- Current Security Alerts
August 22, 2019
Back to school: Online Safety
Now that summertime is quickly coming to an end, it’s back-to-school season. While you’re running around getting pencils, calculators and binders, remember something else on your back-to-school list: talking with your kids about online safety.
May 23, 2019
Make it a scam-free vacation
It’s almost summer! Right now, you probably have beaches on the brain or you’re thinking about that long-planned trip abroad. Before you head out, take steps to help keep your dream vacation from becoming a nightmare.
March 6, 2019
Phishing: Don't Take the Bait
Phishing is when someone uses fake emails or texts – even phone calls – to get you to share valuable personal information, like account numbers, Social Security numbers, or your login IDs and passwords. Scammers use this information to steal your money, your identity, or both. The FTC’s new infographic, developed with the American Bankers Association Foundation, offers tips to help you recognize the bait, avoid the hook, and report phishing scams.
December 27, 2018
Social Security Scam
There is a growing epidemic of people pretend to be from the Social Security Administration (SSA) and try to get your Social Security number or your money. Scammers are saying your Social Security number (SSN) has been suspended because of suspicious activity, or because it’s been involved in a crime. Sometimes, the scammer wants you to confirm your SSN to reactivate it. Sometimes, he’ll say your bank account is about to be seized – but he’ll tell you what to do to keep it safe.
June 6, 2018
Tech Support Scam
Hey computer users, it’s time for a pop quiz.
A) You get an urgent call or email from a tech support company, saying your computer has a problem. Should you give the company remote access to your computer to make repairs?
B) A warning announcing “suspicious activity” or “security threat detected” appears on your computer screen. Should you call the number shown on the screen to talk to a technician?
C) One of these tech support companies asks you to pay for its services, maybe by using a gift card (like from iTunes or Amazon) or wire transfer. Should you?
The answer to all of these questions is “No.”
May 31, 2018
Gift Card Scam
Has someone asked you to go get a gift card to pay for something? Lots of people have told us they’ve been asked to pay with gift cards – by a caller claiming to be with the IRS, or tech support, or a so-called family member in need. If you’ve gotten a call like this, you know that the caller will then demand the gift card numbers and PIN. And, poof, your money is gone. For more information from The Federal Trade Commission, Click Here.
- Online Security Features
In addition to multifactor authentication, CommonWealth protects you with these online banking security features:
- Password Reset. Periodically change your password in the User Options section of Online Banking.
- Encryption. We scramble messages exchanged between your browser and our online banking server.
- Timeout. This prevents curious persons from continuing your online banking session if you left your computer unattended without logging out. Always sign off (log out) when you're finished banking online.
- Online Statements. Eliminating paper statements can stop thieves from stealing your information from your mailbox.
- Check Images. View an exact image of your check transactions online to help prevent fraud.
- Alerts. Using Online Banking, monitor your accounts more actively by using balance alerts to detect suspicious activity.
- Mobile Security
Smart Phones are called 'smart' because they contain, or can connect you to, more data than traditional mobile devices. Unfortunately, this also means new avenues for cybercriminals to capture and exploit your personal and financial information. Following mobile security best practices can help you avoid becoming a victim of cybercrime. The following are best practices to keep your mobile devices secure:
Lock the device with a password or Personal Identification Number (PIN). While most mobile devices now contain password / PIN lock options, they are not always on by default. Also, if your device has an auto-lock timer (to place it into locked mode after a period of time), use it. Activating this security measure can help you avoid problems, in case of loss or theft of your mobile device.
Back up your data. Data stored locally on a device can be handy, but if the device is lost or damaged, you could lose it all. The most simple solution is to back the data up to another hard drive, or to the cloud. Apple iTunes includes good options for iOS-powered devices. Other device types either have back-up utilities built in, or third parties can provide software facilitating backups.
Keep your system updated. Software updates often include security upgrades that close newly-discovered vulnerabilities. Whenever prompted, update your system. This will keep you more secure, and often improve the performance and functionality of your mobile device.
Do not hack (jail-break) your device. Hacking or ‘jail-breaking’ a device to free it from the limitations set by a provider can leave you more vulnerable to intrusion. A hacked device typically loosens controls over what kinds of apps it can run. Unfortunately, this can also make it easier to be exploited by hackers.
Remember to log out of banking and shopping sites. After banking or shopping, log yourself out instead of just closing the browser. While most sites of this type will automatically log you out after an idle period, it is a best practice to take the time to manually log out. Also, you should bank or shop with a mobile device only while on a secure Wi-Fi connection – not an open connection shared by other users, such as those found in cafes and airports.
Turn off Wi-Fi and Bluetooth services when not in use. Cybercriminals often look for unsecured devices using Wi-Fi and Bluetooth signals. One easy way to prevent this kind of intrusion is to turn off your Wi-Fi and Bluetooth transmitter. If you are away from home and do not require a data intensive connection for activities like streaming video, rely on your mobile phone data plan connection for light surfing.
Avoid sending personal information via Text or Email. A text claiming to be from your bank or an online store may not be what it appears. This is a common practice of cybercriminals. Instead of replying with any personal information, take your response offline, and contact the business directly to confirm the message’s authenticity, and answer any questions. Similarly, sending personal information via email is ill-advised, as a copy of this data would be stored in your Sent folder, and possibly placed in the wrong hands if the device is lost.
Be careful what you click. Internet best practices, whether on a mobile device or a PC, remain the same. Links and attachments in any unsolicited email should be treated as suspicious, even if the message appears to be coming from someone you know. Be especially wary of shortened URLs or QR codes, as these give no hint as to their actual destination (as the URL is hidden).
Install a Mobile Security App. Cybercriminals are relentlessly working on the creation of malware to uncover your valuable digital assets. Mobile Security software much like Anti-Virus software on your personal computer is a critical component in your defense against becoming a victim.
- Identity Theft
Identity theft is today's number one crime-and technology just expands the criminal opportunities. Protecting your identity and financial assets from identity thieves and cyber-criminals requires consistency and discipline. These basic guidelines will go a long way toward protecting your identity.
- Be very discerning when revealing any personal financial information, especially your social security number (SSN). Know who you are communicating with. You are only required to provide your SSN for income tax records, medical records, college records, loan applications, and vehicle registration.
- If your bank or the IRS is contacting you, they should already have your social security or account number.
- Don't carry your social security card in your wallet.
- Most ID theft uses information obtained via the trash or your mailbox. If you have a street-side mailbox, consider sending your bills and statements to a P.O. Box.
- Keep items with personal information in a safe place. Shred anything you don't need, such as bank statements and paycheck stubs (yearly), checking/share draft copies and credit card receipts (every 45 days), insurance forms, and credit card solicitations (immediately).
- Order a free copy of your credit report from each credit reporting agency every year. Verify the accuracy of your credit report and any credit activity.
Phishing scams continue to fill the headlines these days. Phishers use spam (unwanted e-mail) to lure people to bogus Web sites to obtain personal information and commit identity theft. Be advised: Phishing scams and their Web sites often appear authentic or from a trusted source, using a company's proper logo, colors, and design elements. Use these measures to avoid being hooked by a phisher:
- Install and use a firewall, antivirus software and anti-spyware programs on your computer.
- Delete emails requesting personal information. Note: CommonWealth will never send you an email requesting personal information.
- Don't visit a Web site listed in an unsolicited email if you have any suspicion about its authenticity. And never use a link within an email to visit a Web site-instead, open a new browser and type in the URL.
- Change your online banking and shopping account passwords every three to six months.
- Only enter credit card or account information via a secure Web site -- one that begins with "https" in the URL and has a padlock icon on the browser frame (click on the browser frame to view the security certificate).
If you have online access, monitor your accounts frequently.
- Elder Abuse
Many seniors are trusting to a fault, and most aren't aware of the sophisticated scams and technologies used by today's criminals. Those who perpetrate crimes against the elderly include both family members and predatory individuals. At-risk adults are vulnerable to illegal or unethical exploitation targeting funds, property, or other assets. Financial exploitation typically involves one of the following:
- Theft of Income. Typically involving less than $1,000 per transaction, this is the most common form of financial exploitation and fraud.
- Theft of Assets. This type of fraud is typically more extensive, and often involves abuse associated with Powers of Attorney, real estate transactions, identity theft, or tax manipulation.
Watch for these red flags:
- A signature that seems forged, unusual, or suspicious.
- Out-of-sync check numbers.
- Allegations of "missing funds" from a vulnerable adult's account.
- A vulnerable adult who fails to understand recently completed transactions or the repercussions of his or her actions.
- Credit union or credit card statements sent to an address other than the vulnerable adult's home.
- Unusual cash withdrawals from a checking account in a short period of time.
- Abrupt increase in credit card activity or a sudden flurry of "bounced" checks.
- ATM activity in the vulnerable adult's account, even though he or she is physically unable to leave home.
- Abrupt and unexplained change in a financial Power of Attorney, new names added to signature cards, or a new joint account.
- Sudden appearance of previously uninvolved relatives claiming their rights to a vulnerable adult's affairs and possessions.
- A caregiver who appears to be getting paid too much or too often.
- Change in the vulnerable adult's appearance (disheveled hair or clothes, or a lack of hygiene).
Report abuse immediately:
The Santa Clara County Department of Aging and Adult Services (DAAS) has formed the Financial Abuse Specialist Team (FAST) to intervene quickly in incidences of financial abuse. To report abuse and/or neglect, or discuss your concerns, call: (408) 975-4900 or (800) 414-2002.
- Security Resources
If you think your identity or any of your accounts have been compromised, there's plenty you can do. However, it's critical that you act immediately!
- Lost your CommonWealth Visa credit or debit card? Call (800) 564-1588, option 6--24 hours a day, 7 days a week--to report your lost or stolen Visa credit or debit card. You will automatically be redirected to our card service provider so that a representative can block your card immediately. You can also call our card service provider directly by dialing (800) 682-6075.
- Notice suspicious charges or unusual activity on your CommonWealth Visa credit or debit card? Please contact us at (800) 564-1588, option 0. Should you reach us outside of our regular business hours of Monday - Thursday, 9:00 am - 5:00 pm and Friday, 9:00 am - 6:00 pm, our after hours call center will make note of your contact information and forward it to us on the next business day. One of our Member Service Representatives will then contact you.
- Notice unusual activity on your CommonWealth checking or share accounts? Please visit your nearest branch or contact us at (800) 564-1588, option 0. Should you reach us outside of our regular business hours of Monday - Thursday, 9:00 am - 5:00 pm and Friday, 9:00 am - 6:00 pm, our after hours call center will make note of your contact information and forward it to us on the next business day. One of our Member Service Representatives will then contact you.
- Free Credit Reports. You're entitled to one free credit report from each reporting agency every year. To request a copy, call (877) 322-8228, visit annualcreditreport.com., or contact these credit bureaus directly:
Credit Reports Fraud Unit
- ID Theft Center. Think your identity has been compromised? If so, visit idtheftcenter.org immediately to learn more about the next steps you should take.
- Social Security Statement. If it appears someone is using your SSN, call the Social Security Administration at (800) 772-1213 to check your Social Security Statement.
- FTC. The Federal Trade Commission provides a national resource for ID theft.
- FTC Brochure. Get a free copy of Take Charge: Fighting Back Against Identity Theft.