How to Protect Your Privacy
Identity theft is a fast growing crime, which is when a thief gains access to and uses an individual’s personal identifying information without his or her knowledge in order to commit fraud or theft. Minimize your risk of becoming a victim of identity theft by taking the following steps:
Personal Identifying Information
- Always protect personal identifying information, such as your date of birth, Social Security number, credit card numbers, bank account numbers, Personal Identification Numbers (PINs) and passwords.
- Do not give any of your personal identifying information to any person who is not permitted to have access to your accounts.
- Do not give any of your personal identifying information over the telephone, through the mail or online unless you have initiated the contact or know and trust the person or company to whom it is given.
Credit, Debit and ATM Cards
- Limit the number of credit, debit and ATM cards that you carry.
- Cancel all cards that you do not use.
- Retain all receipts from card transactions.
- Sign new cards as soon as you receive them.
- Report lost or stolen cards immediately.
- Consider investing in a locking mail box or Post Office Box.
- Promptly remove mail from your mailbox.
- A large percentage of identity theft is a result of mail stolen out of the victim’s mail box.
- Deposit outgoing mail in a post office collection box, hand it to a postal carrier, or take it to a post office instead of leaving it in your doorway or home mailbox, where it can be stolen.
Bank Account and Credit Card Statements
- Contact your financial institution immediately if a bank account or credit card statement does not arrive on time.
- Review your bank account and credit card statements promptly and immediately report any discrepancy or unauthorized transaction.
Telephone, Email and Online Solicitations
- Be suspicious of any offer made by telephone, on a Web site or in an email that seems too good to be true.
- Before responding to a telephone or Internet offer, determine if the person or business making the offer is legitimate.
- Do not respond to an unsolicited email that promises some benefit but requests personal identifying information.
- OECU will never request your credit card or account information if we have to contact you. The only time we will ask for your information is when you contact us, and we only request information that will identify you or assist us in addressing a problem with your account. If you should receive an email or phone call requesting such information that appears to be OECU, do not respond and contact us immediately at 405.606.6328 or 877.677.6328.
PINs and Passwords
- Memorize your PINs and passwords and keep them confidential.
- Change your passwords periodically.
- Avoid selecting PINs and passwords that will be easy for an identity thief to figure out.
- Do not carry PINs and passwords in your wallet or purse or keep them near your checkbook, credit cards, debit cards or ATM cards.
Be proactive and help defend yourself against identity theft
Perform an annual check-up on your credit history.
www.annualcreditreport.com offers consumers one free credit report per year for each of the three reporting credit bureaus. It is recommended that consumers request a report at four-month intervals rather than requesting all three at once. This enables the consumer to track their report several times throughout the year.
To contact the 3 credit bureaus directly:
Use safe computer practices.
- Don’t open attachments from unknown email sources.
- Delete emails from unknown sources without opening them.
- Block pop-ups.
- Delete temporary internet files after online purchases.
- Turn off computer or use “standby” mode.
- Purchase/Use anti-virus and firewall software
- Use the "HTTPS" version of a website whenever possible. Also be wary of any certificate/security warning prompts displayed when navigating to an HTTPS website, as these could indicate an attempted impersonation of the HTTPS website in question.
- Only install PC applications from reputable sources
Use safe mobile device practices.
- Only install applications from known sources such as the App Store, Google Play, Microsoft, etc
- Secure mobile devices with a minimum of a PIN based authentication
- Avoid "rooting/jailbreaking" mobile devices. In addition to potentially compromising device security, this can also disable mobile payment services such as Android Pay, Apple Pay and Samsung Pay.
- Review manufacturer and carrier performance history regarding device updates when purchasing a new mobile device such as a phone or tablet. Poor device support can lead to poor device security due to unfixed vulnerabilities.
Sign-up for online statements.
Accessing information via a secure internet website is much more secure than having your account information in your mailbox, easily accessible to crooks.
Use online bill pay.
Most payments are processed electronically. For those that are not, payments are paid from a master account which means a crook will not have access to your MICR account and routing numbers.
Shred account-sensitive documents.
This will help deter identity theft in the event of a burglary.
Checking Account Safety
- Shred any unused checks or checks from closed accounts. Even checks from closed account can be used to instigate fraud. Criminals will use them to make purchases, which can affect the innocent consumer. Criminals will even order more checks off closed accounts to continue their fraud scheme.
- Use first initial, last name for preprinted payer information on checks (for example, “J. Doe” instead of “John Doe”).
- Use a Sanford® Uniball® Signo Gel 207 ink pen to write and sign checks. When checks are “washed” by counterfeiters to remove the writing, it is impossible to completely remove this type of ink because the ink is specially formulated to absorb into the fibers of the paper. (This ink pen is recommended by the FBI.)
- Consider substituting your work address/phone for personal on your checks.
- Request check orders sent directly to your financial institution. To prevent check information stolen from your mailbox.
How to protect yourself against a Corporate Account Takeover (aka Business Identity Theft)
A Corporate Account Takeover is the business equivalent of personal identity theft. Hackers, backed by professional criminal organizations, are targeting small and medium-sized businesses to obtain access to their web banking credentials or remote control of their computers. These hackers will then drain the deposit and credit lines of the compromised bank accounts, funneling the funds through mules that quickly redirect the monies overseas into hackers’ accounts.
- As a business owner, you need an understanding of how to take proactive steps and avoid, or at least minimize, most threats.
- Apply operating system and application updates (patches) regularly
- Ensure that anti-virus/spyware software is installed, functional and is updated with the most current version
- Have host-based firewall software installed on computers
- Use latest versions of Internet browsers and keep patches up to date
- Do not batch approve transactions; be sure to review and approve each one individually
- Review your banking transactions and your credit report regularly
- Contact your Information Technology provider to determine the best way to safeguard the security of your computers and networks
Your Rights & Responsibilities under Regulation E
The Electronic Funds Transfer Act (known as Regulation E) was passed in 1978 to establish the rights and liabilities of consumers, and to establish the responsibilities of all participants in electronic funds transfers (EFT).
Who is Covered by Regulation E?
Regulation E applies to any electronic fund transfer that occurs against a consumer accounts. Regulation E does not cover commercial, trust, business, or organizational accounts.
Electronic fund transfers covered:
- Point-of-Sale transfers/purchases
- ATM transfers
- Direct deposits or withdrawal of funds
- Transfers initiated by telephone
- Transfers resulting from debit card transactions
Liability for Unauthorized Transactions
Tell us at once if you believe your debit/credit card or PIN has been lost or stolen, or if you believe that either of them is in the possession of an unauthorized person. Telephoning is the best way of keeping your possible losses down. You could lose all the money in your account(s) plus any available maximum overdraft line of credit. If you tell us within 2 business days you can lose no more than $50 if someone used your card or PIN without your permission.
If you do not tell us within 2 business days after you learn of the loss or theft of your debit/credit card or PIN, and we can prove we could have stopped someone from using your card or PIN without your permission if you had told us, you could lose as much as $500.
Also, if your statement shows transactions that you did not make, tell us at once. If you do not tell us about unauthorized transactions within sixty (60) days after the statement was mailed to you, you may not get back any money lost after the sixty (60) days if we can prove that we could have stopped someone from taking the money if you had told us in time.
If a good reason kept you from telling us, such as a long trip or a hospital stay, we will extend the time periods. Note: The liability limits stated above refer only to unauthorized electronic access and transfers through Telephone Banking, ATMs, point-of sale terminals and Preauthorized Transfers. There are no set limits for customer liability for over-the counter unauthorized transactions at an OECU branch. For your protection, please examine you statements promptly and notify us immediately of any problem.