so that you can check to see if they are legitimate
- Call them back - if its a bank or credit card company, call them back using the number that is on your bill or on your card
- Never provide credit card information or other private information to anyone who calls you
- Register your number with the FTC National Do Not Call Registry, even though criminals may ignore the list, a call from a supposed telemarketer might tip you off that it is a vishing attack
- For more information or to report an incident, visit the Federal Trade Commission
How To Report Fraud
Fraudulent emails and websites:
Contact the Federal Trade Commision Complaint Assistant
Lost or stolen checks and debit/ATM cards:
Customer Service 1-800-554-8969
Lost or stolen credit cards:
Contact Visa® 1-727-570-4881
Suspicious online transactions:
Contact Customer Service at 1-800-298-1775 or 559-298-1775
Banking Security
NEW Debit Card Security
Central Valley Community Bank is very excited to offer an enhancement to our fraud/security monitoring for our debit cards that came into effect Monday June 21, 2010. We have support monitoring unusual activity on your debit cards 24 hours a day, 7 days a week. An automated call will be initiated from our Fraud Detection Center to have you verify any unusual activity.
If you receive one of these automated calls, you will be asked to verify your account and the activity, but will not need to provide any identifying personal or financial information. If you have any questions regarding this upgrade, please contact Customer Service at 1-(800) 298-1775.
Internet Policy
To better serve legitimate Internet Banking customers, Central Valley Community Bank collects generic information about visitors to our website. This information includes the date and time of access, the Internet service provider's address, referring site information, the web browsers used, and the operating systems used. Again, this is generic information for our monitoring purposes, and cannot be traced to a specific user or machine.
Central Valley Community Bank requires customers to utilize specific passwords for access to confidential and private information. Central Valley Community Bank reminds customers of their responsibility to safeguard login IDs and passwords. In addition, commercial customers should carefully screen those employees to whom user IDs and passwords are granted.
Central Valley Community Bank utilizes encryption, firewall, router, third party verification procedures and other security software and hardware to help prevent unauthorized eavesdropping of and access to customers' confidential and private information.
Central Valley Community Bank utilizes virus protection software to help prevent the spread of computer viruses.
Central Valley Community Bank utilizes "cookies" to help authenticate our customers' identities and to help facilitate the exchange of information between Central Valley Community Bank systems and our customers' systems.
Central Valley Community Bank reminds all of its customers that links in the institution's websites can be found to websites not under our control. These websites will not necessarily comply with Central Valley Community Bank's "Privacy Principles" and security standards.
Central Valley Community Bank reminds all of its customers that confidential and private information may be compromised in both traditional and non-traditional banking activities. Central Valley Community Bank can only establish policies and procedures to help restrict use of and access to confidential and private information. If any Central Valley Community Bank customer believes that confidential and private information has been compromised, please contact Central Valley Community Bank immediately so that the potential breach can be investigated.
Consumer Privacy Policy
Protecting your privacy is important to Central Valley Community Bank and our employees. We want you to understand what information we collect, how we collect it and how we use it. In order to provide our customers with a broad range of financial products and services as effectively and conveniently as possible, we use technology to manage and maintain customer information. The following policy serves as a standard for all Central Valley Community Bank employees for collection, use, retention and security of nonpublic personal information.
Why We Collect Your Information:
We gather information about you and your accounts so we can, (i) deliver products and services tailored for your needs, (ii) know who you are and thereby prevent unauthorized access to your information, (iii) design and improve the products we offer, (iv) from time to time provide you with information regarding special offers on products and services, and (v) comply with laws and regulations that govern us.
What Information We Collect:
We collect "nonpublic personal information" about you from the following sources:
- Information we receive from you on applications or other forms;
- Information about your transactions with us, our affiliates or others; and
- Information we receive from a consumer reporting agency.
"Nonpublic personal information" is nonpublic information about you that we obtain in connection with providing a financial product or service to you. For example, nonpublic personal information includes information regarding your account balance, payment history, and overdraft history.
What Information We Disclose:
We are permitted under law to disclose nonpublic personal information about you to affiliates and "nonaffiliated third parties" in certain circumstances. For example, we may disclose nonpublic personal information about you to third parties to assist us in servicing your loan or account with us, to government entities in response to subpoenas, and credit bureaus. In addition, we may disclose all information that we collect, (as described above "Information We Collect") to companies that perform marketing services on our behalf or to other financial institutions with whom we have joint marketing agreements in order to provide our customers with additional products and services. We do not disclose any nonpublic information about you to anyone, except as permitted by law.
Closed or Inactive Accounts:
If you decide to close your account(s) or become an inactive customer, we will continue to adhere to the privacy policies and practices described in this notice.
Confidentiality and Security:
We restrict access to nonpublic personal information about you to those employees who need to know that information to provide products and services to you. We maintain physical, electronic, and procedural safeguards that comply with federal standards to guard your nonpublic personal information.
Keeping up-to-date with Our Privacy Policy:
Central Valley Community Bank will provide notice of our privacy policy annually, as long as you maintain an ongoing relationship with us. We may amend this privacy notice at any time, and we will inform you of changes as required by law. You can always review our current policy by stopping by one of our offices, or obtain a copy by calling 559-298-1775.
Limit Direct Marketing Solicitations:
Central Valley Community Bank wants you to know that there are two other ways to limit your mail and telephone solicitations from other parties. You can write or call to the following agencies:
Direct Marketing Association: The Direct Marketing Association (DMA) maintains a nationwide list that its members must check before conducting direct mail solicitations. If you are on the appropriate list, DMA members must exclude you from their solicitations. To add your information to the nationwide list, you may contact the agency below:
DMA Mail Preference Service
P.O. Box 643
Carmel, NY 10512
To remove your name from telemarketing solicitations contact:
FTC National Do Not Call Registry
1-888-382-1222
Credit Reporting Agencies:
If you would like to stop credit reporting agencies from disclosing your information to companies who want to offer you credit or other products, you can call 1-888-567-8688 and follow the instructions on the recorded message, go to the Opt Out Prescreen website, or write to the Credit Reporting Agencies listed below. Be sure to include your full name, current address, social security number and telephone number.
| Experian Consumer Opt-Out 901 West Bond Lincoln, NE 68521 |
Equifax, Inc. Options P.O. Box 740241 Atlanta, GA 30374 |
Trans Union LLC's Name Removal Option P.O. Box 505 Woodlyn, PA 19094 |
Security Alerts
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of a fraudulent e-mail that has the appearance of being sent from the FDIC. The subject line of the e-mails state: "you need to check your Bank Deposit Insurance Coverage." The e-mail tells recipients that, "You have received this message because you are a holder of a FDIC-insured bank account. Recently FDIC has officially named the bank you have opened your account with as a failed bank, thus, taking control of its assets." The e-mail then directs recipients to click on a link stating "You need to visit the official FDIC website and perform the following steps to check your Deposit Insurance Coverage." This e-mail and associated Web site are fraudulent. Recipients should consider the intent of this e-mail as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers and should not click on the link provided. The FDIC does not issue unsolicited e-mails to consumers. Financial institutions and consumers should NOT follow the link in the fraudulent e-mail. |
Recently, several Central Valley Community Bank customers notified the Bank they had received phone calls from individuals claiming to be representatives of our Bank. PLEASE be alerted these calls ARE NOT from Central Valley Community Bank or any of its affiliates. These individuals are using common techniques in an attempt to solicit personal, and or financial information from our customers for unlawful purposes. Should you receive such a call, please hang up and notify your local branch of the activity. At Central Valley Community Bank we take the privacy and security of your banking relationship very seriously and as a rule our Bank NEVER ASKS for personal or financial information.
NACHA Phishing Alert (11/12/2009) E-mail Claiming to be from NACHA
NACHA – The Electronic Payments Association has received reports that individuals and/or companies have received a fraudulent e-mail that has the appearance of having been sent from NACHA. See sample below.
The subject line of the e-mail states: “Rejected ACH Transaction.” The e-mail includes a link which redirects the individual to a fake web page which appears like the NACHA Web site and contains a link which is almost certainly executable virus with malware. Do not click on the link. Both the e-mail and the related Web site are fraudulent.
Be aware that phishing e-mails frequently have links to Web pages that host malicious code and software. Do not follow Web links in unsolicited e-mails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.
NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to individuals or organizations about individual ACH transactions that they originate or receive.
If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system. Always use anti-virus software and ensure that the virus signatures are automatically updated. Ensure that the computer operating systems and common software applications security patches are installed and current.
Be alert for different variations of fraudulent e-mails.
= = = = = Sample E-mail = = = = = =
From: nacha.org [mailto:report@nacha.org]
Sent: Thursday, November 12, 2009 10:25 AM
To: Doe, John
Subject: Rejected ACH transaction, please review the transaction report
Dear bank account holder,
The ACH transaction, recently initiated from your bank account, was rejected by the Electronic Payments Association. Please review the transaction report by clicking the link below:
Unauthorized ACH Transaction Report (this is the how the link is presented)Copyright ©2009 by NACHA - The Electronic Payments Association
For more information, click here.
