Phishing and Social Networking
The term phishing (pronounced “fishing”) refers to a scam in which criminals use fraudulent techniques to obtain your confidential financial information. By pretending to be a trusted friend, colleague or business partner in a seemingly official communication like an email, text, tweet or post, the criminal lures you in to visiting a website or entering information you normally wouldn’t share with a stranger. Phishing is most commonly conducted using the following methods:
- Phishing – email communication.
- SMishing – text communication.
- Vishing – phone communication.
No matter how the correspondence is received, “phishing” is designed to mislead you in to providing information such as your account number, ID, password, PIN, card number, Social Security Number, date of birth, driver’s license or other non-public information about you.
In some instances, the goal of the phishing communication is to trick you into opening an attachment, clicking on a website URL, or viewing images in a post that installs malicious software on your computer. This software, called malware, can then monitor your online behavior, including the keystrokes you enter when visiting our website and using online banking.
Spoofing is when a criminal poses as a trusted partner. Criminals send phishing communications spoofing trusted partners every day. The most common ones you could encounter pretend to be shipping companies, travel and airline companies, the FDIC and NACHA - the Electronic Payments Association, even ACNB Bank.
Be Alert for Fraudulent Emails, Texts and Phone Calls:
Below are ways you and your employees can identify emails, texts and phone calls that are phishing attempts and are fraudulent.
- Text, email or phone communications that state your debit or credit card has been deactivated. Be extremely cautious of any messages that direct you to an automated phone system asking you to enter your card number. Please contact us if you receive one of these messages.
- Text, email or phone communications stating we need you to update the information you have on record with us.
- Communications with poor grammar and spelling.
- Communications that don’t seem to be typical behavior for the person texting, emailing or posting the communication.
- Communications with urgent appeals stating you must take action promptly to continue a service or receive an offer that is only available for a limited time.
- When you’re using online services, sites that look different and ask for more than you would typically enter. For example, if an online banking site begins asking for more than just your ID and Password (items such as your Social Security Number, date of birth, card number and expiration date), it is a clear sign your computer is infected with malware.
Social Networking Tips
Social networking sites provide criminals with a wealth of information about you. Not only do they share information about your past such as where you grew up and what schools you attended, but they also include current information such as your friends, your business or organization, and interests. This information can easily be used to target you for additional phishing messages.
- Be extremely cautious of emails, texts and posts from friends asking for money or posting odd links to news articles and images. It’s possible your friend’s account has been compromised and is being used by someone else to phish you.
- Review the privacy settings of social sites and select the features appropriate for you.
- Be cautious of how much personal information you share online.
- Use different passwords for your online financial sites than what you use for social networking and personal email.
- Think before you post. Protect your reputation by assuming everything you post online is permanent.
- Visit our section on Online Banking Security for businesses to learn more about protecting the operating system and browser of your organization’s computer network.
- Don’t access links, attachments or images just out of curiosity. If you don’t clearly know the sender, delete the message.
- Monitor your accounts frequently.
- For yourself personally, obtain your free credit report annually.
- Report fraud immediately.
The National Cyber Security Alliance (NCSA)’s mission is to educate and therefore empower a digital society to use the Internet safely and securely at home, work, and school, protecting the technology individuals use, the networks they connect to, and our shared digital assets.
Remember, ACNB Bank will never:
- Call, email or text you asking for your Online Banking password, Wire PIN, token codes, account numbers or debit card numbers. If you receive such a call, email or text message, do NOT give out any information.
- Direct you to a website that asks you to update your personal account information.
- Send an email to you containing computer software updates.
- Email or text you about a problem with your account. Some of our Online Banking services do send email and text activity alerts. Please become familiar with the appearance of these alerts. If you question any alert you receive, please call us.
- Visit your place of business and request to perform maintenance on your computer.
Important: If you receive a phone call, email, text message or visit to your place of business that you question, please take the time to call and ask us to validate the communication before taking any other action. Do not use the contact information provided in the email or text message you receive. Use the number advertised on our web site or on the back of your debit/credit card so you know you are speaking to us.
Need more information?
Call 1.888.334.ACNB (2262) or email us at email@example.com.