Security and PrivacyAt Align, we take your security and privacy seriously. We've gathered the information and tools below to serve as a resource for our Members.
Current Security Alerts
Current Security Alerts
Yahoo Accounts Security Breach
Yahoo has recently announced a security breach of more than one billion Yahoo accounts. Yahoo is advising all users to change their passwords immediately. To read more about this security breach, click here.
IRS Warns of Automated Phone Scams
The Internal Revenue Service warns taxpayers to be aware against an increase of IRS impersonation scams in the form of automated calls and new tactics from scammers demanding tax payments on iTunes and other gift cards. To read more about this latest scam, visit the IRS.gov website.
Tech Support Scams Target the Elderly
Fraudulent phone calls are being circulated to the elderly from computer techs that are claiming to be associated with well-known companies like Microsoft. They say that they’ve detected viruses or other malware on your computer to trick you into giving them remote access or paying for software you don’t need. Please do not respond to these types of phone calls and if you have any concerns, contact our Member Care Center at 800-942-9575. You can read more about these tech support scams here.
Anthem, Inc. Cyber Attack
Updated May 2015Anthem, Inc. reported that its database has been the target of a very sophisticated external cyber attack. These attackers gained unauthorized access to Anthem’s IT system and have obtained personal information from current and former members such as their names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data. Visit the Anthem, Inc. website for more information about this breach. For information on how to protect yourself from Identity Theft, see the Federal Trade Commission website for tips.
FBI Warns Public of Disaster Scams
April 27, 2015
The FBI is alerting the public about scammers that are now using the Nepal disaster to trick people in clicking on links, both on Facebook and Twitter using phishing emails trying to solicit charitable giving for the earthquake victims. To read more about this, visit the FBI website. Please take the following precautions:
- Do NOT follow unsolicited web links or attachments in email messages
- Maintain up-to-date antivirus software
- Review the Federal Trade Commission's Charity Checklist
- Contact the organization directly through trusted contact information. See the Better Business Bureau's "National Charity Report Index.
NCUA Warns Consumers of Fraudulent Text Message
NCUA is warning consumers about a new scam that mimics the agency's telephone number. They are alerting consumers that texts they receive from an agency telephone line, 703-518-6301, asking for personal information are not coming from NCUA. For more information about this scam, visit the NCUA website.
Learn More about Protecting Your Identity
Beware of Skimming
ATM skimming is when fraudsters use hidden electronics to steal personal information stored on a card, and record the owner’s PIN number to access the member’s account.
How Does ATM Skimming Happen?A “skimmer” is a small device that goes over the normal card reading slot of an ATM and reads your card’s magnetic strip. The skimmer is used to capture your ATM card number and is disguised to look like normal ATM equipment. At the same time, a wireless camera is mounted in a position to view ATM PIN entries. Often, the scam artists will sit in a nearby car receiving the information wirelessly transmitted from the skimmer. They are able to copy the information stored on the magnetic strip of the ATM cards and use the PIN numbers to withdraw funds from an account in a very short time. Skimmers can also be handheld devices that a dishonest merchant can keep in his pocket. For example, while charging your card while you’re out at dinner, a scam artist can run your card through a skimmer as well.
How Can You Protect Yourself?
- Use secure ATMs under video surveillance, inside a financial institution, or in a high-traffic area.
- Most devices have pin pad enclosures, but some do not. Make sure to cover the keyboard as you enter your pin, do not share it with anyone and do not use an ATM with a card reader that appears to be altered.
- If something looks suspicious, find another ATM. Skimming devices will stick out a little bit from an ATM.
- Call the financial institution immediately if a machine keeps your card and report it.
- If you believe a skimmer has been added to an ATM, please contact the financial institution that owns the ATM.
- Continuously check your account balances – accessible in branch or online—and contact us immediately if you notice any suspicious activity.
You use passwords for nearly everything on the internet. With so much of your private information online, it is essential to make it impossible for a hacker to access all of your accounts:
When making a password:
- Make your password between 8-12 characters and include numeric, symbols, and upper case letters.
- Take a phrase like “I love New York” and turn it into “!333NewY@rk!”
- Do not use a common password such as:
- 1234, ABCD, 0000
- Year of Birth
- Name of relative, friend, or pet.
- Over 60% of internet users use the same password for multiple platforms. Try to have a different password for each platform.
- Don't give out Personal Identifying Information (PII) unless absolutely necessary.
- Change your passwords, especially the password that you frequently use the most, around every three months.
- Never post your home address, phone number, social security number, or place of birth on social media.
Mobile and Online Safety
Your mobile smartphone is as important to secure as your home computer and there needs to be the same amount of steps to protect it.
- Look for “https” instead of “http” when going on websites.
- Do not let your Wi-Fi automatically connect when out in public. Like Bluetooth, this can send private information to outside sources unknowingly to you.
- Act upon the belief that any email from an unknown source could be a potential threat.
- Research any vendor that you wish to buy something online from. Check into their background on the site and read reviews of their business.
- Never open any link in a text, post, message, or email unless expecting one.
- Keep your GPS off when not in use. Letting an app always track where you are can let unwanted people get ahold of your location at all times.
- Use the Find My iPhone app or other smartphone equivalent that can assist you if your phone is lost or stolen.
- Always keep your systems up to date, installing the latest anti-virus protection programs when available.
- Request a refund if your online purchase is delivered damaged or not delivered altogether. If the retailer refuses then contact your credit or debit card company to stop the payment.
- Use computers that have a firewall.
- Do not do financial transactions at spots with unsecure Wi-Fi.
While an ATM can be seen as a great convenience, it can be a large threat as well. Some ATMs are away from populated areas, some may not have security cameras, and some may not be entirely secure to begin with. Take caution when using your credit or debit card. It is important to take precautions when using an ATM:
- Never let someone look over your shoulder as you are typing your pin number.
- Do not count your cash in public or while standing in front of the ATM. You want as little attention on you as possible during your transaction.
- If using a drive-up ATM, keep your keys with you and the door locked at all times.
- Keep your card hidden in wallet or purse. Only take it out to place in the ATM.
- If you take a receipt, do not throw it in the wastebasket at the ATM. Keep it in your records or shred it if you no longer have use for it.
- By bringing your own deposit envelopes, you decrease your time at the ATM.
Any email, friend request, phone call, text, or tweet can lead to Identity Theft. Identitytheft.info has reported that around 15 million people experience identity theft a year. Follow these tips to protect yourself from becoming a victim:
- Always keep your credit cards and social security cards in a safe location that only you have access to.
- Do not leave your social security card in your purse or wallet. Wallet and handbag theft is a common first step to identity theft.
- When talking to an employee of a corporation or organization on the phone, be the one to initiate the conversation.
- One of the most commonly used methods of identity theft is skimming your card’s information at a public store.
- Collect your mail as soon as possible, and ask your local post office to hold your mail when you are away.
- Ask for hard copies of all receipts and compare them to your billing statements when they arrive.
- Do not respond to unsolicited messages via email, social media, or phone. If it has to do with personal information, always be the initiator.
- Shred all papers with personal information you no longer wish to keep.
- Read credit reports annually - Go to AnnualCreditReport.com for a free credit report annually
- Avoid online lotteries that are conducted by organizations that are unknown to you.
Phishing is a rapidly increasing issue for your privacy and information. This is a scam executed through certain emails and websites that will pose as a legitimate agency or website and ask users for their personal information. Emails posing as a known brand name will ask for your account information for “security” , “rewards,” and a handful of other excuses. Put a legitimate, secure email and a phishing email next to each other and it can be hard to spot the differences. These emails are created to steal your money so they have to look realistic as they can.
- Never trust an email from a business that has any spelling errors. Companies have copy editors to go over all emails sent, so chances there would be a spelling or grammatical error is unlikely.
- Do not trust an email that is shrouded with threat. When given a time limit, scammers make victims nervous and have them send information without properly consulting the real company.
- If there happens to be a link in the email, do not click it. It will lead you to a site that will ask for your information, or may be carrying dangerous malware. Instead let your mouse run over the link. You will be able to see the real name of the link pop up. If the name of the link does not match the name of the link in the email, it is time to report the scammer.
- Set up your spam filter to automatically block all unwarranted incoming mail. Occasionally double check your spam folder to make sure an expected document did not end up in the folder.
- Always keep computer browsers and software up to date.
- Spear phishing is a more focused and organized attack on a select number of individuals or a business. If the business asking for the credentials so the hackers can break into the company’s system. When there, the hackers will try to use the official system to phish all recent customers of the company.
- Avoid completing and sending forms via email that request personal financial information.
- If you see a deal that sounds too good to be true, it’s because it is.
- If you do your banking and shopping on a computer that has multiple users, consider buying a personal computer or laptop for yourself to do those transactions. You may be aware of phishing, but the other users may be more susceptible. The more users, the higher the chance for the computer to obtain malware.
Credit Card Security
EMV chip technology will become the security standard in the U.S., and merchants are beginning to accept credit/debit cards with this built-in chip technology. Here at Align, our VISA® Signature Card comes with this built-in chip technology to make it more secure and easy to use.
- Receive an enhanced level of security. When you use your card at a chip-activated terminal, the embedded chip generates a one-time use code. This code is virtually impossible to counterfeit and helps reduce in-store fraud.
- Check out with ease. Follow simple steps to pay at a chip-activated terminal.
- Enjoy global acceptance. More merchants are accepting chip transactions every day. Whether you check out using chip technology or swipe your card, you can pay wherever VISA® Credit Cards are accepted.
View our EMV Chip Card brochure for more information.
Elderly fraud is a common occurrence spreading across the states, which needs prevention. Scammers will pose as a grandchild and ask to be wired some money. Assuming senior citizens are more susceptible to a scam, these scammers also pose as a variety of people and occupations to target the elderly. Please help spread awareness of these crimes.
- Victims over the age of 65 are able to qualify for Medicare, so scammers can represent themselves as a Medicare representative and ask elders for their personal information in order to sign up for their insurance. For tips to prevent fraud, visit the Medicare website.
- The lottery is a perfect category to set up a scam in. After retirement, it would be wonderful to be able to all of a sudden win a small fortune by not having to do anything. Scammers will send a counterfeit “prize” check to seniors as they collect the “fees” and “taxes” of the lottery.
- In the funeral scam, a scammer will read the obituary section of the newspaper, look up the name of a widower, and call them up claiming that their partner had an outstanding debt with them before they died.
Breaches have become an unfortunately common occurrence for businesses. Though it is sometimes impossible to know if a business you are connected with will have a data breach, it is pivotal that you understand the actions that you must take to quickly keep all of your information protected.
If you are unfortunately caught in a data breach, it does not mean your information will be among the stolen. There are precautions and aftermath actions that you can take that will help prevent your identify from being hijacked:
- When conducting business, make sure your card information, and all your customer data, is stored in an encrypted database that you completely trust.
- If you have passwords for specific businesses that lead to your account, change them around every three months.
- Contact your financial institution along with your attorney to create a plan in case a data breach ever occurs.