American Bank Online offers both personal and business deposit and loan accounts with online account access, competitive interest rates and other Internet services through our online banking product, pcbanker.com.
Friday, September 10, 2010  
Learn more about FDIC's Transaction Account Guarantee Program

ABOUT SSL CERTIFICATES
Security

FORMS OF IDENTITY THEFT

According to the Federal Trade Commission (FTC), identity theft is the largest consumer crime year after year. Below is some additional information about the common ways that identity thieves attempt to obtain your personal information. We hope that this information will assist you in protecting yourself from becoming a victim of identity theft.

Phishing

In a phishing scam, you receive an e-mail that appears to come from a reputable company that you recognize and do business with, such as your bank, a retailer or a government agency. The e-mail will probably employ scare tactics and warn you of a serious problem that requires your immediate attention. It may use phrases, such as “Immediate attention required,” or “Please contact us immediately about your account." The e-mail will then encourage you to click on a link or button to go to the institution’s Web site. When you are targeted by a phishing attempt, you could be redirected to a phony Web site that may look exactly like the real thing. Sometimes, in fact, it may be the company’s actual Web site. In those cases, a pop-up window will quickly appear for the purpose of harvesting your financial information. In either case, you may be asked to update your account information or to provide information for verification purposes: your Social Security number, your account number, your password, or the information you use to verify your identity when speaking to a real financial institution, such as your mother’s maiden name or your place of birth. If you provide the requested information, you may find yourself the victim of identity theft.

Here are some additional warning signs within the phishing attempts you can be looking for in order to protect yourself:
  • The e-mails are well-designed, using appropriate language and real company logos to make them look authentic.
  • The e-mails try to fool you with an address “spoof” – the e-mail address looks like one from a real company but it conceals a scammer’s address.
  • The e-mail is not addressed to you by name but with a generic greeting.
  • The e-mail offers forms to fill out with your personal financial information.
It is also important to note that there are also specific types of phishing that are becoming more prevalent with identity thieves. Here is some additional information about these specific types of phishing.
  • Spear Phishing are targeted phishing emails. In phishing, a large number of emails are sent and many recipients have no relationship with the supposed source. Spear phishing, on the other hand, is targeted and may be sent to just customers of a bank, or employees in a department. The email may appear to be from the bank, or from Human Resources, as examples. One variant of spear phishing is Whaling, which is an attack targeted to executives such as the CEO, CIO, COO, etc. (the "big phish" in an organization).
  • In-Session Phishing interrupts a web browsing session with a pop-up window. You see the pop-up and believe it is associated with the site you are on. Of course you are asked to re-enter confidential personal information. If you have infected computers, entering a username and password on an Internet banking site would trigger the pop-up window, sending the data to the thieves.
Skimming

It is important to remember that despite the convenience and popularity of debit cards, there is a risk of fraud. It is just as important to protect your debit card as you would protect cash, credit cards and checks. In fact, debit cards are subject to a unique threat, called "skimming" which occurs when thieves set up a device that captures the magnetic stripe and keypad information from automated teller machines and gas pumps. To avoid becoming a victim of debit card fraud, consider these tips:
  • Check your bank statements immediately. Make sure all payments are yours.
  • Periodically check your account balance and transactions, by using online banking, calling the bank or printing interim statements at the ATM.
  • Contact your bank immediately if your card is lost, stolen or subject to fraudulent use.
  • Keep a record of card numbers, PINs, expiration dates and 1-800 numbers for banks so you can contact the issuing bank easily in cases of theft.
  • Memorize your PIN number. Do not use your birth date, address, phone number of Social Security Number.
  • Never store your PIN with your card, and do not make it available to others.
  • Keep your receipts. You'll need them to check your statement. If they have your account number on them, tear up or shred receipts before throwing them away.
  • Mark through any blank spaces on debit slips, including the tip line at restaurants, so the total amount cannot be changed.
  • Know your limits. Many issuers limit daily purchases and withdrawals for your protection.
  • Don't use an ATM if anything about it looks suspicious. It could be fitted with a skimming device.
  • Be wary of those trying to help you, especially when an ATM "eats" your card. Such people may be trying to steal your card number and PIN.
  • Don't give your PIN to anyone over the phone. Thieves steal the cards and then call the victim for their PIN, sometimes claiming to be law enforcement or the issuing bank.
Vishing

“Vishing” – a combination of “voice” and “phishing,” refers to the use of Voice over IP to launch attempts to separate unsuspecting customers from their personal information. Vishing is just one of an array of clever and devious social engineering techniques the crooks are using to steal customer credentials and account information. The callers use social engineering techniques to prey upon consumers’ trust of telephone-based alerts from institutions. And because they are computer-based, the vishing attempts are difficult for legal authorities to monitor or trace.

This is how vishing works: you receive a phone call complete with a spoofed caller ID name appearing on the telephone’s screen with a message reporting some problem with your account, such as your Visa check card has been canceled, and requesting you contact a telephone number immediately. When you call the telephone number (which has been diverted to a fake call center), a recorded message will ask you to verify your identity and account information, something like: "This is account verification. Please enter your 16 digit account number, expiration date, CCV number, and PIN ". If you answer these questions, the cyber-criminals will now have your credit or ATM card information and (of course) your money.

Smishing

Another growing type of phishing is called SMiShing. SMiShing is a type of social engineering that uses cell phone text messages to persuade victims to provide personal information such as card numbers and PINs. Instead of having to go to the trouble to recreate the look of official emails, the text message may contain either a website address or more commonly, a phone number that connects to an automated voice response system, which then requests personal information.  You can protect yourself and your personal information in the following ways:
  • Remember, American Bank will never request personal information via email or text message.  While American Bank may ask you for personal information to confirm identification such as customer name, date of birth and/or last four digits of a social security number, we will never request credit or debit card information such as CVV2 or a PIN.
  • If you are in doubt about the legitimacy of a message, type American Bank's URL (www.pcbanker.com) into your web browser or call an official number from our website or from other documents obtained directly from American Bank. Do not rely on anything from these text messages.
  • Use phishing filters in your personal email account.
Pharming

Pharming is the use of a fraudulent or spoofed website that appears to be one of a legitimate business, to obtain and record user logon information and other confidential personal information. Domain Name Servers (DNS) can be hacked, redirecting web traffic from a legitimate site to the spoofed site. A phishing email may also link to the pharmed website.

Always remember – the companies (Banks, Hospitals, Credit Cards, Utilities, Merchants, etc.) that already have your financial information should never ask for it in this manner.

Remember, American Bank will NEVER ask you to verify your sensitive financial information through unsolicited e-mails or telephone calls. If you have received one of these e-mails, telephone calls or have had any other form of unsolicited contact from individuals seeking personal information about your accounts or suspect fraudulent activity concerning your American Bank account, please contact us directly at 888-366-6622, send us an e-mail at service@pcbanker.com or send a secured message when you are signed on to your accounts through pcbanker.

Click here to learn more about how you can protect yourself from identity theft.
Apply Online for a Loan
Apply Online for a Deposit Account
Financial Calculators and Educators
    Privacy Policy  /  Security  /  Disclosures  /  Site Map    
service@pcbanker.com  /  888.366.6622 / Telephone Banker: 888.960.5050
Headquarters: 4029 West Tilghman Street, Allentown, PA 18104
Copyright © 2010 American Bank. All Rights Reserved.
This page was retrieved at 6:44:07 AM on September 10, 2010