Tips for Safe Online Banking

You can help protect yourself by implementing alternative risk control and processes, such as:

• Choosing an adequate username and password that, at a minimum, mixes in lowercase letters, uppercase letters and numbers
• Periodically changing your password (e.g. at least every 90 days)
• Safeguarding your username and password information
• Having current anti-malware and anti-virus software
• Making sure you have a firewall in place when conducting your financial transactions
• Logging off the system when you’re done conducting business, not just closing the page
• Monitoring your account activity on a regular basis

Be Safe When Banking Online

Online Transactions

Federal financial regulators report that Internet threats have changed significantly over the past several years. Sophisticated hacking techniques and growing organized cyber-criminal groups are increasingly targeting financial institutions, compromising security controls, and engaging in online account takeovers and fraudulent electronic funds transfers.

To help ensure the security of your online transactions, we want you to know that we will never email, call, or otherwise contact you to ask for your username, password, or other electronic banking credentials.

Mail & Phone Security

We recommend you learn ways to protect yourself from common fraud schemes.

Vishing

Vishing scams target consumers by “spoofing” text or voicemail messages that ask you to call a phone number and give your personal information. Here’s how it works:

• You receive a “spoof” email, text message, or voicemail about suspicious account activity.
• The email, text message, or voicemail message will ask you to call a “customer service” number.
• When you call the customer service number, a recording will ask you to provide personal information such as account numbers, passwords, a social security number, or other critical information.
• The recording may not mention the company’s name and could potentially be an indication the call is being used for fraud.
• In a variation of this scam, you may receive a phone call.
• The call could be a “live” person or a recorded message.
• The caller may already have your personal information, which may seem as if the call is legitimate.

Smishing

Smishing is when consumers’ cell phones and other mobile devices are targeted with mobile spam. The spam, or text messages, attempt to trick consumers into providing personal information. Here’s how it works:

• You receive a fake text message, which may include a fraudulent link, asking you to register for an online service.
• The scammer attempts to load a virus onto your cell phone or mobile device.
• The scammer may also send a message ‘warning’ you that your account will be charged unless you cancel your supposed online order.
• When you attempt to log on to the website, the scammer extracts your credit card number and other personal information.
  • In turn, your information is used to duplicate credit, debit and ATM cards.
• Scammers may also send you a text message again ‘warning’ you that your bank account has been closed due to suspicious activity.
• The text message will ask you to call a ‘customer service’ number to reactivate your account.
• When you call the number, you are taken to an automated voice mail box that prompts you to key in your credit card, debit card or ATM card number, expiration date and PIN to verify your information.
• Again, your information is used to duplicate credit, debit and ATM cards.

Lottery/Sweepstakes Scams

Lottery/Sweepstakes scams target consumers by a notification, which arrives through the mail, by email, or by an unsolicited telephone call. Here’s how it works:

• The notification advises you have won a prize, but you did not enter in any type of lottery or sweepstake by the promoter contacting you.
• The promoter will ask you to send payment to cover the cost of redeeming the prize when the prize does not exist.
• In this type of scam, you may rarely if ever receive any winnings in return.

Tips for the Phone

• Do not give out personal information, such as your account numbers, card numbers, Social Security, tax identification numbers, passwords, or PINs, unless you have initiated the call.
• We will not make an unsolicited call requesting your personal information.
• If you ever believe you are not talking to a representative of a legitimate company, hang up and call the phone number listed in the telephone book.

Phishing & Spoofing

While Stride Bank works to protect your banking privacy, you also play an important role in protecting your information. Here are a few steps you can take to protect your identity:

Phishing scams target consumers by “spoofing” emails and websites. Here’s how it works:

• You receive an email message, asking you to click on a link to update sensitive personal information.
• The link will redirect you to a “spoofed” website, which is designed to look like a legitimate website.
• The website will ask you to input personal information such as your account numbers, PINs, or a social security number.

Email Protection Tips

• Do not click links in Emails to log in, or to update or confirm your sensitive information
• Do not fill out forms in Emails
• Be cautious about opening attachments or downloading files, regardless of who sent them
• ‘Spam’, or mass email messages, often contain links to phishing websites and other unsavory websites.
• Many phishing scams originate outside of the United States. Be wary of emails from people or sources you don’t know or trust.
• Poor grammar and misspelled words from unknown sources asking you for personal information are clear warning signs of a phishing scam being operated outside of the United States.
• Legitimate companies or organizations will never ask you to divulge any personal information over email.
• Phishing emails may also be fake contests or offerings, asking you to input personal information.
• If an offer or email you receive is too good to be true, it most likely is.

Can You Spot a Phishing Scam?

Every day, thousands of people fall victim to fraudulent emails, texts and calls from scammers pretending to be their bank. And in this time of expanded use of online and mobile banking, the problem is only growing worse. In fact, the Federal Trade Commission’s report on fraud estimates that American consumers lost a staggering $5.8 billion to phishing scams and other fraud in 2021—an increase of more than 70 percent over 2020.

It’s time to put scammers in their place.

Online scams aren’t so scary when you know what to look for. And at WCF Financial Bank, we’re committed to helping you spot them as an extra layer of protection for your account. We’ve joined with the American Bankers Association and banks across the country in a nationwide effort to fight phishing—one scam at a time.

We want every bank customer to become a pro at spotting a phishing scam—and stop bank impostors in their tracks. It starts with these four words: Banks Never Ask That. Because when you know something sounds suspicious, you’ll be less likely to be fooled.

These four phishing scams are full of red flags:

• Text Message: If you receive a text message from someone claiming to be your bank asking you to sign in, or offer up your personal information, it’s a scam. 
• Email: Watch out for emails that ask you to click a suspicious link or provide personal information. The sender may claim to be someone from your bank, but it’s a scam.
• Phone Call: If you’re ever in doubt the caller is legitimate, just hang up and call the bank directly at a number you trust.
• Payment Apps: Beware of text messages from someone claiming to be your bank saying your account has been hacked. The scammer may ask you to send money to a new account they’ve created for you, but that’s a scam!