Consumer Protection

Identity Theft and Protection

Midstate Community Bank Customer Commitment

Midstate Community Bank will never send unsolicited emails asking customers to provide, update, or verify personal or account information, including passwords, Social Security numbers, PINs, credit or Check Card numbers, or other confidential information.

At Midstate Community Bank, our priority is ensuring our customer’s privacy and security.  In addition to our privacy measures and procedures, our website follows industry-standard safeguarding technology.  For more information on our privacy policy, visit our Privacy section.

More than your bank, Midstate serves as a resource for customers to prevent and detect identity fraud.  Below are helpful tips, tools and links to protect you in cases of identity theft and fraud. 

  • Never carry your social security card.  Don’t disclose your social security number unless absolutely neccessary and with a trusted source.
  • Never carry more credit cards than you need.  Cancel credit card accounts you don’t use.
  • Shred all bills and documents containing account or personal information.
  • Don’t leave receipts behind, and verify charges on your accounts against the receipts.
  • Never leave your purse or wallet unattended.
  • When traveling, postpone delivery of the newspaper and mail, or have a trusted neighbor/friend/family member collect these items for you.  A pile of newspapers and unattended mail is a clear indication that you may be away.
  • Don’t use the same password on multiple sites.
  • Avoid unknown sites when shopping online.
  • Be suspicious of any banner ad or unexpected pop-up ad that claims your computer is infected or in need of repairs.  Spyware scanners often use these tactics to trick you into purchasing ineffective or malicious software.  Keep your computer secure and make sure your antivirus software is up to date.
  • Familiarize yourself with scams.  The most common are lottery scams and inheritance scams.  If it sounds too good to be true, it most commonly is.

What is Phishing?

According to the Federal Trade Commission (FTC), the nation’s consumer protection agency, phishing is a method used by Internet fraudsters to lure personal information including:

  • Credit card numbers
  • Bank account information
  • Social Security number
  • Passwords
  • Other sensitive information

Typically this takes the form of an email or pop-up message that claims to be from a business or organization that you may deal with. You should never reply or click on a link from an unfamiliar source.  Never send personal information about yourself via email.  To find out more about how to protect yourself from Phishing scams, click here.   See disclaimer at bottom of page.

Know Your Credit Score

Knowing your credit score and the contents of your credit report can help consumers guard against identity theft and can help them obtain credit at rates reflective of their credit history.

By law, consumers can obtain a copy of their credit report once per year free of charge from each of the three credit reporting bureaus. Visit the FTC-sponsored website, www.annualcreditreport.com to obtain your free reports. Visit the FTC to find out how to dispute a credit report error.

TIP:  By staggering your requests, you can actually obtain a free
report every four months to stay as up-to-date as possible with
your credit report.

The Small Business Guide to Corporate Account Takeover

What is Corporate Account Takeover?

Corporate account takeover is a type of fraud where thieves gain access to a business’ finances to make unauthorized transactions, including transferring funds from the company, creating and adding new fake employees to payroll, and stealing sensitive customer information that may not be recoverable.

Corporate account takeover is a growing threat for small businesses. In 2011, seventy two percent of data breach cases affected businesses with 100 employees or less1.  It is important that businesses understand and prepare for this risk.

Cyber thieves target employees through phishing, phone calls, and even social networks. It is common for thieves to send emails posing as a bank, delivery company, court or the Better Business Bureau. Once the email is opened, malware is loaded on the computer which then records login credentials and passcodes and reports them back to the criminals.

Employee Education is Essential, but is Missing the Mark

Ninety two percent of respondents to a recent survey indicated employee education of small business employees was effective in reducing the threat of account takeover2.  However, nearly 80 percent of respondents to a small business survey said they had no formal internet security policy, with almost half indicating they provide no internet safety training to employees3.

 How do I protect myself and my small business?

The best way to protect against corporate account takeover is a strong partnership with your financial institution. Work with your bank to understand security measures needed within the business and to establish safeguards on the accounts that can help the bank identify and prevent unauthorized access to your funds.

A shared responsibility between the bank and the business is the most effective way to prevent corporate account takeover. Consider these tips to ensure your business is well prepared:

  • Educate your employees. You and your employees are the first line of defense against corporate account takeover. A strong security program paired with employee education about the warning signs, safe practices, and responses to a suspected takeover are essential to protecting your company and customers.
  • Protect your online environment. It is important to protect your cyber environment just as you would your cash and physical location. Do not use unprotected internet connections. Encrypt sensitive data and keep updated virus protections on your computer. Use complex passwords and change them periodically.
  • Partner with your bank to prevent unauthorized transactions. Talk to your banker about programs that safeguard you from unauthorized transactions. Positive Pay and other services offer call backs, device authentication, multi-person approval processes and batch limits help protect you from fraud.
  • Pay attention to suspicious activity and react quickly. Look out for unexplained account or network activity, pop ups, and suspicious emails. If detected, immediately contact your financial institution, stop all online activity and remove any systems that may have been compromised. Keep records of what happened.
  • Understand your responsibilities and liabilities. The account agreement with your bank will detail what commercially reasonable security measures are required in your business. It is critical that you understand and implement the security safeguards in the agreement. If you don’t, you could be liable for losses resulting from a takeover. Talk to your banker if you have any questions about your responsibilities.

Helpful links:

You are leaving Midstate’s website and Midstate does not provide and is not responsible for the product, service or overall website content available at these sites.  Our privacy policies do not apply to these websites and the viewer should consult the privacy disclosures on that site for further information.

www.ftc.gov
www.annualcreditreport.com
www.fdic.gov
www.identitytheft.gov
www.occ.gov
www.aba.com
www.treasurydirect.gov
www.staysafeonline.org

Investments:
http://www.finra.org/Investors/ProtectYourself/