What Is Identity Theft?
Identity theft is the fraudulent use of your personal information. Typically your Social Security number (SSN) or bank account number is stolen and used to commit fraud or theft. The thief can then use this information to apply for loans and credit cards, access your bank account, buy cell phones and rent an apartment. In the worse-case scenario, a thief could apply for a job or commit a crime under your identity.
The most recent Federal Trade Commission (FTC) data indicates that identity theft affects nearly 400,000 people in the United States each year. A victim of identity theft can spend several thousand dollars and hundreds of hours trying to clean up the mess made of their good name and credit. For more information about Identity Theft, visit the FTC website at http://www.identitytheft.gov/*
There are various methods that thieves can steal your information. It may be high-tech or low-tech by rummaging through trash or hacking into your personal computer. Some examples that an identity thief might look for are:
- Purses, wallets, briefcases, and other personal belongings in public places, at work or as part of a burglary.
Mail theft - credit card statements, checks, tax information, pre-approved credit card offers, bank statements, etc.
Personal information from your home or home computer.
- Third parties - files from offices where you are a customer, employee, patient or student.
- Phishing - emails containing links to bank sites or government sites that entice you to enter in your user ID, password, SSN, etc.
Keylogging is a method by which fraudsters record your actual keystrokes and mouse clicks. Keyloggers are "Trojan" software programs that target your computer's operating system (Windows, Mac Os, etc.) and are "installed" via a virus. These can be particularly dangerous because the fraudster has captured your user ID and password, account number, Social Security Number - basically anything you type as you type it. If you are like most other users and have the same ID and PIN/Password for many different online accounts, you've essentially granted the fraudster access to any company with whom you conduct business. After all, they've got your login credentials so they appear to be a valid user.
Here are some ways you can prevent yourself from being a victim of keystroke logging:
- Use Anti-Virus Software. This is the single most important thing you can do to protect your computer from viruses. There are many on the market today - some cost money while others are free. If you opt to use a free version, make sure it is being offered by a reputable company and do research on the company and its product before installing.
- Keep your Operating System up-to-date with the latest security patches.
Phishing is a scam where Internet fraudsters request personal information from users online. These requests are most commonly in the form of an email from an organization with which you may or may not do business. In many cases, the email has been made to look exactly like a legitimate organization's email would appear complete with company logos and other convincing information. The email usually states that the company needs you to update your personal information or that your account is about to become inactive, all in an effort to get you to click the link to a site that only looks like the real thing. If you click on the link to go to the phony website and enter all of your information, you've just been the victim of a phishing attack. The fraudsters have just captured all the necessary information to access your accounts online. No reputable business will ever email you requesting that you update your personal information, including account numbers, system passwords or Social Security Numbers via a link to their site.
Follow these guidelines to protect yourself from phishing scams:
- Never click on a link from a business requesting that you provide them with personal information.
- Pay close attention to the URL (Internet address) behind the link. Often in phishing attempts, if you hover the cursor over the link the fraudsters want you to click on, it has nothing to do with the actual company they claim to be.
- Verify your watermark or personal image each online access. Do not log in unless you see the correct image on the screen.
- Report any phishing attempts to the online business that is being targeted and report any Century Bank phishing attempts by calling 505-424-2888.
If you are unsure that the request is valid, open a new Internet session and manually key in the business' web address. If the business genuinely needs information from you, they will have you log in to your online account to see the request. In most cases, you'll just be greeted with a message indicating that the business will never email you requesting personal information.
Now that you understand how identity theft can happen, the following guidelines will assist you in lowering your chances that it will happen to you.
- Order a copy of your credit report from each of the three major credit bureaus once year to ensure they are accurate. You may receive a free report on an annual basis at http://www.annualcreditreport.com
- New Mexico allows you to place a freeze on your credit report. Click here for more information.
- Utilize the services of companies that offer proactive identity theft monitoring.
- Remove your name from pre-approved credit card offers by calling (888) 5-OPT OUT. Note: You will be asked to provide your SSN which the consumer reporting companies need to match you with your file.
- Protect your PINs and other passwords that allow you to access your credit cards, ATM cards and financial information. Avoid using easily available information like your mother's maiden name, your birth date, the last four digits of your SSN, your phone number, etc.
- Change your passwords often. Even if the online account doesn't require it, it is a good practice to change your passwords at least every six months.
- Don't use the same ID and PIN/Password for every online account you have.
- If accessing information via a wireless network, ensure that the network is secure. Accessing sensitive information (or any website) over a non-secure network simply leaves the door open for criminals. Even if you are not visiting a site where you enter an ID and password, you are still leaving your computer exposed to possible threats.
- Never provide your personal information, including account information, passwords, etc., in response to an unsolicited request, whether it is over the phone or on the Internet.
- Email is not a secure method of sending information. Do not include confidential information (account numbers, SSN, financial information, PIN/Passwords) in your emails or email attachments.
- Secure personal information in your home, especially if you have roommates, employ outside help, or are having work done in your home. Store personal information in a safe place and tear up or shred old credit card receipts, ATM receipts, old check and bank account statements, and unused credit card offers before throwing them away.
- Where available, arrange to receive your account statements online instead of on paper.
- Review your account statements on a regular basis, and use online or phone balance and transaction review features. These are among the best ways to watch for fraudulent activity on all of your financial accounts.
- Ask about information security procedures in your workplace or at businesses, doctor's offices or other institutions that collect your personally identifying information.
- Find out who has access to your personal information and verify that it is handled securely, and ask about the disposal procedures for those records as well.
- Don't carry your SSN card - leave it in a secure place.
- Keep your personal computer safe by installing firewall, virus and spyware detection software.
Identity Theft can happen even if you think that you have done all you can to protect yourself. If you suspect your personal information has been misused to commit fraud or theft, take action immediately. Here are some basic steps to take to protect against further damage:
- Contact the fraud departments of each of the three major credit bureaus to report that you are an identity theft victim. Request that a "fraud alert" be placed on your file and that no new credit be granted without your approval. Please see the resources section for a listing of the credit bureau numbers.
- If you believe your accounts have been tampered with or fraudulent accounts have been opened in your name, close these accounts immediately. If you have a Century Bank account with unauthorized credit or debit activity please contact us at 505-424-2888 immediately. To initiate a search for Century Bank accounts created through identity theft, please complete the FTC Identity Theft Affidavit and bring it to any one of our branches.
- File a police report with the local police department or with the police department in the area where the identity theft took place. Ask for a copy of the police report; often credit card companies and others will need proof of the crime to erase the debts caused by identity theft.
- New Mexico allows you to place a freeze on your credit report. Click here for more information.
- Report Internet fraud to IC3, a partnership between the FBI, National White Collar Crime Center and the Bureau of Justice Assistance. Click here to file complaint.
Identity Theft Resources
Federal Trade Commission
To report fraud, call: 800-525-6285 and
write: P.O. Box 740241, Atlanta, GA 30374-0241
To report fraud, call: 888-397-3742 and
write: P.O. Box 9532, Allen, TX 75013
To report fraud, call 800-680-7289 and email: firstname.lastname@example.org
or write: Fraud Victim Assistance Department, P.O. Box 6790, Fullerton, CA 92834-6790
Social Security number Theft and Misuse
Social Security Administration: http://www.ssa.gov
Postal Inspector http://postalinspectors.uspis.gov/
Federal Communications Commission http://www.fcc.gov
We understand the sensitive nature of your financial records, and that's why we make our online security practices a top priority. We have several measures in place that work together to create a safe environment for your financial information. Let's take a look at how we provide a high level of security protection.
Security at Century Bank
At Century Bank, we employ the latest computer technology to protect your data on all of our computers, including those used in supporting our Online Banking and Bill Pay system. We use Secure Sockets Layer (SSL) 128-bit technology, which encrypts data as it crosses the Internet. Your information also enters a security computer, called a firewall, which acts as a security guard for Internet traffic and ensures that your information is protected. You will know that your browser is in secure mode when the secured lock symbol at the bottom of the page is displayed and the URL address has a green background with the extended SSL. You can also view the cetificate. You must use a browser that can support 128-bit SSL such as Microsoft® Internet Explorer 7.0 or higher.
Security at Your Computer
The first step in preserving your identity is to take an active role in securing your personal information. It is recommended you access your account on a personal computer where no one else may have access to it without your permission.
Passwords and Password Protection
Access to your account is protected from unauthorized users by a password. Do not share your password with anyone. Century Bank will NEVER solicit you by phone or email to ask for your personal login details. You can change your password at any time by selecting Options from the Online Banking navigation bar, then Personal from the sub-menu. You can set up a password self reset by accessing Options and then entering in a password phrase and answer. If at any time you forget your password, contact Century Bank Customer Service at 505-424-2888 to reset it.
Select your password wisely. Do not select a word or number that is easy to guess. Century Bank requires that your password be between 8 and 25 characters in length, be alphanumeric and contain a special character. We discourage you from saving passwords in your computer when the option is available. For added security, your account will be locked out after three invalid password attempts.
Automatic Sign Off
In the event you forget or are unable to Log Out, Century Bank will automatically end your Online Banking session after no activity for ten minutes. You will be given a warning to continue your session, but if you do not continue your session your current connection will end. Always remember to click Log Out and close your browser when you are finished with your Online Banking session.
Century Bank added state of the art online security features that will enable you to recognize that you are logged on to Century Bank's web site and not a fraudulent site. These enhancements will also further protect against unauthorized access to your online account.
When accessing Online Banking for the first time, a separate page for entering your password will appear. To the left, you will see an image, called a "watermark." When you submit your password, you will be prompted to choose your own watermark from dozens of choices. Thereafter, this personalized watermark will appear on the left of the password entry page every time you log on. The same watermark will also appear on the lower left of every Century Bank Online Banking and Bill Payment page while you are logged on. The appearance of your personal watermark guarantees that you have logged onto Century Bank's website.
Century Bank will also create a profile of your activity. You will be prompted to select three specific challenge questions from a list and enter personalized answers. Thereafter, when our online banking security system detects any uncharacteristic or unusual requests involving your account, you may be asked to verify your identity by answering two of the three questions.
Also available are secure tokens, IP Restrict (only access from a specific IP address) and Email Alerts.