At Bank of Edmonson County, the security of your accounts and assets are extremely important to us.
Whether it is the security of our offices, our computer networks and programs or your online banking experience, we strive to ensure that your information and money are secure. Follow the helpful links below to learn about identity theft and fraud, get alerts of possible scams, find contact information to report your debit card lost or stolen and to learn more about how you can help protect yourself.
Ransomware is a type of malicious software (malware) that freezes your computer or mobile device until a sum of money is paid. It can destroy personal and business files, leading to stolen data and large financial losses.
- Ransomware attacks— especially those that target small businesses—are evolving in complexity and are on the rise.
- All devices are vulnerable, but more and more mobile attacks are being reported.
- $209 Million collected by criminals in the first quarter of 2016.
- A projected $1 Billion + in losses from ransomware attacks in 2016 alone, according to the FBI.
- Ransom fees vary, from $200 – $10,000.
Ransomware targets a specific individual within a business, or a consumer with a link or attachment that infects your computer with malware or leads you to an infected website. Three ways ransomware can take shape are:
Spear phishing emails
- The sender appears to be someone you may know or someone relevant to your business.
- The message is often personalized, and may include your name or a reference to a recent transaction.
Advertisements or pop-up windows
- Your computer freezes, and a popup message appears.
- The message may threaten a loss of your files or information, or may also tell you that your files have been encrypted.
- Ransomware is also present in downloadable games and le-sharing applications.
Once the PC is infected, your files are encrypted and inaccessible. The fraudster demands a ransom payment in order to unlock them.
- Always back up your files and save them offline or in the cloud.
- Always use antivirus software and a firewall. Be sure they are set to update automatically.
- Enable popup blockers.
- Don’t click. Be cautious when opening emails or attachments you don’t recognize—even if the message comes from someone in your contact list.
- Only download software from sites you know and trust.
- Alert your local law enforcement agency as soon as you encounter a potential attack.
- To: Chief Executive Officer (also of interest to Security Officer)
- Subject: Consumer Alert
- Summary: E-mails fraudulently claiming to be from the FDIC are attempting to get recipients to click on a link, which may ask them to provide sensitive personal information. These e-mails falsely indicate that FDIC deposit insurance is suspended until the requested customer information is provided.
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports from consumers who received an e-mail that has the appearance of being sent from the FDIC. The e-mail informs the recipient that “in cooperation with the Department of Homeland Security, federal, state and local governments…” the FDIC has withdrawn deposit insurance from the recipient’s account “due to account activity that violates the Patriot Act.” It further states deposit insurance will remain suspended until identity and account information can be verified using a system called “IDVerify.” If consumers go to the link provided in the e-mail, it is suspected they will be asked for personal or confidential information, or malicious software may be loaded onto the recipient’s computer.
This e-mail is fraudulent. It was not sent by the FDIC. It is an attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media.
The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to firstname.lastname@example.org.
Sandra L. Thompson
Director – Division of Supervision and Consumer Protection
- Distribution: FDIC-Supervised Banks (Commercial and Savings)
- Note: FDIC-Supervised Banks (Commercial and Savings) Paper copies of FDIC Special Alerts may be obtained through the FDIC’s Public Information Center, 877-275-3342 or 703-562-2200
Online Banking Security
Bank of Edmonson County’s Commitment to Your Security:
Your safety and security are our “first priority.”
Our network is protected by multiple layers of physical, procedural and technical controls. Our systems continuously monitor activity from unauthorized entry attempts.
When you sign up for online access, we ask you to create your own password, along with a logon ID, to access your accounts. This information is encrypted during transmission and will remain a secret as long as you do not disclose it.
Our system will automatically log you off from Online Banking and Bill Pay after a specified period of inactivity. This reduces the risk of others accessing information from your unattended computer. We recommend that you always sign off (log out) when done banking online.
Secure communications with Strong Encryption
The privacy of communications between you (your browser) and our servers is ensured via encryption. Encryption scrambles messages exchanged between your computer/device and our online banking server.
How Encryption Works
- When visiting online banking’s sign-on page, your browser establishes a secure session with our server.
- The secure session is established using a protocol called Secure Sockets Layer (SSL) Encryption. This protocol requires the exchange of what are called public and private keys.
- Keys are random numbers chosen for that session and are only known between your computer/device and our server. Once keys are exchanged, your browser will use the numbers to scramble (encrypt) the messages sent between your browser and our server.
- Both sides require the keys because they need to descramble (decrypt) messages received. The SSL protocol assures privacy but also ensures no other website can “impersonate” your financial institution’s website, nor alter information sent.
- To learn whether your browser is in secure mode, look for the secured lock symbol at the bottom of your browser window.
Protect Yourself Online
Be proactive when it comes to Online Security!
As your financial institution, we work hard to protect you from fraud. But you and your computer are the front line of defense. In just a few simple steps, you can help keep your computer-and your finances-safe.
Secure your passwords
A good password should:
- Not be based on personal information that can be easily guessed (your pet’s name, birth date, etc.)
- Not be a word that can be found in any dictionary of any language.
- Contain 8 characters, at least 1 number, at least 1 uppercase letter, at least 1 lowercase letter, and password cannot contain leading or trailing blanks.
- Not be the same as any password you use for anything else.
- Always memorize your password and do not write it down. Bank of Edmonson County will prompt changing your passwords every 90 days.
There are certain precautions you should take to keep your computer safe from viruses and hackers.
- Keep your operating system and browser up to date.
- Use up-to-date anti-virus and anti-spyware software – and set them to update automatically.
- Use a personal firewall.
- Activate a pop-up blocker.
Keep in mind:
Security software that comes pre-installed on your computer typically works for just a few months unless you pay to extend its usage. Avoid buying software in response to unexpected pop-up messages or ads that claim to have scanned your computer and detected malware. That’s a scare tactic scammers use to spread malware.
Be wary of spyware and malware
Spyware is software loaded on your computer without your knowledge. It collects personal information about you and your Internet browsing habits in order to launch pop-up ads or change the configuration of your computer. It can also access your usernames and passwords, slow down the functions of your computer and send information from your computer to a third party without your knowledge or permission.
Generally, spyware is downloaded to your computer from websites you visit, or comes along unannounced when you download a new program or feature. In some cases, the spyware is mentioned in the fine print of a user agreement you’re asked to accept for downloading a program.
Clues that you may have spyware on your computer:
- You experience a number of pop-up ads when browsing the Internet
- Your Internet browser takes you to sites you’re not attempting to visit
- You experience a sudden and/or repeated change to your Internet homepage
- New toolbars or icons appear
- You experience error messages that seem random, and/or your computer’s performance drastically slows down
Check your system regularly for spyware. Several third party vendors provide anti-spyware applications you can download, some free of charge.
Malware is malicious, unwanted software or code that generally is transmitted online. It is often used to enter a computer system without conforming to standard authentication procedures.
Common forms of malware include:
- Adware – software that displays ads in an unexpected and often unwanted fashion
- Backdoor – software that is often installed through a vulnerability in the operating system or through an existing piece of malware
- Bot – A software application that performs automated, unwanted tasks online
- Computer worm – a program that self-replicates and spreads by exploiting vulnerabilities and bugs in operating systems and old applications
- Rootkit – One or more programs designed to hide the presence of other malware from users and anti-virus programs
- Trojan horse – A form of malware that seems to provide a positive function but actually gives criminals access to your computer
- Virus – A program that self-replicates without the user’s knowledge or permission.
Clues that you may have malware on your computer:
- Advertising pop ups begin to appear every few seconds
- Extra toolbars appear in your browser and can’t be removed
- Your Internet browser takes you to sites you’re not attempting to visit
- Unexplained system slow down and/or sudden system crashes
Check your system regularly for malware. Several third party vendors provide anti-malware applications you can download, some free of charge.
Be smart online
Aside from securing you passwords and computer, the most important thing you can do is simply be careful – and use common sense – online.
Here are some good general rules to follow:
- Maintain current software and take advantage of updates
- Never share passwords or passphrases
- Do not click unknown links
- Beware of unknown email and attachments – if you don’t know what it is or who it’s from, don’t open it
- Don’t download unknown software off of the Internet
- Don’t play along with hoaxes or chain mail
- Log out/lock your computer when you’re not using it
- Remove unnecessary programs
- Restrict remote access to your system
- Frequently back up important files
- Treat sensitive data carefully
- Remove data securely
- Use encryption whenever possible
Be smart with your password.
- Choose passwords and PINs that are hard to guess by using a combination of upper and lower case alpha-numeric characters and symbols.
- Avoid using your Social Security number, your mother’s maiden name, birth dates, your kids’ names or sports teams.
- Change passwords regularly
Security tips for banking online
Computers & Mobile Devices need protection
- Use an anti-virus and anti-spyware software, update frequently.
- Update your computer’s operating system when available.
- Use the most recent version of your web browser software.
- Use caution when installing applications/programs.
- Do not leave your laptop, phone or other mobile devices logged on and/or unattended when in public.
- Password protect and/or lock your laptop, phone or other mobile devices when not in use.
- Do not save financial or personal information on your laptop, phone, or mobile device.
Secure Personal Information
- When creating passwords, they should contain upper and lower case alpha-numeric characters and symbols.
- Never share your passwords.
- Delete an email immediately if you do not know the sender
- Do not open email or click on links or attachments, especially those where the file ends in “.exe”.
- Do not include personal or sensitive data in, or in response to, an email.
- Watch the activity on your account for any unusual activity
- Always log out of your online and/or mobile banking sessions when you are finished.
- Do not store financial or personal information on your laptop, phone, or mobile device.
Be Cautious when Browsing the Web
- Only allow pop-ups from sites that you authorize.
- Do not give out personal information to blogs, forums and other social networking sites.
- Only make online purchases using secure sites that encrypt your information. To determine if a site encrypts your information look for the locked padlock icon in the browser and “https:” in the address line.
- Never access a website from a link in a suspicious email.
- Access online banking sites by typing the address directly into the browser’s address bar.
What is Identity Theft
Identity theft is a serious crime. The damage caused by the theft of personal information can be very extensive, and cleaning up can cost a substantial amount of time and money. In addition, affected persons risk long term damage to their credit and their reputation. Severe consequences of identity theft include lost job opportunities and denial of credit. Some victims have even been falsely accused of crimes they did not commit.
By conducting everyday activities, consumers leave personal information a thief may want to use to steal their identity. These activities include writing a check, renting a car, applying for credit or charging tickets to a sporting event. These activities reveal personal information such as: your bank and credit card account numbers, your income, your Social Security number, your name, address and telephone number. If stolen, this information may be used to commit identity theft or fraud.
Skilled identity thieves use a variety of methods to gain access to your personal information. For example, they may:
- Steal your mail
- Steal your wallet or purse
- Complete a “change of address” form to redirect your mail to another location
- Rummage through your trash
- Collect your information through e-mail or telephone using phishing scams.
Phishing scams target consumers by “spoofing” text or voicemail messages that ask you to call a phone number and give your personal information. Here’s how it works:
- You receive an email message, asking you to click on a link in order to update some sensitive personal information.
- The link will redirect you to a “spoofed” website, which is designed to look like a legitimate website.
- The website will ask you to input personal information such as your account numbers, PINs, or a social security number.
Vishing scams target consumers by “spoofing” text or voicemail messages that ask you to call a phone number and give your personal information. Here’s how it works:
- You receive a “spoof” email or text message about suspicious account activity.
- The text or voicemail message will ask you to call a “customer service” number.
- When you call the customer service number, a recording will ask you to provide personal information such as account numbers, passwords, a social security number, or other critical information.
- The recording may not mention the company’s name and could potentially be an indication the call is being used for fraud.
- You can also receive a phone call.
- The call could be a “live” person or a recorded message.
- The caller may already have your personal information, which may seem as if the call is legitimate.
Smishing is when consumers’ cell phones and other mobile devices are targeted with mobile spam. The spam, or text messages, attempt to trick consumers into providing personal information. Here’s how it works:
- You receive a fake text message, which may include a fraudulent link, asking you to register for an online service.
- The scammer attempts to load a virus onto your cell phone or mobile device.
- The scammer may also send a message ‘warning’ you that your account will be charged unless you cancel your supposed online order.
- When you attempt to log on to the website, the scammer extracts your credit card number and other personal information.
- In turn, your information is used to duplicate credit, debit and ATM cards.
- Scammers may also send you a text message again ‘warning’ you that your bank account has been closed due to suspicious activity.
- The text message will ask you to call a ‘customer service’ number to reactivate your account.
- When you call the number, you are taken to an automated voice mail box that prompts you to key in your credit card, debit card or ATM card number, expiration date and PIN to verify your information.
- Again, your information is used to duplicate credit, debit and ATM cards.
Lottery/Sweepstakes scams target consumers by a notification, which arrives through the mail, by email, or by an unsolicited telephone call. Here’s how it works:
- The notification advises you have won a prize, but you did not enter in any type of lottery or sweepstake by the promoter contacting you.
- The promoter will ask you to send payment to cover the cost of redeeming the prize when the prize does not exist.
- In this type of scam, you may rarely if ever receive any winnings in return.
Check Overpayment Scams
Check Overpayment scams target consumers who sell items through an online auction site or a classified ad. Here’s how it works:
- The seller takes a big loss when the ‘buyer’ passes a counterfeit cashier’s check, money order, corporate or personal check as payment.
- The counterfeit check is written for more than the agreed price.
- The ‘buyer’ will ask the consumer to wire back the difference after the check has been deposited.
- The check will more than likely bounce and the consumer becomes liable for the entire amount.
Tips to Protect Yourself
- Never give out your financial information. Such as: credit card number, checking account numbers, and especially your Social Security number, on the phone unless you placed the call and know the person, business, or organization with whom you are dealing. We, at Bank of Edmonson County, will never call you asking for that information; so don’t give out that information to anyone claiming to be from the Bank.
- Never give out usernames or PINs to anyone calling to advise you of potential card fraud regardless of how “helpful” the caller sounds.
- If your checks are lost or stolen, report it to the bank immediately! We will block payment on the check numbers involved. Also, when you get each new order of checks, review their numbers to make sure that they are in sequence with the last checks you used.
- Store all of your checks, both new and used, in a safe place.
- Guard your ATM Personal Identification Number and ATM receipts. Pick up your receipts from the ATM machine before you leave and take them home to destroy properly.
- Don’t throw away financial solicitations that you get in your mailbox. Tear them up or shred them so that thieves can’t use them to assume your identity. The same is true for any other financial documents, such as bank statements or invoices.
- If your regular bills fail to reach you, call the company and find out why. Someone may have filed a false change-of-address notice to route your information to his or her address.
- Review your bills carefully. If they include suspicious items, don’t ignore them. Instead, investigate immediately to head off any possible fraud before it occurs.
- Request a copy of your Social Security statements at www.ssa.gov/mystatement to be sure that no one else is using your social security number for employment.
- Add your phone numbers to the national Do Not Call Registry at www.donotcall.gov or by calling 1 (888) 382-1222. Since February 2008, these registered telephone numbers will no longer expire off the list.
- Opt out of pre-screened credit offers by calling 1 (888) 567-8688 or at www.optoutprescreen.com.
- Once a year, contact the major credit reporting companies to review your file and make certain that the information about you is correct. Many states offer residents free credit reports annually at www.annualcreditreport.com or by calling 1 (877) 322-8228. For a small fee, you can get your credit score as well. The three major credit bureaus are:
Identity Theft Victims: Steps for Immediate Action
If you are a victim of identity theft, take the following steps as soon as possible. Also it is important to keep records of your conversations and copies of all correspondence. Contact your account representative at Bank of Edmonson County at (270) 597-2175, to secure your bank accounts.
Contact the credit reporting agencies, and place a “fraud alert” on your credit reports. Also, add a “victim’s statement” to your file requesting that creditors contact you before opening new accounts in your name.
If you know or suspect that an account has been tampered with or opened fraudulently in your name, close it immediately. Call and speak to someone in the security or fraud department. You may also wish to follow up in writing. Send all letters by certified mail, return receipt requested.
Filing a “miscellaneous incidents” report at a police station where the identity theft occurred is also an important step. Get a copy of the police report for your records in the case of dealing with creditors who need proof of the crime.
600 Pennsylvania Avenue, NW
Washington, DC 20580
Log the date, time, duration and cost of any telephone calls as well as the date and cost of any mailings. Keep copies of all correspondence for your records.
Helpful Contacts in the event of Identity Theft:
Contact the fraud departments at each of the three credit reporting agencies:Equifax – 1 (800) 525-6285, Post Office Box 740241, Atlanta, Georgia 30374-0241
Experian – 1 (888) 397-3742, Post office Box 9532, Allen, Texas 75013
TransUnion – 1 (800) 680-7289
Fraud Victim Assistance Division Post Office Box 6790, Fullerton, California 92834-6790 Federal Trade Commission – 1 (877) 438-4338, www.consumer.gov/idtheft
Identity Theft Clearinghouse
Federal Trade Commission
600 Pennsylvania Avenue, NW
Washington, D.C. 20580
United States Postal Service – your local post office.
Your local police department.
ABA Consumer Resources
Consumer Financial Protection Bureau
Direct Mail Association Mail Preference Service to remove you name from mailing lists
Do Not Call Registry
FDIC Deposit Insurance Information
Free annual credit reports
Money Smart by FDIC
Opt out of prescreened offers
|FACTS||What does Bank of Edmonson County do with your personal information?|
|Why?||Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.|
|What?||The types of personal information we collect and share depend on the product or service you have with us. This information can include:
When you are no longer our customer, we continue to share your information as described in this notice.
|How?||All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reasons Bank of Edmonson County chooses to share; and whether you can limit this sharing.|
|Reasons we can share your personal information||Does Bank of Edmonson County share?||Can you limit this sharing?|
|For our everyday business purposes-
such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus
|For our marketing purposes-
to offer our products and services to you
|For joint marketing with other financial companies||Yes||No|
|For our affiliates' everyday business purposes-
information about your transactions and experiences
|No||We don't share|
|For our affiliates' everyday business purposes-
information about your creditworthiness
|No||We don't share|
|For non-affiliates to market to you-||No||We don't share|
|Who we are|
|Who is providing this notice?||Bank of Edmonson County|
|What we do|
|How does Bank of Edmonson County protect my personal information?||To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings.|
|How does Bank of Edmonson County collect my personal information?||We collect your personal information when you:
We also collect your personal information from others, such as credit bureaus, affiliates, or other companies.
|Why can't I limit all sharing?||Federal law gives you the right to limit only
|Affiliates||Companies related by common ownership or control. They can be financial and nonfinancial companies.
|Nonaffiliates||Companies not related by common ownership or control. They can be financial and nonfinancial companies.
|Joint Marketing||A formal agreement between nonaffiliated financial companies that together market financial products or services to you.
Customer Identification Requirements
Important Information About Procedures For Opening A New Account
To help the government fight the funding of terrorism and money laundering activities, Federal law requires all financial institutions to obtain, verify, and record information that identifies each person who opens an account.
What this means for you: When you open an account, we will ask for your name, address, date of birth, and other information that will allow us to identify you. We may also ask to see your driver’s license or other identifying documents.
If you have any questions regarding this notice please contact your banking representative at (270) 597-2175.
Elder Abuse Prevention
BANK OF EDMONSON COUNTY PROMOTES ELDER ABUSE PREVENTION
Tips Customers Can Observe to Protect Themselves from Financial Abuse
In recognition of Elder Abuse Prevention, Bank of Edmonson County is promoting awareness of financial abuse of elderly customers.
The elderly are increasingly becoming targets for financial abuse. In the US, at least 1 in 9 Americans over the age of 60 has experienced some form of elder abuse. Sadly enough, most elder abuse victims are dependent on their abuser for basic needs.
Bank employees are frequently trained to notice when a customer is vulnerable or is currently a victim of financial abuse, by simply paying attention to red flags. The red flags can be invaluable when determining abuse—whether it is a bank employee noticing unusual recent withdrawals or a new person simply accompanying the older customers to the bank.
Customers can participate in protecting themselves from financial abuse by following these tips:
- Keep personal information private. Never share your social security number, account information, or personal details over the phone or internet, unless you initiated contact with a trusted source.
- Use direct deposit when available. Ask you banker for more information.
- Sign your own checks. Do not sign “blank checks” and allow another person to fill in the amount.
- Shred! Shred! Shred! Shred receipts, bank statements and unused credit card offers before throwing them away so fraudsters can’t piece together your personal information.
- Do not leave money or valuables in plain view.
- Don’t let a so-called “advisor” pressure you. Never let a new or untrusted “advisor” pressure you into sharing personal or financial details. They could be a fraudster.
- Check your credit report. Customers should check their credit report at least one a year to ensure no new credit cards or accounts have been opened by criminals in your name.
Being aware of warning signs and taking simple steps to safeguard personal information can mean the difference between being a victim and a fighter.
If you suspect elder abuse, you are legally required to report it. You can report abuse at the 24 hour toll free hotline 1 (800) 752-6200, calls can be made anonymously.
Kentucky Attorney General Senior Protection Program: (888) 432-9257
For more information on elder abuse prevention, visit https://ncea.acl.gov/