Alerts and Security

Keeping You Safe. Alerts and Security.

Alerts

We have been informed that some members have reported fraudulent phone calls. These calls appear to be from TBACU, but they are not. Scammers are trying to trick you into sharing your card, account, and online banking login details. Please do not answer these phone calls or take any actions they are asking you to. If you receive a suspicious phone call or text message link, hang up and contact our Local Service Center at 231.946.7090. Keep in mind that TBACU will never ask you for your online banking login details. Stay Safe!

Security Tips

The holiday season brings joy and generosity, but also an increase in scams targeting credit card holders. It’s crucial to educate your members about various holiday scams, such as phishing emails, fake charity solicitations, and fraudulent online shopping deals. By staying informed and vigilant, credit card holders can enjoy a safe and secure holiday season.

To learn more, check out this article! 

Protecting your personal information is crucial in today’s digital world. Limit the information you share online, enable Multi-factor Authentication (MFA) for added security, and use strong, unique passwords for each account. Be cautious of phishing attempts and regularly update all your devices to protect against vulnerabilities. By following these steps, you can significantly reduce the risk of cyber threats.

  1. Limit Sharing. Limit the information you share on a web and social media site, with any merchant, and in email. Cybercriminals scour the internet for any piece of information about you and, like a puzzle, put the pieces together to target you. And that ‘free’ email account you’re using? It’s also collecting information about you.
  2. Enable Multi-factor authentication (MFA). Enable MFA for all important online accounts. This can be an email or text message with a one-time password (OTP), PIN, or code. Enable MFA on every account that you can.
  3. Use Strong Passwords. As one of the first lines of defense for keeping your information safe, here are a few tips:
    1. Use a different password for each account.
    2. It doesn’t have to be complicated, like Di&81&329a$, it just has to be strong, memorable, and easy to type. Choose four unrelated words, then add a number and a special character.
    3. Reset your passwords every few months. By the time a data breach is reported, a threat actor could already be using and/or selling your data.
    4. Use a password manager. With just one master password, a password manager can generate and retrieve passwords for every account that you have, making it super easy to make them strong.
  4. Think before you click. Recognize and report email phishing and other social engineering attacks. Email, text, in person, or over the phone, if the message is urgent or threatening, pulls at your heartstrings, or is an unsolicited offer to help, it’s likely a scam. Don’t interact with it, just send it to your junk folder.
  5. Update. Update software on every device. Set your phone, door camera, television, desktop computer, laptop, router, etc. to automatically update. Cybercriminals also scour the internet and exploit outdated devices.

From identity theft and phishing attacks to counterfeit schemes and money laundering, cybercriminals are constantly devising new ways to exploit unsuspecting individuals. Being aware of these threats and taking proactive measures to protect yourself can significantly reduce the risk of falling victim to these malicious activities.

  • Email Phishing: Common ways to determine an email is malicious include messages that:
    • tug at your heartstrings–ask for a charitable gift for the latest natural disaster,
    • claim to have health information, often with a link to a malicious website, or
    • threaten you with a sense of urgency–your account will be closed if you don’t act now!

Check out this document to learn more about social engineering.

Identity theft occurs when someone unlawfully obtains and uses your personal information, such as your Social Security number, credit card details, or bank account information, to commit fraud or other crimes. This can lead to significant financial loss and damage to your credit score. To prevent identity theft, it’s crucial to safeguard your personal information by using strong, unique passwords, enabling multi-factor authentication, regularly monitoring your accounts for suspicious activity, and being cautious of phishing attempts and other scams.

  • Regularly review banking, investment, and insurance statements and online accounts. If discover unauthorized transactions or activity, immediately report it.
  • Review your credit reports. Annualcreditreport.com is the only site for free credit profiles from the top three bureaus – You can retrieve one, wait four months, and then retrieve another. It may be beneficial to review your child’s as well.
  • Identity Theft Protection services likely do not prevent fraud or Identity Theft, but can alert and help respond to it.  It’s really an insurance policy and may provide peace of mind. Read the fine print though.  Also, contact your homeowners’ or renters’ insurance policy.  You may have coverage and not even know it.
  • You have an increase in email spam or unsolicited phone calls.  If so, don’t reply, merely block the phone number or email address.  If they’re too numerous, you may need to change your email address or your telephone number.
  • Notify each banking, investment, and insurance institution. Request a ticket/claim number for each report.
  • Contact your homeowners’ insurance Your policy may help you recover.
  • Take your computer, tablet, and mobile phone to a reputable computer tech to check for malware, remote access, and updates.
  • Using a secure, cleaned, updated computer:
    • Change the password for each online account–banking, email, medical, social media…
    • Change the administrator and network passwords to your home wi-fi router.
    • If you’ve not, immediately freeze your four credit profiles. In that process, declare that you are an identity theft victim.
    • If you’ve not, file your taxes.
    • Report identity theft.
    • Document each step. Who you contacted and the date. This may help with a claim or uncover how the data was stolen.
    • You may need to open new banking accounts.
    • Regularly review your credit report and your banking, medical, and investment statements.

Should you report it to local law enforcement?  It never hurts, however, many times the crime happened outside of their jurisdiction.

Phishing, or using email to trick you into sharing passwords or private information, is still a big problem and has led to a number of multi-million dollar security incidents over recent years.

Here are a few easy tips to help recognize phishing and protect your information and accounts.

  1. Create two email accounts. Limit one for creditors, financial institutions, insurance companies and any official business. Don’t share this address with anyone else. Create a second email account that you can readily share with friends, family, and newsletters. Fake emails will stand out.
  2. Manage Your Inbox and Accounts. Download important messages to your local computer. Delete unwanted messages and any that have personal or private information. I’d even delete the Sent and Deleted folder contents. Why? If bad actors get into your account this will limit what they can get.
  3. Mark spam messages as spam. This will help ‘train’ the filter.
  4. Think Before You Open a Message.
  5. Is the sender’s name AND email address unrecognized?
  6. Is it a catalog or newsletter you didn’t ask for?
  7. Is the message threatening, urgent, or pulling your heartstrings? Your account will be locked, or your credit card will be closed if you don’t respond right this moment. What about fake ‘charities?’ Each natural disaster prompts bad actors to ask for money too.
  8. Is the email or website address misspelled? When hovering your mouse over the link, is the address different?
  9. Is it out of the norm for the sender to send that kind of message or attachment at that time of the day?

If you answered Yes, you should avoid opening the message or clicking on the attachment or link. It would be best to call or contact the sender directly, but NOT using the phone number in the email.

Federal Trade Commission | Protecting America’s Consumers (ftc.gov)

Home – National Cybersecurity Alliance (staysafeonline.org)

Avoid Pre-Screening. While you’re reviewing your credit reports for fraud, opt-out of credit pulls for pre-approved credit and solicitations. Get your free, annual report: https://www.AnnualCreditReport.com

Freeze your Credit Profile with Each Bureau. Start with the top four credit bureaus. Limiting access to your profile greatly reduces bad actors’ ability to open banking or utility accounts.