Online Security

Notice

If you have recently received fraudulent e-mail attempting to trick you into divulging personal or financial information, a tactic known as “phishing”, you are not alone. Phishing schemes are on the rise. Phishing e-mail is designed to masquerade as legitimate messages from banks, retail stores and even credit card companies. The senders of fraudulent e-mail use dozens of covert tactics to convince you to give them private information such as user IDs, passwords, social security numbers and account information.

TIB will NEVER ask you to divulge personal information by e-mail.

If you receive an e-mail purporting to come from TIB, report it immediately.

How to Report Suspicious E-mail

If you receive a suspicious e-mail claiming to be from TIB, forward the e-mail to or call 1-800-808-9555.

If you receive a suspicious e-mail from an organization other than TIB, forward the e-mail to the United States Computer Emergency Response Team at phishing-report@us-cert.gov

Phishing Scams

Approximately 5 percent of all individuals who receive phishing e-mails believe they are legitimate and respond in some way to them according to the Anti-Phishing Working Group (anti-phishing.org). Responding to a fraudulent e-mail could lead to devastating consequences, which include financial loss and identity theft.

To avoid falling for phishing scams: Be suspicious of e-mail messages with urgent requests for personal information.

Phishers:

  • typically include urgent requests for information or inappropriate statements in their e-mails to get people to react immediately.

  • typically ask for information such as usernames, passwords, credit card numbers, social security numbers, etc.

  • send e-mails that are not addressed directly to you but to a group, i.e. Dear TIB Customer, etc.

Be wary of e-mails that contain typographical, wording, or grammar errors. This may be an indication that the e-mail is fraudulent.

Do not use embedded e-mail links to access a web page, especially if you suspect that the e-mail is not authentic. Contact the company by phone, or directly access the company’s website by typing the web address yourself into the web browser.

Avoid filling out forms in e-mail messages or filling out forms from websites accessed through embedded e-mail links. You should only communicate sensitive information via a secure website that you accessed directly yourself by manually typing the web address within the web browser.

If entering sensitive information at a website, ensure the website is secure. The best way to ensure you are using a secure website is to verify the website address begins with: "https://" as opposed to just "http://".

Monitor your bank, credit card and other accounts regularly.

Monitor your credit report at least once a year. You are eligible to receive one credit report a year from each of the three main credit bureaus (i.e. Equifax, Experian, and TransUnion). Your free credit reports can be accessed at the following link: https://www.annualcreditreport.com/cra/index.jsp

Ensure your web browser and operating system are kept up to date with the most current security patches. In particular, people who use the Microsoft Internet Explorer browser should obtain and install security patches from the Microsoft Security home page: http://www.microsoft.com/security

If you receive a suspicious e-mail claiming to be from TIB, forward the entire e-mail with the original e-mail header intact to abuse@tibsite.com or call 800-808-9555.

If you receive a suspicious e-mail from an organization other than TIB, forward the entire e-mail with it’s header information intact to the United States Computer Emergency Response Team at phishing-report@us-cert.gov.

Victims of Phishing

  1. Contact your financial institutions immediately.

  2. Contact the major credit bureaus (i.e. Equifax, Experian, and TransUnion) and request that a fraud alert be placed on your credit report.

  3. File a complaint with the FTC. To file a complaint and to alert lenders of your situation, obtain the Identity Theft Affidavit residing at the following web address: www.consumer.gov/idtheft

  4. Review all billing and bank statements immediately for accuracy.

  5. Close all affected accounts and open new ones.

  6. Contact your law enforcement agency and file a police report.

  7. Contact the Social Security Administration (www.ssa.gov) if your Social Security Number has been compromised.

E-mail Examples

Fraudulent Email Example 1(Note the Spelling, wording, and grammar errors in e-mail)

Subject: Important information regarding your TIB-The Independent BankersBank account
Dear TIB The Independent BankersBank Customer,

We regret to inform you, that we had to lock your TIB The Independent BankersBank Online Access because we have reasons to believe that your account may have been compromised by outside parties. In order to protect your sensitive information, we temporarily suspended your account.

To reactivate your account, click on the link below and confirm your identity by completing the secure form what will appear.

<fraudulent webpage link>

We have seen unusual attempts for logging in regarding your personal account, therefore this confirmation regarding your account it’s only for security reasons.

Thank you for your time and consideration in this matter,

 

Fraudulent Email Example 2 (Note the Spelling, wording, and grammar errors in e-mail)

Subject: Online Banking and Bill Pay Deactivation Notice
Dear TIB the Independent Bankersbank,

We are performing system maintenance, wich may interfere with access to your Online Banking. Due to these technical updates your online account has been deactivate. TIB the Independent Bankersbank recommend you to reactivate your online account. Go to Online Banking and Bill Pay Services by clicking this link, verify your identity as a customer of TIB the Independent Bankersbank and your online account access will be reactivate by our system.

  • Go to <https:// fraudulent webpage link>

  • Enter your Customer Identification Number (CIN) or User ID and Password.

  • You will be taken to the "Verify Your Identity" page.

  • After your verification process is completed you will be able to access your account again.

We regret any inconvenience this may cause you.