Whether you visit one of our banking branches, Loan Production Offices, or conduct your business with us online, you can be assured that we are taking the highest precautions to ensure that your information is protected and secure.
Evolve works hard to keep your information secure. However, as you do business online there are important precautions you can take to help safeguard your personal information:
- Keep IDs and passwords confidential.
- Consider using different passwords for each online service. Using multiple passwords makes it hard for a hacker to compromise multiple accounts if one password is stolen.
- Change your passwords frequently.
- Use passwords that include letters and numbers that are not easily discernable (do not use birthdays, child’s name, etc.). Security experts recommend passwords contain a minimum of 14 characters.
- Make sure to keep your contact information current. This information is vital for receiving important security alerts and notifications about your account. It is also used when verifying changes to your account such as login information updates.
- Keep your security software up to date which reduces the chance of your personal computer getting compromised.
These precautions and your vigilance in monitoring your accounts and credit report for fraudulent activity can go a long way in reducing your exposure to online identity theft.
IF, AT ANY TIME, YOU FEEL THAT YOUR ACCOUNTS HAVE BEEN COMPROMISED, PLEASE CONTACT EVOLVE CUSTOMER SERVICE IMMEDIATELY AT 866.395.2754.
Identity theft is affecting more consumers and causing higher losses than the nation has seen in recent years. To avoid becoming a victim of identity theft:
- Use a secure connection when paying online – Look for “https” or a green security lock in the address bar of your browser, which indicate a secure connection.
- Be careful of who is asking you for information – Unless you initiated the request or know the person on the other end, never provide personal or card information over the phone or in response to an email, even if it appears to be from a bank or other trusted institution. Instead, contact the organization directly using information listed on their website or other official source.
- Stay attentive – Monitor your accounts and statements thoroughly, and review your credit report at least once a year.
- Keep your personal data private – Store new and canceled checks in a safe place, shred sensitive documents, keep your antivirus software updated, and do not share passwords or PINs with anyone.
FOR MORE INFORMATION ABOUT IDENTITY THEFT OR TO FILE A REPORT, CONTACT THE FEDERAL TRADE COMMISSION (FTC) AT CONSUMER.FTC.GOV.
Communications Claiming to Be from Evolve Bank & Trust
If you receive emails, text messages, or phone calls that claim your account will be closed if you do not respond immediately, or your debit or credit card will be deactivated, disregard these messages. Evolve has the necessary information to do business with you. We will never ask you to supply your full account number or any identifying information by email, text message, or phone call.
IF YOU HAVE RECEIVED AN EMAIL, TEXT MESSAGE, OR PHONE CALL PURPORTING TO BE FROM EVOLVE, AND ARE UNSURE IF IT IS LEGITIMATE, CONTACT EVOLVE AT 866.395.2754.
Keylogging or Keystroke Logging
Keylogging is a method by which fraudsters record your actual keystrokes and mouse clicks. Keyloggers are “Trojan” software programs that target your computer’s operating system (Windows, Mac OS, etc.) and are “installed” via a virus. These can be particularly dangerous because the fraudster has captured your user ID and password, account number, Social Security Number – and anything else you have typed. If you are like most other users and have the same ID and PIN/Password for many different online accounts, you’ve essentially granted the fraudster access to any company with whom you conduct business. After all, they’ve got your login credentials so they appear to be a valid user.
Here are some ways you can prevent yourself from being a victim of keystroke logging:
- Use Anti-Virus Software – This is the single most important thing you can do to protect your computer from viruses. There are many on the market today – some cost money while others are free. If you opt to use a free version, make sure it is being offered by a reputable company and do research on the company and its product before installing.
- Keep your Operating System up-to-date with the latest security patches.
Phishing is a scam where Internet fraudsters request personal information from users online. These requests are most commonly in the form of an email from an organization with which you may or may not do business. In many cases, the email has been made to look exactly like a legitimate organization’s email would appear complete with company logos and other convincing information. The email usually states that the company needs you to update your personal information or that your account is about to become inactive, all in an effort to get you to click the link to a site that only looks like the real thing. If you click on the link to go to the phony website and enter all of your information, you’ve just been the victim of a phishing attack. The fraudsters have just captured all the necessary information to access your accounts online. No reputable business will ever email you requesting that you update your personal information, including account numbers, system passwords or Social Security Numbers via a link to their site.
Follow these guidelines to protect yourself from phishing scams:
- Never click on a link from a business requesting that you provide them with personal information.
- Pay close attention to the URL (Internet address) behind the link. Often in phishing attempts, if you hover the cursor over the link the fraudsters want you to click on, it has nothing to do with the actual company they claim to be.
- Report any phishing attempts to Evolve at 1-866-395-2754 or firstname.lastname@example.org
- If you are unsure that the request is valid, open a new Internet session and manually key in the business’ web address. If the business genuinely needs information from you, they will have you log in to your online account to see the request. In most cases, you’ll just be greeted with a message indicating that the business will never email you requesting personal information
Protecting Your Smart Phone
More and more people are using smartphones and apps to conduct business online – business that often requires the use of sensitive information such as bank account numbers, credit card data, or passwords.
While your smartphone can make life easier, be aware of potential threats to the security and the precautions you can take to keep it secure.
Areas, where smartphone users can potentially fall victim to fraudulent activity, are lost phones and open Wi-Fi network surfing. Be mindful as you use your smartphone as well as the related tips for preventing fraud.
Chances are you’ve probably misplaced your smartphone, at least temporarily, at least once. The danger with this if you’ve made purchases on your phone or, perhaps, conducted banking activities with it, someone who finds or steals your phone may be able to extract sensitive personal information from it. Use these tips to safeguard your phone in the event of a loss:
- Keep your smartphone’s operating software up-to-date by enabling automatic updates from your service provider. You may also want to install trustworthy security apps that allow you to remotely locate and erase all of the data stored on your phone.
- Set PINs and passwords on the phone’s homescreen to prevent unauthorized access to your phone. Utilize the auto lock feature for idle time (suggested after 5 minutes or less of being idle).
- Don’t modify your smartphone’s security settings.
- Always report a stolen phone. Wireless providers in conjunction with the Federal Communication Commission (FCC) have established a stolen phone database that will help your provider prevent your phone from being activated without your permission.
Open Wi-Fi networks
Cybercriminals often use unprotected Wi-Fi hotspots to target people online.
- Ignore pop-ups or prompts to download software. They are often a hacker’s attempt to infect your phone with malware or spyware.
- Avoid public hotspots and instead, use protected Wi-Fi from sources you trust or your own mobile wireless connection.
- Update your smartphone’s security software before you travel. Wi-Fi in airports and hotels can be potentially troublesome if your smartphone is not fully protected with the latest security updates.
Social Media Fraud Schemes
Social media schemes (Facebook, LinkedIn, etc.) entice users into opening new accounts or using their existing accounts in exchange for merchandise or “fast cash.” The proposal is typically made via a post with pictures of cash or other items encouraging anyone interested to comment for more information. The accounts are ultimately used to conduct transactions involving the deposit of fraudulent checks and subsequent fraudulent card purchases/ATM withdrawals.
Consumers should be aware that participation in this type of scheme is illegal and that you may be held responsible for purchases or cash withdrawals made from the proceeds of a fraudulent check deposit. Such activity could result in account closure and possible criminal prosecution.
IF YOU HAVE ANY QUESTIONS OR SEE ANY POSTS LIKE THIS FROM EVOLVE ON FACEBOOK OR OTHER SOCIAL MEDIA SITES, PLEASE CONTACT EVOLVE IMMEDIATELY AT 866.395.2754.
If you receive an unsolicited offer that promises you something in exchange for money or account information, you should not respond unless you are sure the offer is legitimate. Common scenarios include offers that require an upfront fee, requests to wire funds, a notice that you won a lottery/contest, or a person on a social website who asks for money (e.g., travel money to meet you, emergency cash, medical bills, etc.). Remember, if it sounds too good to be true, it probably is.
If your business accepts wires and/or sends outgoing wires to or on behalf of customers, beware of a scheme in which hackers can take over a legitimate email address and initiate fraudulent wire requests. Fraudsters have the ability to take over email accounts and send requests to bank employees asking for wire transfers or account information. Please be assured that we will never disclose your personal account information or initiate a wire transfer via e-mail. There are steps you can take to help protect yourself against this scheme, such as:
- Ensure your anti-virus software is up-to-date.
- Make sure your computer is free of malware.
- Whenever possible, discuss sensitive banking information via telephone or in person.
- Do not provide confidential information via email (i.e., account number, balances, Social Security number, PINs, etc.).
- Use a strong password on your email account.
Ensure that your business has procedures in place to verify any wire that is received via email or fax. For example, calling your customer directly using a phone number on file before proceeding with a wire can determine if the customer actually sent the request.
Special Considerations for Businesses
Evolve is dedicated to providing your company with the latest in secure technology for conducting your business banking. However, there are some important steps you can take to ensure your own internal security.
Employ best practices to secure computer systems including:
- Verify use of a secure session (https not http) in the browser for all online banking.
- Avoid using automatic log-in features that save usernames and passwords for online banking.
- Never leave a computer unattended while using any online banking or investing service.
- Never access bank, brokerage or other financial services information at internet cafes, public libraries, etc. Unauthorized software may have been installed to trap account number and sign on information leaving you vulnerable to possible fraud.
- When possible, for businesses that transact high value or large numbers of online transactions, it is recommended that all commercial online banking activities be carried out from a stand-alone, hardened and completely locked down computer system from which e-mail and Web browsing are not possible.
- Be suspicious of e-mails purporting to be from a financial institution, government department or other agency requesting account information, account verification or banking access credentials such as usernames, passwords, PIN codes and similar information. Opening file attachments or clicking on Web links in suspicious emails could expose your system to malicious code that could hijack your computer.
- Install commercial anti-virus and desktop firewall software on all computer systems. Free software may not provide protection against the latest threats compared with an industry standard product.
- Ensure virus protection and security software are updated regularly, and consider installing spyware detection programs.
- Install a dedicated, actively managed firewall, especially if you have a broadband or dedicated connection to the Internet, such as DSL or cable. A firewall limits the potential for unauthorized access to a network and computers.
- Make certain computers are patched regularly, particularly operating systems and key applications with security patches. It may be possible to sign up for automatic updates for the operating system and many applications.
- Prohibit the use of “shared” usernames and passwords for online banking systems.
- Change the password a few times each year.
- Never share username and password information for online services with third-party providers.
- Limit administrative rights on users’ workstations to help prevent the inadvertent downloading of malware or other viruses.
- Conduct reconciliation of all banking transactions on a daily basis.
- Initiate ACH and wire transfer payments under dual control, with a transaction originator and a separate transaction authorizer.