Security Center

Lost or stolen access device

Report a lost or stolen First Community Bank of Mercersburg Debit or ATM card - call 1-800-472-3272

Report a lost or stolen First Community Bank of Mercersburg Elan Visa credit card- call 1-866-234-4691

Cyber Security Awareness

October is National Cyber Security Awareness Month. This link will take you to the Federal Trade Commission website where you can view videos to help keep you safe while browsing the web.

Tax Identity Theft Awareness — Are You Ready?

Ready for tax season? If you haven’t heard about tax identity theft, you may not be.

Tax identity theft happens when someone files a phony tax return using your personal information — like your Social Security number — to get a tax refund from the IRS. It also can happen when someone uses your Social Security number to get a job or claims your child as a dependent on a tax return. Tax identity theft has been the most common form of identity theft reported to the Federal Trade Commission (FTC) for the past five years.

Tax identity thieves get your personal information in a number of ways. For example:

·        someone goes through your trash or steals mail from your home or car

·        imposters send phony emails that look like they’re from the IRS and ask for personal information

·        employees at hospitals, nursing homes, banks, and other businesses steal your information

·        phony or dishonest tax preparers misuse their clients’ information or pass it along to identity thieves

So what can you do about it? To lessen the chance you’ll be a victim: 

·        file your tax return early in the tax season, if you can, before identity thieves do

·        use a secure internet connection if you file electronically. Don’t use unsecure, publicly available Wi-Fi hotspots at places like coffee shops or a hotel  lobby

 ·        mail your tax return directly from the post office

 ·        shred copies of your tax return, drafts, or calculation sheets you no longer need

 ·        respond to all mail from the IRS as soon as possible

 ·        know the IRS won’t contact you by email, text, or social media. If the IRS needs information, it will first contact you by mail.

 ·        don’t give out your Social Security number (SSN) or Medicare number unless necessary. Ask why it’s needed, how it’s going to be used, and how it will be stored.

 ·        get recommendations and research a tax preparer thoroughly before you hand over personal information

 ·        if your SSN has been compromised, contact the IRS ID Theft Protection Specialized Unit at 800-908-4490

 ·        check your credit report at least once a year for free at annualcreditreport.com to make sure no other accounts have been opened in your name

What if you are a victim? Tax identity theft victims typically find out about the crime when they get a letter from the IRS saying that more than one tax return was filed in their name, or IRS records show they received wages from an employer they don’t know. If you get a letter like this, don’t panic. Contact the IRS Identity Protection Specialized Unit at 800-908-4490.  Visit IdentityTheft.gov, the federal government’s one-stop resource to help you report and recover from identity theft. You can report identity theft, get step-by-step advice, sample letters, and your FTC Identity Theft Affidavit. These resources will help you fix problems caused by the theft.

More information about tax identity theft is available from the FTC at ftc.gov/taxidtheft and the IRS at irs.gov/identitytheft.

Unfortunately, tax identity theft isn’t the only way scammers are targeting taxpayers. The FTC has gotten thousands of complaints about IRS imposters who claim people owe unpaid taxes and will be arrested if they don’t pay up. They may know all or part of your Social Security number, and rig caller ID to make it look like it’s really the IRS calling. Before you can investigate, you’re told to put the money on a prepaid debit card and tell them the number — something no government agency would ask you to do.

If you owe — or think you owe — federal taxes, call the IRS at 800-829-1040 or go to irs.gov. IRS workers can help you with your payment questions. The IRS doesn’t ask people to pay with prepaid debit cards or wire transfers, and doesn’t ask for credit card numbers over the phone. When the IRS contacts people about unpaid taxes, they usually do it by postal mail, not by phone. Report IRS imposter scams to the Treasury Inspector General for Tax Administration (TIGTA) online or at 800-366-4484, and to the FTC at ftc.gov/complaint.

Please be aware of fraudulent phone calls.

Fraudulent calls are being received instructing customers that their account is frozen and information must be verified. Customers are being instructed to contact 1-877-xxx-xxxx. Upon returning the call, the customer is then instructed to provide their 16-digit debit card number. Under no circumstances, should you disclose your FULL account number, FULL debit card number or social security number.

First Community Bank of Mercersburg does work with a fraud analysis company. You may, on occasion receive a phone call from First Community Bank of Mercersburg to verify the legitimacy of a transaction, but you will never be asked to disclose your full account number, card number or social security number. If you should receive a call from our bank but you don’t feel comfortable disclosing information with the Call Center, please contact your local branch immediately.

If you have fallen victim to this scam, please contact our Customer Service immediately at 1-717-328-3121 or your local branch office.

Easy Ways to Keep Your Online Life Safe.

With work, school, social media, gaming, mobile devices, and more people are online for almost every part of their day. Connecting to the Internet to do a variety of tasks has become second nature, so much that people can forget about the risks of leading such digital lives. To protect yourself, follow these simple tips from the Stop.Think.Connect. Campaign™:

1. Keep your private information private. Avoid sharing your full name, address, telephone number, and other personal information when online. Frequently check a website’s privacy options to ensure you have enabled the highest level of privacy as options may get updated or changed completely.

2. Consider what you share. Have a fun weekend? You may want to share your pictures on social media, but remember it’s not just your friends who are looking. Employers, future employers, schools, and peers may be able to see what you post – including pictures, tweets, opinions, and even events you attended – and may use this information to decide whether or not to hire or admit you.  Your sharing choices now can impact your future.

3. Take care when connecting. Although it’s great to network and connect with others, be careful who you befriend. Simply because someone with mutual friends wants to add you on a website or app does not mean they are trustworthy. Only add people you personally know and have met before on your personal pages. Think about the information you share online about yourself or your family and if you really want a person you don’t know well seeing that information too.

4. Set strong passwords. Setting strong passwords that are long, unique and hard to guess is one of the most important things you can do to protect your online accounts. Changing passwords regularly, and using different passwords for different accounts, goes a long way to protecting your online information.

The FBI has released an article addressing ransomware campaigns that use intimidating messages claiming to be from the FBI or other government agencies. Scam operators use ransomware – a type of malicious software – to infect a computer and restrict access to it until a ransom is paid to unlock it.  Users are encouraged to review the FBI article "Ransomware on the Rise" for details

Tax identity theft awareness week is January 26, 2015 - January 30, 2015, please visit the Federal Trade Commission website for more information.  See also current Imposter scams that are on the rise.

Password Hints

Five passwords you should never use

             o   Password - common password don't use it
             o   Letmein - Recommend that you use passphrases that are memorable.  Just don't use this one. It ranks high on several lists of the most-used passwords.
             o   Monkey - this is very common and it is too short.
             o   Don't use any passwords that are easily guessed, this includes your name, children's name, spouse's name, Date of Birth, address, etc.
             o   12345678 - avoid any sequence of numbers or letters this is easily guessed

  • Don't use the same password for multiple sites. Cybercriminals can steal passwords from websites that have poor security and then use those same passwords to target more secure environments, such as banking sites.
  • Change your passwords frequently.
  • Use strong passwords - these should be no less than 8 characters and  include capitals, special characters and numbers.  The longer the password the harder it is to guess or use algorithms to guess.

Technology Safety

The Internet = A World of Opportunities

Look what's at your fingertips

  • A way to communicate with friends, family, colleagues
  • Access to information and entertainment
  • A means to learn, meet people and explore

Online Security Versus Online Safety

Security

We must secure our computers with technology in the same way that we secure the doors to our offices

Safety

We must act in ways that protect us against the risks and threats that come with Internet use

Primary Online Risks and Threats

To PC Security

To Personal Information

Viruses

Online fraud and phishing

Worms

Hoaxes

Trojan Horses

Identity theft

Spyware

Spam

Primary Threats to Computer Security

Viruses/Worms

Software programs designed to invade your computer, and copy, damage or delete your data

Trojan Horses

Viruses that pretend to be programs that help you while destroying your data and damaging your computer

Spyware

Software that secretly watches and records your online activities or sends you endless pop-up ads

Primary Threats to Personal Online Safety

Spam

Unwanted e-mail, instant messages, and other online communication

Phishing

Fraudulent e-mails, appearing to be from a trusted source such as your bank, or a government agency, direct you to websites. Once there, you are asked to verify personal information such as name, account and credit card numbers and passwords. These sites are often designed to look exactly like the site they are imitating.

Never click on the e-mail link that is provided, type in the known URL.

Before submitting any financial information look for the "lock" icon on the browser status bar or look for "https" in the web address.

Your bank does not need to call you for personal information such as username, or passwords.

Identity Theft

A crime where con artists get your personal information and access your cash and/or credit

Hoaxes

E-mail sent by online criminals to trick you into giving them money

Spoofing

Web spoofing allows an attacker to create a "shadow copy" of any legitimate website. Access to the shadow website is funneled through the attacker's machine, allowing the attacker to monitor all of the victims activities, including any passwords or account numbers the victim enters. Phishing and spoofing often go hand-in-hand in Internet fraud.

Be aware of all unsolicited or unexpected e-mails from all sources.

If an unsolicited e-mail arrives, treat it as you would a phishing source.

Steps You Can Take

Your computer

Turn on an Internet firewall.

Keep your operating system up to date.

Install and maintain antivirus software.

Install and maintain antispyware software.

Yourself

Practice Internet behavior that lowers your risk.

Manage your personal information carefully.

Use anti-phishing and anti-spam technology built into Windows 8, Windows 7, Windows Vista, Windows XP, SP2, Windows Live, Microsoft Outlook.

Four Steps to Protect Your Computer

Turn on an Internet Firewall

An Internet firewall is like a moat around a castle, creating a barrier between your computer and the Internet

Keep Your Operating System Up-to-date

Install all security updates as soon as they are available. Automatic updates provide the best protection.

Install and Maintain Antivirus Software

Antivirus software can detect and destroy computer viruses before they can cause damage. Just like flu shots, for antivirus software to be effective, you must keep it up to date, don't let it expire.

Install and Maintain Antispyware Software

Use antispyware software so unknown software cannot track your online activity and potentially steal your information.

Other Ways to Protect Your PC

Back Up Your Files

Save to external device regularly
Use a Web-based backup service

Think Before You Click

Don't open e-mail attachments unless you know what they contain and who sent them.
Only download files from websites you trust.

Read Privacy Statements

Understand what you are getting before you agree to download or share your personal information.

Close Pop-ups Using the Red "X"

Always use the red "X" in the corner of a pop-up screen. Never click "Yes," "Accept," "No," or "Cancel" because it could be a trick that installs software on your computer.

Take Steps to Help Protect Your Personal Information

Practice Internet Behaviors that Help Reduce Your Risk

Delete spam, don't open.
Be on the lookout for online scams.
Use strong passwords.

Manage Personal Information Carefully

Do not share personal information in e-mail or instant messages.
Use only secure and trusted Web sites. Make sure you are where you think you are: Web sites can be faked.
Avoid financial transactions over wireless networks.
When in public, stay private.

Use Anti-Phishing and Anti-Spam Technology

Most e-mail providers and many e-mail programs contain Spam Filters. Many browsers include Phishing Filters to help identify and block suspicious sites.

Protect Your Identity

Ways Thieves Steal Your Information:

Stealing your purse or wallet looking for driver's license, medical insurance card, credit cards or other items that reflect personal information.

Stealing personal mail looking for bank statements, credit card statements, checks and other items that reflect personal information.

Dumpster diving by going through your trash cans in search of personal information.

Tricking you into providing personal information via email, mail, or phone

Posing as someone else or by misusing the name of a legitimate business to obtain personal information

Eavesdropping and shoulder surfing by listening to private conversations or watching over your shoulder while entering your PIN number or revealing personal information.

Skimming by running an unsuspecting customer's credit card through a bogus reader designed to copy the card number.

Pretexting, phishing, scamming, and spoofing thieves pretending to be from businesses with a seemingly good reason for needing your social security number and/or mother's maiden name.

Family theft relatives who have access to your financial records, social security number, etc.

Corporate data theft thieves hacking their way into corporate and banking databases, and steal physical files.  One method to gain access to account information, thieves will often fill out a change of address form in the victim's name.

Ways To Prevent Your Information From Being Stolen:

Review your credit report periodically. To order call 1-800-322-8228 or go to website annualcreditreport.com

Read your bank, credit card or other statements for mistakes. Contact the business immediately when mistakes are detected or mail has not been received.

Shred documents that contain account or personal information.

Monitor and be alert for emails, texts, mail or phone calls requesting personal information.

Change passwords periodically. When changing or creating a password use a combination of alpha, numerical and special characters.

Look for websites that begin with "https" when buying on line. Encryption is used to help protect your financial information.

Install anti-virus and anti-spyware software on your computer for added protection.

What To Do If Your Identity Has Been Stolen:

Contact a nationwide credit reporting company and request a fraud alert to be placed on your credit report.

Equifax 1-800-525-6285

Experian 1-888-397-3742

TransUnion 1-800-680-7289

Order your credit report and review for signs of fraud.

File a complaint with the FTC at ftc.gov/complaint or call 1-877-438-4338 and contact your local police department.

 

If you have any security questions or concerns, please contact us at 717-328-3121 or 877-328-3121.