ALERT: Kinderhook Bank Mobile and Tablet Apps ... Don’t be fooled by fakes!
Don’t be fooled by rogue app stores that provide downloads of potentially malicious or infected apps. Kinderhook Bank Mobile and Tablet apps are only available from the App StoreTM or Google PlayTM websites. Downloading apps from any other site could pose security risks to your personal banking information. If you have any questions, don’t hesitate to contact us at 518.758.7101 or visit any branch location.
Warning: Fictitious Correspondence Regarding the Release of Funds Supposedly Under the Control of the Office of the Comptroller of the Currency
Fictitious correspondence, allegedly issued by the Office of the Comptroller of the Currency (OCC) regarding funds purportedly under the control of the OCC and possibly other government entities, is in circulation. Correspondence may be distributed via e-mail, fax, or postal mail. Any document claiming that the OCC is involved in holding any funds for the benefit of any individual or entity is fraudulent. The OCC does not participate in the transfer of funds for, or on behalf of, individuals, business enterprises, or governmental entities. The correspondence may indicate that funds are being held by a specific financial institution and that the recipient is required to pay a “Clean Bill of Records Certificate (C.B.R.C.)” fee before the funds are released to the beneficiary.
E-mails being sent in regard to this scam appear to be sent from officials at the OCC, but they are not. The e-mail address used in the electronic correspondence may be from [firstname.lastname@example.org]. This material is being sent to consumers in an attempt to elicit funds from them and to gather personal information to be used in possible future identification theft.
Before responding in any manner to any proposal supposedly issued by the OCC that requests personal information or personal account information, or that requires the payment of any fee in connection with the proposal, recipients should take steps to verify that the proposal is legitimate. At a minimum, the OCC recommends that consumers:
- Contact the OCC directly to verify the legitimacy of the proposal (1) via e-mail at email@example.com; (2) by mail to the OCC’s Special Supervision Division, 400 7th St. SW, Suite 3E-218, MS 8E-12, Washington, DC 20219; (3) via fax to (571) 293-4925; or (4) by calling the Special Supervision Division at (202) 649-6450.
- Contact state or local law enforcement.
- File a complaint with the Internet Crime Complaint Center at www.ic3.gov if the proposal appears to be fraudulent and was received via e-mail or the Internet.
- File a complaint with the U.S. Postal Inspection Service by telephone at (888) 877-7644; by mail at U.S. Postal Inspection Service, Office of Inspector General, Operations Support Group, 222 S. Riverside Plaza, Suite 1250, Chicago, IL 60606-6100; or via the online complaint form at https://postalinspectors.uspis.gov/forms/MailFraudComplaint.aspx, if the proposal appears to be fraudulent and was delivered through the U.S. Postal Service.
Warning: Anthem Data Breach
February 9, 2015: Anthem Inc. recently disclosed that it had experienced a data breach that exposed the personal information of millions of its customers and employees. Anthem, the second largest U.S. health insurer, provided the information soon after the breach was discovered and is still investigating the matter. The initial estimate provided by Anthem is that the names, birthdays, addresses, and Social Security numbers of approximately 80 million people were extracted from an unencrypted database by an unauthorized person who has not yet been identified. The data elements involved in this breach represent permanent markers of an individual's identity. A stolen identity, complete with birth dates, Social Security number and resident information can be abused in ways that have long term consequences and can be used to hijack existing accounts, obtain new credit and other services, conceal a criminal past, file taxes, and even vote.
What should you do?
Be on the lookout for other people accessing your personal accounts -- check your statements carefully and notify us immediately at 518-758-7101 if you believe there is unusual or unathorized activity. Monitor email and social media accounts for suspicious messages appearing from you, but that you did not send. Monitor bank and credit card accounts for unauthorized charges. Request a free credit report at http://www.annualcreditreport.com or call 1-877-322-8228 to ensure no unauthorized accounts have been opened in your name. For more information on Identity Theft, visit the Federal Trade Commission website and get their free brochure "Identity Theft: What to know...What to do" at http://www.consumer.ftc.gov/articles/pdf-0014-identity-theft.pdf.
Warning: Home Depot Credit & Debit Card Breach
September 10, 2014 : Home Depot has announced a breach of payment card data affecting credit cards and debit cards used to make in-store purchases in the U.S. from April 2014 forward. Home Depot has offered free identity protection services, including credit monitoring, to any customer who shopped at a Home Depot since April 2014. If you wish to take advantage of these services, you can learn more at http://www.homedepot.com/or by calling (800) 466-3337.
What should you do?
- If you used your Kinderhook Bank Visa Check Card at Home Depot during this time, monitor your account closely using our Messenger Alerts, Mobile Banking and Online Banking products. If you used your Kinderhook Bank Credit Card, monitor your credit card activity using the MyCardStatement feature to view recent account activity.
Call us at (518) 758-7101 or toll free at 1(888) 747-8138 immediately if you questions about your Kinderhook Bank accounts.
What if I notice unauthorized activity on my account?
· To report unauthorized activity on your Kinderhook Bank Visa Check Card: During banking hours: Call (518) 758-7101 (Monday - Friday, 8:30am - 4:30pm); After hours: Call 1(800) 554-8969.
· To report unauthorized activity on your Kinderhook Bank Credit Card: Call 1(800) 325-3678.
Warning: Target Stores Payment Card Data Compromised
Target stores recently announced that payment card data collected at U.S. stores from November 27 to December 15, 2013 has been compromised. Kinderhook Bank has several safeguards in place to protect members from unathorized VISA Credit or Debit Card transactions. We advise all Kinderhook Bank cardholders to remain vigilant for incidents of fraud and identity theft by regularly reviewing your account activity and consider signing up for Text Alerts. If there are any transactions on your account history that are unusual or that you did not perform, please contact Card Services immediately at (518)758-7101. For more information go to https://corporate.target.com/discover/article/Important-Notice-Unauthorized-access-to-payment-ca?intc=importantguestinfo
Warning: Identity Theft Suspected at Golden Town Buffet in Glenmont, NY
Customers are encouraged to read the article from August 6, 2013 in the Times Union at the link below about the identity theft scam discovered at the Golden Town Buffet at 385 Route 9W in Glenmont, NY. Anyone who has made a purchase at the location since mid-June with a debit or credit card should check their account statements for any erroneous charges and notify their financial institution immediately if they suspect any fraud.
Warning: Debit Card Scam Alert
Kinderhook Bank has been informed that some customers have received automated phone calls telling them that their debit card has been suspended and are being asked to provide their card information (card number, expiration, PIN) to reactivate it. The Bank will never contact customers and request this type of information. If you are contacted, DO NOT give out any card information and please contact Card Services at (518)758-7101 as soon as possible.
Warning: Text Message Scam Alert
We have been notified that some customers and employees are receiving a phony text message as follows:
(Urgent Notification.) Call: 302-223-4547
When they call the number, a computerized female voice welcomes you to "24 hours banking system" and advised that your debit card has been "limited". You are then asked for your 16-digit card number, your 4-digit expiration date (MMYY) and your 4-digit PIN number.
Please be advised that this is a SCAM and is not being sent by Kinderhook Bank. If you feel you have been scammed with this text message, please notify us immediately by calling 518-758-7101 and ask for Card Services to take immediate action.
Warning: Social Security Scam
As people make the switch from receiving a check for Federal Benefits like Social Security, to electronic payment or direct deposit, scammers are trying to take advantage and steal personal information...don't be fooled! Recently calls are being made from scammers saying they are from Medicare. They are trying to confirm that you are a QMB (Qualified Medicare Beneficiary) by giving you your name, phone number, routing number, and partial account number (last four digits). They also appear to know the expected date of the next Social Security payment and are attempting to verify the whole account number and customer's date of birth. According to Social Security, they then use this information to contact SSA and attempt to change the information to get payment put on a pre-paid debit card which is then sent to the scammer. DO NOT GIVE OUT OR CONFIRM ANY PERSONAL ACCOUNT INFORMATION OVER THE PHONE TO ANYONE. Individuals can block access to internet or telephone changes to information on file with the Social Security Administration at www.socialsecurity.gov/blockaccess.
New Phishing EMail Scheme
Fiserv, our systems provider, has become aware of a new phishing email scheme that is working its way across the Internet involving emails that references the “eNFact” fraud monitoring product. The email directs recipients to click on a link that takes them to a mock-Fiserv site that may initiate an installation of malicious software; this website is in no way associated with Fiserv or the eNFact product. Fiserv has shared this information with Kinderhook Bank and instructed that if you have received this phishing attack via email, or if you receive it at any time from this point forward:
1. Do not open the email;
2. Do not click on the link contained in the email; clicking on any of the links contained in the email may install malicious software on your system;
3. If a link is clicked, your organization’s Information Security personnel should immediately take your system off of the network;
4. Report the email to your organization’s Information Security personnel;
5. Delete the email from your “Inbox” and “Sent Items; and
6. If you have inadvertently clicked on the link please notify your local helpdesk for assistance as soon as possible.
At this time there is no evidence or indication that any of the Fiserv systems have been affected.
Fiserv is taking three steps. They have asked the hosting provider of the phishing site to take it down, although they are presently unsure whether our request will be honored. Second, FISERV has reported this to the regulatory authorities, whose engagement may help them get the attention of both the phishing site’s hosting provider and law enforcement. Third, they are researching the potentially malicious payload the phishing site could install, and will provide us with more information you may be able to use to limit infection in your own environment and will issue further communications as soon as they have info to share.
NUBK.com Email Fraud
There are fraudulent emails circulating that appear to be from Kinderhook Bank's Accounting Dept and/or Sales Dept that request the recipient verify account information. Please be assured that Kinderhook Bank will never send an email to a customer asking for account information or verification of any kind. If you receive this type of email, do not respond with any information. It is important that you regularly monitor your personal bank accounts and always use a secure method of verifying any personal information. By clicking the Contact Us form on www.yourkindofbank.com, you can safely communicate with Kinderhook Bank staff for answers to any account questions or concerns. Or, you can reach us directly at (518) 758-7101.
Fraudulent Bank Comfort Letter: PNC Bank, N.A.
The Office of the Comptroller of the Currency (OCC) has been informed that a fraudulent “Bank Comfort Letter” purportedly issued by PNC Bank, N.A., is in circulation to various financial institutions for the benefit of Nigerian National Petroleum Corporation. The letter references a purported contract with a potential reference number of OZ/NNPC/BLCO/AUG11 relative to Oznomics (“Oznomics”). This letter or any other document relative to this matter is not a genuine bank document, has not been authorized by PNC Bank, N.A., or any of its affiliates (together or individually, PNC), and is not a legal, valid, or binding obligation of PNC.
PNC has stated that it has no credit or trade services relationship with Ozmonics. Any purported obligations and/or commitments from PNC purportedly related to Ozmonics are fraudulent and should not be relied upon.
Any information pertaining to this situation should be brought to the attention of Jonathan Mastrangelo, PNC Bank, N.A., at (412) 762-6494 or via e-mail at firstname.lastname@example.org.
Any information that you may have concerning this matter should be brought to the attention of:
|Mail:||Office of the Comptroller of the Currency
Enforcement & Compliance Division, MS 8-10
250 E St. SW, Washington, DC 20219
Masquerading Web site - "helpwithmybank.com"
The Office of the Comptroller of the Currency (OCC) has been informed that the above-mentioned Web site, “helpwithmybank.com,” is attempting to masquerade as the legitimate Web site, “helpwithmybank.gov,” and contains potentially damaging malware. The illegitimate site redirects the user to the legitimate site “helpwithmybank.gov” in an attempt to convince users that they are connecting to a legitimate site. Attempts to connect to the fake Web site could expose the user to harmful malware.
Any information that you may have concerning this matter should be brought to the attention of:
|Mail:||Office of the Comptroller of the Currency
Enforcement & Compliance Division, MS 8-10
250 E St. SW, Washington, DC 20219
Phishing - NACHA – The Electronic Payments Association
NACHA has received reports that individuals and/or companies continue to receive fraudulent emails that have the appearance of having been sent from NACHA. These emails vary in content and appear to be transmitted from email addresses associated with the NACHA domain (@nacha.org). Some bear the name of fictitious NACHA employees and/or departments.
NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.
Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.
If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system. Always use anti-virus software and ensure that the virus signatures are automatically updated. Ensure that the computeroperating systems and common software application security patches are installed and current.
FTC Consumer Alert
How Not to Get Hooked by a 'Phishing' Scam
Internet scammers casting about for people's financial information have a new way to lure unsuspecting victims: They go "phishing". Phishing is a high-tech scam that uses spam or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, or other sensitive information.
According to the Federal Trade Commission (FTC), phishers send an email or pop-up message that claims to be from a business or organization that you deal with - for example, your Internet Service Provider (ISP), bank, online payment service, or even a government agency. The message usually says that you need to "update" or "validate" your account information. It might threaten some dire consequence if you don't respond. The message directs you to a Web site that looks just like a legitimate organization's site, but it isn't. The purpose of the bogus site? To trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.
The FTC, the nation's consumer protection agency, suggests these tips to help you avoid getting hooked by a phishing scam:
- If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don't ask for this information via email. If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company's correct Web address. In any case, don't cut and paste the link in the message.
- Don't email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization's Web site, look for indicators that the site is secure, like a lock icon on the browser's status bar or a URL for a website that begins "https:" (the "s" stands for "secure"). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
- Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
- Use anti-virus software and keep it up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge. Antivirus software and a firewall can protect you from inadvertently accepting such unwanted files. Antivirus software scans incoming communications for troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically. A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It's especially important to run a firewall if you have a broadband connection. Finally, your operating system (like Windows or Linux) may offer free software "patches" to close holes in the system that hackers or phishers could exploit.
- Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.
- Report suspicious activity to the FTC. If you get spam that is phishing for information, contact https://www.ftccomplaintassistant.gov. If you believe you've been scammed, file your complaint at www.ftc.gov, and then visit the FTC's Identity Theft Web site at http://www.ftc.gov/idtheft to learn how to minimize your risk of damage from ID theft. Visit www.ftc.gov/spam to learn other ways to avoid email scams and deal with deceptive spam. The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint or to get free information on consumer issues , visit http://www.ftc.gov or call toll-free, 1-877-FTC-HELP (1-877-382-4357); TTY: 1-866-653-4261. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.
Protect Yourself From Identity Theft
Think of how many times a day you share your personal information. You may write a check at the local grocery store, apply for a credit card, make a call on your cell phone, charge tickets to a Milwaukee Bucks game, mail your tax return or buy Midwest Express tickets over the Internet.
With each transaction, you share your personal information: your bank and credit card account numbers, your income, your social security number, your name, address and phone number.
In 1998, Congress passed a law making identity theft a federal crime. The U.S. Secret Service, FBI and U.S. Postal Inspection Service investigate violations of the Act. Persons accused of identity theft are prosecuted by the Department of Justice.
Wisconsin also has passed legislation making identity theft a felony, and criminals there have been convicted of the crime.
Consumer complaints about identity theft continue to grow. More than 40 percent of all complaints filed with the U.S. Federal Trade Commission last year were for identity theft.
Unless you live your life in a bubble, you can't prevent the stealing of your personal information, but you can minimize the risks of this crime happening to you by following these suggestions:
- Never divulge information about your social security number, credit card number, account passwords and other personal information unless you initiate contact with a person or company you know and trust.
- Don't carry around more checks, credit cards and other bank items than you really need. Don't carry your social security number in your wallet, and be sure to pick passwords and PINs (Personal Identification Numbers) that will be tough for someone to figure out. Don't write your social security number on your check.
- Protect your incoming and outgoing mail, especially envelopes that may contain checks, credit card applications or other information valuable to a fraud artist. Deposit outgoing mail, especially something containing personal financial information in the official Post Office collection boxes, hand it to the mail carrier, or take it to the local post office instead of leaving it in your home mailbox.
- Before discarding credit card applications, cancelled checks, bank statements or other information useful to an identity thief, tear them up as best you can, preferably by using a paper shredder.
- Safely store extra checks, credit cards and documents that list your social security number.
- Contact your financial institution immediately if you lose your checkbook or bank credit card, if there is a discrepancy in your records, or if you notice something suspicious such as a missing payment or unauthorized withdrawals.
- If your credit card bill doesn't arrive on time, contact your credit card company. This could be a sign that someone has stolen your account information, changed your address and is making large charges in your name from another location.
- Once a year check your credit record with the three major credit bureaus. To order your report, call the following toll-free numbers; Equifax: 800-685-1111 Experian: 888-397-3742 Trans Union: 800-888-4213
If you are a victim of identity theft, take the following steps:
- Contact the fraud departments of each of the three major credit bureaus and request a "fraud alert" be placed on your file and no new credit be granted without your approval.
- Close any accounts that have been fraudulently accessed or opened.
- File a local police report and get a copy of the report to your bank, credit card company or others that may need proof of the crime.
The Federal Trade Commission (FTC) is the federal clearinghouse for complaints by victims of identity theft. Although the FTC does not have the authority to bring criminal cases, it can assist victims by providing information to help resolve problems that can result from identity theft. Should you find yourself a victim of identity theft, you can file a complaint with the FTC by calling toll-free 1-877-ID-THEFT (438-4338).
Most of us assume that thieves are only interested in the cash in our wallet or purse, when in many cases, they are more interested in access to sensitive information that can be used to steal our identity. Use caution and don't be the next victim of identity theft or other financial fraud.
|| TOP ||