As your service provider, we are committed to protecting you and your information. We recognize the special role that we play in managing sensitive information and in safeguarding the funds in our care. Because security and fraud prevention are a shared responsibility, it is important for you to protect your information conducting business online. Here are some ways that you can be informed and protect yourself in this important area.
Know Who You’re Doing Business With
One of the best ways you can protect yourself from fraud and other online cyber threats is to know who you are doing business with. While many Websites and emails are designed to look professional and secure, there are often telltale signs that can help you identify ones you want to avoid. The Better Business Bureau has information about online fraud.
What to Avoid
Don’t ever respond to pressure to buy. The Internet has no opening or closing time, shop at your leisure and only buy when you are sure it’s safe.
Don’t provide personal or payment information when requested through email (we always manage sensitive information through our secure website).
Avoid “get rich quick” schemes.
What to Do
If you have any doubt about a company, check with the Better Business Bureau or applicable services in other locations to make sure the company is legitimate.
Check refund and return policies before you buy.
Protect your personal information. Never give out your user name or password and make sure you use different passwords for each site you go to. For example, when you create a password for your financial institution, don’t use that password for any other site.
Create a Strong Password
Weak passwords – those that aren’t hard to guess or are common words – can be easily cracked. Strong passwords are VERY important. Here are some tips for creating or changing your password:
- Use a different password for each online account. Using the same password for more than one account risks multiple exposures if one site you use is hacked.
- Do not use people’s names or special dates as passwords. Avoid any combination of characters that friends or acquaintances can easily guess.
- Use syllables or acronyms. Avoid using complete words that appear in any dictionary regardless of the language. One option is to start with the first letters of a familiar phrase or your favorite song lyric.
- Mix it up! Use a combination of upper and lower case letters, numbers, and punctuation/special characters, such as &^$#.
- Change your password regularly, especially your financial and email accounts.
- Veem helps in this area by requiring password elements that will help limit potential for hacking.
Keep Your Password Safe
These may sound obvious, but it is worth repeating:
- Keep it to yourself. Do not share your password with others. You never know what the future will bring in relationships or coworkers, so do not give your password out – to anyone.
- Keep your passwords safe. Don’t write them down in a place where others can find them. There are programs available where you can securely store your passwords.
Phishing, Pharming, Vishing, and Smishing
Security people are often techies and are attracted to fanciful names for fraud tactics to make them more memorable. Here are some examples. Criminals are really smart and sophisticated, so vigilance is necessary because they mimic legitimate activity in an effort to lull you into parting with sensitive information.
If in doubt, you should validate requests pertaining to Veem by contacting the person with whom you are conducting business with using the Veem platform. And, if you suspect that something is amiss – please contact [email protected].
Here is a description of some common tactics to separate you from your sensitive information:
On the Internet, “phishing” refers to criminal activity that attempts to fraudulently obtain sensitive information. Sometimes a fraudster will first send you a benign email (think of this as the bait) to lure you into a conversation and then follow that up with a phishing email.
Here are some questions to ask if you think you have received a phishing email. You can use these same questions if you receive a vishing or smishing message:
- Do you know the sender of the email? If yes, continue to be cautious before clicking a link. If no, do not click any links.
- Have you checked the link? Mouse over the link and check the URL. Does it look legitimate or does it look like it will take you to a different website?
- Does the email contain grammatical errors? If so, be suspicious.
Pharming is another scam where a fraudster installs malicious code on a personal computer or server. This code then redirects any clicks you make on a website to another fraudulent Website without your consent or knowledge. To avoid pharming, follow the basic computer safety guidelines in Protect Your Computer. Be especially careful when entering financial information on a website. Look for the ‘s’ in https and the key or lock symbol at the bottom of the browser. If the website looks different than when you last visited, be suspicious and don’t click unless you are absolutely certain the site is secure.
Fraudsters also use the phone to solicit your personal information. Vishing relies on “social engineering” techniques to trick you into providing information that others can use to access and use your important accounts. People can also use this information to assume your identity and open new accounts.
If you receive an email or phone call requesting you call them and you suspect it might be a fraudulent request, look up the organization’s customer service number and call that number rather than the number provided in the solicitation email or phone call. Forward the solicitation email to the customer service or security email address of the organization, asking whether the email is legitimate.
Smishing uses cell phone text messages as the bait. Often the text will contain an URL or phone number. The phone number often has an automated voice response system. And again, just like phishing, the smishing message usually asks for your immediate attention.
In many cases, the smishing message will come from a “5000” number instead of displaying an actual phone number. This usually indicates the text message was sent via email to the cell phone, and not sent from another cell phone.
Do not respond to smishing messages.
Resources from the Consumer Financial Protection Bureau:
- What do I do if I think I have been a victim of identity theft?
- Don’t let malicious mail make off with your money:
- How can I spot identity theft?
- I think I or someone I know was the victim of a scam or financial exploitation. Who can I contact for help?
- How do I get my money back after I discovered an unauthorized transaction or money missing from my bank account?
- Protecting Against Fraud and Financial Exploitation: