April 29th, 2016
We will soon launch an improved alert system…
In our continuing efforts to keep your accounts secure, we will soon launch an improved alert system for potential fraud (anticipated launch date is Wednesday, May 25).
Here’s how it works:
- When potential fraud is detected, you will receive an automatic email notification, with the option to reply with “fraud” or “no fraud.”
- One minute after the email, you will receive a text alert, which also has the “fraud” or “no fraud” option.
- If there is no response received, you will then receive automatic phone calls to confirm or deny fraud. The call will also give the option of speaking to a fraud analyst.
Remember—our messages will never ask for your PIN or account number.
Actions To Take Now
- Add 800.417.4592 to your phone contacts and label it “TxTCU Fraud Center”; it will display on your phone whenever you get a call from this number.
- If needed, update your email address and mobile phone number on file with the credit union.
March 17th, 2016
Should you file a claim for hail damage?
If your car is still safe to drive: Get an estimate before filing a claim to make sure that the damage is well over your deductible and worth filing.
While comprehensive claims are not surcharge-able they can hurt your rate by adding an additional claim to the amount of activity on your claims report. A large amount of activity (whether the claims are your fault or not) can change your rating tier causing an increase at your renewal. It is up to you to decide, but you can schedule an appointment for most body shops for an estimate and then go from there.
Remember though, any time we have a big storm with a large affected area, body shops and adjusters will make the vehicles that are not drivable the priority. This can cause a delay in the process for claims that are solely cosmetic. If the amount of damage is substantial, there can also be a shortage of rental cars in the immediate area. They will of course send for cars outside of the area to be delivered but this can cause delays as well.
February 18th, 2016
Please be aware, the following email about a phishing (or vishing) fraud, was distributed to us via personal contacts at Washington Financial:
Just wanted to pass this along as an FYI – we received a phone call today claiming to be from the “Financial Crime Investigation Department of Justice.” The ‘agent’ that called said his name was Sean Phillips though he had a very thick middle eastern accent. They were phishing (or vishing) for information from us. They also wanted some sort of payment to have them continue protecting the bank’s assets (Again, very hard to understand him). I informed some local FBI authorities I have a relationship with however I also wanted to alert this group that they are targeting banks. He gave a call back number of 904-900-8420. I guess they got tired of pretending to be from the Windows Tech Support team.
If you find yourself in such a situation, be cautious and contact us immediately so we notate our reports in our monitoring.
January 20th, 2016
Hyatt Hotels announced that the company’s payment processing systems were infected with malware. This affected 250 Hyatt Hotels locations in 50 countries. Last December Hyatt Hotels launched an investigation into this breach. On January 14, 2016 a full list of affected locations and the time interval during which the payment cards were exposed: The dates of the infection range from August 13 to December 8. Most of the potentially compromised cards were used at restaurants in the affected locations, but a small percentage were used at spas, golf shops, parking systems, front desks and sales offices.
The malware installed on the company’s computers was designed to capture payment card details like cardholder names, card numbers, expiration dates and verification codes when passed from the affected locations to the payment processing systems. The company is in the process of sending notification letters to customers for whom it has physical mailing addresses and via email to others. Affected customers will be offered a one-year subscription to identity and fraud protection services provided by US-based CSID for free.
Hyatt has worked with third-party cybersecurity experts to close the security breach and take additional measures so that it doesn’t happen again. The company is the latest in a long string of organizations whose payment systems were infected with malware in recent years. Other companies from the hospitality industry that suffered similar breaches include Hilton Worldwide, Mandarin Oriental, and Starwood Hotels & Resorts Worldwide.
For information on the list of locations and Protection Services, please go here: http://www.hyatt.com/protectingourcustomers/
January 12th, 2016
The IRS has released safety tips for everyone this tax season. Here are some helpful tips on shopping online and working on getting your taxes done this season.
Give personal information over encrypted websites only. If you’re shopping or banking online, stick to sites that use encryption to protect your information as it travels from your computer to their server. To determine if a website is encrypted, look for “https” at the beginning of the web address (the “s” is for secure). Some websites use encryption only on the sign-in page, but if any part of your session isn’t encrypted, the entire account and your financial information could be vulnerable. Look for https on every page of the site you’re on, not just where you sign in.
Protecting your passwords. The longer the password, the tougher it is to crack. Use at least 10 characters; 12 is ideal for most home users. Mix letters, numbers and special characters. Try to be unpredictable – don’t use your name, birthdate or common words. Don’t use the same password for many accounts. If it’s stolen from you – or from one of the companies with which you do business – it can be used to take over all your accounts. Don’t share passwords on the phone, in texts or by email. Legitimate companies will not send you messages asking for your password. If you get such a message, it’s probably a scam. Keep your passwords in a secure place, out of plain sight.
Don’t assume ads or emails are from reputable companies. Check out companies to find out if they are legitimate. When you’re online, a little research can save you a lot of money and reduce your security risk. If you see an ad or an offer that looks too good, take a moment to check out the company behind it. Type the company or product name into your favorite search engine with terms like “review,” “complaint” or “scam.” If you find bad reviews, you’ll have to decide if the offer is worth the risk. If you can’t find contact information for the company, take your business and your financial information elsewhere. The fact that a site features an ad for another site doesn’t mean that it endorses the advertised site, or is even familiar with it.
Don’t overshare on social media – Do a web search of your name and review the results. Most likely, the results will turn up your past addresses, the names of people living in the household as well social media accounts and your photographs. All of these items are valuable to identity thieves. Even a social media post boasting of a new car can help thieves bypass security verification questions that depend on financial data that only you should know. Think before you post!
Back up your files. No system is completely secure. Copy important files and your federal and state tax returns onto a removable disc or a back-up drive, and store it in a safe place. If your computer is compromised, you’ll still have access to your files.
Save your tax returns and records. Your federal and state tax forms are important financial documents you may need for many reasons, ranging from home mortgages to college financial. Print out a copy and keep in a safe place. Make an electronic copy in a safe spot as well. These steps also can help you more easily prepare next year’s tax return. If you store sensitive tax and financial records on your computer, use a file encryption program to add an additional layer of security should your computer be compromised.
For more information please go to www.irs.gov
Posted in Security Blog Comments Off