Security

December 18, 2020

Protect Yourself From Fraud

We have received reports of CommonWealth members receiving a phone call from a person claiming to be from CommonWealth's fraud department. As a reminder, don’t send money or give out personal information to anyone whether the communication comes as a text, phone call, or email. Scammers often pretend to be someone you trust, like a government official, a family member, a charity, or your financial institution. If you’re ever unsure of any communications you’ve received, or if you have any questions or concerns, please call us at (800) 564-1588.

CommonWealth will not ask for information like: 

• Secure Access Code
• Personal Identification Number (PIN)
• Social Security Number
• Passwords

Four Signs That It’s a Scam

• Scammers pretend to be from an organization you know — If you get an email, text message, or phone call from a company you do business with and want to check the legitimacy of the communication, contact the business using a website you know is trustworthy or look up their phone number. Don’t call a number the scammer gave you or the number from your caller ID. Never click on a link that you are unsure of. 
• Scammers say there’s a problem or a prize — Don’t give your personal or financial information in response to a request that you didn’t expect.
• Scammers pressure you to act immediately — Resist the pressure to act immediately. Legitimate businesses will give you time to make a decision. Anyone who pressures you to pay or give them your personal information is a scammer.
• Scammers tell you to pay in a specific way — Never pay someone who insists you pay with a gift card or by using a money transfer service. And never deposit a check and send money back to someone.

Here are some additional tips and resources from the Federal Trade Commission (FTC) to help protect you from fraud:

• Common Sense Protections for Your Financial Information
• How to Keep Your Personal Information Secure
• How to Recognize and Avoid Phishing Scams
• Hacked Email

Making Mobile Payments? Protect Yourself From Scams

Using mobile payment apps like CashApp, Venmo, or Zelle can be a convenient way to get quick cash to your family and friends. But remember the first rule of sending money, whether you’re using an app or money wiring service: Be sure you know who’s on the receiving end. Otherwise, you might lose the money you sent — and then some.

For more information from the Federal Trade Commission, Click Here.

January 23, 2020

Back to school: Online Safety

Now that summertime is quickly coming to an end, it’s back-to-school season. While you’re running around getting pencils, calculators, and binders, remember something else on your back-to-school list: talking with your kids about online safety.

For more information from the Federal Trade Commission, Click Here.

May 23, 2019

Make it a scam-free vacation

It’s almost summer! Right now, you probably have beaches on the brain or you’re thinking about that long-planned trip abroad. Before you head out, take steps to help keep your dream vacation from becoming a nightmare.

For more information from the Federal Trade Commission, Click Here.

March 6, 2019

Phishing: Don't Take the Bait

Phishing is when someone uses fake emails or texts – even phone calls – to get you to share valuable personal information, like account numbers, Social Security numbers, or your login IDs and passwords. Scammers use this information to steal your money, your identity, or both. The FTC’s new infographic, developed with the American Bankers Association Foundation, offers tips to help you recognize the bait, avoid the hook, and report phishing scams.

For more information from the Federal Trade Commission, Click Here.

Online Security

In addition to multifactor authentication, CommonWealth protects you with these online banking security features:

• Password Reset. Periodically change your password in the User Options section of Online Banking.
• Encryption. We scramble messages exchanged between your browser and our online banking server.
• Timeout. This prevents curious persons from continuing your online banking session if you left your computer unattended without logging out. Always sign off (log out) when you're finished banking online.
• Online Statements. Eliminating paper statements can stop thieves from stealing your information from your mailbox.
• Check Images. View an exact image of your check transactions online to help prevent fraud.
• Alerts. Using Online Banking, monitor your accounts more actively by using balance alerts to detect suspicious activity.

Mobile Security

Smart Phones are called 'smart' because they contain, or can connect you to, more data than traditional mobile devices. Unfortunately, this also means new avenues for cybercriminals to capture and exploit your personal and financial information. Following mobile security best practices can help you avoid becoming a victim of cybercrime. The following are best practices to keep your mobile devices secure:

Lock the device with a password or Personal Identification Number (PIN). While most mobile devices now contain password / PIN lock options, they are not always on by default. Also, if your device has an auto-lock timer (to place it into locked mode after a period of time), use it. Activating this security measure can help you avoid problems, in case of loss or theft of your mobile device.

Install Apps only from trusted sources. Before you install the latest apps on your mobile devices, do some research. First, ensure you shop at reputable app stores, which would be more likely to be concerned about their public image and credibility. Android users, in particular, should be cautious installing apps from ‘unknown sources’. Read user reviews and ratings to gauge the apps effectiveness at doing what it promises. Even more importantly, read the app’s privacy policy. Your personal data is in demand for both Marketers and hackers. Share only what you are comfortable sharing. For example, if the app is a game, but is requesting full access to your call logs and address book, you may want to reconsider your interest in it.

Back up your data. Data stored locally on a device can be handy, but if the device is lost or damaged, you could lose it all. The most simple solution is to back the data up to another hard drive, or to the cloud. Apple iTunes includes good options for iOS-powered devices. Other device types either have back-up utilities built in, or third parties can provide software facilitating backups.

Keep your system updated. Software updates often include security upgrades that close newly-discovered vulnerabilities. Whenever prompted, update your system. This will keep you more secure, and often improve the performance and functionality of your mobile device.

Do not hack (jail-break) your device. Hacking or ‘jail-breaking’ a device to free it from the limitations set by a provider can leave you more vulnerable to intrusion. A hacked device typically loosens controls over what kinds of apps it can run. Unfortunately, this can also make it easier to be exploited by hackers.

Remember to log out of banking and shopping sites. After banking or shopping, log yourself out instead of just closing the browser. While most sites of this type will automatically log you out after an idle period, it is a best practice to take the time to manually log out. Also, you should bank or shop with a mobile device only while on a secure Wi-Fi connection – not an open connection shared by other users, such as those found in cafes and airports.

Turn off Wi-Fi and Bluetooth services when not in use. Cybercriminals often look for unsecured devices using Wi-Fi and Bluetooth signals. One easy way to prevent this kind of intrusion is to turn off your Wi-Fi and Bluetooth transmitter. If you are away from home and do not require a data intensive connection for activities like streaming video, rely on your mobile phone data plan connection for light surfing.

Avoid sending personal information via Text or Email. A text claiming to be from your bank or an online store may not be what it appears. This is a common practice of cybercriminals. Instead of replying with any personal information, take your response offline, and contact the business directly to confirm the message’s authenticity, and answer any questions. Similarly, sending personal information via email is ill-advised, as a copy of this data would be stored in your Sent folder, and possibly placed in the wrong hands if the device is lost.

Be careful what you click. Internet best practices, whether on a mobile device or a PC, remain the same. Links and attachments in any unsolicited email should be treated as suspicious, even if the message appears to be coming from someone you know. Be especially wary of shortened URLs or QR codes, as these give no hint as to their actual destination (as the URL is hidden).

Install a Mobile Security App. Cybercriminals are relentlessly working on the creation of malware to uncover your valuable digital assets. Mobile Security software much like Anti-Virus software on your personal computer is a critical component in your defense against becoming a victim.

Identity theft is today's number one crime-and technology just expands the criminal opportunities. Protecting your identity and financial assets from identity thieves and cyber-criminals requires consistency and discipline. These basic guidelines will go a long way toward protecting your identity.

• Be very discerning when revealing any personal financial information, especially your social security number (SSN). Know who you are communicating with. You are only required to provide your SSN for income tax records, medical records, college records, loan applications, and vehicle registration.
• If your bank or the IRS is contacting you, they should already have your social security or account number.
• Don't carry your social security card in your wallet.
• Most ID theft uses information obtained via the trash or your mailbox. If you have a street-side mailbox, consider sending your bills and statements to a P.O. Box.
• Keep items with personal information in a safe place. Shred anything you don't need, such as bank statements and paycheck stubs (yearly), checking/share draft copies and credit card receipts (every 45 days), insurance forms, and credit card solicitations (immediately).
• Order a free copy of your credit report from each credit reporting agency every year. Verify the accuracy of your credit report and any credit activity.

Phishing scams continue to fill the headlines these days. Phishers use spam (unwanted e-mail) to lure people to bogus Web sites to obtain personal information and commit identity theft. Be advised: Phishing scams and their Web sites often appear authentic or from a trusted source, using a company's proper logo, colors, and design elements. Use these measures to avoid being hooked by a phisher:

• Install and use a firewall, antivirus software and anti-spyware programs on your computer.
• Delete emails requesting personal information. Note: CommonWealth will never send you an email requesting personal information.
• Don't visit a Web site listed in an unsolicited email if you have any suspicion about its authenticity. And never use a link within an email to visit a Web site-instead, open a new browser and type in the URL.
• Change your online banking and shopping account passwords every three to six months.
• Only enter credit card or account information via a secure Web site -- one that begins with "https" in the URL and has a padlock icon on the browser frame (click on the browser frame to view the security certificate).

If you have online access, monitor your accounts frequently.

Many seniors are trusting to a fault, and most aren't aware of the sophisticated scams and technologies used by today's criminals. Those who perpetrate crimes against the elderly include both family members and predatory individuals. At-risk adults are vulnerable to illegal or unethical exploitation targeting funds, property, or other assets. Financial exploitation typically involves one of the following:

• Theft of Income. Typically involving less than $1,000 per transaction, this is the most common form of financial exploitation and fraud.
• Theft of Assets. This type of fraud is typically more extensive, and often involves abuse associated with Powers of Attorney, real estate transactions, identity theft, or tax manipulation.

Watch for these red flags:

• A signature that seems forged, unusual, or suspicious.
• Out-of-sync check numbers.
• Allegations of "missing funds" from a vulnerable adult's account.
• A vulnerable adult who fails to understand recently completed transactions or the repercussions of his or her actions.
• Credit union or credit card statements sent to an address other than the vulnerable adult's home.
• Unusual cash withdrawals from a checking account in a short period of time.
• Abrupt increase in credit card activity or a sudden flurry of "bounced" checks.
• ATM activity in the vulnerable adult's account, even though he or she is physically unable to leave home.
• Abrupt and unexplained change in a financial Power of Attorney, new names added to signature cards, or a new joint account.
• Sudden appearance of previously uninvolved relatives claiming their rights to a vulnerable adult's affairs and possessions.
• A caregiver who appears to be getting paid too much or too often.
• Change in the vulnerable adult's appearance (disheveled hair or clothes, or a lack of hygiene).

Report abuse immediately:

The Santa Clara County Department of Aging and Adult Services (DAAS) has formed the Financial Abuse Specialist Team (FAST) to intervene quickly in incidences of financial abuse. To report abuse and/or neglect, or discuss your concerns, call: (408) 975-4900 or (800) 414-2002.

If you think your identity or any of your accounts have been compromised, there's plenty you can do. However, it's critical that you act immediately!

• Lost your CommonWealth Visa credit or debit card? Call (800) 564-1588, option 6--24 hours a day, 7 days a week--to report your lost or stolen Visa credit or debit card. You will automatically be redirected to our card service provider so that a representative can block your card immediately. You can also call our card service provider directly by dialing (800) 682-6075.
• Notice suspicious charges or unusual activity on your CommonWealth Visa credit or debit card? Please contact us at (800) 564-1588, option 0. Should you reach us outside of our regular business hours of Monday - Thursday, 9:00 am - 5:00 pm and Friday, 9:00 am - 6:00 pm, our after hours call center will make note of your contact information and forward it to us on the next business day. One of our Member Service Representatives will then contact you.
• Notice unusual activity on your CommonWealth checking or share accounts? Please visit your nearest branch or contact us at (800) 564-1588, option 0. Should you reach us outside of our regular business hours of Monday - Thursday, 9:00 am - 5:00 pm and Friday, 9:00 am - 6:00 pm, our after hours call center will make note of your contact information and forward it to us on the next business day. One of our Member Service Representatives will then contact you.
• Free Credit Reports. You're entitled to one free credit report from each reporting agency every year. To request a copy, call (877) 322-8228, visit annualcreditreport.com., or contact these credit bureaus directly:

	Credit Reports	Fraud Unit
Experian:	(888) 397-3742	(888) 397-3742
Equifax:	(800) 685-1111	(800) 525-6285
TransUnion:	(800) 888-4213	(800) 680-7289

• ID Theft Center. Think your identity has been compromised? If so, visit idtheftcenter.org immediately to learn more about the next steps you should take.
• Social Security Statement. If it appears someone is using your SSN, call the Social Security Administration at (800) 772-1213 to check your Social Security Statement.
• FTC. The Federal Trade Commission provides a national resource for ID theft.
• FTC Brochure. Get a free copy of Take Charge: Fighting Back Against Identity Theft.