At Belmont Savings Bank, we take Internet Security
seriously. We value our Customers and the relationships we have built
with you and your family and hope that you never become the victim of
Cyber-Fraud or Identity Theft. Because Cyber-Fraud and Identity Theft
are such fast-growing crimes, we want you to be aware of the basic
precautions you can take to protect yourself.
Internet fraud can be any type of scheme that uses the Internet-chat
rooms, email, message boards or websites-to deceive prospective victims.
These schemes, scams and frauds take advantage of the Internet’s unique
capabilities-sending email messages worldwide in seconds or posting
website information that is readily accessible from anywhere in the
world - to carry out fraud quicker than ever possible in the past.
Phishing is a high-tech scam that uses spam or pop-up messages to trick
you into disclosing your personal credit card numbers, bank account
information, Social Security number, passwords or other sensitive
Phishers send an email or pop-up message that claims to be from
business or organization that you deal with. For example, the email may
purport to be from your Internet service provided (ISP), bank, online
payment service, or even a government agency.
The message usually says that you need to “update” or “validate” your
account information. It might threaten some dire consequence if you
don’t respond. The message usually contains a link to what appears to be
the bank WEB site that looks just like a legitimate organization’s site
but is in fact a bogus site created to STEAL your identity and account
Listed are a few tips to help you avoid getting hooked by a phishing
If you receive an email that warns you, with little or no notice,
that your account will be shut down unless you reconfirm certain
information, do not click on the email link. Instead, use a phone
number or enter the web address yourself. Clicking on a link that
looks legitimate may in fact direct you to a fraudulent website
where crooks will steal your personal information. Remember, your
bank or a government agency will never send you an alert asking you
to disclose your personal information.
Before submitting any financial information to a legitimate
website, look for the “lock” icon on the browser status bar, or look
for “https” in the web address. Both are indications that the
information is secure and encrypted during Transmission.
Report suspicious activity to the Federal Trade Commission (FTC)
Consumer Response Center (www.ftc.gov).
You can file a complaint with the FTC against a company or
organization that you believe has cheated you by contacting the
Consumer Response Center by phone:
toll free 877-FTCHELP (382-4357) – TTY: 202-326-2502
Web spoofing allows an attacker to create a “shadow copy” of any
legitimate website. Access to the shadow web is funneled through the
attacker’s machine, allowing the attacker to monitor all of the victim’s
activities, including any passwords or account numbers the victim
enters. The attacker can also cause false or misleading data to be sent
to web servers in the victim’s name, or to the victim in the name of any
web server. In spoofing, an attacker gains unauthorized access to a
computer or a network by making it appear that a malicious message has
come from a trusted machine be “spoofing” the address of that machine.
Phishing and spoofing often go hand-in hand in Internet fraud.
Be wary of unsolicited or unexpected emails from all sources.
If an unsolicited email arrives, treat it as you would a phishing
source. Be cautious about opening any attachment or downloading any
files from emails you receive, regardless of who sent them.
Identity Theft Frauds
Internet fraudsters often use identity theft as a starting point for
larger crimes. In one case, criminals obtained the names and social
security numbers of military personnel then used them to apply to a bank
over the internet for credit cards. In another case, stolen personal
data was used to submit car loan applications online.
Review credit card and bank account statements as soon as you
receive them to determine whether there are any unauthorized
charges. If your statement is late by more than a couple of days,
call your credit card company or bank to confirm your billing
address and account balances.
Your personal information can be obtained by “phishing,” “spoofing,”
or the old fashioned way – dumpster diving. Make sure your unused
checks, bills, credit/debit card receipts, credit card applications
you receive in the mail where you have already been pre-qualified
and statements are shredded before discarding.
General Tips Against Cyber-Fraud
Use Anti-Virus Software and keep it up to date. Some phishing emails
contain Software that can harm your computer or track your activities on
the Internet without your knowledge. Anti-virus software and a firewall
can protect you from inadvertently accepting such unwanted files.
Anti-virus software scans incoming communications or troublesome files.
Look for anti-virus software that recognizes current viruses as well as
older ones; that can effectively reverse the damage; and that updates
A firewall helps make you invisible on the Internet and blocks all
communications from unauthorized sources. It’s especially important to
run a firewall if you have a broadband connection. Finally, your
operating system (like Windows or Linux) may offer free software
“patches” to close holes in the system that hackers or phishers could