Account Takeover Fraud:
We are seeing a significant increase in account takeovers. Account takeovers are when a fraudster gains access to your Online Banking account through social engineering. Fraudsters typically use tactics such as:
- Sending fraudulent text messages.
- Spoofing calls using a Bank phone number.
- Pop-ups granting control over your computer from a reputable source.
- Asking you to buy gift cards.
- Asking you to Zelle or Wire funds for any reason.
Safe Banking over the Internet
The Internet offers the potential for safe, convenient new ways to conduct banking business at any day or time. However, safe banking online involves making good choices and decisions that will help you avoid costly surprises and financial scams.
- Cashmere Valley Bank will never send you an e-mail or text message asking for your PIN or password, credit card numbers, account numbers, answers to security questions, or other sensitive information.
- If we request information from you, it is because you have initiated the contact and we are replying to you with a request for information that is necessary to verify your identity.
- E-mail messages sent by you to us from within Cashmere Valley Bank’s Online Banking are secured using 128-bit encryption. If a response is required, we will respond back to you within the secured e-mail. Your e-mail address will be used to notify you when you receive a reply.
- Emails from Cashmere Valley Bank only come from @cvb.bank or @cashmerevalleybank.com domains.
- Debit Card marketing campaign materials may come from email@example.com.
- Fraud alerts may be sent to you from DebitCards@cvb.bank. These alerts will never ask you to provide any sensitive information. If there is fraud on your account, please contact us.
- If you recieve an incoming call from someone claiming to be from Cashmere Valley Bank, we will never ask you to provide sensitive personal information incuding social security numbers, account numbers, or passwords. When in doubt, please hang up and call us back.
Fraudulent e-mails sent to you for the purpose of stealing personal and financial information are among the most common type of e-mail fraud.
"Phishing" is the practice of sending a fraudulent e-mail that requests confidential information. The message is disguised to look like a request from a legitimate organization that the recipient may already have a relationship with. Often the message includes a warning about a problem related to the recipient’s account and encourages them to provide personal information, which is then used to steal their identity.
Some things you should know about phony e-mails and some tips for spotting them:
- The e-mail may state that your account may be closed if you fail to confirm or authenticate your personal information immediately.
- Phony e-mails may provide a general greeting and not identify you by your name.
- Do not click on links you receive in an e-mail message asking for personal or financial information.
- Call the company directly to confirm requests for updating or verifying personal or account information.
- Do not share your IDs or passwords with anyone.
- Look for a secure connection on websites asking for personal or account information.
- If you think you may have provided personal or account information in response to a fraudulent e-mail or website, report the fraud immediately, change your passwords and monitor your account activity.
Defending Against COVID-19 Cybersecurity Scams:
The Cybersecurity and Infrastructure Security Agency (CISA) has published a warning encouraging individuals to be on high alert for phishing, social engineering, and disinformation campaigns relating to COVID-19. Please visit our Coronavirus page for precautions on how to protect yourself from scams and cyber-attacks.
- Email phishing is at an all-time high. Please verify with the intended recipient before you send out any financial information via email. CVB is not using any third-party services to send emails to clients regarding Payment Protection Program funding. Visit the FTC website for more guidance on Coronavirus scams.
Smishing is a combination of the words "SMS" and "Phishing". Smishing attacks are fast-growing and highly successful, and the financial industry is one of the most targeted. The most common tactic we see today are text messages asking the recipient to confirm or deny a financial transaction. Once the recipient responds, the fraudster typically calls them pretending to be a representative of their financial institution. Here are a few ways you can protect yourself against smishing:
- Don't click links or texts from unknown or suspicious senders. Shortened URLs could mean someone is attempting to mask fake URLs.
- Never respond to texts from unknown or suspicious numbers. Responding lets criminals know that your number is active.
- If a text message references a transaction you do not recognize, call the bank directly using a published number.
- Never send personal information via text, such as passwords, account numbers, usernames, etc.
- Never cooperate with urgent requests via text. Any legitimate company will give you ample notice about pressing issues.
As always, you can contact Cashmere Valley Bank directly with any questions or concerns.
Online Banking has multiple security features embedded in its architecture to keep your information confidential.
- In order to access your account information, your Internet Browser must support 128-bit encryption.
- We utilize an intricate system of firewalls and filtering routers to secure your information.
- If the Online Banking is idle for more than 10 minutes, it will automatically terminate your session.
- You are required to choose your own 8-20 digit alphanumeric Online Banking Password.
- If you unsuccessfully enter your Online Banking ID or Password three times, you will be locked out of the Online Banking portal.
- We do not transmit account numbers over the Internet. We use Pseudo account names to define your accounts.
- Shred all personal and financial information before throwing away.
- Don’t give your Social Security number or other personal credit information over the phone unless you initiate the call.
- Keep your personal (e.g. Social Security card, birth certificate, etc.) and bank/credit card records in a secure place.
- Call the post office immediately if you are not receiving your mail.
- Be aware of others nearby when entering your Personal Identification Number (PIN) at an ATM.
- Limit the number of credit cards and other personal information you carry in your wallet or purse.
- Report lost or stolen ATM, Debit, or Credit Cards to the bank immediately.
- If you have applied for an ATM, Debit, or Credit Card and have not received them promptly, immediately notify the financial institution involved.
- Sign all new cards upon receipt.
- Review your monthly accounts regularly for any unauthorized charges.
- Review your credit reports annually to safeguard your identity.
- When conducting business online, make sure your browser’s padlock or key icon is active.
- Avoid using the standard mother’s maiden name, birthdays, etc., for passwords or PINs.
- Don’t open e-mail from unknown sources, keep computer software up-to-date, and ensure you have.
Report any suspected fraud to your bank and the fraud units of the three credit reporting agencies immediately.
- Trans Union: (800) 916-8800
- Experian: (800) 301-7195
- Equifax: (800) 525-6285
Contact the FDIC if you have been a victim of banking fraud, or if you have visited a bank website that appears to be fraudulent.
- Report any telemarketing fraud scheme - FTC @ 1-877-FTC-Help or www.ftc.gov
- Report if victim of identity theft - FTC @ 1-877-IDTHEFT or https://consumer.ftc.gov/features/identity-theft
- If you are a victim of an internet crime, you may report to the Internet Crime Complaint Center (IC3) here.
- United States Postal Inspection Service - Contact when the mail service is part of fraudulent scheme - www.postalinspectors.uspis.gov
For additional tips on keeping your financial information secure:
- 7 Tips for Protecting Yourself Online
- 10 Ways to Protect Your Mobile Devices
- 5 Ways to Protect Your Small Business from Account Fraud
- 8 Tips to Protect Your Identity
For More Information: