Keeping you protected.
The potential for fraud exists with virtually every transaction you conduct. To aid in the prevention of fraud, here are some tips on how to be alert and what you can do to minimize your risk.
Tips for Financially Safe Travel
While you’re away, we’re still working to protect your accounts from fraud.
Blocked Check Card/ATM Card Transactions
One way we do this is by closely monitoring your Check Card/ATM card transactions for abnormal patterns. Notify Customer Service before you travel, if your plans will take you outside of your normal purchasing area. Our fraud prevention systems monitor your card’s activity to protect you from fraud, and when transactions outside of your normal area are detected, the system could block legitimate transactions or even close your card. Letting us know about your plans before you travel will allow us to minimize the potential of this taking place inconveniently - while still protecting you - during your trip. If you do encounter a blocked signature-based Check Card transaction when traveling, try the transaction using your PIN instead. Blocks will typically not affect PIN-based transactions.
Bank OnLine & Mobile Banking Security Tips
- Secure Your Computer - Check our sections on Protecting Your Computer and Protecting Your Mobile Device.
- Never use a link in an e-mail or text message to connect to online banking or mobile banking. Links in unsolicited e-mail and text messages are the top methods fraudsters use to gain access to users’ credentials. These are called phishing and smishing attempts. American Bank will never send you an unsolicited e-mail or text message with a website link or phone number that requires you to enter your logon credentials.
- Keep your anti-virus and other security software current. Never use an unsolicited link to download new software from American Bank or to download new security software. Hackers use unsolicited links to draw you into downloading malicious software that is actually designed to capture your logon credentials and/or take control of your PC and Internet browser.
- Use strong passwords for your online financial services accounts and shopping accounts. Strong passwords should be at least 12 characters in length and include a mix of upper and lower case alpha characters, numbers and allowed special characters. Don’t use Social Security numbers, phone numbers, addresses or other numbers associated with you that are readily available to the public.
- Use different passwords for your financial online services from more casual online accounts such as social network sites.
- Protect your passwords. Don’t write them down, but if you must, do so in a code only you can read. Do not save them on a file on your computer, smartphone or other electronic device unless you use strong encryption. Password protected files on typical document and spreadsheet products like MS-Word and Excel are easily cracked these days.
- Never share your financial services password(s) with anyone.
- Protect your security questions. Select questions and answers that are easy for you to remember, but hard for others to guess or readily find on the Internet.
- Change your financial services passwords every 90 days or more frequently.
- Avoid leaving an open Bank OnLine session idle for an extended period. Always log out of your Bank OnLine and Bill Pay sessions when you’re done.
- Keep your Bank OnLine Security Preferences phone number and/or SMS text number current. Bank OnLine will alert you when things like an invalid sign-on attempt are made, your password is changed or your security alert information is changed. Pay attention to the alerts and contact the bank immediately if they signal potential fraudulent activity. Go to Preferences / Security / Alerts in the Bank OnLine menu options to see additional general security alert options available to you. Go to Preferences / Alerts to set alerts for transaction activity.
- Keep your Bill Pay e-Notifications e-mail and text message number current. Go to Pay Bills / Options / e-Notifications in the Bill Pay tabs and browse through the Event, Log Out, Recurring, and Reminders tabs for additional alert notifications. We recommend you turn on “A transaction exceeds a specified amount” on the Event tab, and “Added payees” on the Log Out tab. Note: e-mail accounts are often compromised by hackers. We strongly recommend use of SMS text messages or voice calls instead of using e-mail notifications.
- Avoid using computers shared with others for online banking. Never use public computers or public WiFi connections for online banking unless absolutely necessary. If you do use computers shared with others, do not register the computer, and when you’re done and have logged off, use the browser’s options to delete browsing history and select all options to clear cookies, temporary Internet files, and passwords. De-select the “Preserve Favorites website data” option if it’s present. In addition, if you’ve used a public computer or public WiFi, we strongly recommend you change your password as soon as you have access to a trusted computer and Internet connection.
- For commercial customers performing ACH origination and wire transfers, we strongly recommend you require 2 people to complete the transaction: 1 to enter the transaction and the other to approve it. This helps to prevent both external and internal fraud. Talk to our Cash Management staff for more information.
- Beware that some tablets may be enabled to receive your text messages. If you’re receiving “secure” one-time passcodes (sometimes called temporary passcodes) for logging on to online banking and your tablet is not in your possession, someone else may also be receiving your one-time passcode. We’ve seen it happen. If your smartphone or tablet has gone missing and you use them for online banking, call us.
Secure Your Computer & WiFi Router
- Change the user IDs and passwords on your PC, router and/or wireless router from their default factory settings. Default user IDs and passwords are well-known among hackers. If you don’t change them, your equipment is easy prey.
- Install an anti-virus software product (such as Symantec, McAfee, Trend Micro, Kaspersky or other well-known security products). Never follow links in e-mail ads for security software and never answer or respond to phone call solicitations for your security software. Find a reputable anti-virus product through a well-known and trusted merchant.
- Don’t store personal identification information such as your Social Security number and account numbers on your computer without protecting them with strong encryption. Password protected files on typical document and spreadsheet products like MS-Word and Excel are easily cracked these days. Use 256-bit AES encryption software or stronger to be secure.
- Be sure your browser is set to automatically get the latest virus definitions on at least a weekly basis.
- Install an anti-spyware product (such as AdAware, Spy Sweeper, Windows Defender, or others recognized for their effectiveness). Again, never follow a solicitation. Find a reputable anti-spyware product through a well-known and trusted merchant.
- Set your browser security setting to Medium-High or High. Use the Trusted Sites zone to list sites you know and trust.
- If using a wireless router, follow the manufacturer’s recommendations to configure the router with the strongest practical security settings to prevent unauthorized users on your network or monitoring of your wireless sessions. These guidelines should include instructions for changing the default administrator password and turning on wireless encryption. You should utilize WPA2 WiFi security profile, or higher if it’s available. Security flaws with wireless encryption surface from time-to-time, and we recommend you consult the router’s manufacturer from time-to-time for their latest security configuration guidance on their website. If your router does not support WPA2 or better, you should consider replacing your router with a newer model.
- Protect your office or home network by installing a firewall product and set it to the most restrictive settings you can.
- Update your computer operating system and common applications such as your browser and Adobe Reader regularly to apply the latest security patches and upgrades. Over time, software vendors no longer provide security patches for older versions of their software, resulting in unaddressed product vulnerabilities.
- Avoid downloading software, games, music, books, and other digital content from sites other than major retailers. Several popular free music and gaming sites are known to have downloads that are infected with malicious software that can be difficult to detect and even more difficult to remove.
- Scan USB storage devices, players and other digital media you receive from others with your anti-virus software before downloading, viewing, or playing files from them.
- Turn your computer off when it’s not in use.
- See additional information at the following site published by the U.S. Federal Trade Commission: http://www.onguardonline.gov/
E-mail Security Tips
- Be wary of suspicious e-mails, even if they appear to be from friends. Never open attachments or click on links, until you’ve confirmed their legitimacy. Downloads and links are the easiest methods for hackers to get malicious software loaded onto your computer.
- If you receive a suspicious e-mail that appears to be from American Bank, contact us on one of our Customer Service numbers found elsewhere on our website and on the back of your debit card.
- If you realize or suspect you have responded to a fraudulent e-mail with your American Bank logon credentials, account number(s) or personal identification information, contact us immediately on one of our Customer Service numbers found elsewhere on our website and on the back of your debit card.
- Use the lock feature on your phone and/or tablet device. This feature not only password protects and locks your device, but also causes user data to be encrypted (on many models after 2010 – consult your manufacturer).
- Keep your mobile device’s operating system up-to-date.
- Do not “jailbreak” your smartphone or tablet device. If you buy a used smartphone or tablet device, take precautions to ensure it has not been “jailbroken.”
- Install anti-virus software on your mobile device and be sure to keep it current.
- Avoid downloading software, games, music, books, and other digital content from unknown sources.
- Scan USB storage devices, players and other digital media you receive from others with your anti-virus software before reading, viewing, playing or downloading files from them.
The Internet is like a very large city. There are places where you can reasonably expect to be safe and others where danger lurks. Avoid browsing the less well-known and trusted areas of the Internet, where hackers and danger lurk.
- Shop with merchants you know and trust.
- When conducting transactions, confirm that you are on a secure website: look for a lock icon either on the URL bar or bottom right border of your browser, or confirm the website URL starts with “https://.” The “s” designates that the data you send to that website (like your password or credit card number) is encrypted before it is sent over the Internet.
- Check the URL on Internet search engine (like Google, Bing, Yahoo, etc.) results before clicking on them. Confirm they are reputable sites.
- Download software, games, music, pictures, and/or videos only from reputable, trusted sites. Check the website’s security policy to confirm they scrub content for viruses if you have any doubts about the site.
- Log-off from any site you have signed on to when you are done. Do so as soon as you’ve completed your transactions. If there is no option to log off, close your browser.
- Disable auto-connect settings on laptops, smartphones and tablets. Use caution when connecting to public WiFis.
- Avoid logging on to bank and merchant online accounts when on public WiFis. If you must do so, change your online banking and merchant account passwords as soon as possible from a trusted Internet connection.
- Close your browser when you're not accessing the Internet.
What is "Phishing"?
Through the use of fraudulent e-mails, Internet thieves attempt to "phish" for your confidential information. They attempt to steal this information from you by means of "pop-ups" or e-mails with Internet links to deceive you into disclosing sensitive information (such as bank account numbers and Social Security numbers).
Oftentimes the e-mail appears as if it comes from a trusted source (such as your bank) and directs you to a "spoofed" website that encourages you to divulge sensitive information. Additionally, some phishing e-mails will attempt to install software on your computer (commonly known as "spyware") to capture your keystrokes so that thieves may obtain confidential information like login IDs and passwords.
What You Should Know About Avoiding a Phishing Scam
American Bank will not send you unsolicited e-mails with embedded links or pop-up windows that ask for confidential information.
Do not reply or click on a link in a message if the message you received is asking for personal or financial information.
Never e-mail personal or financial information. E-mail is not a secure means of sending information. If you do decide to send your information through a company's website, make sure the site is secure. You can do this by verifying that it has a lock icon on the browser's status bar or that its URL begins with "https:" (the "s" stands for secure). Keep in mind, though, that no indicator is foolproof. Even the security icons have been forged by Internet thieves. For additional methods of verifying a secured site, refer to our Security & Browser Info page.
Open and review bank account and credit card statements immediately after you receive them to ensure that there are no unauthorized or fraudulent charges on them. If you are a victim of identity theft, early detection and treatment will be key in minimizing the effects of the fraud.
Use anti-virus software and make sure it stays current with the latest virus definitions. Some phishing e-mails contain software that can harm your computer or even trace your activities on the Internet. Staying up-to-date with good anti-virus software and a firewall can protect you from most of these dangers.
Be cautious about opening an attachment or downloading any files from e-mails you receive, especially if you are unsure about the sender. Report any suspicious e-mails relating to your American Bank accounts to Customer Service.
Be Aware and Stay Safe
ATM machines offer a convenient way to quickly get the cash you need. But as always, you should keep your safety and account security in mind. Here are some tips for keeping your ATM transactions trouble-free.
At Walk-up ATMs
- Check your surroundings before using an ATM. Park as close as possible to the ATM and look around for anything suspicious before leaving your car. Drive away immediately if things look suspicious.
- Go to another ATM location if the one where you are is obstructed from view or is not well lit.
- Take someone with you, especially at night.
- Conduct your transaction quickly. Have your card out and ready to use. Never count your money while at the ATM. And never allow a stranger to help you with an ATM transaction.
- Stand at the ATM so that anyone behind you cannot see you enter your PIN or the amount of your transaction. When your transaction is complete, take your card, money and receipt quickly and immediately move to the safety of your car.
- If something or someone appears suspicious while you are at the ATM, cancel your transaction and leave right away. If anyone follows you, go to a well-lit, crowded location and call the police.
At Drive-up ATMs
- Keep your doors locked, windows up and engine running at all times when waiting in line.
- Try to leave enough room between cars to allow you a quick exit if it becomes necessary.
- If the ATM is not well lit, or it is obstructed from view, go to another ATM location.
- Look around the entire area before rolling down your window. If anything or anyone looks suspicious, drive away.
- Have your card out and ready to use. When your transaction is complete, take your card, money and receipt and drive away. If something or someone looks suspicious while conducting your transaction, cancel it and drive away.
ATM skimming activity has dramatically increased in 2016 and financial institutions are working to stop the thieves from continuing to steal data.
An ATM skimmer works similar to a legitimate ATM card reader. Instead of authenticating you as a cardholder, however, it captures your card number. The scammers attach the skimming device to a legitimate reader - and also place a camera focused on the ATM’s keypad, in order to capture your PIN.
In a series of recent alerts, the FICO Card Alert Service warned of large and sudden spikes in ATM skimming attacks. On April 8, a FICO report noted that its fraud-tracking service recorded a 546 percent increase in ATM skimming attacks from 2014 to 2015. Years ago, skimmers were targeting ATMs in large cities within the U.S. But things have changed and now ATMs everywhere are being targeted, including here in Central and South Texas.
To help protect you from falling victim to ATM skimmers, here are 5 tips about what to watch out for.
1. When you first approach an ATM, look for any suspicious materials or odd colors on the ATM. As an example, notice that this one’s skimmer is right on top of the arrows where there should be a little more space.
2. Look for areas where a scammer could place a camera, such as a brochure rack or a pinhole near the keypad.
3. Look at the ATM keypad to see if there’s a fake on top of the legitimate one.
4. Before inserting your card, give the card reader a small tug. If there is any movement or the device comes off, don't use that ATM -- it could be a sign a thief has inserted a skimmer.
5. No matter whether you are at an ATM or a grocery store checkout, always cover your PIN as you enter it.
Identity Theft Safety
10 Tips to Protect Your Identity
- Reconcile your bank and credit card statements monthly. Make sure that there is nothing suspicious or out of the ordinary on your statements.
- Guard your Personal Identification Numbers (PINs). Do not keep your PIN with any of your Credit Cards, ATM Cards, or Check Cards.
- Be wary of "phishing" e-mails that appear to be from a valid company or financial institution requesting confidential information. Legitimate organizations typically do not send unsolicited e-mails asking for confidential information. Do not reply to these e-mails or click on links embedded within them.
- Report lost or stolen checks or credit, debit or ATM cards immediately.
- Pay bills online or use a locked mailbox to avoid mailbox theft. You are less likely to have your personal information stolen online than from your mailbox. Have your new personal checks delivered to your local financial institution for pickup.
- Check your credit report annually. You may obtain a free credit report each year. For information, visit https://www.annualcreditreport.com or call (877) 322-8228.
- Do not give out information such as checking account, Credit Card or Social Security numbers over the phone unless you initiated the call.
- Avoid passwords that are easy to discover like your mother's maiden name or your birth date. Regularly change your passwords. Also, create a username that is unique and difficult for others to guess.
- Shred all documents containing personal information.
- If you think you are a victim of identity theft, take action immediately. Contact the local police, your bank(s), the three major credit reporting agencies and the Federal Trade Commission at (877) IDTHEFT or log on to its website at http://www.ftc.gov/bcp/edu/microsites/idtheft/index.html. Learn more about what to do if you suspect you are a victim of identity theft.
What to Do If You Become an Identity Theft Victim
- Don’t delay in taking action. It can cost you years in dealing with the impact of ID theft.
- Contact us to secure your Bank OnLine and Bill Pay access, accounts and/or debit cards.
- Contact the 3 major credit bureaus. Visit the U.S. Federal Trade Commission’s website and search for Identity Theft, or go to their link at: http://www.consumer.ftc.gov/sites/default/files/articles/pdf/pdf-0014-identity-theft.pdf for more information.
- Purchase identity theft protection from a reputable vendor. The credit bureaus offer some of the most cost-effective ID theft protection services.
- Review the FTC’s “How to Protect Your Information” guidance at the site noted above. Address any weaknesses in your personal security measures
Helpful Hints on Minimizing Fraud, Theft and Embezzlement in Your Business
- Fraud committed against bank accounts continues to increase. It is occurring in many ways, and as sophisticated computer technology continues to become more readily attainable and affordable for the average person, fraud will increase even more.
- You can protect yourself and your company by educating yourself on what to look for, by having strong internal controls, policies and procedures in place to make it more difficult for fraud to occur, and by training your employees and yourself to be extra vigilant.
- To help you, we've attached a list of tips on minimizing your potential fraud risk. In addition to these tips, one of your best lines of defense is to routinely and promptly review your bank statements, looking for unusual or unauthorized transactions.
- The U.S. Small Business Administration offers a cybersecurity online training course for businesses. The course includes helpful information on defining cybersecurity, explaining the importance of securing information through best cybersecurity practices, identifying types of information that should be secured, identifying the types of cyber threats, defining risk management and listing best practices for guarding against cyber threats. You can view the training course from the SBA's website: http://www.sba.gov/tools/sba-learning-center/training/cybersecurity-small-businesses
- To maximize your protection, you should carefully review the terms of the bank's deposit agreement, paying particular attention to your responsibilities for reviewing statements and notifying the bank of unauthorized items.
- If you have questions about your account agreement with us, or about establishing good internal controls to help prevent fraud, we'd be glad to visit with you. Just call any of our Cash Management specialists at (800) 257-8316 and they will set up an appointment to come by at a time convenient for you.