Century Bank is concerned about cyber security for our clients. This page is dedicated to showing you pertinent information to protect you, your businesses and your families by sharing news, updates, and articles regarding cyber security.
A word of caution when using Mobile Payment apps. If they are asking for your Secure Access Code…it’s a scam!
If you are doing a transaction with anyone, and they are asking for the Secure Access Code from your mobile banking app…It’s a scam!
Whether you are using the Zelle Peer to Peer payment option (and that should only be used for persons whom you know well), or any other option in our online banking, if you are being asked by the remote party for the Secure Access Code (SAC), the other party is trying to steal access to your bank account! We use the combination of the randomly generated and time limited Secure Access code, which is sent to a device we know belongs to you, and your password to secure your personal accounts. It is called multi-factor authentication. If you re-use passwords across multiple websites (which you shouldn’t) thieves may be able to easily guess or steal your password. The SAC provides an additional layer of protection for your information and your money.
Remember, Century Bank will never ask you for a Secure Access code during a call. If you receive a call that looks like it is from Century Bank (and thieves will spoof our caller id, it’s not hard to do), and you are asked for your SAC…hang up and contact a Customer Service representative right away. Questions? Call 505.995.1200.
Cloned apps may contain dangerous things...
Century Bank has been made aware of third party app stores that are hosting what appear to be copies of the MyCenturyBank Mobile banking app. We are working to get these removed, because, it is highly likely that these apps also include other features such as Keyloggers or other malware that could compromise your personal information when entered using them. Always download apps that access sensitive personal information from either the developing company directly, or from the official Apple or Google Play stores. Those stores have measures in place to ensure that the apps they host are the legitimate products and don’t contain any dangerous “extra” features.
Sometimes a social media quiz is more of a test than you might think...
If you have ever used social media, you have probably seen a “quiz” like the one below.
Which pet should you get? Answer these questions to find out:
- Have you ever traveled outside of the country?
- What town did you grow up in?
- Who is your favorite fictional character?
Now it’s time for your results: You got... a phish!
That’s right, the answers to these simple questions could give cybercriminals the data they need to gain access to your sensitive information.
How Can Cybercriminals Use This Information?
The questions in a social media quiz may seem trivial, but your answers reveal a lot about you. Let’s look at how cybercriminals could use your answers to the questions above:
Have you ever traveled outside of the country?
This question reveals whether you have a passport. Knowing which forms of identification, you have could help a cybercriminal steal your identity.
What town did you grow up in?
This question reveals a detail that can be used to verify your identity. The town where you grew up could also be where you were born, where you went to high school, or where you met your partner. Cybercriminals could use this information to answer security questions and gain access to an important account.
Who is your favorite fictional character?
This question reveals your interests. Knowing what books or movies you enjoy could provide cybercriminals with a hint to crack your password. Cybercriminals could also use this information to target you on social media. Claiming to have a shared interest is an easy way for cybercriminals to appear friendly and trustworthy.
Remember These Tips to Stay Safe:
- Don’t share any information online that you wouldn’t want to make public. No matter how cautious you are, any information posted on social media can still fall into the wrong hands.
- Social media platforms have many security options that can easily be overlooked, such as your tagged photo settings. Review and edit your privacy settings to be sure your information is kept safe.
- The next time you see a friend or family member post a quiz on social media, inform them of the risks involved. They may share sensitive information that you both have in common, such as your hometown. Cybercriminals may realize this connection, so your friend’s post could put you and others at risk.
Be cautious with where you go, and what you do when on the internet (both at work and at home) and don’t provide criminals with information that can turn you into a victim.
Could your business survive a Cyber Attack?
Did you know that 74% of all U. S. organizations experienced attempted or actual payment fraud in 2020? As partners in your financial safety, your team at Century Bank wants to remind you of the potential scams that could impact your organization. Please be vigilant. It’s not a matter of if, but rather when your organization will be attacked.
These schemes can cost your business as little as a thousand dollars or more than a million. Could your business weather a half-million or million-dollar loss? Could you possibly be terminated if your employer experiences an avoidable loss due to payment fraud when you did not follow company policy or the tips listed below?
Below we have highlighted a few of the most prevalent fraud schemes from the guide: Protecting Against Cyber Fraud, produced by the National Association of Clearing Houses.
Business Email Compromise (BEC)
Have you received an email from a vendor or your boss requesting that a wire or ACH be sent immediately or to a new bank account number? Fraudsters have been compromising or impersonating valid business email addresses to make such a request and unfortunately your most vulnerable department is accounts payable, as these departments were the target of 61% of all BEC fraud attempts in 2020. Avoid being a victim and require that you and your staff take the time to pick up the phone and call the sender to verify the validity of the request. DO NOT use the contact information in the email, use another source because you could be simply interacting with the fraudster if you use details from the email.
Vendor Impersonation Fraud
Vendor impersonation can occur when a business or organization receives an unsolicited request, purportedly from a valid contractor/vendor to update payment information. The update could be to request a wire or provide a new payment method. Avoid being a victim and take the time to call the supplier to verify the request. Be additionally diligent when the request is from a construction related contractor. Payments to contractors are a favorite target by fraudsters due to their size.
Payroll Impersonation Fraud
Fraudsters target employees by directing them to fake websites or making a request that may seem legitimate such as an email from human resources to make a direct deposit change. Help your employees from being a victim by educating them on various scams and have a specific procedure to update direct deposit information.
Ransomware is a type of malware that will prevent you from accessing your computer files, system, or networks and demands you pay a ransom, via cryptocurrency, for their return. Ransomware is usually distributed through email by sending a malware-embedded attachment. Avoid being a victim by educating your staff on taking time to review emails for legitimacy and be cautious of websites that they are accessing. A few key giveaways in these emails and websites are bad grammar, misspellings, and if the sender has an odd email address. Also, check with your insurance provider to ensure you have a cyber policy with a rider that will help defray the expenses that come with recovering from a ransomware attack. Not only will you have to pay the attackers, but you will have to pay IT professionals to make sure your systems are restored and all malware is removed.
Please take the time to view the guide: Protecting Against Cyber Fraud and share with your staff and friends. As always, feel free to contact us with any concerns or questions you may have about protecting yourself and your businesses from potential fraudsters.
July 16, 2021
Fake Purchase Overpayment/Refund Scam.
Customers are reporting the following : You receive an email indicating that they were charged for a recent purchase on a major name website. The email asks you to verify, and if this is incorrect to call a phone number in the email. When you call the number they apologize and offer to refund the purchase to your card or bank account, if you provide them the information (or they ask for remote control of your PC and you log in to the site). Then, they appear to “deposit” much more than the refund amount. The scammer pretends to panic, and says they will get fired if you don’t get them the extra money back…they tell you to purchase gift cards for the “extra” amount at local stores and then read or photograph the card numbers to them.
The scam here is…they never moved any money to your account, but the gift cards you give them the numbers for, are real money out of your account!
A few key things: 1) don’t call the number in an email about a purchase you did not make; 2) don’t give anyone you don’t know remote access to your PC (and especially not when you are logged in to your online banking); and 3) if you are being asked to purchase gift cards…there is a 99.99% probability it’s a scam!
If you receive any communication like this, stop, don’t give the scammer any personal information. Hang up, then call us at 505.995.1200 and let us know.
April 13, 2021
Scammers are calling Century Bank customers indicating that they are from Century Bank Security.
During these calls the scammers ask customer for their Debit Card Pin, or their Secure Access code for Online banking, or their user ID and password for online banking.
Please note that Century Bank will NEVER call you, and ask for any of these things (we already know all of them except the Secure Access Code).
If you receive a call like this, stop, don’t give the scammer any personal information. Hang up, then call us at 505.9951200 and let us know.
What are some classic warning sights of possible fraud and scams?
- Calling or emailing you, claiming to be from the government and asking you to pay money.
- Asking you to pay money or taxes upfront to receive a prize or gift
- Asking you to wire them money, send money by courier, or put money on a prepaid card or gift card and send it to them.
- Asking for access to your money-such as your ATM cards, bank accounts, credit cards, or investment accounts.
- Pressuring you to "act now" or else the deal will go away. Or someone who seems to be trying hard to give you a "great deal" without time to answer your questions.
Tap. Snap. Send.
That's how easy it is to deposit a check with Century Bank's Remote Deposit Anywhere.