Protect Yourself from Fraud
Social Engineering 101
Social engineering is when a scammer uses tools to manipulate people into performing actions or giving personal information such as passwords, bank information and other personal data to commit fraud. It relies heavily on human interaction and trust, and often involves tricking people into breaching normal security procedures.
The primary methods of social engineering include email (phishing), text (SMishing), and phone (Vishing). Here's how you can protect yourself.
How to Spot FraudFraudsters are increasingly using email, text messaging and phone calls to gain access to your personal information. Be diligent when you receive any communication that asks you to provide personal information. Key indicators that a communication is not from CommunityAmerica:
- Obvious grammar and spelling mistakes.
- It’s asking you to take urgent action.
- Contains a link which is asking for personal information.
- CommunityAmerica is spelled as two words rather than one.
Take Steps to Protect YourselfCommunityAmerica also recommends the following strategies to help keep your personal information safe from online security risks, scams and breaches:
- Use Caution Opening Emails and Texts: Be vigilant when receiving and opening email or text messages. Delete emails and texts from unknown sources and do not click or open any attachments in emails or texts that seem suspicious.
- Verify Incoming Calls: Our representatives will always identify themselves when calling members. We will never call, text or email to ask you for:
- Username & password
- Debit or credit card number
- PIN Authorization Codes
- CVV/Security Code
- Create Strong Passwords: Your passwords are key to protecting your identity online. Once a cybercriminal has your password, they will have unlimited access to your personal information and the ability to inflict untold damage to your wallet and reputation. Strong passwords should be easy for you to remember, but difficult for others to guess. There are several ways you can increase your password strength, including:
- Add Length – Longer passwords are more difficult to crack.
- Mix It Up – Combine mixed case letters, numbers and special characters in each of your passwords. Note that common substitutions, like using $ for S, are used so frequently they are easier for hackers to guess.
- Be Unpredictable – Avoid using common words or personal details. Choose words that are hard to guess.
- Avoid Repetition – Do not use the same password across multiple accounts. That way, if one password is stolen, it cannot be used elsewhere. If you must reuse passwords, do so only for accounts that have little importance.
- Use a Passphrase – Instead of a password, consider using a passphrase. Phrases are longer than words, and the added length increases complexity and makes it more difficult to crack. You might use a phrase you were taught from your youth, such as a favorite movie quote (Example: ETphonehome) or a song lyric (Example: TakeMeHomeCountyRoad), or an original phrase you can easily remember (Example: KCChiefsAreSuperBowlChamps).
- Review Your Credit: Request a copy of your credit report from annualcreditreport.com. You can get a free copy of your credit report every year. This gives you the opportunity to review for any errors and check for any suspicious or fraudulent behavior.
- Review Your Accounts: Online Banking and the Mobile App are great tools to use to help keep an eye on your account activity on a regular basis. Report anything that looks fraudulent as soon as possible.
- Always Sign Out of Your Account: Remember to always sign out when you are finished accessing your accounts or any time you’re going to be away from your computer for an extended period of time. Closing your browser entirely can also be a good way of preventing others from accessing your information. This is especially important anytime you use a public computer.
- Set up Notification Alerts: Take advantage of security options to receive email and/or text message notifications of key activity on your bank accounts and credit cards.
- Clear Your Browser Cache: Browsers generally cache, meaning they store some information, such as images, on your device to make the browsing process faster the next time you visit a site. While caching does improve browsing speed, it can potentially leave you more vulnerable to hackers. By clearing your cache after visiting secure sites, you reduce the risk of exposing confidential information stored locally.
- Enable Multi-Factor Authentication: When available, take advantage of this additional level of security that authenticates you as the account owner using a one-time use code sent via text/email, a code-generating fob or app, or biometrics (fingerprint scan, face/voice recognition, etc.).
- Password Protect Your Devices: Enable the password feature on your cellphone, laptop, Kindle, iPad or any electronic devices that contain personal information about you – including phone numbers, addresses or banking information. If your password-protected device is lost or stolen, your personal information will not be immediately accessible to others.
- Be Leery of Generalities: If phone calls or emails are general in nature, be cautious. Scammers often hope if they claim a general problem, receivers will assume the communication is legitimate and provide their account information.
- Pay and Receive Money Only with People You Know: Many online and mobile banking tools allow you to send and receive payments to and from others. If you don’t know the recipient, you shouldn’t use online or mobile banking to make a payment. These transactions are risky, similar to how sending cash to a person you don’t know is risky. You should exclusively send digital payments to friends, family or other people you trust.
- Ask Questions: If you’re unsure if a call is from CommunityAmerica, you can ask the caller if you can call them back. It’s not for you to verify yourself to someone who call you, the responsibility lies with the caller. Don’t be afraid to ask them questions. This could prompt them to hang up. If you’re still not sure, it’s better to be safe - simply hang up and call us directly at 913.905.7000
If you receive a call that you feel is fraudulent, hang up immediately and contact CommunityAmerica at 913.905.7000.