To report a lost or stolen debit or credit card, please call us at 936-636-7337 during normal business hours. After hours, please call 1-844-202-5333.

While Lovelady State Bank works to protect your banking privacy, you also play an important role in protecting your information. Here are a few steps you can take to protect your identity:

TIPS

• Add your phone numbers to the national Do Not Call Registry at www.donotcall.gov or by calling 1-888-382-1222. Since February 2008, these registered telephone numbers will no longer expire off the list.
• Examine your credit card and financial institution statements immediately upon receipt to determine whether there were any unauthorized transactions. Report any that you find immediately to the financial institution.

QUARTERLY

• Place a fraud alert every 90 days on your credit file at www.fraudalerts.equifax.com or by calling 1-800-525-6285. By placing a fraud alert with Equifax, you will automatically have alerts placed at Experian and TransUnion.

ANNUALLY

• Each year, you are entitled to one free credit report through https://www.annualcreditreport.com or by calling 1-877-322-8228.
• Request a copy of your Social Security statements at www.ssa.gov/mystatement to be sure that no one else is using your social security number for employment.

EVERY 5 YEARS

• opt out of pre-screened credit offers by calling 1-888-567-8688 or at https://www.optoutprescreen.com.

Please read the other sections to learn about the different types of fraud and how to prevent them, from spyware and other computer fraud to mail and phone fraud to e-mail phishing and web spoofing. Our Fraud Summary page provides more tips on how to protect yourself.

Contact us immediately at (936) 636-7337 if you notice any suspicious or unusual activity related to any of your Lovelady State Bank accounts

Identity Theft is the most popular and profitable form of consumer fraud. It occurs when someone uses your personal information such as your name, Social Security number, credit card number or other identifying information, without your permission to commit fraud or other crimes.

COMMON WAYS IDENTITY THEFT CAN HAPPEN:

• “Old Fashioned” Stealing
  Thieves typically steal wallets and purses. They also steal mail such as credit card and bank statements, pre-approved credit card offers, check orders and other financial mail.
• Dumpster Diving
  Thieves dig through trash looking for bills, financial or other personal information.
• Change of Address
  Thieves modify or redirect your billing statements to another address by completing a “change of address” form.
• Phishing
  Thieves may send unsolicited e-mails, pretending to be a financial institution or a company, asking you to click a link to update or confirm your personal or login information. The link is directed to a “spoof” website designed to look like a legitimate site.
• Skimming
  Thieves may use a card reader device to copy the card’s magnetic strip to duplicate without the card owner’s knowledge.

MONITOR YOUR ACCOUNTS

Keep track of transactions on your accounts by logging in to Lovelady State Bank’s Online Banking, where you can view your activity as it is posted.

PROTECT YOUR PERSONAL INFORMATION

• Do not carry your Social Security card in your wallet.
• Do not have personal information such as your Social Security number and driver’s license number printed on your checks.
• Keep your new and cancelled checks in a safe place.
• Do not leave your purse, wallet, checkbook, or any other forms of identification in your car
• Shred or tear up any documents containing banking or credit information, especially pre-approved credit offers, before you throw them away. To opt out of pre-approved credit card offers, call 1-888-567-8688.
• Keep your PINs and passwords a secret. Do not write them down or share them with anyone.

Contact us immediately at (936) 636-7337 if you notice any suspicious or unusual activity related to any of your Lovelady State Bank accounts.

Lovelady State Bank continually makes investments in state-of-the-art online banking security to ensure we protect the confidentiality of every customer’s online information and to provide the utmost security of every user.

COMPUTER PROTECTION TIPS:

• Update your computer operating system on a regular basis.
• Keep your browser current with the latest security updates.
• Use updated anti-virus software.
• Use updated anti-spyware software and consider using more than one, to ensure the most thorough scan.
• Change your passwords on a regular basis, as a good practice to help prevent unauthorized access.
• Download free software only from websites you know and trust.
• Do not install software without knowing exactly what it is or what it will do (read the end-user license agreement).
• Close pop-up ads by clicking on the “X” instead of clicking within the advertisement itself.
• Review your browser security settings and set them to a high enough level to help detect unauthorized downloads. (Click your browser’s “Help” menu for steps).
• Do not click link inside of spam email. Especially emails claiming to offer anti-spyware software.
• Install a personal firewall on your computer. A firewall works like a filter that prevents access to information on your computer.
• Do not give any of your personal information to any web sites that do not use encryption or other secure methods to protect it.

We recommend you learn ways to protect yourself from common fraud schemes.

VISHING

Vishing scams target consumers by “spoofing” text or voicemail messages that ask you to call a phone number and give your personal information. Here is how it works:

• You receive a “spoof” e-mail or text message about suspicious account activity.
• The text or voicemail message will ask you to call a “customer service” number.
• When you call the customer service number, a recording will ask you to provide personal information such as account numbers, passwords, a social security number, or other critical information.
• The recording may not mention the company’s name and could potentially be an indication the call is being used for fraud.
• You can also receive a phone call.
• The call could be a “live” person or a recorded message.
• The caller may already have your personal information, which may seem as if the call is legitimate.

SMISHING

Smishing is when consumers’ cell phones and other mobile devices are targeted with mobile spam. The spam, or text messages, attempt to trick consumers into providing personal information. Here is how it works:

• You receive a fake text message, which may include a fraudulent link, asking you to register for an online service.
• The scammer attempts to load a virus onto your cell phone or mobile device.
• The scammer may also send a message ‘warning’ you that your account will be charged unless you cancel your supposed online order.
• When you attempt to log on to the website, the scammer extracts your credit card number and other personal information.
• In turn, your information is used to duplicate credit, debit, and ATM cards.
• Scammers may also send you a text message again ‘warning’ you that your bank account has been closed due to suspicious activity.
• The text message will ask you to call a ‘customer service’ number to reactivate your account.
• When you call the number, you are taken to an automated voice mail box that prompts you to key in your credit card, debit card or ATM card number, expiration date and PIN to verify your information.
• Again, your information is used to duplicate credit, debit, and ATM cards.

LOTTERY/SWEEPSTAKES SCAMS

Lottery/Sweepstakes scams target consumers by a notification, which arrives through the mail, by email, or by an unsolicited telephone call. Here is how it works:

• The notification advises you to have won a prize, but you did not enter in any type of lottery or sweepstake by the promoter contacting you.
• The promoter will ask you to send payment to cover the cost of redeeming the prize when the prize does not exist.
• In this type of scam, you may rarely if ever receive any winnings in return.

CHECK OVERPAYMENT SCAMS

Check Overpayment scams target consumers who sell items through an online auction site or a classified ad. Here’s how it works:

• The seller takes a big loss when the ‘buyer’ passes a counterfeit cashier’s check, money order, corporate or personal check as payment.
• The counterfeit check is written for more than the agreed price.
• The ‘buyer’ will ask the consumer to wire back the difference after the check has been deposited.
• The check will more than likely bounce, and the consumer becomes liable for the entire amount.

TIPS FOR THE MAILBOX

Check Overpayment scams target consumers who sell items through an online auction site or a classified ad. Here’s how it works:

• Deposit outgoing mail at the Post Office.
• Remove incoming mail from your personal mailbox as soon as possible, or use a P.O. Box or locked, secure mailbox.
• Request a mail hold from the United States Postal Service or call them at 1-800-275-8777 if you plan to be away from home for an extended period.
• Know your billing cycles. If bills are late or missing, contact your creditors.
• Watch for your new or replacement Check card from us. You should receive it within five business days.
• Switch to a more secure way of receiving your account statement. When you sign up for Lovelady State Bank Online E-Statements, your statement will no longer sit in your mailbox. Instead, we will send you an e-mail when your statement is available through your secure Online Banking account.

TIPS FOR THE PHONE

• Do not give out personal information, such as your account numbers, card numbers, Social Security, tax identification numbers, passwords, or PINs, unless you have initiated the call.
• We will not make an unsolicited call requesting your personal information.

If you ever believe you are not talking to a representative of a legitimate company, hang up and call the phone number listed in the telephone book.

PHISHING

Phishing scams target consumers by “spoofing” text or voicemail messages that ask you to call a phone number and give your personal information. Here is how it works:

• You receive an email message, asking you to click on a link to update some sensitive personal information.
• The link will redirect you to a “spoofed” website, which is designed to look like a legitimate website.
• The website will ask you to input personal information such as your account numbers, PINs, or a social security number.

AVOID SPOOFED WEBSITES

To protect yourself from going to a spoofed website, always type: “www.pcsbank.net” into your browser when you login to your Lovelady State Bank Online Banking Account, instead of clicking a link in an e-mail.

E-MAIL PROTECTION TIPS

• Do not click links in e-mails to log in, or to update or confirm your sensitive information
• Do not fill out forms in e-mails
• Be cautious about opening attachments or downloading files, regardless of who sent them
• ‘Spam’, or mass email messages, often contain links to phishing websites and other unsavory websites.
• Many phishing scams originate outside of the United states. Be wary of emails from people or sources you do not know or trust.
• Poor grammar and misspelled words from unknown sources asking you for personal information are clear warning signs of a phishing scam being operated outside of the United States.
• Legitimate companies or organizations will never ask you to divulge any personal information over email.
• Phishing emails may also be fake contests or offerings, asking you to input personal information.
• If an offer or email you receive is too good to be true, it most likely is.

BANK ERROR MESSAGES

One of the newest schemes by fraudsters involves spoofing bank error messages. Here is how it works:

• Fraudsters will send you an e-mail message about a data or site maintenance error at Lovelady State Bank or any of your banks.
• The e-mail will ask you to click on a link, which will redirect you to a site and will install malware on your computer.
• This malware allows scammers to intercept your password and bypass the dual authentication system many financial institutions use.
• The next time you attempt to log in to your online banking service, scammers attempt to steal your password and may quickly drain your account.

E-MAILS FROM LOVELADY STATE BANK

For your protection, we will not send you an e-mail to update or confirm your sensitive information by clicking a link or replying.

Contact us immediately at (936) 636-7337 if you notice any suspicious or unusual activity related to any of your Lovelady State Bank accounts

ALERTS:

To:
Subject:
Summary:

Chief Executive Officer (also of interest to Security Officer)
Consumer Alert

E-mails fraudulently claiming to be from the FDIC are attempting to get recipients to click on a link, which may ask them to provide sensitive personal information. These e-mails falsely indicate that FDIC deposit insurance is suspended until the requested customer information is provided.

The Federal Deposit Insurance Corporation (FDIC) has received numerous reports from consumers who received an e-mail that has the appearance of being sent from the FDIC. The e-mail informs the recipient that “in cooperation with the Department of Homeland Security, federal, state and local governments…” the FDIC has withdrawn deposit insurance from the recipient’s account “due to account activity that violates the Patriot Act.” It further states deposit insurance will remain suspended until identity and account information can be verified using a system called “IDVerify.” If consumers go to the link provided in the e-mail, it is suspected they will be asked for personal or confidential information, or malicious software may be loaded onto the recipient’s computer.

This e-mail is fraudulent. It was not sent by the FDIC. It is an attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media.

The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to alert@fdic.gov.

For your reference, FDIC Special Alerts may be accessed from the FDIC’s website. To learn how to automatically receive FDIC Special Alerts through e-mail, please visit the FDIC’s website.

Sandra L. Thompson
Director
Division of Supervision and Consumer Protection

Distribution:
Note:

FDIC-Supervised Banks (Commercial and Savings)
Paper copies of FDIC Special Alerts may be obtained through the FDIC’s Public Information Center, 877-275-3342 or 703-562-2200

Corporate Account Takeover is an evolving electronic crime typically involving the exploitation of businesses of all sizes, especially those with limited to no computer safeguards and minimal or no disbursement controls for use with their bank’s online business banking system. These businesses are vulnerable to theft when cyber thieves gain access to its computer system to steal confidential banking information to impersonate the business and send unauthorized wire and ACH transactions to accounts controlled by the thieves. Municipalities, school districts, large non-profit organizations, corporate businesses, and any customers that perform electronic transfers are potential targets. Losses from this form of cyber-crime range from the tens of thousands to the millions with most of these thefts not fully recovered. These thefts have affected both large and small banks.
This type of cyber-crime is a technologically advanced form of electronic theft. Malicious software, which is available over the Internet, automates many elements of the crime including circumventing one-time passwords, authentication tokens, and other forms of multi-factor authentication. Customer awareness of online threats and education about common account takeover methods are helpful measures to protect against these threats. However, due to the dependence of banks on sound computer and disbursement controls of its customers, there is no single measure to stop these thefts entirely. Multiple controls or a “layered security” approach is required.

5 Tips to Prevent CATO

1. Use a computer that is dedicated only to handling online banking and bill pay. That computer or virtualized desktop would not have any other capabilities, such as sending and receiving emails or surfing the Web, since Web exploits and malicious email are two of the key malware infection vectors.
2. Online computer users should avoid using weak or default passwords for any online site and should refrain from using the same password for multiple sites. Use a “password manager” to put all your passwords in one database and avoid using the same password for more than one website
3. Institute and enforce a centralized plan for keeping computer applications, operating systems and security software updated. Make sure servers and workstations are fully patched promptly and regularly.
4. Implement a robust Intrusion Prevention Solution (IPS) to defend against cyber threats. An IPS provides policies and rules to block suspicious network traffic such as Web exploit kit attacks, SQL injection attacks, and banking Trojans that infect computers and steal data that allow intruders access to your banking accounts.
5. Before clicking on links or attachments in emails, always verify that the correspondent sent you the email with the link or attachment. Hackers are known for breaking into email accounts and sending malicious links and attachments. Verify with the sender to confirm the links or attachments are safe to click or open.