Secure Online Banking

Fraud Protection Graphic

Focused On Your Security

As your Bank, we are here to help guide and support you in understanding what hackers are doing to obtain and misuse your confidential data, and what you can do about it. We have taken steps to empower you with tips, tools, examples and knowledge that we will share on an ongoing basis via email, social media and this page. These steps are intended to help you in responsibly safeguarding your accounts and data, as well as be aware of the most current scams.

Why is it so important to be aware of and vigilant in protecting yourself from fraud?

  • 81% of breaches leveraged stolen or week passwords (source: LostPast)
  • 70% of people admit they use the same password for more than one account (source: PC mag)
  • 1/3 of people say they “sometimes,” “rarely,” or “never” install software updates. (source: National Cybersecurity Alliance)
  • Phishing (email scams) is the most common cause of data breaches (source: Dark Reading)
  • Business email compromise (BEC) – also known as email account compromise (EAC) – is one of the most financially damaging online crimes (source: FBI)
  • About $770 million was reported by consumers in 2021 as being lost to fraud initiated on social media (source: FTC)
  • More than $5.8 billion was lost to fraud by consumers in 2021, an increase of more than 70% over the previous year (source: FTC)
  • About $392 million in online shopping losses reported by consumers in 2021, up from $246 million in 2020 (source: FTC)

Your security has been and always will be a top priority. By being aware of and informed on these topics, together we can effectively fight fraud.


Steps You Can Take To Safeguard Your Accounts and Data From Fraud

MULTI-FACTOR AUTHENTICATION (MFA)

Multi-Factor Authentication (MFA) can block 99.9% of attacks on your accounts, according to Microsoft. With MFA enabled, you need to provide additional verification in order to access accounts online, providing more layers of security and making it more difficult for a hacker to access your account. Basically, after you log in with your username/email and password, you will be asked to provide further authentication to verify it is you. Typically, it is a one-time passcode sent to your email or phone, or a notification sent to an authenticator app on your phone, or a request for a biometric like your fingerprint. MFA means a bad actor/hacker may get a hold of your username/email and password, but they won’t have your additional layers of authentication so their efforts to access your accounts will be thwarted.

Learn more about multi-factor authentication for the safety of your digital banking.

CREATING STRONG PASSWORDS AND PINS

90% of passwords are vulnerable to attack (source: Avast). Here are steps you can take to keep your passwords and PINs safe –

  • Create a strong PIN – Your PIN should never include a number that appears in your wallet, such as your birth date, phone number, address, etc. These are the first numbers thieves will try if they steal your wallet.
  • Create strong passwords – Your passwords should vary from account to account. Also they should be more than 8 characters and include capital and lowercase letters and at least one symbol.
  • Don’t recycle or reuse passwords.
  • Never store passwords or your PINs on your devices.
  • Lock your devices with passcodes.
  • Regularly change your passwords.
  • Never share your passwords via text, email or in social media direct messaging applications.
  • Consider using a password manager – a convenient subscription service that helps you generate and store strong passwords in an encrypted digital vault.
UPDATING SOFTWARE

Making sure software and apps you are using are the most current is easy to do and plays an important role in keeping your information safe. Software and app companies are constantly monitoring and advancing their products to stay well ahead of hackers. In doing so they push updates to you that fix general software problems and provide new security patches and tools, protecting your data from being exposed to criminals. The next time you receive a notification for an update, think smart, be safe and perform the update as soon as possible.

SUSPICIOUS TEXTS, EMAILS AND CALLS

The most common forms of fraudulent communications you may receive are phishing (email), vishing (phone call) and smishing (text message). These give the appearance of coming from a reputable source and try to trick you to take action in order to obtain your confidential information.

Tips to Avoid phishing, vishing and smishing –

  • Never share your confidential/account information with anyone.
  • Never sign into an account using a link in an email or text.
  • Do not act on (click on links or attachments) or respond to suspicious emails or texts – suspicious indicators are urgent requests, bad or unrecognizable senders/links/attachments and poor grammar.
  • Hang up on any call you doubt is authentic.
  • Do not click on links or attachments or give out personal information.
  • Save and report any suspicious communications.
  • Do not call unknown numbers that have called you or left you a message with a number to call back – use contact number you commonly use and know are correct.

Imposters to watch for who are targeting you and your money –

  • Romance Con
    • Romance scammers create a relationship with you online (through websites and apps). They share their story of financial hardship to convince you to give them money or they lure you into a phony cryptocurrency investment scheme. According to the FTC, the median loss is $2,400 for actual money given out and $10,000 for cryptocurrency paid.
  • Tech Imposter Con
    • These scammers reach out to you suggesting they can help you with a common technical issue with a device you may be experiencing. They request access to your device, such as a computer, and personal information to resolve the problem, when actually the are stealing your information for their own gain.
  • Phony Family Member Con
    • In this situation, a fraudster posing as a family member who sends you a heartfelt message that they are in distress and need money urgently.
SCAMS AS THEY RELATE TO EXCHANGE OF MONEY

With the convenience it offers to make payments digitally (transferring money from one bank account to another), many of us use p2p on a regular basis. While p2p is secure, it’s important to be aware that this is an area scammers are targeting to have you send them money. Know how to identify that it is happening, how to protect against it and what to do if you are victim to a p2p scam.

Identifying p2p scams –

  • Hackers impersonate the Bank and call to alert you about “suspicious activity” on your account and direct you to send money to yourself or “the Bank’s address”.
  • Fraudsters will reach out suggesting they represent a reputable organization you commonly use and try to obtain your confidential information. They will then take that information to create a p2p account for stealing your funds.
  • Scammers will contact you suggesting they accidentally sent you money through p2p and ask you to send the money back.

How to protect against p2p scams –

  • Don’t send money to someone you don’t know.
  • Don’t share your personal/account information with anyone.
  • Don’t let anyone persuade you to send money to yourself or anyone else.
  • Don’t let anyone borrow your phone – they might try to access your account and utilize p2p to transfer money to themselves.
  • Set up alerts to notify you of any transactions on your account.

If a p2p scam happens to you –

  • Keep any documentation you have regarding the incident.
  • Contact the Bank as soon as you are aware it occurred at 888-923-5664.
PROTECTING YOURSELF ON SOCIAL MEDIA

Social media has become a mainstay in staying connected with our friends, neighbors and communities. According to Oberlo, the average amount of time spent on social media worldwide is set to hit 147 minutes, or two hours and 27 minutes, a day in 2022.

Here are steps you can take to keep yourself safe as you spend time on social media –

  • Avoid tagging your location in photos at home or while on vacation.
  • Avoid accepting friend requests from people you don’t know.
  • Avoid clicking on links in social media posts that you don’t know or trust.
  • Limit the amount of personal details you share such as birthdays, pet names, favorite sports teams, hometowns, employers, etc., as fraudsters can use this to try and scam you online.
  • Visit your privacy settings to set restrictions on information collected by the various platforms.
  • Check if you can opt out of targeted advertising.
PROTECTING YOURSELF ONLINE AND MOBILE

From shopping to research and so much more we heavily rely on the internet. And, we surf online from everywhere – when we are at home, on vacation, at a restaurant/coffee shop, in our cars, etc. Increase your protection as you spend time on the web by doing the following –

  • Only browse secure online websites – should show the closed lock icon and https in the browser address bar.
  • Never use passwords or log ins on a public or shared WiFi such as coffee shops, airports, libraries, etc.
  • If you need to use a hotspot consider using your mobile phone (if it has that capability – check with your provider).
  • Secure your home router with a strong password and WPA2.
  • Only download apps and programs from trusted sources.
  • Consider upgrading to a VPN (virtual private network).
  • Never scan a qr code unless it is from a trusted source..
Business Email Compromise (BEC) Scams

With Business Email Compromise (BEC) scams, they can result in extremely large sums of company dollars being unknowingly sent to cyber criminals. Make sure your organization has protocols in place to be aware of BEC scams and how to protect against them.

How BEC scams work –

  1. Bad actors target businesses by obtaining information available online to develop a profile on the company and its executive employees.
  2. These hackers then spearphish emails and/or phone calls, posing as an official of your company or a regularly used vendor to gain details needed to carry out the BEC scam. With the information they gain, the scammers target an employee typically within the financial department with a request for what looks to be a legitimate financial transaction, most commonly a wire transfer.
  3. Thinking it to be a valid transaction, the company/employee unknowing transfers funds to a bank account controlled by the hackers.

To protect your organization, verify any financial transaction, especially ones that include edits to the processing of the transaction, in person or by calling the person involved in the transaction to make sure it is legitimate.


Providence Tools To Protect Against Fraud

  • Utilize Trusteer Rapport as an additional layer of protection to safeguard your banking accounts against malware and phishing.
  • Utilize Mobile Pay for making purchases. Mobile Pay is an encrypted digital wallet from a secure provider. The mobile pay platform is more secure thank using a traditional credit/debit card since your card number and identity are not shared with the merchant or transmitted with payment. In addition, your actual card numbers aren’t stored on your device.
  • Incorporate Positive Pay as a cash management tool for your business. This is an invaluable automated system providing enhanced security and overview of items clearing your account(s).
  • Take advantage of Remote Deposit Capture for your business to process deposits from the convenience of your office. It’s easy to set up and provides additional protection against fraudulent activity with your account.
  • Log in to digital banking to set custom, bill pay and security alerts to proactively reduce fraud exposure. Alerts will automatically notify you of account activity so you are aware and in control of your banking.
  • Review our fraud protection services specific to protecting business financial information.
  • View our fraud exposure checklist for businesses.

Helpful Links & Resources

How to Avoid a Scam – includes four signs to identify a scam

Cybersecurity Awareness Month

How You Can Be Cybersmart

Making Banking Safe and Secure


Real Fraud Examples

Below are links to true stories of real people targeted by scammers using various methods to steal their confidential information. We will continue to share stories to keep you aware of the most current issues other customers have faced to help us all relate and learn valuable lessons to fight fraud.

Case Study #4 – Debit Card Fraud

Case Study #9 – p2p Fraud

 


If The Bank Suspects Fraud On Your Account

A Providence Bank & Trust representative will contact you if we detect unusual activity on your account(s).

When we contact you –

  • We will identify ourselves by name and that we are contacting you from Providence Bank & Trust.
  • We will NOT ask you to provide confidential information about you or your account(s), such as account passwords or social security, debit card or account numbers.
  • We will NOT ask you to click on any links or attachments to resolve a potential fraud issue.

If You Suspect Fraudulent Communication Or Activity On Your Account(s)

  • Contact the Bank immediately at 888-923-5664 or send us a message through digital banking to report.
  • Save and share any information, emails or texts you receive with the Bank for research purposes.

Tips To Avoid Fraud

  • If you doubt authenticity of an email, phone call or text you receive from the Bank, end/do not act on the communication and call us directly at 888-923-5664 or send us a message through digital banking to verify any requests/suspicions.
  • DO NOT act on (click on links or attachments) or respond to suspicious emails or texts – suspicious indicators are urgent requests, bad or unrecognizable senders/links/attachments and poor grammar.
  • NEVER share your confidential/account information with anyone.

Important Disclaimer Information:

All trademarks and registered marks are the properties of their respective owners.