Consumer Alerts
FDIC Consumer Education
An FDIC on-line tool is available to help educate consumers how to better protect their computers and themselves from identity theft, and steps to take if they have been victimized. Please see the FDIC’s website. Check it out for valuable consumer alerts and information to help you manage and protect your money! Additionally, “Beware, It’s a Scam!” is a very informative article from the FDIC. Click here for this article.
Customer Alert
We have had reports of customers receiving phone calls purporting to be from Commerce Bank requesting information on checking account & debt cards. PLEASE KNOW THAT COMMERCE BANK WILL NEVER CALL YOU OR SEND YOU AN EMAIL TO REQUEST PERSONAL INFORMATION OR NUMBERS FROM YOUR CHECKING ACCOUNT OR YOUR DEBIT CARD! IF YOU RECEIVE SUCH A CALL OR EMAIL DO NOT RESPOND AND PLEASE CALL COMMERCE BANK IMMEDIATELY AT (662) 286-5577.
Customer Guidance on Phishing and Pharming Scams
What is “Phishing”?
“Phishing” is a scam that uses email, pop-up messages, fraudulent web sites, or spam (junk email) to deceive you into disclosing personal financial information such as credit card numbers, social security numbers, bank accounts, passwords and other sensitive information. Certain attachments and links could infect a personal computer with viruses, worms or Trojan horses that allow criminals to capture keystrokes or other confidential information.
What is “Pharming”?
Many of the fraudulent Phishing emails contain links directing one to a fake website that may resemble one’s bank website or some other trusted entity. The fake website is designed to trick a person into entering his or her personal information. The message may ask the person to “update” or “verify” account information. This act is known as “Pharming.” “Pharming” is completed by domain spoofing. The attacker poisons a commercial entity’s Domain Name System (DNS) server and routes traffic to another location which the attacker has created. “Pharming” can be harder to detect because the domain name looks to be correct.
Customer Guidelines to Avoid Becoming a Victim of Phishing
- Our bank will never contact you via email to request security information.
- Never enter your social security number or any other personal financial information in response to an email request.
- Never send personal or financial information via unprotected email.
- Never give your personal or financial information over the telephone, unless you initiated the call.
- Review your account statements regularly, online or on paper.
- Use security solutions on your computer to protect you from Internet threats. Anti-virus software and a firewall are two basic solutions. If you have a broadband (cable modem, DSL, T-1) Internet connection, it is especially important that you have these security solutions.
- Use anti-spyware and anti-adware solutions to keep your computer clean.
- Don’t use easily-guessed or cracked passwords. Use unique combinations of upper- and lower-case letters, and add numbers and symbols. Change your passwords regularly and don’t use the same password for multiple sites.
- Never click on links in a suspicious email. Instead, open your browser and enter the web site’s domain name (e.g., www.commercebk.com).
- “Patch” your computer operating system (Windows) and any other applications regularly to close security holes that might be exploited.
- If you have a wireless Internet connection, change the default admin password, do not broadcast your SSID (Service Set Identifier), enable your WEP (Wired Equivalent Privacy) key security (change your WEP key frequently) and implement MAC (Media Access Control) address filtering as four fundamental security measures.
- Always be suspicious of email attachments and web links, even if they appear to be from a trusted source.
- When making purchases online, always make sure the session is encrypted by looking for the “https” in your browser address bar. This indicates Secure Sockets Layer (SSL) encryption is present.
- For further protection when making purchases online, sign up for your credit card provider’s service that requires a personal password to complete online purchases. This way your credit card number cannot be used for online purchases without your password being entered.
Notify the Credit Reporting Agencies
If you believe you have been a victim of identity theft, notify one of the three major credit bureaus, ask them to place a “fraud alert” on your credit report, and send you a copy of your credit file. The fraud alert will ask creditors to contact you before opening any new accounts or making any changes to your existing accounts.
- Equifax – 1-800-525-6285 O. Box 740241 Atlanta GA 30347-0241 www.equifax.com
- Experian – 1-888-397-3742 O. Box 9530 Allen TX 75013 www.experian.com
- TransUnion – 1-800-680-7289 Fraud Victim Assistance Division O. Box 6790 Fullerton CA 92634-6790 www.transunion.com
It is a good practice to review your credit reports periodically, whether you have been scammed or not, to ensure the information being reported is accurate. To order your free credit report, visit annualcreditreport.com or call 1-877-322-8228. Do not contact the three nationwide credit reporting companies individually. They are providing free annual credit reports only through annualcreditreport.com, 1-877-322-8228 or by mailing the Annual Credit Report Request Form. You may order your reports from each of the three nationwide credit reporting companies at the same time, or you can order your report from each of the companies, one at a time. The law allows you to order one free copy of your report from each of the nationwide credit reporting companies every 12 months.
Notify the Bank
If you have responded to such an email and provided information about your account(s) with the Bank, then you should call the Bank’s main telephone number (662) 286-5577 for assistance.
Notify the Proper Authorities
Forward your suspected phishing email to spam@uce.gov. If you believe you’ve been scammed, file your complaint at www.ftc.gov. Call the FTC toll-free at 1-877-FTC-HELP (1-877-382-4357) or you may file a complaint online at www.ftc.gov. Contact your local police department and file a report. Get a report number or copy of the report. Also, be sure to file the proper affidavits. You can also file a complaint with the appropriate federal investigative law enforcement agency. For a list of appropriate law enforcement agencies, go to the US Department of Justice website: www.justice.gov. For more information on how to avoid becoming a victim of identity theft, go to: www.ftc.gov/idtheft or call the FTC’s toll-free Identity Theft Hotline 1-877-IDTHEFT (1-877-438-4338). This site also allows you to report your identity theft to the FTC’s Identity Theft Clearinghouse – a government database of identity theft complaints. You can mail your information to:
Identity Theft Data Clearinghouse
Federal Trade Commission
600 Pennsylvania Ave NW
Washington, DC 20580
This information is shared with consumer reporting agencies, other government agencies and companies where the fraud occurred.
Source: IT Auditing for Financial Institutions, written by Jimmy Sawyers and published by AlexInformation and the Federal Trade Commission website.