Set Up Notifications
- Set your operating system to automatically download & install updates. Reboot your PC periodically to ensure they finish installing.
- Whether you’re using a Windows PC or a Mac, install a reputable anti-malware (aka anti-virus) software. Similar to your operating system, set it to install updates automatically and scan your PC for threats at least weekly.
- Create regular backups of your computer and store them on an external drive or with a reputable cloud provider. This will help protect against data loss and also speed up recovery time in the event your computer’s security is compromised.
- Delete or disable accounts you no longer use. This includes social media, subscriptions, and other services.
- Do not click on warnings or messages that claim your computer is infected with malware and can be resolved by purchasing additional software. This is almost always a scam. Run a scan with your existing anti-malware software.
- Set a PIN or Passcode on your phone. Avoid simple or sequential codes such as 0000 or 1234.
- Set the device to automatically wipe all data after a set number of failed, repetitive logins.
- Regularly check for and install software updates from the manufacturer.
- Make sure to wipe all the data when disposing of or trading in your phone.
- Take advantage of biometric security (FaceID, fingerprint,etc) if supported by your phone. This allows you to have a strong device passcode but use your biometric identity to login.
- Avoid clicking links or attachments within emails unless you are familiar with the sender and know the reason for the email.
- Always enable multi-factor authentication (also called two-step security) on your email accounts.
- If you keep a written list of passwords, store it in a safe place. Never under your keyboard or on your desk. Use a password vault or password manager from a reputable software company. Avoid letting your web browser remember passwords.
- Create unique passwords or passphrases for each account. Don’t reuse the same one for all your different logins. This is crucial for your email, financial, and health accounts.
- Create passphrases. These long word-based passwords are secure and easier to remember. Use uppercase letters, lowercase letters, numbers, and symbols. Example: MyDogAlwaysJumpsOnTheBed@7am
- Avoid using important dates or names in your password, such as SSN, birthdates, anniversaries, family members’ names, pets’ names, etc.
- Enroll in two-factor authentication if the website offers it. This provides an extra layer of protection by requiring you to use a special code that is texted or emailed to you while logging in.
- Change passwords at least once per year, even if the website doesn’t require it.
- Never enter your password after clicking an email link or attachment. It could be a scam email. Instead go directly to the company’s website and login from there.
- Avoid using public computers or public WiFi to login to your accounts.
Phishing scams try to lure account holders into providing personal or financial information to scammers posing as legitimate businesses. These scams can be conducted by email, phone calls, text messages, or social media.
What You Can Do
Be wary of emails, messages, or phone calls that request your confidential information like your Social Security Number; account numbers; usernames & passwords; PINs, or any other personally identifiable information.
If an email looks suspicious or is from an unknown source, don’t provide any information, open any attachments or click on any links, even if the email threatens to close or suspend your account or states your account has been compromised. Opening attachments or clicking links could download spyware to your computer or mobile device.
What to Do If You Suspect You’re a Victim
If an email looks suspicious or is from an unknown source, don’t provide information, open attachments or click any links. If you suspect you’ve fallen victim to a phishing scam, follow these steps immediately:
- Ensure that your computer’s firewall, anti-virus, and spyware detection software is current.
- Run a virus scan on your computer and clean up any viruses or trojans that are detected.
- Change your online banking password and username from an uninfected computer.
- Change your mobile password or enable Touch ID.
- Call iTHINK Financial at 800.873.5100 to speak with us immediately.
Wire fraud is on the rise, with scammers typically using Phishing techniques to lure their targets. And once a wire has been sent, it’s not always possible to get your money back.
One popular method of this scam targets homebuyers as they enter the closing phase of their purchasing journey. Posing as a real estate agent or other legitimate contacts, the scammer requests a transfer of funds to cover the closing, titling, or other associated costs. Unfortunately, the transfer instructions route to the scammer's bank account, conning their target out of those funds.
Scammers aren’t solely focused on homebuyers, though. They have been known to spoof vendors, colleagues, and other known contacts to fool people into transferring money.
The very best way to protect yourself from a scam like this is to call your credit union/bank, realtor, or whoever supposedly sent the email directly to verify they made the request and that information like routing numbers are correct. Don’t use the phone numbers in the email, though; use numbers from your statements, contract, or other documents you know to be legitimate.
Beyond that, look for classic signs of phishing—like those below—that can tip-off that the request is fraudulent.
- Be cautious about any email requesting a wire transfer of funds—even if it appears to come from a legitimate source.
- Double-check the email address for anything suspicious; hover your mouse over the “From” address. If it’s something like firstname.lastname@example.org or it’s from a general email address like Gmail or Yahoo, it’s likely from a scammer.
- Pay close attention to the body of the email for spelling errors or generally poor writing.
If you believe you may have responded to a phishing request, please call iTHINK Financial at 800.873.5100 to speak with us immediately.
Identity theft can happen even if you’ve been very careful with your personal information. Below are some potential indicators of identity theft.
- Failing to receive bills or other mail.
- Receiving cards or billing statements on accounts for which you did not apply.
- Receiving calls from debt collectors or companies about merchandise or services you didn’t buy.
- You see withdrawals from your bank account that you can’t explain.
- Merchants refuse your checks.
- You find unfamiliar accounts on your credit report.
- The IRS notifies you that more than one tax return was filed in your name, or that you have income from an employer you don’t work for.
- You get notice that your information was compromised by a data breach at a company where you do business or have an account.
If you believe you have been a victim of identity theft, follow these steps immediately:
- If you think fraud has already occurred, you can freeze your credit report. A security freeze prevents potential creditors from being able to pull your credit file. When your credit file is frozen, ID thieves will still be able to apply for credit in your name, but they will not be able to establish new lines of credit. You are also able to unfreeze your credit file anytime and freezing your credit will not affect your credit score. Call each Credit Reporting Bureau separately to initiate a freeze; Experian, Equifax and Transunion.
- Make sure you have the most recent version of your firewall, antivirus and spyware detection software.
- Run a virus scan on your computer and remove any threats it detected.
- Change all your passwords from an uninfected device.
- Check your accounts frequently and report any unauthorized transactions to us as soon as you notice them.
- Call iTHINK Financial at 800.873.5100 to speak with us immediately.
- Visit www.identitytheft.gov for additional resources
Scammers are taking advantage of coronavirus (COVID-19) fears. Keep your personal information protected by being cautious of scammers:
- Requesting your bank account information for depositing your stimulus check (visit irs.gov/coronavirus)
- Claiming to be the Center for Disease Control and Prevention (CDC) with medical information or vaccines.
- Selling fake products or gift cards
- Asking for donations to fake charities
- Getting you to click a link to access your device or account-often posing as your financial institution
- Request to wire funds to a foreign account – claiming a friend or relative is stuck in a foreign country.
Learn more tips from Federal Trade Commission www.ftc.gov.
Tech support scammers want you to believe you have a serious problem with your computer, like a virus. They want you to pay for tech support services you don't need, to fix a problem that doesn’t exist. They often ask you to pay by wiring money, putting money on a gift card, prepaid card or cash reload card, or using a money transfer app because they know those types of payments can be hard to reverse.
- Legitimate tech companies won’t contact you by phone, email or text message to tell you there’s a problem with your computer.
- Security pop-up warning from real tech companies will never ask you to call a phone number.
- If you need tech support for your computer, go to someone you know and trust. Many software companies offer support online or by phone. Only contact them using the contact information from their trusted website.
- Stores that sell computer equipment also offer technical support in person.
Job Scammers advertise jobs the same way legitimate employers do — online (in ads, on job sites, and social media), in newspapers, and sometimes on TV and radio. They promise you a job, but what they want is your money and your personal information. Here are some examples of jobs scams and tips to help you avoid them.
- Examples of job scams include work from home, reshipping scams, reselling merchandise, car wrap, mystery shopper, job placement.
- Legitimate employers, including the federal government, will never ask you to pay to get a job. Anyone that does is a scammer.
- Legitimate employers will never ask you to open a bank account to process transactions for the business through your personal bank account.