Fraud Center

Fraudulent text messages are on the rise! 

Smishing is a combination of the words "SMS" and "Phishing". Smishing attacks are fast-growing and highly successful, and the financial industry is one of the most targeted. The most common tactic we see today are text messages asking the recipient to confirm or deny a financial transaction. Once the recipient responds, the fraudster typically calls them pretending to be a representative of their financial institution. Here are a few ways you can protect yourself against smishing: 
  • Don't click links or texts from unknown or suspicious senders. Shortened URLs could mean someone is attempting to mask fake URLs.
  • Never respond to texts from unknown or suspicious numbers. Responding lets criminals know that your number is active.
  • If a text message references a transaction you do not recognize, call the bank directly using a published number.
  • Never send personal information via text, such as passwords, account numbers, usernames, etc.
  • Never cooperate with urgent requests via text. Any legitimate company will give you ample notice about pressing issues.
For additional information, check out the FTC's informational site about phishing here:
https://consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams

As always, you can contact us directly with any questions or concerns.



Safe Banking over the Internet

The Internet offers the potential for safe, convenient new ways to conduct banking business anytime. However, safe banking online involves making good choices and decisions that will help you avoid costly surprises and financial scams.

Account Takeover Fraud:

We are seeing a significant increase in account takeovers. Account takeovers are when a fraudster gains access to your Online Banking account through social engineering. Fraudsters typically use tactics such as:

  • Sending fraudulent text messages.
  • Spoofing calls using a Bank phone number.
  • Pop-ups granting control over your computer from a reputable source.
  • Asking you to buy gift cards.
  • Asking you to Zelle or Wire funds for any reason.
These are a few of the tactics used to gain access to your online banking account that may result in the theft of your money.

If you receive an incoming call from a Cashmere Valley Bank representative, they will never ask you to provide full social security numbers, account numbers, passwords, or ask you to transfer money. When in doubt, please hang up and call us using a known number on our contact page. Please watch this video for more information concerning online banking fraud prevention:

Fraudulent e-mails sent to you for the purpose of stealing personal and financial information are among the most common type of e-mail fraud. 

"Phishing" is the practice of sending a fraudulent e-mail that requests confidential information. The message is disguised to look like a request from a legitimate organization that the recipient may already have a relationship with. Often the message includes a warning about a problem related to the recipient’s account and encourages them to provide personal information, which is then used to steal their identity. 

Some things you should know about phony e-mails and some tips for spotting them: 

  • The e-mail may state that your account may be closed if you fail to confirm or authenticate your personal information immediately. 
  • Phony e-mails may provide a general greeting and not identify you by your name. 
  • Do not click on links you receive in an e-mail message asking for personal or financial information. 
  • Call the company directly to confirm requests for updating or verifying personal or account information. 
  • Do not share your IDs or passwords with anyone. 
  • Look for a secure connection on websites asking for personal or account information. 
  • If you think you may have provided personal or account information in response to a fraudulent e-mail or website, report the fraud immediately, change your passwords and monitor your account activity. 

Defending Against COVID-19 Cybersecurity Scams:

The Cybersecurity and Infrastructure Security Agency (CISA) has published a warning encouraging individuals to be on high alert for phishing, social engineering, and disinformation campaigns relating to COVID-19. Please visit our Coronavirus page for precautions on how to protect yourself from scams and cyber-attacks.

  • Email phishing is at an all-time high. Please verify with the intended recipient before you send out any financial information via email. CVB is not using any third-party services to send emails to clients regarding Payment Protection Program funding. Visit the FTC website for more guidance on Coronavirus scams.
If you've received an email from us you believe may be fraudulent, please forward the email to Fraud@cvb.bank so we can investigate.

Tax Season Scam Warning!


Got an email or text message about a tax refund? It’s a scam.

IRS impersonators are at it again. This time, the scammers are sending messages about your “tax refund” or “tax refund e-statement.” It might look legit, but it’s an email or text fake, trying to trick you into clicking on links so they can steal from you. How? They tell you to click a link — supposedly to check on your “tax refund e-statement” or “fill out a form to get your refund.” But it’s a scam and if you click that link, the scammer might steal your identity or put malware on your phone or computer.

If someone contacts you unexpectedly about a tax refund, the most important thing to know is that the real IRS won’t contact you by email, text message, or social media to get your personal or financial information. Only scammers will.

If someone does reach out, here’s what to do:

  • Never click on any links, which can put malware on your computer or phone, letting scammers steal from you.
  • Check the status of any pending refund on the IRS official website. Visit Where’s My Refund to see if you’re really getting a refund.
  • Share what you know. By telling your friends and family members about the scam, you can help protect your community. 
If you clicked on a link in one of these messages, or you shared personal or financial information, report it at IdentityTheft.gov to get a free, customized recovery plan.

If you see this or any other a scam, even if you didn’t lose money, report it to the FTC at ReportFraud@ftc.gov.

(Source: https://consumer.ftc.gov/consumer-alerts/2024/01/irs-doesnt-send-tax-refunds-email-or-text)

Online Banking has multiple security features embedded in its architecture to keep your information confidential. 

  • In order to access your account information, your Internet Browser must support 128-bit encryption. 
  • We utilize an intricate system of firewalls and filtering routers to secure your information. 
  • If the Online Banking is idle for more than 10 minutes, it will automatically terminate your session. 
  • You are required to choose your own 8-20 digit alphanumeric Online Banking Password. 
  • If you unsuccessfully enter your Online Banking ID or Password three times, you will be locked out of the Online Banking portal. 
  • We do not transmit account numbers over the Internet. We use Pseudo account names to define your accounts.
  • Shred all personal and financial information before throwing away.
  • Don’t give your Social Security number or other personal credit information over the phone unless you initiate the call. 
  • Keep your personal (e.g. Social Security card, birth certificate, etc.) and bank/credit card records in a secure place.
  • Call the post office immediately if you are not receiving your mail.
  • Be aware of others nearby when entering your Personal Identification Number (PIN) at an ATM.
  • Limit the number of credit cards and other personal information you carry in your wallet or purse.
  • Report lost or stolen ATM, Debit, or Credit Cards to the bank immediately.
  • If you have applied for an ATM, Debit, or Credit Card and have not received them promptly, immediately notify the financial institution involved.
  • Sign all new cards upon receipt.
  • Review your monthly accounts regularly for any unauthorized charges.
  • Review your credit reports annually to safeguard your identity.
  • When conducting business online, make sure your browser’s padlock or key icon is active.
  • Avoid using the standard mother’s maiden name, birthdays, etc., for passwords or PINs.
  • Don’t open e-mail from unknown sources, keep computer software up-to-date, and ensure you have.

Report any suspected fraud to your bank and the fraud units of the three credit reporting agencies immediately.

  • Trans Union: (800) 916-8800
  • Experian: (800) 301-7195
  • Equifax: (800) 525-6285
If you paid someone you think is a scammer, or gave a suspected scammer your personal information or computer access, please visit the FTC for next steps. If you suspect a scammer has your banking information, please contact us immediately.
 

Contact the FDIC if you have been a victim of banking fraud, or if you have visited a bank website that appears to be fraudulent.

  • Cashmere Valley Bank will never send you an e-mail or text message asking for your PIN or password, credit card numbers, account numbers, answers to security questions, or other sensitive information.
  • If we request information from you, it is because you have initiated the contact and we are replying to you with a request for information that is necessary to verify your identity.
  • E-mail messages sent by you to us from within Cashmere Valley Bank’s Online Banking are secured using 128-bit encryption. If a response is required, we will respond back to you within the secured e-mail. Your e-mail address will be used to notify you when you receive a reply.
  • Emails from Cashmere Valley Bank only come from @cvb.bank or @cashmerevalleybank.com domains.
  • Debit Card marketing campaign materials may come from cashmere_valley_bank@mail.vresp.com.
  • Fraud alerts may be sent to you from DebitCards@cvb.bank. These alerts will never ask you to provide any sensitive information. If there is fraud on your account, please contact us.
  • If you receive an incoming call from someone claiming to be from Cashmere Valley Bank, we will never ask you to provide sensitive personal information including social security numbers, account numbers, or passwords. When in doubt, please hang up and call us back.

If it seems too good to be true, it probably is. If you're suspicious about a check you received, ask yourself:

  • Is the check for more than you expected?
  • Did you receive specific instructions on how to deposit the check, such as through mobile deposit or the ATM?
  • Did you receive the check through email or social media?
  • Are you asked to send money back using an immediate form of payment such as: a money order, gift card, wire transfer, a payment app like Zelle®, or mobile payment?
  • Are you pressured to act quickly to make the deposit and return the money right away?
  • Does the person who sent the check keep asking when you’re going to send the money? Are they badgering you?

If you answered ‘yes’ to any of these questions, don’t deposit the check. Call your nearest Cashmere Valley Bank branch and ask to speak to someone about the check you received.

Be aware: It could take weeks for a bank to confirm a bad check after it’s deposited, and you may be out the amount of the check plus any money sent to the scammer. If you authorize a transfer or send money to a scammer, we may not be able to get your money back.

Tech Support Scams – Don’t Become a Victim!

Pop up alerts on your computer may be convincing, but they aren't real — and they don't help you or protect your computer in any way. In fact, these types of alerts are usually created by cybercriminals to try to trick you into installing malware on your device.

How can you avoid becoming a victim to tech support scams?

Here are four tips to protect against tech support scams:

  • Recognize legitimate tech companies. Security pop-up warnings from real tech companies won’t ask you to call a phone number. Real tech companies will not ask you for banking or other personal information.
  • Never give control of your computer to someone who contacts you out of the blue. Avoid giving anyone you don’t know access to your computer. Be cautious of downloading any applications at the request of anyone you don’t know.
  • Don’t click links in unsolicited pop-ups or emails. Avoid clicking on any links if an unknown pop-up appears on your screen. The same is true for unsolicited emails and text messages. Instead, navigate to the company’s site by typing in their URL.
  • Maintain your anti-virus software. Use trusted anti-virus security software and make sure to update it regularly.

As always, if you have any questions or concerns, please reach out to us by phone or by visiting any one of our branch locations.

For additional tips on keeping your financial information secure:

For More Information:

Are you curious about information on current news around cybersecurity? Please visit our Cybersecurity News page.