February 10, 2017
Debit Card Security
With the increasing frequency of fraudulent activity, it is important to know how debit cards could be compromised and steps to protect your debit card.
How is cardholder information compromised?
There are a number of ways that cardholder information may be compromised:
Skimming is the theft of debit card information used in an otherwise legitimate transaction. Skimming is typically an “inside job” by a dishonest employee of a legitimate merchant. The employee may photocopy sales receipts that contain a customer’s card information or may use a small electronic device known as a “skimmer” to swipe and store hundreds of debit card numbers
Hacking is the fraudulent intrusion into a merchant’s computer or computer network which has stored a customer’s debit card information from a previously conducted, legitimate transaction
Sniffing involves electronically intercepting debit card information in its unencrypted state, usually during the transmission phase between the merchant and the third-party vendor the merchant uses to obtain card authorizations
Phishing represents the fraudulent acquisition of a customer’s debit card number through an e-mail purporting to be from a trustworthy source
SMishing is phishing via text message
Vishing is phishing that takes place in a telephone call
How can I protect myself?
Here are some tips to help protect you from card skimming or becoming the victim of a phishing/SMishing/vishing attack:
1. Don’t let your card out of your sight. Watch carefully anyone who handles your card
2. Regularly check your bank statements to ensure that all debit card purchases were authorized by you
3. Don’t swipe your card through any card reader that appears suspicious or shows evidence of possible tampering
1. Never click on a link to an Internet address contained in an e-mail. Type the URL into your web browser yourself or use a bookmark that you have previously created
2. Utilize anti-virus software that contains anti-spam and spyware detection features; and keep it up to date. Only conduct financial transactions on secure websites, or URL’s that start with “https” instead of just “http”
1. Don’t respond. Don’t call any numbers listed in the text message or click on any links to an Internet address
2. Remember, legitimate financial institutions don’t send text messages to their customers requesting personal or financial information
1. Be suspicious of unknown callers, especially those who ask for personal or financial information
2. Call them back. Use the phone number shown on your card or your statement, NOT a number the caller provides to you
3. Register your telephone number with the National Do Not Call Registry at www.donotcall.gov
Passwords Can Protect You Against Pretext Calling Fraud
(Please remember that CSB will never solicit information from you via phone or email.)
As criminals become more skilled at obtaining personal information, it is important to safeguard your biographical data. Pretext callers contact Bank employees, posing as customers, in an attempt to access personal account information and status. He/she will often have the correct biographical information (name, address, phone number, date of birth, social security number) of the true account holder, having obtained this biographical information from public resources, proprietary investigative databases and/or identity theft.
How to Avoid Pretext Calling Fraud
CSB has a security program in place and our staff is trained on pretext call prevention. However, you can help us. Please take time to visit with your Personal Banker and place authorization codes or passwords on your account(s). These passwords and other identifying information are used by the Bank before any release of information in-person, by phone, fax or other telecommunication device.
When you add passwords to your credit card, bank and phone accounts, avoid using easily available information like your mother's maiden name, your birth date, the last four digits of your SSN or your phone number, or a series of consecutive numbers.
If You Believe You Have Been a Victim
Contact the fraud department of each of the three major credit bureaus to report the identity theft and request that the credit bureaus place a fraud alert and a victim's statement in your file. The fraud alert puts creditors on notice that you have been the victim of fraud, and the victim's statement asks them not to open additional accounts without first contacting you.
The following three telephone numbers for the fraud departments of the three national credit bureaus are:
- Trans Union: 1-800-680-7289
- Equifax: 1-800-525-6285
- Experian: 1-888-397-3742
You may request an initial fraud alert online:
- Equifax – https://www.alerts.equifax.com
- Experian – http://www.experian.com/fraud
You may request a free copy of your credit report at annualcreditreport.com. Consistently review your credit report.
Contact Community State Bank’s security officer and/or other creditors where you have accounts that may have been the subject of identity theft.
File a report with your local police department.
Free Trials Aren't Really "Free"
A popular way to get consumers to buy products is a free trial offer. The problem? These free trials are not really free. Companies promote a wide variety of products that range from diet pills to teeth whiteners. They promise a "free" trial of their product and all you have to do is pay for shipping. They ask you to provide your credit card or debit card to "receive" the sample.
Hidden deep in their long and complicated fine print is the provision that if you do not cancel within a certain amount of time, usually about 2 weeks to thirty days, you will be automatically signed up for monthly deliveries and they will continue to charge your debit card a monthly fee. Trying to stop these charges is extremely difficult. The trial period does not begin from the time you receive the product, but from the second you place the order for the “free” sample. Because you willingly turn over your card information, you are consenting to let the company charge your card, and therefore, the Bank cannot dispute the charge for you.
So, before you take part in a free trial offer, read the fine print. Ask yourself if the proverbial saying, “If it is too good to be true, it probably is … ” applies to the “free” trial offer you are considering.