Security is a very important issue for all of us here at County Bank and customer education is also important. Today’s security issues can be both challenging and frightening at times. We have included the following information for you to get a better understanding of some of the security issues that we all face from day to day.
LOST OR STOLEN VISA / MASTERCARD
STOLEN VISA / MASTERCARD CREDIT CARDS
On April 7, 2014, security researchers announced they had uncovered a bug or flaw in a key safety feature of the Internet—OpenSSL software, called the Heartbleed Bug.
County Bank takes our responsibility to process transactions safely, securely, and reliably very seriously. County Bank Online Banking is NOT vulnerable to the Heartbleed bug.
For those of you who use Yahoo mail, we strongly advise you to change your password for Yahoo mail. When this was first announced, it was reported that they were vulnerable. We also recommend that you change any password associated with any other web based email service.
To investigate if a website may be effected by this bug we suggest going to https://www.ssllabs.com/ssltest/index.html and typing in the webpage without the www (ex: yahoo.com). This will run a scan of the address associated with that site and display results. After the results are displayed click on the blue ipaddress in the left column to display the specific results. Underneath the grade it gives there is a green box that says whether or not the site is vulnerable to the heartbleed bug. If it is vulnerable do not go to the website until it is safe to do so. If the site is not vulnerable, we suggest as a precaution to change any passwords associated with that site.
This link is a description of what exactly the heartbleed bug is and does:
Important Information Concerning the Target Data BreacH
Target has experienced unauthorized access to payment card data regarding debit and credit cards used in its U.S. stores between November 27th and December 15th 2013.
Because ensuring your financial security is a top priority for us, we are monitoring this situation closely.
For now, County Bank can assure you:
We are not, at present, aware of any fraudulent activity, specifically related to this occurrence, on our customers’ accounts .
County Bank has a state of the art fraud monitoring and detection service working 24/7 to identify fraudulent transactions on our customers’ cards.
We strongly encourage you to monitor your accounts online by using our online banking service. If you are not currently enrolled, you can easily enroll online. To assist you in monitoring your account activity, you may also utilize the notify me alerts within our online banking service.
If you do notice any suspect transactions on your account, or if you have any questions, please notify us immediately by calling your local branch or our Call Center at 226-9800.
Social Engineering (Coming Soon)
FTC Offers Warning, Advice on Tax-Related Identity Theft
Did you know that your Social Security number can help an identity thief get a job, or the tax refund that should be yours?
The Federal Trade Commission, the nation's consumer protection agency, cautions that thieves can use a stolen Social Security number to apply for a job or file for a tax refund under a false identity. The FTC advises that, if you think this has happened to you, or if you get an Internal Revenue Service notice indicating a problem, contact the IRS immediately for help with your tax return, any refund, and protecting your IRS account from identity theft in the future.
The FTC also recommends three steps to minimize the potential damage from identity theft:
Read the FTC's Tax-Related Identity Theft to learn how to uncover and deal with this problem, how to avoid phishing scams, and how to contact the IRS. For more information, visit the FTC's identity theft website.
The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC's online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 2,000 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC's website provides free information on a variety of consumer topics.
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being from the FDIC.
The e-mails appear to be sent from various "@fdic.gov" e-mail addresses, such as "email@example.com," "firstname.lastname@example.org," or "email@example.com."
They have subject lines that read: "FDIC: Your business account" or "FDIC: About Your Business Account."
The e-mails are addressed to "Business Customer" or "Business Owner" and state "We have important information about your bank" or "…financial institution." They then ask recipients to "Please click here to find details."
They conclude with, "This includes information on the acquiring bank (if applicable), how your accounts and loans are affected, and how vendors can file claims against the receivership."
These e-mails and the link included are fraudulent and were not sent by the FDIC. Recipients should consider the intent of these e-mails as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers. Recipients should NOT access the link provided within the body of the e-mails and should NOT, under any circumstances, provide any personal financial information through this media.
Financial institutions and consumers should be aware that other subject lines and modifications to the e-mails may occur over time. The FDIC does not directly contact consumers in this manner nor does the FDIC request personal financial information from consumers.
For your reference, FDIC Special Alerts may be accessed from the FDIC's Website at http://www.fdic.gov/news/news/SpecialAlert/2012. To learn how to automatically receive FDIC Special Alerts through email, please visit http://www.fdic.gov/about/subscriptions/index.html.
Questions related to federal deposit insurance or consumer issues should be submitted to the FDIC using an online form that can be accessed at http://www2.fdic.gov/starsmail/index.php.
Distribution: FDIC-Supervised Banks (Commercial and Savings)
Paper copies of FDIC Special Alerts may be obtained through the FDIC's Public Information Center, 1-877-275-3342 or 703-562-2200).
IMPORTANT HURRICANE PREPAREDNESS INFORMATION
Washington, D.C. (September 1, 2010)—September is National Preparedness Month, and with the onset of the Atlantic hurricane season, the Independent Community Bankers of America (ICBA) and County Bank have some tips to help individuals put their financial documents in order to prepare for a hurricane or other natural disaster.
“While the first priority is the physical safety and well-being of you and your family, knowing that your banking and financial papers are safe gives you one less thing to worry about during times of duress,” said Jim MacPhee, ICBA chairman and CEO of Kalamazoo County State Bank in Kalamazoo, Mich. “Storms like Hurricane Earl are reminders that everyone needs to prepare ahead of time for a possible natural disaster. Having a financial preparedness plan will protect you and your family from the long-term effects hurricane or flood damage may cause to your financial documents.”
ICBA and County Bank offer the following tips to help consumers prepare before an emergency occurs:
� Keep marriage and family records, including adoption papers, property deeds, birth certificates, wills, insurance policies, passports, Social Security cards, immunization records, credit card account numbers, car titles or lease contracts, bank and investment account numbers and three years of tax returns in a bank safe-deposit box. Put each of these documents in a sealed plastic bag to keep out moisture.
� Make and safeguard additional official copies of critical documents such as birth certificates, adoption papers, marriage certificates and the deed to your home for safekeeping and notify a trustee, close relative or attorney where your important financial information is located.
� Keep names and contact numbers for executors, trustees and guardians in a safe place, either in your safe deposit box or with a close relative.
� Take an inventory and keep a list of household valuables. Taking photographs of these items can help as well.
� Start and regularly contribute to an emergency fund that can cover at least three to four months of expenses. This fund should be separate from your savings or investment account.
� Include extra cash in your home emergency kit, which should include a three-day supply of water, food, a first aid kit, can opener, flashlights, radio and extra batteries.
� Identify the records that you keep only on computer. They may not be available if electrical power fails, so make a printout and safeguard them or back them up to an external device or web storage facility
� The web can serve as a supplement or back up to paper copies. Scanned or other electronic documents can be attached to e-mails and stored in your e-mail account or with secure online back-up services.
� If you feel flood insurance may be necessary to protect your home, start shopping around. Contact your insurance agent or visit FEMA’s website at http://www.fema.gov for more information.
“If you have any questions about how to better prepare for a natural disaster, please ask us,” said Dave Gillan, Senior Vice-President and Chief Operating Officer of County Bank. “We are here to help you better understand how to organize your finances, important documents and valuables before a crisis strikes.”
For more information and resources, including a copy of an Emergency Financial Preparedness Guide, visit the consumer education and resources section of www.icba.org. For additional information about the National Preparedness Coalition, visit www.ready.gov.
County Bank encourages you to prepare yourselves and your family in case of an influenza pandemic. You can access Family Disaster Planning by clicking on the link http://www.flu.gov or http://www.cdc.gov/flu/pandemic-resources;
It is important to be prepared in advance of a pandemic. Maybe you don’t want to purchase all the supplies at one time. Try purchasing a little at a time, rotating your supplies over time with newer purchases.
If County Bank is forced to close one or more branches, branch closings will be listed on our bank website and posted at all the branch locations. Along with other closings, look for branch closings on your local television or radio stations. Don’t worry, you will still have twenty-four hour access to the bank through your online banking and XPRESS Banking at 302-226-9523 or 302-226-9526. You will have access to your cash through any local ATM. Use your local County Bank ATM for fee-free service.
Take common-sense steps to limit the spread of germs. Make good hygiene a habit.
1. Wash hands frequently with soap and water.
2. Cover your mouth and nose with a tissue when you cough or sneeze.
3. Put used tissues in a waste basket.
4. Cough or sneeze into your upper sleeve if you don't have a tissue.
5. Clean your hands after coughing or sneezing. Use soap and water or an alcohol-based hand cleaner.
6. Stay at home if you are sick.
7. Eat a balanced diet. Be sure to eat a variety of foods, including plenty of vegetables, fruits, and whole grain products. Also include low-fat dairy products, lean meats, poultry, fish, and beans. Drink lots of water and go easy on salt, sugar, alcohol, and saturated fat.
8. Exercise on a regular basis and get plenty of rest.
Important NACHA Phishing Alert
On 11/12/09, a NACHA Member Communication informed members that NACHA is being targeted in a phishing e-mail which contains a link to a Jabber/Zeus Trojan malware download. This malware can steal login credentials and can lead to an account compromise.
If your institution or customers receive this e-mail, DO NOT click on the link!
NACHA has posted an article on their home page at http://www.nacha.org.
Below is an example of the phishing email:
= = = = = Sample E-mail = = = = = =
From: nacha.org [mailto:firstname.lastname@example.org] Sent: Thursday, November 12, 2009 10:25 AM To: Doe, John Subject: Rejected ACH transaction, please review the transaction report
bank account holder, The ACH transaction, recently initiated from your
bank account, was rejected by the Electronic Payments Association.
Please review the transaction report by clicking the link below:
Unauthorized ACH Transaction Report (this is how the link is presented)
Sanitized link: hxxp://nacha[DOT]org[DOT]fffazsa[DOT]org[DOT]uk/ACHNetwork/Unauthorized/report[DOT]php?transaction_id=3D00149589098593&reference=
= = = = = End of Sample E-mail = = = = = =
Financial Institutions should communicate with customers regarding this phishing attempt, particularly commercial customers with ACH privileges.
E-mail Claiming to Be From the FDIC – October 26, 2009
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of a fraudulent e-mail that has the appearance of being sent from the FDIC.
The subject line of the e-mail states: “check your Bank Deposit Insurance Coverage.” The e-mail tells recipients that, "You have received this message because you are a holder of a FDIC-insured bank account. Recently FDIC has officially named the bank you have opened your account with as a failed bank, thus, taking control of its assets.”
The e-mail then asks recipients to “visit the official FDIC website and perform the following steps to check your Deposit Insurance Coverage” (a fraudulent link is provided). It then instructs recipients to “download and open your personal FDIC Insurance File to check your Deposit Insurance Coverage.”
This e-mail and associated Web site are fraudulent. Recipients should consider the intent of this e-mail as an attempt to collect personal or confidential information, some of which may be used to gain unauthorized access to on-line banking services or to conduct identity theft.
The FDIC does not issue unsolicited e-mails to consumers. Financial institutions and consumers should NOT follow the link in the fraudulent e-mail.
Internet Banking Login