Avoid getting hooked by a phishing scam
• If you get an email or pop-up message that asks you for personal or financial information, do not reply.
• Use antivirus and antispyware software, as well as a firewall, and update them regularly.
• Don’t email personal or financial information.
• Review credit-card and bank-account statements carefully as soon as you receive them to check for unauthorized charges.
• Be cautious about opening attachments and downloading files from emails.
• Forward spam that is phishing for information to email@example.com.
• If you think you’ve been scammed, file a complaint at www.ftc.gov/spam.
Information provided by the Federal Trade Commission website
Online banking customers should monitor their inboxes and proceed with caution when it comes to following emailed instructions and directives.
A newer phishing scam sent via email tells The Heritage Bank customers to "quickly restore and secure your account access by following the link below. You will be required to authenticate your identify, account information and current location."
Online users who carefully read the message, which is peppered with spelling and grammatical errors, may notice something is amiss. But someone who quickly scans the email and follows the instructions provided may compromise their personal information, which could lead to account problems.
"A client should never click into a provided link. They should only use web addresses that they type in and know are correct," said John Crowley, The Heritage Bank marketing director. "Once they begin their log-in process, the client should verify all their chosen security information is correct."
The Federal Trade Commission has a special section on its website dedicated to consumer protection in regard to spam, fraud and other crimes that can be committed through phishing.
According to the FTC website, "Phishers send an email or pop-up message that claims to be from a business or organization that you may deal with — for example, an Internet service provider, bank, online-payment service or even a government agency. The message may ask you to ‘update,’ ‘validate,’ or ‘confirm’ your account information. Some phishing emails threaten a dire consequence if you don’t respond. The messages direct you to a website that looks just like a legitimate organization’s site. But it isn’t. It’s a bogus site whose sole purpose is to trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name."
Sometimes, the information even is sent to non-customers, an indication that scammers are trying to reach as broad an audience as possible.
"I am not a Heritage Bank customer, but I immediately recognized the message as a phishing scheme — a scam," frequent email user Mark Bolton said. "I’ve seen these quite frequently from national banks like Wells Fargo, Washington Mutual or Bank of America, but when I saw the familiar Heritage Bank logo on the message, I thought, ‘Wow, this is really close to home.’"
Bolton said he received the email on his business account at Coastal Electric Cooperative and could tell it was fake because when he hovered his mouse over the hyperlink text in the email, it revealed a different link from the one in the email.
"This is a common way scam artists attempt to deceive you and mask the real website location," Bolton said. "You would have to look very carefully to see that this fake website was hosted in Japan and not the real The Heritage Bank website. … Responsible banks like The Heritage Bank would never send you an email soliciting you to log onto their website and disclose confidential information. They have that information already."
What amazed Bolton the most was how realistic the site looks, something that could throw off an elderly person, who Bolton believes to be the main prey of the scammers.
"They ask you for all the information they want, even the secret questions. They ask for all of that and it looks exactly like The Heritage Bank page," Bolton said. "These things are not new. They’re floating around all the time."
Even with scammers trying to access account information on a local level, Bolton has enough faith in local banks that he doesn’t see it as a big enough issue to close his account.
"I really never fear for the safety of my money in a local bank. I know the funds are insured through FDIC, and I know that local banks go to extreme efforts to secure their websites," he said.
Crowley said that the problem of phishing — known as online scamming — is a concern for banks on a regular basis, but banks take it seriously and use a variety of methods to inform customers of such scams.
"Banks all around the world encounter a variety of frauds and scams committed by hackers and criminals every day," Crowley said. "We use a combination of safeguards to protect our clients, such as employee training, strict privacy policies, rigorous security standards, encryption systems and consumer education."
On the bank’s main website, customers clearly are warned against giving away personal information through any unsolicited emails, faxes, calls or Internet advertisements "no matter how genuine or official the message may appear to be."
The Heritage Bank asks that customers report any suspicious requests.