Back to Blog

Fraud Protection Tips

Financial fraud poses a potential risk to consumers in the form of identity theft, account takeover and fraud when personal and sensitive information is compromised. The following are tips for consumers to consider in reducing the risk or impact of hackers, data breaches, or fraudsters.

The information on this page is available as a download here.

Security Freeze

A security freeze protects against identity theft and the opening of fraudulent accounts with a consumer’s personal information. It will block an institution or lender from accessing a report unless a pre-set PIN is provided to “thaw” the report; a credit report may be thawed by a particular bureau for a period of time or for a specific lender. Allow for extra time for a loan or credit approval after placing a Freeze or Fraud Alert. Consumers must contact each of the bureaus listed below to place a security freeze.

Each credit bureau will provide or allow you to create a PIN to thaw or unfreeze your report in the future. Store the PIN securely and in multiple locations with other important documents, including a safe deposit box or home lockbox, or in a password-protected format electronically.

Some states charge fees to place a freeze, thaw, or unfreeze a credit report; see the sites above for specific state details.

Place a Fraud Alert on Credit Reports

A fraud alert on credit reports requires potential creditors to contact the consumer and obtain permission to open new accounts or lines of credit. Consumers are allowed by law to report they are an identity theft victim and file a fraud alert (aka a “security alert”) every 90 days; with proper documentation, such as a police report, the fraud alert period may be extended to seven years.

If consumers contact one of the first three listed below, that bureau must contact the other two; consumers must contact Innovis directly to place an alert.

Unless there is an extended fraud alert in place, make a reminder to renew the fraud alerts after 90 days.

Check Credit Report

Consumers are entitled by law to a free credit report from each of the credit reporting bureaus once a year.

The free credit report will show all lines of credit and other obligations, along with other public data. It will not display the FICO score; consumers may contact their financial institution or credit card issuer to request it. It usually costs a fee to retrieve a FICO score.

It is recommended that consumers check their report three times a year by pulling a report from each bureau every four months. Items to watch for are “new” or “reopened” accounts and other suspicious activity.

Don’t Fall For It! Other Sites will try to sell a credit report or offer a “free” report in exchange for signing up for a subscription service like credit monitoring. Watch out for look-alike sites that are not real, like “freecreditreport”.

Leverage Bank Safeguards:

Check with your bank for these additional account protections:

  • A security challenge pass-phrase that must be shared before any changes are made to account(s); restriction to only perform secure withdrawals or transfers to pre-specified accounts;
  • Text or email alerts the bank offers to monitor online or phone transactions, wire transfers, international transactions, new payees added to bill pay, and address or profile changes to accounts;
  • Account notes and travel protections if going on vacation, especially out of the country; account notes for active-duty military on assignment overseas, that they are not stateside;
  • Destroy sensitive documents using a cross-cut shredder or ask the bank to shred them.

Protect Against Fraud Scams

  • Practice email safety: don’t click on links in emails or open attachments unless the email was expected and verified; confirm a message is legitimate by contacting the sender directly via pre-determined contact information;
  • Be suspicious of email or phone requests to update or verify personal information;
  • Be wary of offers that are too good to be true, require fast action, or instill a sense of fear;
  • Be on guard against fraudulent checks, cashier’s checks, money orders, or electronic fund transfers with a request to return part of the funds via wire transfer;
  • Use security and privacy settings on social network sites and beware of random contacts from strangers;
  • Research “apps” before downloading, only download from an “app” store (iTunes, Play Store, Windows Store), and don’t assume an “app” is okay because the icon resembles that of a bank;
  • Beware of disaster-related scams where scammers claim to be from legitimate charitable organizations.
  • Beware of phishing emails. These are emails that appear to be from your bank or an online merchant, asking for your account information. Do not reply to them or click on any links.  The Callaway Bank or any other legitimate online merchant will never ask for your PIN or other personal financial information via email.

Protect Personal and Financial Information:

  • Sign up for Digital Banking and set up eAlerts and eStatements. Stay informed and remove the mailbox temptation from the equation!
  • Review your bank and credit card statements closely and frequently if you choose not to sign up for eAlerts or Statements. Contact the bank immediately if any unknown transactions occur. Review every few days to ensure immediate actions can be taken. Digital Banking at The Callaway Bank lets you be in control with custom alerts for your accounts and eStatements.
  • Safeguard credit cards, social security numbers, and other personal information:
    • Leave Social Security cards and unnecessary debit or credit cards in a secure location. Only carry them with you when you will be using them.
    • Only provide sensitive information over secured or encrypted websites, emails, chats, texts, apps, and other electronic communication tools;
    • Do not provide personal information or log in to critical accounts (email, online banking, etc.) on any public computers, such as hotel or library kiosks, or while using any public WiFi.
  • Use two-factor authentication to add an extra layer of protection to your account logins. Two-factor authentication requires two pieces of information to log in to an account, usually a password and a special security question, a code sent via SMS, approval via phone call, or biometrics.
  • Use password protections:
    • Create long passwords with at least 15 characters and use a mix of alpha-numeric characters (A, b, 1,9) and symbols (@, $, %, *);
    • Substitute symbols for letters such as “$” in place of “s” to help make it easier to remember.
    • Instead of a password, use a passphrase, a long (15-25 character) phrase or sentence that only makes sense to you and is easy for you to remember; do not use something common like “Maryhadalittlelamb” but use something uncommon like “DeniseGhasSocceronThursdays”.
    • Use a password checker to verify the strength of the selected password; do NOT put a valid password into an online password checker; instead, use a variation that is similar but not the same;
    • Do not use the same password for two critical websites or online accounts, do not share passwords with others, and do not use the “Remember My Password” feature in web browsers;
    • Change passwords often;
    • Use a password manager to enable longer passwords
    • Do not keep passwords you’ve written down unsecured.
  • Protect postal mail by locking the mailbox, if possible; monitor postal mail closely and act quickly if bills don’t arrive when expected or if a “new” credit card or account statement arrives;
  • Ask the post office to hold mail if you’ll be traveling for a long time. Choose eStatements for a secure option.
  • Shred bills, bank statements, pre-approved financial solicitations, and other confidential information before discarding them; check for local free “shred events” to securely dispose of documents.
  • Never write down your PIN (Personal Id Number). Memorize it as soon as you get it.
  • Do not disclose your PIN to anyone. No one from any financial institution, the police, or a merchant should ever ask for your PIN.
  • At an ATM or PIN pad, enter your PIN discreetly, shielding the keypad with your hand or body.
  • Use your Digital Wallet loaded with your Debit Card for in-person or online purchases. Contactless payment limits skimming, and the card number is kept safe.
  • Create a family “magic word” for use as an extra layer of protection against A.I. voice duplication/impersonation.

Share Article