Security Awareness
Our Commitment to Security
As the number of consumers who fall victim to I.D. theft and electronic fraud increases, the staff and management of Logan Bank & Trust have pledged to take all necessary precautions to safeguard your confidential information, and to give you guidance on how you can protect yourself against ID theft, electronic fraud, and other common threats encountered by today’s banking customers.
While we cannot guarantee that your I.D. will never be stolen, we will follow security guidelines to minimize this threat to you, beginning by NEVER requesting personal information by email or text messaging, including account numbers, passwords, personal identification information, or any other confidential customer information.
Fraudulent emails may be designed to appear as though they are originated by Logan Bank & Trust. Do not respond to any email communications which request any type of personal or confidential information, and do not click on any links listed on the email.
Never give out any information that the Bank already has to a caller, text messenger, or email sender. We will never contact you and ask for your debit card number or your full SSN.
If we need to contact you, it will always be done in a manner that protects your personal, confidential information and we will clearly identify ourselves. One of Logan Bank & Trust’s top priorities is to safeguard your confidential information and we work diligently to do so.
We work with the local regulatory and law enforcement departments to be certain any type of illegal activity is stopped as soon as possible. We have multi-layer security to protect your confidential information and will continue to be vigilant in protecting it.
Please report any suspicious calls, e-mails, or messages to Logan Bank & Trust by calling (304) 752-1166, or by e-mailing support@lbandt.com.
The Internet & You
When shopping online, you should:
Learn as much as possible about the product and seller.
Understand the retailers’ refund policies.
Choose a secure password to protect account information.
Use a secure checkout and payment process.
If an offer sounds highly suspicious or too good to be true, it probably is.
Best Practices for Online Protection
Maintain active & up-to-date anti-virus software
Maintain spy-ware protection
Set up automatic Windows (or other Operating System) updates
Maintain firewall installed on the network
Wireless networks are discouraged
If you use a wireless network, it is suggested that you use password protection
Internet Banking Security
In recent years, the banking industry has seen significant changes in the internet banking threat landscape:
Fraudsters have continued to develop and deploy more sophisticated, effective, and malicious methods to compromise security and gain unauthorized access to customers’ online accounts.
Rapidly growing organized criminal groups have become more specialized in financial fraud, and have been successful in compromising an increasing array of controls.
Fraudsters are responsible for losses of hundreds of millions of dollars resulting from online account takeovers and unauthorized funds transfers.
Logan Bank & Trust’s goal in providing this awareness program to our customers is to help protect your online account and transaction information from these types of incidents.
Logan Bank & Trust is committed to protecting your personal information. Our Internet Banking platform uses several different methods to protect your information. In addition to the security features put in place by Logan Bank & Trust, here are some steps you can take to keep your personal information secure:
Never give out any personal information including User Names, Passwords, Social Security Number, or Date of Birth.
Create difficult passwords which include letters, numbers, and symbols whenever possible.
Do not use personal information for your user names or passwords, like your Social Security Number, or Date of Birth.
Avoid using public computers to access your Internet Banking accounts.
Block cookies on your Web browser. When you surf, hundreds of data points are being collected by the sites you visit. These data get mashed together to form an integral part of your “digital profile,” which is then sold without your consent to companies around the world. By blocking cookies, you’ll prevent some of the data collection about you.
Don’t put your full birth date on your social-networking profiles. Identity thieves use birth dates as cornerstones of their craft. Try posting only the month and day, and leave off the year.
Don’t download Facebook apps from outside the United States. Apps on social networks can access huge amounts of personal information, which may not be kept securely.
Use multiple usernames and passwords. Keep your usernames and passwords for social networks, online banking, e-mail, and online shopping all separate.
Below are the protections and liabilities for consumer transactions using Logan Bank & Trust’s internet banking:
To access our Internet Banking service, you must use the User Name and Password you established when you activated your Internet Banking Customer Account.
It is your responsibility to safeguard these credentials. Anyone to whom you give your Internet Banking ID and Password or other means of access will have full access to your accounts even if you attempt to limit that person’s authority.
You or someone you have authorized, by giving them your Internet Banking User Name and Password or other means of access, can instruct us to perform the following transactions:
Make transfers between your qualifying accounts to the extent authorized.
Obtain information that we make available about your qualifying accounts.
Obtain other services or perform other transactions that we authorize.
You must have enough money in any account from which you instruct us to make a payment or transfer. You also agree to the Terms & Conditions of your deposit account that you received when you opened your deposit account.
If you believe your Internet Banking User Name or Password or other means of access have been lost or stolen, or that someone has used them without your authorization, call us immediately at (304) 752-1166 during normal business hours. After hours you may e-mail us at support@lbandt.com.
Immediately contacting us by phone is the best way of reducing your possible losses, since not all email may arrive at their destinations. We will give you notification by email or phone call that we did receive it. Because e-mail is not secure, do not include any of your account or social security numbers with your e-mail. Your name, address, and a brief message as to what the problem might be is all we will need.
If you have given someone your Internet Banking User Name and Password or other means of access, and want to terminate that person’s authority, you must change your identification number and password or other means of access or take additional steps to prevent further access by such person.
You are responsible for all transfers you authorize using the Internet Banking services under its Agreement. If you permit other persons to use your login credentials, you are responsible for any transactions they authorize or conduct on any of your accounts. However, tell us at once if you believe anyone has used your Access Code and accessed your accounts without your authority. Telephoning is the best way of keeping your possible losses down.
Identity Theft
Identity theft involves the unlawful acquisition and use of someone’s identifying information, such as Name, Address, Date of Birth, Social Security Number, Mother’s Maiden Name, Driver’s License, Bank or Credit Card Account Numbers. Thieves then use the information to repeatedly commit fraud in an attempt to duplicate your identity which may include opening new accounts, purchasing automobiles, applying for loans, credit cards, and social security benefits, renting apartments and establishing services with utility and telephone companies. It can have a negative effect on your credit and create a serious financial hassle for you.
How to protect yourself from Identity Theft:
Report lost or stolen checks or credit cards immediately.
Never give out any personal information to anyone whose identity you can’t verify, if at all.
Shred any documents you don’t need any more that contain personal information, like bank statements, unused checks, deposit slips, credit card statements, pay stubs, medical billings, and invoices.
Don’t give any of your personal information to any web sites that do not use encryption or other secure methods to protect it.
Phishing
“Phishing” is a tool or method used for identity theft. It’s when thieves act as if they are representing an organization and try to hook the consumer into providing personal or financial information. Once the consumer is hooked, the thieves can do lasting damage to a consumer’s financial accounts. They can trick customers into providing their Social Security Numbers, Internet Banking Credentials, financial account numbers, and other personal information.
Thieves often pose as:
Financial institutions
Credit card companies
Utility or other biller
Internet service provider
Government agency
Prospective employer
How it Works
Consumers receive an email from an organization with which they do business. The email typically includes bogus appeals such as problems with an account or billing errors, and asks the consumer to confirm his/her personal information. Most emails ask recipients to follow an embedded link that takes them to an exact replica of the victim company’s website. Graphics on the counterfeit site are so convincing that even experts often can have a hard time distinguishing the fake site from the real one. Despite the convincing appeals, consumers should not respond to unsolicited emails that direct them to divulge personal identifying information. Reputable organizations that consumers legitimately do business with generally do not request account numbers or passwords unless the consumer initiated the transaction.
Clues to identifying a “Phishing” email:
Awkward greeting – A phish may address the customer with a nonsensical greeting or may not refer to the customer by name.
Typos & Incorrect Grammar – This is a technique used by phishers to avoid email filters. The errors are intentional.
Source code points to a different website than the alleged sender – The link looks official, but when your mouse cursor rolls over it the link’s source code points to a completely different website. Remember that you can always type a URL into your web browser instead of clicking on a link.
Urgent call to act – Different approaches include things such as “We’re updating our records,” “We’ve identified fraudulent activity on your account,” or “Valuable account and personal information was lost due to a computer glitch.” To encourage people to act immediately, the email usually threatens that the account could be closed or canceled.
Vishing – “Voice-Phishing”
An offshoot of traditional phishing techniques, “vishing” refers to phish attempts using phone calls or voice-mails. In this case, consumers receive a pre-recorded call identifying a specific local financial institution. The message informs the consumer that his or her personal bank accounts have been frozen. The message advises the consumer to immediately input their ATM or debit card number, expiration date, and PIN to reactivate the affected accounts. The CV2 (3 digit security code) from the back of the card may also be requested. The information obtained by the automated call will be used for unauthorized ATM withdrawals.
Smishing – “SMS-Phishing”
You don’t have to use a computer to be vulnerable to online scammers. Increasingly, cell phone and other mobile device users are being targeted with mobile spam that attempts to trick them into revealing personal information. Known as “smishing,” these text messages might ask a recipient to register for an online service – then try to sneak a virus onto the users’ device. In addition to virus-like “worms,” which can spread through and disrupt a network, other scams are surfacing. Some messages warn that the consumer will be charged unless he cancels his supposed order by going to a website that then extracts such credit card numbers and other private data. “Smishing” is derived from the familiar “phishing.” The “sm” comes from SMS, the protocol used to transmit text messages via cellular devices.
Debit & Credit Card Fraud
Debit cards and credit cards have become the most convenient form for purchasing our everyday needs. They have replaced the actual need to carry cash and should be treated like cash. With the ever increasing volume of debit cards and credit cards so has fraud. Follow these steps to protect your cards:
You should never loan your cards to anyone.
Carry only the cards you use frequently.
Never leave your wallet or purse in your vehicle.
Safeguard your ATM access cards and PIN as you would checks and cash. Memorize your PIN – Don’t write it on your card or in your checkbook.
Be aware of your surroundings when using an ATM, especially at night. Consider having someone accompany you to the ATM when you make transactions after dark.
Consider using another machine or coming back later if you notice anything suspicious or feel uneasy.
When using an ATM, stand squarely in front of the machine to keep your transaction as private as possible. Shield your PIN entry with your hand for greater privacy. When waiting to use an ATM, please respect the privacy of those using the machine.
Consider canceling your transactions, pocketing your card and leaving if you notice anything suspicious while using an ATM.
Protect the sensitive magnetic stripe on the back of your card. Keep it from direct sunlight. Avoid leaving your card on or near electrical appliances, such as a TV or stereo. Do not carry your card next to another card’s stripe as they may demagnetize each other.
Report all crimes related to ATM activity to the owner/operator of the machine and to local law enforcement officials immediately.
Always take your receipt with you at the conclusion of every transaction to assure your financial privacy. Keep your receipts and use them to check your monthly statement.
Non-electronic Security Tips
Tips for safeguarding your information (from the American Bankers Association) in the real world:
Don’t give your Social Security Number or other personal credit information about yourself to anyone who calls you.
Tear up receipts, bank statements, and unused credit card offers before throwing them away.
Keep an eye out for any missing mail.
Don’t mail bills from your own mailbox.
Review your monthly accounts regularly for any unauthorized charges.
Order copies of your credit report once a year to ensure accuracy.
Before revealing any personally identifying information (for example, on an application), find out how it will be used and secured, and whether it will be shared with others. Ask if you have a choice about the use of your information. Can you choose to have it kept confidential?
Do business only with companies that you know and trust, especially online.
Don’t open e-mails from unknown sources, and use virus detection software.
Protect your PINs (don’t carry them in your wallet!) and passwords; use a different password for each account.
Memorize your passwords, don’t write them down.
Sign all new credit cards upon receipt.
Save your receipts to check against your monthly billing statements.
Notify your card company if your address changes or if you will be traveling.
Report questionable charges promptly to the card issuer.
Notify your bank of suspicious phone inquiries such as those asking for account information to “verify a statement” or “award a prize.”
If you have any questions about security, please contact Logan Bank & Trust at (304) 752-1166 or support@lbandt.com.