Resources and Tools

Types of Fraud

Malware (malicious software) - software designated to infiltrate a computer system without the owner's informed consent. Examples are computer viruses, worms, trojan horses, spyware and dishonest adware.

Viruses - a computer program that can copy itself and infect a computer.

Spyware - a type of malware that is installed on computers and collects little bits of information at a time about users without their knowledge. Spyware can install additional software, redirect the Web browser, change computer settings and home pages, and/or cause loss of Internet access.

Rogue Software/Scanware - a form of malware that deceives or misleads the user into paying for fake or simulated removal of malware.

Phishing - a criminally fraudulent process of attempting to acquire sensitive information (Access IDs/UserNames, passcodes/passwords, credit card details. etc.), by masquerading as a trustworthy entity in an electronic communication.

Corporate Account Takeover - a type of fraud where thieves gain access to a business' finances to make unauthorized transactions, including transferring funds from the company, creating and adding new fake employees to payroll, and stealing sensitive customer information that may not be recoverable.

Tip for Protecting Yourself Online

Learn more about keeping your account safe and staying secure on the Internet.

  • Keep your computers and mobile devices up to date.
    Having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats. Consider turning on automatic updates so you receive the newest fixes as they become available. Be wary of ads (not from your security provider) claiming that your computer is infected.
  • Set strong passwords.
    A strong password is at least eight characters in length and includes a mix of upper and lowercase letters, numbers, and special characters. Change passwords to your online account regularly.
  • Watch out for phishing scams.
    Phishing scams use fraudulent emails and websites to trick users into disclosing private account or login information. Do not click on links or open any attachments or pop-up screens from sources you are not familiar with. Most browsers also now offer free anti-phishing tool bars that can help alert you of fraudulent websites. If you receive an email that you think could be a scam, social engineering or a phishing attempt, delete it immediately or forward the email to the Federal Trade Commission (FTC) at spam@uce.gov. If you ever receive a suspicious e-mail supposedly from Holladay Bank & Trust, please call us at 801-272-4275.
  • Keep personal information personal.
    Hackers can use social media profiles to figure out your passwords and answer those security questions in the password reset tools. Lock down your privacy settings and avoid posting things like birthdays, addresses, mother's maiden name, etc. Be wary of requests to connect from people you do not know. Always be wary of an email requesting your personal information: such as account number, ATM card number, PIN number, or social security number. If you send us an email, please do not include any confidential, personal or sensitive information in the email message, as email messages are not secure.
  • Secure your Internet connection.
    Always protect your home wireless network with a password. When connecting to public Wi-Fi networks, be cautious about what information you are sending over it. While Wi-Fi hotspots can be convenient, they are often unsecure. If you frequently surf the Internet, consider using a dedicated computer strictly for online banking.
  • Shop safely.
    Before shopping online, make sure the website uses secure technology. When you are at the checkout screen, verify that the web address begins with "https". Also, check to see if a tiny locked padlock symbol appears on the page.
  • Read the site's privacy policies.
    Though long and complex, privacy policies tell you how the site protects the personal information it collects.
  • Report any suspected fraud to Holladay Bank & Trust immediately.

Ways to Protect Your Mobile Device

  • Use the passcode lock on your smartphone and other devices. This will make it more difficult for thieves to access your information if your device is lost or stolen.
  • Log out completely when you finish a mobile banking session.
  • Protect your phone from viruses and malicious software, or malware, just like you do for your computer by installing mobile security software.
  • Use caution when downloading apps. Apps can contain malicious software, worms, and viruses. Beware of apps that ask for unnecessary "permissions".
  • Download the updates for your phone and mobile apps.
  • Avoid storing sensitive information like passwords or a social security number on your mobile device.
  • Be aware of shoulder surfers. The most basic form of information theft is observation. Be aware of your surroundings especially when you're punching in sensitive information.
  • Wipe your mobile device before you donate, sell or trade it using specialized software or using the manufacturer's recommended technique. Some software allows you to wipe your device remotely if it is lost or stolen.
  • Beware of mobile phishing. Avoid opening links and attachments in emails and texts, especially from senders you don't know. And be wary of ads (not from your security provider) claiming that your device is infected.
  • Watch out for public Wi-Fi. Public connections aren't very secure, so don't perform banking transactions on a public network. If you need to access your account, try disabling the Wi-Fi and switching to your mobile network.
  • Report any suspected fraud to Holladay Bank & Trust immediately.

Handouts:

Avoiding Social Engineering Attacks

Mobile Financial Services

Online Banking Security Tips

For more information please see the following links:

OnGuardOnline.gov

This website was created by the federal government to help people be safe, secure, and responsible online. This website is part of the National Initiative for Cybersecurity Education.

http://staysafeonline.org/

US-CERT - Cyber Security Tips

This website is published by the United States Computer Emergency Readiness Team (US-CERT) and describes and offers advice about common security issues for non-technical computer users.

https://www.us-cert.gov/ncas/tips

Federal Trade Commission - Privacy & Security

The Federal Trade Commission (FTC) website contains a Privacy & Security section containing a list of facts for consumers, articles, consumer alerts, and more.

https://www.consumer.ftc.gov/

Bureau of Consumer Protection - Data Security

The Bureau of Consumer Protection Business Center website contains a data security section with material to help people learn how to secure their information. The website section contains a list of educational documents discussing information security, information about data security related laws, reports, workshops, and more. It also has an interactive tutorial over protecting personal information.

https://www.ftc.gov/tips-advice/business-center/privacy-and-security/data-security