Category: Insurance Planning

Credit Card Phishing Scam Avoidance

Several banks in northern Alabama have issued warnings regarding an increasing number of phone calls to their customers from scammers attempting to steal credit card information.

The Scam

Calls to customers may appear to have their bank’s name or phone number as the caller ID, a practice known as caller ID spoofing. The scammer identifies as an employee of your bank or law enforcement, usually stating that your card has been compromised and you need to take action. They will likely know your name and credit card number. They use the known information and ask you to verify the three numbers on the back of you card, called a card verification value (CVV) or card verification code (CVC) number. Tthe card is now fully compromised once they have the CVV/CVC number

What To Do

The following information was shared by Redstone Federal Credit Union:

1. RFCU will never call you to verify your credit/debit card CVV number(s) or any other personal security information. If you receive such a call, please call 800-234-1234 or the number on the back of your card to verify its authenticity.
2. Don’t give out any personal information to anyone online, through social media, or over the phone unless you initiated the contact or can validate that they are actually employed by the company he or she is representing. 
3. Keep a close eye on your accounts. Use Redstone’s online banking to check your accounts daily. Use Credit Card Control or Debit Card Control to track how your card’s usage or turn the card on and off. 
4.  Use strong passwords – Each of your passwords should be unique and include elements such as symbols, numbers & uppercase & lowercase letters.
5.  Click carefully – Don’t open unsolicited emails & only download files and software you can trust.

Source

If you believe your card has been compromised, call the service phone number on the back of your card immediately. They will cancel the card and issue a new card.

Equifax Breach: What Actions to Take

On September 7, 2017, Equifax, one of the three largest U.S. credit bureaus, announced a massive data breach affecting 143 million consumers. As a result, they established a website – www.equifaxsecurity2017.com – to address the issue and keep consumers up to date on the latest news around the breach. Included in the website is a list of actions they have taken, frequently asked questions (FAQs), a link to determine if you may have been affected by the breach, and a link for free credit monitoring for a year from TrustedID.

You can follow these steps to determine if you may be affected:

  1. Go to www.equifaxsecurity2017.com
  2. At the bottom of the page, click “Potential Impact”
  3. Provide your last name and the last six digits of your Social Security number

If you are interested in obtaining one year of free credit monitoring, you’ll be given an enrollment date. At that given time, return to www.equifaxsecurity2017.com and follow the steps to enroll. It is important to note that free credit monitoring is open to everyone even if you do not believe you were affected by the breach.

The best way to protect yourself is to stay informed. Here are a few tips we recommend for protecting yourself:

  1. Check your account statements and history at least monthly to verify transactions. 
  • If you have not been proactive about reviewing your credit reports on a regular basis, now is a great time to start. Each US citizen has access to their free credit report from each of the three largest U.S. credit bureaus – Equifax, Experian and Transunion – once a year through annualcreditreport.com.  You can get all three reports at one time or stagger them throughout the year.
  • Consider a fraud alert or credit freeze on your credit.

If you are aware that your personal information has been compromised, you can place a free fraud alert on your account. This will require a business to notify you if someone tries to open an account in your name. A fraud alert lasts for 90 days, but can be renewed, or if you are a victim of identity theft, you can choose to have an extended fraud alert for seven years.

A credit freeze actually restricts access to your report completely. Fees for a credit freeze are limited to a maximum of $10 per credit bureau. A credit freeze is a greater protection than a fraud alert; however, it also requires the freeze be removed and reapplied each time you need to have your credit reviewed by someone other than yourself.

  • Change passwords regularly and use strong passwords. At Longview, we use LastPass. LastPass is a free consumer tool for storing and developing passwords. LastPass can automatically generate a password that meets a site’s requirements and offers strong encryption.
  • Consider using two-key authentications where available.  This is a second layer of protection for your accounts. Not only are you required to give a password, but you are also required to provide a code that is either emailed or sent by text to you during log in.

We live in a world reliant on electronic access and delivery of information. It is important to remain proactive and protect your information as best you can. If you have any questions or would like to learn more about protecting your information, we encourage you to reach out to us.

How Longview Protects Your Information

The internet has increased the speed and ease at which we can provide and access information, but it has also created another entry point for thieves. It is a growing struggle for businesses to stay ahead and put protections in place. It is a scary reminder that if large organizations, like Equifax, can be breached, so can the smaller businesses, like Longview. That is why it is so important for us to maintain policies to review and protect our client’s information. Here are a few of the policies and procedures Longview has implemented to protect your data:

  • Identity Theft Program: We have a list of red flags for which all employees are responsible to watch.  Red flags include: changes in addresses, request of funds, wires, notifications of possible breaches, and suspicious activities. Whenever a red flag occurs, there is a process in place to review the action for client protection.
  • Password Policy: Longview uses a corporate license for LastPass, a free consumer product to store and generate passwords. This program offers encryption of passwords, strong password creation and requires a change in the master password every 90 days. Longview also has internal requirements for passwords.
  • Two-Key Authentication: Fidelity and our customer relationship manager software requires two-key authentication for access of client accounts. This is a second layer of security protection for online activity.
  • Information Security Policy: Longview has adopted an information security policy to provide a plan to prepare for and respond to possible breaches. Several safeguards are included in the policy:
    • Review of all third-party security policies on an annual basis.
    • Physical copies of information containing personally identifiable information are stored in locked rooms/filing cabinets and all hardcopies of client information is locked away daily.
    • Electronic copies of client information are encrypted and stored through Box.com, which is backed up through Amazon. No client copies are saved on individual laptop computers.
    • The firm’s firewall and antivirus software is up-to-date.
    • All access to the firm’s network requires a secure password and is separate from a client’s network access.
  • Incident Response Plan: Longview has compiled a process for employees to follow if an incident does occur. The plan includes a list of access persons, policies and procedures, succession and business continuity plans, vendor due diligence reports, periodic computer reviews, daily download deletions, and a process to remediate and recover information.

In addition to Longview’s protections, Fidelity has a customer protection guarantee that covers losses from unauthorized activity in your account.

As always, thank you for your business. We value your partnership and will continue to strive to protect your information.


© Longview Financial Advisors, Inc.
Disclosures | Privacy Policy

Site development by Red Sage Communications, Inc.