Provident Credit Union Security NewsProvident Credit Union has extensive safeguards to protect your information and your funds. Read about what you can do to further protect yourself against fraud and identify theft. http://www.providentcu.org/index.asp?i=securityProvident Credit UnionCopyright (c) 2009, Provident Credit Unionhttp://www.providentcu.org/NewGraphics/newerGraphics/ProvLogoReflecting.png2007-01-01T12:00:00-08:00Fraud Alert: Lucky and Save Mart ShoppersIdentity thieves struck 20 Lucky stores and one Save Mart store. Reports indicate that credit/debit card readers at self-checkout lanes had been tampered with. Read more for what to do.http://www.providentcu.org/+AccessAccounts/SecurityEtc/SecurityResources/LuckyCardCompromised.asp2011-12-05T00:00:00-08:002011-12-05T00:00:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/Alert-Side.png">
<p class="shortlines"><i>December 5, 2011</i></p>
<p>Lucky Supermarkets is advising customers that during regular store maintenance, they discovered credit/debit card readers at self-checkout lanes ONLY had been tampered with in 20 of their Bay Area Lucky stores and one Save Mart store in Watsonville.</p>
<p>Provident urges all recent Lucky and Save Mart shoppers to review and monitor their accounts. Actively monitoring your account is a good practice at all times. If you find a fraudulent charge on your Provident card, contact us immediately at <!-- (650) 508-0300 or -->(800) 632-4600.</p>
<p><a href="http://www.luckysupermarkets.com/index.php?id=298" >Click here</a> for a list of locations and to read the <a href="http://www.luckysupermarkets.com/index.php?id=298" >consumer notice</a> from Lucky Supermarkets.</p>
<p> </p>
<div id="inFrameBottomNav">
<span class="prev"><A href="http://www.providentcu.org/index.asp?i=security" title="" rel="Contents"><span>Security Issues Index</span></A></span><i> </i><span class="next"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/Phishing_EMails.asp"><span>Fake E-Mails/Phishing</span></A></span><div><a href="http://www.providentcu.org/index.asp?i=security" target="_self" rel="Contents">Security Issues Index</a></div>
</div>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/mJoPo1qr_4c" height="1" width="1"/>2012-02-28T12:00:00-08:00http://www.providentcu.org/index.asp?i=security&search=LuckyAbout Fake E-Mails & PhishingThe latest attacks use e-mails made to look like they are from government agencies, in
order to try to get you to reveal sensitive information, such as your PIN, Social Security Number, or
credit card number. Learn about these and similar types of e-mail based fraud, and what you can do to protect yourself.http://www.providentcu.org/+AccessAccounts/SecurityEtc/SecurityResources/Phishing_EMails.asp2009-03-04T00:00:00-08:002009-03-04T00:00:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/Student-Side.png">
<p>Phishing attacks use e-mail or malicious Web sites to solicit personal, often financial, information. Attackers may send e-mail, seemingly from a reputable credit card company or financial institution, that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts.</p>
<h3>How Do You Avoid Being a Victim?</h3>
<ul>
<li style="margin-top:1em;margin-bottom:1em;">Do not reveal personal or financial information in an e-mail, and do not respond to e-mail solicitations for this information. This includes following links sent in e-mail. </li>
<li style="margin-top:1em;margin-bottom:1em;">Do not send sensitive information over the Internet before checking a Web site's security. </li>
<li style="margin-top:1em;margin-bottom:1em;">Pay attention to the <acronym title="Uniform Resource Locator">URL</acronym> (link address) of a Web site. A malicious Web site may look identical to a legitimate site, but if the URL uses a variation in spelling or a different domain (e.g., ".com" vs. ".net"), it may indicate it is being run by someone else. </li>
<li style="margin-top:1em;margin-bottom:1em;">If you are unsure whether an e-mail request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a Web site connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from groups such as the <a href="http://www.antiphishing.org/phishing_archive.html" target="_blank" >Anti-Phishing Working Group</a>. </li>
<li style="margin-top:1em;margin-bottom:1em;">Install and maintain anti-virus software, firewalls, and e-mail filters to reduce some of this traffic.</li>
<li style="margin-top:1em;margin-bottom:1em;">Use your <a href="http://staysafeonline.org/content/email-filters" target="_blank" >junk mail filters</a>. These are your best bet to avoid getting scam e-mail in the first place.</li>
</ul>
<h3>What Do You Do If You Think You Are a Victim?</h3>
<ul>
<li style="margin-top:1em;margin-bottom:1em;">If you believe you might have revealed sensitive information about your organization, report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity.</li>
<li style="margin-top:1em;margin-bottom:1em;">If you believe your financial accounts may be compromised, contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account. Consider reporting the attack to the police, and file a report with the <a href="http://www.ftc.gov/" target="_blank" >Federal Trade Commission</a>.</li>
</ul>
<h3>More Information about Phishing:</h3>
<p>For more details on phishing and how to protect yourself against phishing scams, visit the <a href="http://www.antiphishing.org/" target="_blank" >Anti Phishing Working Group</a> and the <a href="http://www.us-cert.gov/cas/tips/ST04-014.html" target="_blank" >United States Computer Emergency Readiness Team (US-CERT)</a>, a partnership between the U.S. <a href="http://www.dhs.gov/" title="Go to Department of Homeland Security Web site">Department of Homeland Security</a> and the public and private sectors. </p>
<p> </p>
<div id="inFrameBottomNav">
<span class="prev"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/LuckyCardCompromised.asp" title=""><span>Fraud Alert: Lucky and Save Mart Shoppers</span></A></span><i> </i><span class="next"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/Voice_DOS.asp"><span>Telephone Denial-of-Service Attack</span></A></span><div><a href="http://www.providentcu.org/index.asp?i=security" target="_self" rel="Contents">Security Issues Index</a></div>
</div>
<p><small style="font-weight:normal; color:#999; font-size:9px; display:block; ">Content on this page primarily produced by <a href="http://www.us-cert.gov/index.html" title="Go to US-CERT.gov Web site">US-CERT</a>, part of the <a href="http://www.dhs.gov/" title="Go to Department of Homeland Security Web site">Department of Homeland Security</a>.
</p>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/99yMR_fbLIo" height="1" width="1"/>http://www.providentcu.org/index.asp?i=security&search=phishingTelephone Denial-of-Service Attack to Target Your MoneyImagine getting hundreds or thousands of calls on your home, business, or cell phone, tying up the lines. It could be a sign that you're being victimized by a "telephone denial-of-service attack" as a precursor to a crime targeting your bank or credit union accounts.http://www.providentcu.org/+AccessAccounts/SecurityEtc/SecurityResources/Voice_DOS.asp2011-07-07T00:00:00-07:002011-07-07T00:00:00-07:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/Student-Side.png">
<h3>Tying Up Your Phone to Target Your Bank Account</h3>
<p>Imagine getting hundreds or thousands of calls on your home, business, or cell phone, tying up the lines. And when you answer, you hear anything from dead air to recorded messages, advertisements, or even phone sex menus.</p>
<p>It's annoying, no doubt. But it could be more than that: it could be a sign that you're being victimized by a "telephone denial-of-service attack" scam as a precursor to a crime targeting your bank accounts.
<p>Denial-of-service (DOS) attacks, by themselves, are nothing new. Computer hackers use them to take down websites by flooding them with large amounts of traffic.</p>
<p>In a more recent twist, criminals have transferred this activity to telephones, using automated dialing programs and multiple accounts to overwhelm the phone lines of unsuspecting citizens.</p>
<h3>Why are they doing it?</h3>
<p>Turns out the calls are simply a diversionary tactic: while the lines are tied up, the criminals — masquerading as the victims themselves — are raiding the victims' bank accounts and online trading or other money management accounts.</p>
<p>Here, in a nutshell, is how the whole thing works:</p>
<ul>
<li style="margin-top:1em;margin-bottom:1em;">Weeks or months before the phone calls start, a criminal uses social engineering tactics or malware to elicit personal information from a victim that this person's bank or financial institution would have, such as account numbers and passwords. Perhaps the victim responded to a bogus e-mail phishing for information, inadvertently gave out sensitive information during a phone call, or put too much personal information on social networking sites that are trolled by criminals.</li>
<li style="margin-top:1em;margin-bottom:1em;">Using technology, the criminal ties up the victim's various phone lines.</li>
<li style="margin-top:1em;margin-bottom:1em;">Then, the criminal either contacts the financial institution pretending to be the victim…or pilfers the victim's online bank accounts using fraudulent transactions. Normally, the institution calls to verify the transactions, but of course they can't get through to the victim over the phone.</li>
<li style="margin-top:1em;margin-bottom:1em;">If the transactions aren't made, the criminals sometimes re-contact the financial institution as the victim and ask for it to be done. Or they add their own phone number to victims' accounts and just wait for the bank to call.</li>
<li style="margin-top:1em;margin-bottom:1em;">By the time the victim or the financial institution realizes what happens, it's too late.</li>
</ul>
<h3>Law enforcement and industry response.</h3>
<p>The FBI first learned about this emerging scheme through one of its private industry partners, which told us how a Florida dentist lost $400,000 from his retirement account after a denial-of-service attack on his phones.
<p>Since then, there has been a noticeable surge in telephone denial-of-service attacks, with numerous incidents having been reported in several Eastern states.</p>
<p>To help fight these schemes, the FBI has teamed up with the Communication Fraud Control Association — comprised of security professionals from communication providers — to analyze the patterns and trends of telephone denial-of-service attacks, educate the public, and identify the perpetrators and bring them to justice.</p>
<p>Ultimately, though, it's individual consumers and small- and medium-sized businesses on the front line of this battle. So take precautions: never give out personal information to an unsolicited phone caller or via e-mail; change online banking and automated telephone system passwords frequently; check your account balances often; and protect your computers with the latest virus protection and security software.</p>
<p>And if you think you may have been targeted by a telephone denial-of-service attack, contact your financial institution and your telephone provider, and file a complaint with the FBI's <a href="http://www.ic3.gov/complaint/default.aspx" target="_blank">Internet Crime Complaint Center</a>.</p>
<p> </p>
<div id="inFrameBottomNav">
<span class="prev"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/Phishing_EMails.asp" title=""><span>Fake E-Mails/Phishing</span></A></span><i> </i><span class="next"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/passmarkFAQ.asp"><span>Enhanced Security Sign On: FAQ</span></A></span><div><a href="http://www.providentcu.org/index.asp?i=security" target="_self" rel="Contents">Security Issues Index</a></div>
</div>
<p><small style="font-weight:normal; color:#999; font-size:9px; display:block; ">Source: <a href="http://www.fbi.gov/news/stories/2010/june/phone-scam/scam-phone" target="_blank">Federal Bureau of Investigation</a></p>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/2Owa2AXiGdQ" height="1" width="1"/>http://www.providentcu.org/index.asp?i=security&search=phone_DOSEnhanced Security Sign On: Frequently Asked Questions (FAQ)Provident is offering a new way to sign on to home banking that provides more security to members, which goes beyond just Member Number and PIN, and also helps protect against phishing.http://www.providentcu.org/+AccessAccounts/SecurityEtc/SecurityResources/passmarkFAQ.asp2007-01-01T12:26:00-08:002007-01-01T12:26:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/Student-Side.png">
<p><b class="updated">Updated 10/17/2007</b></p>
<p><b>Online security is more important than ever and Provident is taking it to the next level.</b></p>
<p>On May 10, 2007, Provident began offering a new way to sign on to home banking that provides more security to members, which goes beyond just User ID and password, and also helps protect against phishing. On October 17th, the older way to sign on was removed, and the new method became required for all sign-ons. See below for answers to common questions you might have about this newer, more secure way of signing onto home banking.</p>
<div id="QandA">
<div class="qaline"></div>
<a name="q1"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
Why is my online banking experience changing?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
In order to make your online banking experience as secure as possible, we are introducing a new security feature. The new security feature is a Personal Security Image and its name, which are customized by you. When you see your Personal Security Image and Caption it gives you the confidence that you are at the real Provident Account Manager site (online banking site), and not a fake site. This means you can bank online with an even greater confidence.</p>
<div class="qaline"></div>
<a name="q2"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
What is the new security feature?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
The new security feature adds a layer of protection to your online account by letting you know it’s really us, and letting us know it’s really you. </p>
<p><b>Letting <i>you</i> know it’s really <i>us</i>:</b></p>
<ul>
<li style="margin-top:1em;margin-bottom:1em;">You pick one of thousands of images (or upload your own) and enter a brief name describing the image.</li>
<li style="margin-top:1em;margin-bottom:1em;">When you sign on to your account your Personal Security Image and its name will appear before you enter your password.</li>
<li style="margin-top:1em;margin-bottom:1em;">Seeing your Personal Security Image and its name will let you know that you are at the real Provident Account Manager (online banking) site and not a look-alike. This means it is safe to enter your password. </li>
<li style="margin-top:1em;margin-bottom:1em;">If the correct image and its name do not appear do not enter your password.</li>
</ul>
<p style="margin-top:0; padding-top:0;"><em>Remember: Once you have signed up, <strong>NEVER</strong> enter your password without first seeing your Personal Security Image and its name.</em></p>
<p><b>Letting <i>us</i> know it’s really <i>you</i>:</b></p>
<ul>
<li style="margin-top:1em;margin-bottom:1em;">The new security feature will recognize the computers you normally use to access Account Manager.
<li style="margin-top:1em;margin-bottom:1em;">If you or someone else attempts to sign on from a new or unrecognized computer, you will need to answer a security question that only you should know the answer to before being allowed to continue (other security conditions may also trigger us asking you a security question).
</ul>
<div class="qaline"></div>
<a name="q3"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
How much does it cost?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
There is absolutely no cost to you to take advantage of the new security system.</p>
<div class="qaline"></div>
<a name="q4"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
Where do I enter my password?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
Due to the new security feature, you do not enter your password until you see your Personal Security Image and its name. To begin signing into your account simply enter your User ID and click the "Sign On" button.</p>
<div class="qaline"></div>
<a name="q5"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
How am I more secure with the new security system?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
The new security system protects you from accidentally revealing your password to a fake site. In addition, if others try to sign on to your account from another computer, they will be asked a security question to which only you should know the answer.</p>
<div class="qaline"></div>
<a name="q6"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
<span style="color:red; font-weight:normal;">Updated 2/26/2008:</span> How do I sign up for the new security system?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
Just use the normal sign-on form in the upper left corner of the site to enter your User ID and press the button to continue. If you've been using the older, "traditional" sign on method prior to this, you will be prompted to enter additional information the first time you sign on with the newer method. This will include choosing your Personal Security Image and name as well as several security questions that only you would know the answers to. Once this occurs you have added a layer of protection to your account!</p>
<div class="qaline"></div>
<a name="q8"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
Can I still sign on from the home page?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
Yes, although you will no longer see a password field on the home page, or a menu to choose the older "traditional" sign on method. From now on, you enter your password on a separate page after you have already submitted your User ID. The password entry is the last step of signing on (unless we have to ask any security questions to help confirm your identity), where you'll see your personally chosen image confirming the identity of our site to you. This is also the same procedure to follow when signing on from any other page.</p>
<div class="qaline"></div>
<a name="q10"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
<span style="color:red; font-weight:normal;">Updated 10/17/2007:</span> Will using this new method be mandatory?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
This is now required for all members signing on to online banking. The opt-in period ended on October 17th, 2007.</p>
<div class="qaline"></div>
<a name="q12"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
Why do I need the new security feature?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
As time goes on, there are more and more attempts by fraudsters trying to trick people into revealing their personal information, such as passwords or PINs, by creating fake Web sites that look very much like the sites of legitimate financial institutions (such as credit unions or banks). These fraudsters send out e-mails with links to these fake Web sites claiming that you need to sign on to your account by clicking the link. This phenomenon has been called Phishing, (pronounced "fishing"). We are committed to proactively protecting you, our member, against these types of threats. By making sure you always see your Personal Security Image and Caption before entering your personal information, you can ensure your information is being entered into a legitimate site.</p>
<div class="qaline"></div>
<a name="q13"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
Why am I being asked a question when I try to sign on?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
We ask you one of your security questions when we detect that you are trying to sign on from a new or unrecognized computer. This helps us makes sure it’s really you trying to access your account. If you choose to have us remember your computer you will not have to answer your security questions again when using that computer. </p>
<p>However, if you are using a public computer or one you don’t normally use for home banking, you should choose to <strong>not</strong> have our security system remember that computer. Other circumstances can also potentially trigger a security question to be asked too, even if you are using a computer you have asked us to remember.</p>
<div class="qaline"></div>
<a name="q14"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
Can I access my account from multiple computers?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
Yes, you can still access your account from any number of computers. If you sign on from a new or unrecognized computer you will first need to answer one or more security questions before your Personal Security Image is displayed. This helps us verify your identity and make sure it is really you trying to access your account. There is no limit on how many different computers you can use to sign on to your account.</p>
<div class="qaline"></div>
<a name="q15"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
How easy is it to use the new security system?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
It is extremely simple for anyone to use. Just use the site as usual and look for your Personal Security Image and Caption before you enter your password.</p>
<div class="qaline"></div>
<a name="q16"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
I share my computer with someone who has their own account. Can both of us still sign on from this machine?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
Yes, you can both use the same computer to sign on to your individual accounts. There is no limit on how many people can sign on to the Account Manager from the same computer.</p>
<div class="qaline"></div>
<a name="q17"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
Can I change my Personal Security Image and Caption?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
Yes, you can change your Personal Security Image and Caption at any time. To make the change, go to the "Security Settings" link after you sign on to your account.</p>
<div class="qaline"></div>
<a name="q18"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
I am trying to sign on from my own computer, but the Web site is not showing me my Personal Security Image and Caption. Instead, it is asking me a question. What is happening?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
This might happen in some cases if you have deleted all cookies on your computer. Additionally, other conditions can also trigger the asking of a security question, even if you are using a computer you have asked us to remember (if you have recently changed your security questions, image, or caption, for instance). Before answering a security question or entering your password, make sure that you are going to the legitimate Provident Web site. The easiest way to ensure this is by typing the URL (the Internet location address) of Provident (providentcu.org) directly into your web browser. Then, you should see your Personal Security Image and Caption next to the password field. If your Personal Security Image and Caption appear, you can be confident that you are at the legitimate Provident Account Manager Web site and can safely enter your password.</p>
<p><strong>Remember:</strong> Once you have set up your security image, caption, and questions, <strong>NEVER</strong> enter your password without first seeing your Personal Security Image and Caption.</p>
<div class="qaline"></div>
<a name="q19"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
Will my password change due to the new security system?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
No. Your Personal Security Image and Caption as well as the security questions and answers you provide are separate from your regular password, which you will continue to use as the last step of signing on. We do not always ask the security questions to sign on, but we will always ask for your password.</p>
<div class="qaline"></div>
<a name="q22"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
<span style="color:red; font-weight:normal;">Updated 06/04/08:</span> What if I have a joint account? Does each person have their own separate image and caption?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
The images, captions, and security questions are associated with a particular User ID. So if 2 people are sharing the same User ID for a shared account, then they would also need to both know what the images, captions, and answers to the security questions are. Households with more than one membership at Provident would have separate images, captions, and security questions for each one. <b style="color:red;">New! </b>As of June 4, 2008, members can now set up two different User IDs for the same member number. This allows you to have separate Security images and questions for each sign-on, and allows you to pick questions that are harder for other people to answer.</p>
<div class="qaline"></div>
<a name="q20"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
I already have anti-virus and a personal firewall. Why do I need this?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
We are glad to hear you use antivirus and a personal firewall. Be sure that you keep both software programs up-to-date for the best possible protection against viruses, Trojans, and hackers. This new security feature protects against other kinds of threats such as a stolen User ID and password. It works <em>with</em> your other personal security programs, but it does not replace them. </p>
<div class="qaline"></div>
<a name="q21"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
Is my personal information still safe?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
Yes. In fact, your personal information is safer than ever before because we are making sure it is really you and not an unauthorized user trying to access your information.</p>
<div class="qaline"></div>
<a name="q22"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
<span style="color:red; font-weight:normal;">Added 8/24/2007:</span> Provident's site is telling me I need to turn on cookies, but they are on. What's wrong?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
There are three likely possibilities for problems like this:</p>
<ul>
<li style="margin-top:1em;margin-bottom:1em;">We might have had trouble detecting your cookie support. This is especially likely to happen if you right click on the page to refresh it, but there may be other ways it could happen as well. If this happens to you just <b>click on the "click here to continue" link in the message</b> to re-check for cookies. </li>
<li style="margin-top:1em;margin-bottom:1em;">Another possibility is that you may be running software that interferes with cookie usage. There are many filtering and blocking software packages available which may filter out cookies. If you are running software like this, then you may have to change its settings to allow the Provident site to set and read cookies. </li>
<li style="margin-top:1em;margin-bottom:1em;">Finally, your machine may be behind a firewall or proxy server that prevents cookie transmission. This happens mostly in corporate environments. So, regardless of your browser settings, cookies won't be sent or received by your browser. Since the cookies aren't making it through the corporate network to your browser, the Web Site will assume you personally aren't accepting them. If this is happening to you, your IT or IS department would need to change their software settings in order to allow Provident's cookies through.</li>
</ul>
<div class="qaline"></div>
<a name="q23"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
<span style="color:red; font-weight:normal;">Added 8/24/2007:</span> I've set my cookie-blocking software to allow providentcu.org cookies from being blocked. Why am I still getting cookie-related errors on the Provident site?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
Provident has more than one site domain involved for signing on to online banking. If you are only allowing certain sites to use cookies (in a "white list" or list of exceptions to the blocking behavior), you may need to specify all the site domains that Provident uses. Please make sure that all of the following sites used by Provident are allowed to set and read cookies:</p>
<ul>
<li style="margin-top:1em;margin-bottom:1em;">http://providentcu.org</li>
<li style="margin-top:1em;margin-bottom:1em;">http://www.providentcu.org</li>
<li style="margin-top:1em;margin-bottom:1em;">https://accountmanager.providentcu.org</li>
<li style="margin-top:1em;margin-bottom:1em;">https://secure.providentcu.org</li>
</ul>
<p>In addition, some of our functionality is provided by partner companies, and that functionality can be curtailed if their sites are blocked from using cookies, so they should also be added to any exception list you maintain:</p>
<ul>
<li style="margin-top:1em;margin-bottom:1em;"><b>Bill Manager:</b> https://billpay1.pscufs.com</li>
<li style="margin-top:1em;margin-bottom:1em;"><b>Mortgage rates, mortgage application, etc.:</b> http://providentcu.mortgagewebcenter.com, https://providentcu.mortgagewebcenter.com</li>
<li style="margin-top:1em;margin-bottom:1em;"><b>CU Service Center search results:</b> http://www.cuservicecenter.com</li>
</ul>
<p>You may also need to unblock the following site addresses if you use them to sign on from our home page:</p>
<ul>
<li style="margin-top:1em;margin-bottom:1em;">http://providentcu<b>.com</b></li>
<li style="margin-top:1em;margin-bottom:1em;">http://www.providentcu<b>.com</b></li>
<li style="margin-top:1em;margin-bottom:1em;">http://providentcu<b>.net</b></li>
<li style="margin-top:1em;margin-bottom:1em;">http://www.providentcu<b>.net</b></li>
</ul>
<div class="qaline"></div>
<a name="q24"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
<span style="color:red; font-weight:normal;">Added 8/24/2007:</span> Why can't I sign on using Safari?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
We do support Safari on our site, in fact the site was designed on a Mac and is regularly tested in Safari. However, the default configuration for cookies in Safari, to accept cookies "only from sites you navigate to," can cause problems because the Provident site combines pages from more than one site domain. Even when these domains are all coming from Provident, Safari still considers them to be separate sites, and blocks the cookies from one of them, due to this setting. This is easily fixed if you make the following changes in Safari:</p>
<ol>
<li style="margin-top:1em;margin-bottom:1em;">In Safari, click on the "Safari" menu at the top of the screen, and select "Preferences…".</li>
<li style="margin-top:1em;margin-bottom:1em;">In the window that opens, click on the "Security" icon.</li>
<li style="margin-top:1em;margin-bottom:1em;">Next to where it says "Accept Cookies", select "Always".</li>
</ol>
<p>There are also plug-in extensions you can download, such as "<a href="http://www.versiontracker.com/dyn/moreinfo/macosx/28647" target="_blank" >SafariPlus</a>", that will give you more finite control over your cookies, so that you can add Provident sites to a "white list" of sites that are allowed to use cookies. If you decide to go this route, be sure to add the following four sites to your white list in order to avoid sign on problems:</p>
<ul>
<li style="margin-top:1em;margin-bottom:1em;">http://providentcu.org</li>
<li style="margin-top:1em;margin-bottom:1em;">http://www.providentcu.org</li>
<li style="margin-top:1em;margin-bottom:1em;">https://accountmanager.providentcu.org</li>
<li style="margin-top:1em;margin-bottom:1em;">https://secure.providentcu.org</li>
</ul>
<div class="qaline"></div>
<a name="q25"></a>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span>
<span style="color:red; font-weight:normal;">Added 8/24/2007:</span> Why can't I sign on using FireFox?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span>
We do support FireFox on our site, and usually this is not a problem. However, if you've ever had FireFox version 1 or earlier on your computer, it may be set to allow "only cookies from the originating server". This value may be retained even after you upgraded to version 2 or later, which does not have this setting visible. This can cause problems because the Provident site combines pages from more than one site domain. Even when these domains are all coming from Provident, FireFox still considers them to be separate sites, and blocks the cookies from one of them, due to this setting. This is easily fixed with the following steps:</p>
<ol>
<li style="margin-top:1em;margin-bottom:1em;">In FireFox, type "about:config" into the address field at the top of the window, where site addresses are normally shown.</li>
<li style="margin-top:1em;margin-bottom:1em;">On the page that opens, type "cookie" into the "filter" field in order to reduce the number of configuration options shown.</li>
<li style="margin-top:1em;margin-bottom:1em;">Find the line "network.cookie.cookieBehavior" and double-click on it.</li>
<li style="margin-top:1em;margin-bottom:1em;">Change the "1" to "0" (zero).</li>
</ol>
<p>If you prefer to keep cookies turned off for other sites, but to allow them for Provident sites, you can follow these steps to add Provident's sites to a "white list" of sites that are allowed to use cookies:</p>
<ol>
<li style="margin-top:1em;margin-bottom:1em;">The first step depends on your Operating System:
<ul><li style="margin-top:1em;margin-bottom:1em;"><b>Windows:</b> In FireFox, click on the "FireFox" menu at the top of the screen, and select "Preferences…".</li><li style="margin-top:1em;margin-bottom:1em;"><b>Mac OS X:</b> In FireFox, click on the "Tools" menu at the top of the window, and select "Options…".</li></ul></li>
<li style="margin-top:1em;margin-bottom:1em;">In the window that opens, click on the "Privacy" icon.</li>
<li style="margin-top:1em;margin-bottom:1em;">Click on the "Exceptions" button.</li>
<li style="margin-top:1em;margin-bottom:1em;">Enter the following sites, one at a time, clicking the "Allow" button after each one:
<ul>
<li style="margin-top:1em;margin-bottom:1em;">http://providentcu.org</li>
<li style="margin-top:1em;margin-bottom:1em;">http://www.providentcu.org</li>
<li style="margin-top:1em;margin-bottom:1em;">https://accountmanager.providentcu.org</li>
<li style="margin-top:1em;margin-bottom:1em;">https://secure.providentcu.org</li>
</ul>
</li>
</ol>
</div>
<p class="paragraph QAbreakToReg"> </p>
<div id="inFrameBottomNav">
<span class="prev"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/Voice_DOS.asp" title=""><span>Telephone Denial-of-Service Attack</span></A></span><i> </i><span class="next"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/checkingFraud.asp"><span>Cashiers Check / Money Order Scam</span></A></span><div><a href="http://www.providentcu.org/index.asp?i=security" target="_self" rel="Contents">Security Issues Index</a></div>
</div>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/9ko1VCxin1U" height="1" width="1"/>http://www.providentcu.org/index.asp?i=security&search=passmarkFAQDon't Fall for this Cashiers Check / Money Order ScamAre you offering something for sale on the Web or in a classified ad? Beware of anyone who wants to overpay and get change, even if their check or money order seems to clear.http://www.providentcu.org/+AccessAccounts/SecurityEtc/SecurityResources/checkingFraud.asp2007-01-01T12:25:00-08:002007-01-01T12:25:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/Student-Side.png">
<p>Recently, increasing numbers of people have been hurt financially by a scam in which they
receive cashiers checks or money orders for over the amount they are expecting. Here are the basics of how the scam works:</p>
<ol class="bulletblue">
<li style="margin-top:1em;margin-bottom:1em;">You advertise something for sale on the Internet, or in classified ads, or elsewhere</li>
<li style="margin-top:1em;margin-bottom:1em;">Someone responds and says they will buy it, and sends you a cashiers check or money order, but for too much.</li>
<li style="margin-top:1em;margin-bottom:1em;">You cash the check. It clears, so you think it is fine. You send back the overage (usually by wire), drawn from the balance in your account.</li>
<li style="margin-top:1em;margin-bottom:1em;">The check is discovered to be counterfeit, and is deducted back out of your account. The buyer never picks up the merchandise.</li>
</ol>
<p>The scammer is never interested in meeting you to take what you had for sale. He might not even live in the same country (many of these
scams originate in Nigeria). All he cares about is getting you to send him the change. He may even make the deal sound better by offering to pay more than you
asked by doing this favor of sending him change. Don't fall for it! If you deposit a counterfeit check or money order, you do not get to keep the money you got
when you cashed it.</p>
<p>There are countless variations on this scam, including e-mails that tell you you won a contest or that some dignitary needs help moving
funds out of his country. So be suspicious of anything that requires you to send money back to someone you don't know.</p>
<p> </p>
<div id="inFrameBottomNav">
<span class="prev"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/passmarkFAQ.asp" title=""><span>Enhanced Security Sign On: FAQ</span></A></span><i> </i><span class="next"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/EncryptedMailFAQ.asp"><span>Encrypted E-Mail at Provident</span></A></span><div><a href="http://www.providentcu.org/index.asp?i=security" target="_self" rel="Contents">Security Issues Index</a></div>
</div>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/g60qyBzml4I" height="1" width="1"/>http://www.providentcu.org/index.asp?i=security&search=checkingFraudEncrypted E-Mail at ProvidentProvident Credit Union doesn't take any chances when it comes to protecting your sensitive information. Read about our mail encryption program, and what you should do if you receive an encrypted e-mail from Provident.http://www.providentcu.org/+AccessAccounts/SecurityEtc/SecurityResources/EncryptedMailFAQ.asp2007-01-01T12:24:00-08:002007-01-01T12:24:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/Student-Side.png">
<p>See below for answers to common questions about exchanging securely encrypted e-mail messages with Provident.</p>
<div id="QandA">
<!-- FAQ Name: pccufaq -->
<!-- Entry Id: Q115101028200040 -->
<!-- Grade: 10 -->
<div class="qaline"></div>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span> How do I read an encrypted e-mail, once I have clicked on the link you e-mailed me to go to the PGP Universal Encryption Web site?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span> The first time you visit the PGP Universal site you will be asked to create a passphrase. You will not be asked to provide personal information. (If you are asked for personal information or required to download software or if you have <b>any doubt</b> about whether the Web site you go to is legitimate, or might be a phishing site, then do not perform the software download and do not use the site to correspond with us. Instead, contact us by phone or through our Account Manager online banking.)</p>
<p>After you enter a unique passphrase, you can then choose how to read any future encrypted e-mails from Provident. Your choices are either <b>1)</b> the Web interface or <b>2)</b> through existing encryption options you might have already set up. Your choices here apply only to "PGP Universal", and not to Account Manager messages. After you log out from the Web interface you will be asked for your passphrase again. You only need to provide it if you want to log right back in to view your message(s) again through the Web interface. Otherwise, you may just close the window.</p>
<p>
<!-- FAQ Name: pccufaq -->
<!-- Entry Id: Q115101012400031 -->
<!-- Grade: 10 -->
<div class="qaline"></div>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span> Should I always use PGP Universal Encryption to send secure e-mail to Provident?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span> For most people, most of the time, Account Manager's "Secure E-Mail" will remain the preferred way of exchanging messages securely with Provident. However, if we send an e-mail to your regular e-mail address and it is encrypted by PGP Universal, the e-mail you receive will include a very simple link to the PGP Universal Web site with further instruc?ions on how to read your encrypted message.</p>
<p>
<!-- FAQ Name: pccufaq -->
<!-- Entry Id: Q115100986800029 -->
<!-- Grade: 10 -->
<div class="qaline"></div>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span> How does Provident encrypt its messages to members?</h4>
<div class="q subhead">A.</div><p> Provident has two ways of exchanging secure encrypted messages with you:
</p><ol class="bulletblue"><li style="margin-top:1em;margin-bottom:1em;">Provident has long offered its members a "Secure E-Mail" feature in "Account Manager" online banking, where you can exchange mail messages with us securely. When you use this feature, any mail you send or receive through the Account Manager interface will be encrypted (encoded so no one but the sender and recipient can read it). Anyone else trying to intercept it will only see gibberish instead.</li><li style="margin-top:1em;margin-bottom:1em;">Provident also has another way to exchange encrypted e-mail with you, which does not require Account Manager. This option is called "<b>PGP Universal</b>", which automatically encrypts any regular e-mail sent by Provident to you that might contain sensitive information (such as your member number or PIN).</li></ol>
<p>
<!-- FAQ Name: pccufaq -->
<!-- Entry Id: Q115100959600011 -->
<!-- Grade: 10 -->
<div class="qaline"></div>
<h4><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">Q.</span> Why does Provident use encryption when sending messages through the Internet?</h4>
<p><span style="font-size:22px; font-weight:bold; line-height:11px; padding-right:.3em; color:#999999; ">A.</span> Standard e-mail is not a secure way to send private or confidential information. Standard e-mail messages are essentially like postcards, in that they can be intercepted, copied, and read by others while in transit to their destination. </p>
<p> <INPUT TYPE="hidden" NAME="Question" VALUE="Q115100959600011 Q115100986800029 Q115101012400031 Q115101028200040">
</div>
<p class="paragraph QAbreakToReg"> </p>
<div id="inFrameBottomNav">
<span class="prev"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/checkingFraud.asp" title=""><span>Cashiers Check / Money Order Scam</span></A></span><i> </i><span class="next"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/HowTheyDidIt.asp"><span>How Did They Access My Account?</span></A></span><div><a href="http://www.providentcu.org/index.asp?i=security" target="_self" rel="Contents">Security Issues Index</a></div>
</div>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/25_7iaf5w34" height="1" width="1"/>http://www.providentcu.org/index.asp?i=security&search=EncryptedMailHow Did They Access My Account Without My Card?Scam artists are continuously finding new ways to commit credit card and ATM fraud against you, and they no longer need the actual card. Find out how to protect your Visa from the latest threats.http://www.providentcu.org/+AccessAccounts/SecurityEtc/SecurityResources/HowTheyDidIt.asp2007-01-01T12:23:00-08:002007-01-01T12:23:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/Student-Side.png">
<h3>Protect Against Fraud – <span style="white-space:nowrap;">They Don't Need Your Actual Card!</span></h3>
<p>You've received bad news–your ATM, check card or credit card has been used
fraudulently. But your card has been in your possession all along–how could it have been used?
Scam artists are continuously finding new ways to steal your personal and financial information, including
credit card, ATM card, and check card information–and they no longer need the actual card to commit fraud against you.</p>
<h3>How to Protect Yourself</h3>
<ul class="bulletblue">
<li style="margin-top:1em;margin-bottom:1em;"><strong>Select the "credit" option</strong> with your Check Card whenever possible (at trusted merchants) so that you do not have to use your PIN. You’ll also have a signed receipt for your records. </li>
<li style="margin-top:1em;margin-bottom:1em;"><strong>Check your Provident Credit Union accounts frequently</strong> for fraudulent transactions. <a href="http://www.providentcu.org/index.asp?i=AboutOnlineBanking" target="_top">Account Manager</a> and <a href="http://www.providentcu.org/index.asp?i=TTT" target="_top">Touch Tone Teller</a> are ideal ways to keep tabs on your accounts between statement cycles. Report anything suspicious to us promptly.</li>
<li style="margin-top:1em;margin-bottom:1em;"><strong>Sign up for <a href="http://www.providentcu.org/index.asp?i=deposit" target="_top">Direct Deposit</a> and
use <a href="http://www.providentcu.org/index.asp?i=aboutOnlineBanking&search=BillManager" target="_top">Bill Manager</a></strong> to pay your bills online, safely and securely. Bill Manager is available through Account Manager.</li>
<li style="margin-top:1em;margin-bottom:1em;"><strong>Use ATMs that are familiar</strong> to you whenever possible. You're more likely to notice something unusual, like the positioning of the camera or something that wasn’t there before.</li>
<li style="margin-top:1em;margin-bottom:1em;"><strong>At unfamiliar ATMs, take note of what you see.</strong> If anything is affixed close to the screen or keypad, like a camera or even a brochure rack, don't go any further. Report it to the host financial institution.</li>
</ul>
<p> </p>
<div id="inFrameBottomNav">
<span class="prev"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/EncryptedMailFAQ.asp" title=""><span>Encrypted E-Mail at Provident</span></A></span><i> </i><span class="next"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/DebitCards.asp"><span>Credit/Debit/ATM Card Fraud</span></A></span><div><a href="http://www.providentcu.org/index.asp?i=security" target="_self" rel="Contents">Security Issues Index</a></div>
</div>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/njZaEHK3kWc" height="1" width="1"/>http://www.providentcu.org/index.asp?i=security&search=HowTheyDidItBeware of Credit/Debit/ATM Card FraudCriminals have more than one way to try to get access to your cards and their numbers. Avoid letting someone you don't even know go on spending sprees with your accounts.http://www.providentcu.org/+AccessAccounts/SecurityEtc/SecurityResources/DebitCards.asp2007-01-01T12:22:00-08:002007-01-01T12:22:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/Student-Side.png">
<h3>How it works:</h3>
<p>With credit cards, a thief might use your card or obtain a new card in your
name, perhaps by stealing a pre-approved card application from your mail and having the card sent to a different address. Or
he or she might counterfeit your current credit card. One scenario: The crook or an accomplice might work at a retail
establishment--perhaps a bar or restaurant--where the card briefly may be out of sight. This person can swipe your card
through an electronic <strong>"skimming"</strong> device that captures key account information from the card's magnetic strip.</p>
<p>As for ATM cards (which deduct amounts taken at automated teller machines from your checking or savings account)
and debit cards (which deduct for cash or payments transacted at ATMs or retail establishments), the perpetrator might
steal an existing card or make a new one. He or she also might obtain your personal identification number (PIN)--the security
code you use to authorize transactions. </p>
<p>One way potential thieves might try to learn your PIN is to watch you type it as they look over your shoulder (even using binoculars, a telescope, or a video camera to try to see it). Another tactic used by criminals is to attach a keystroke recording device to an ATM or checkout register, perhaps at a gas station, convenience store, or other establishment where customers may be in too much of a hurry to notice something suspicious. Yet another way to obtain a PIN is to trick a consumer into divulging the numbers in response to a deceptive call or e-mail (a process commonly known as <strong>"<a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/../SecurityResources/Phishing.asp" target="_self">phishing</a>"</strong>).</p>
<h3>Best defense:</h3>
<p>Check your bank and credit card statements as soon as they arrive and immediately report any unusual or unauthorized transactions. Or better yet, don't wait for the statements, but be more proactive by going online frequently to check your recent transactions for suspicious activity. </p>
<p>Remember that criminals steal credit card solicitations, bank statements, and other important papers out of mailboxes, so take precautions with your incoming and outgoing mail (see "<a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/../SecurityResources/10SimpleThings.asp" target="_self">Ten Simple Things You Can Do to Fight Fraud</a>"). Also, contact your financial institution if your credit, debit or ATM card is lost, stolen or stuck inside an ATM. Never give your credit card or debit card number or PIN in response to an unsolicited e-mail or phone call. Never write your PIN on your card or on a piece of paper in your wallet–memorize the number instead.</p>
<p>Avoid ATMs in dark or remote areas or if people seem to be loitering by the machines. Steer clear of
anyone offering to "help" you carry out a transaction--it may be a setup. Walk away if it appears that
any machines may have been tampered with or if there's a sign directing you to use one of multiple machines--the one
that may be rigged with a keystroke recorder or a plastic insert that grabs cards until the criminals come for them.</p>
<p>Be very skeptical if a retail employee swipes your credit or debit card through two devices instead of
one--the second device could be a skimmer for recording your account information. If you spot a suspicious employee or
machine at a retail establishment, report it to a manager. If you still have concerns, report it to your card issuer's fraud
department. Always take your credit, debit and ATM receipts with you--never leave them for a crook to find useful account
information printed on the receipts.</p>
<p> </p>
<div id="inFrameBottomNav">
<span class="prev"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/HowTheyDidIt.asp" title=""><span>How Did They Access My Account?</span></A></span><i> </i><span class="next"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/10SimpleThings.asp"><span>Ten Ways to Fight Fraud</span></A></span><div><a href="http://www.providentcu.org/index.asp?i=security" target="_self" rel="Contents">Security Issues Index</a></div>
</div>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/-c53Fo7bsXQ" height="1" width="1"/>http://www.providentcu.org/index.asp?i=security&search=cardFraudTen Simple Things You Can Do to Fight FraudFraud and theft are things we all have to be aware of and vigilant against. Here are 10 things you can do to protect yourself.http://www.providentcu.org/+AccessAccounts/SecurityEtc/SecurityResources/10SimpleThings.asp2007-01-01T12:21:00-08:002007-01-01T12:21:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/Student-Side.png">
<ol class="bulletblue">
<li style="margin-top:1em;margin-bottom:1em;"><strong>Protect your Social Security number, credit card and debit card numbers, PINs (personal identification numbers), passwords and other personal information.</strong> A thief can use these details to order checks or credit cards, apply for loans or otherwise commit fraud using your name. <br>
<br>
Among the preventive measures you can take: <strong>Don't provide financial and other personal information in response to an unsolicited phone call, fax, letter or e-mail</strong>–it could be from a fraud artist masquerading as a legitimate business person or government official. Be particularly cautious with your Social Security number (SSN). While your employer and financial institutions will need your SSN for tax purposes, you have the right to refuse requests for your SSN from merchants and service providers (who have other ways to identify you). Also, if your state puts SSNs on driver's licenses, find out if you can use another number.<br>
<br>
Keep bank and credit card statements, tax returns, checks and other sensitive documents in a safe place at home. Shred these documents before discarding them.<br>
<br>
Also choose PINs and passwords for your credit union and Internet accounts that will be tough for someone else to figure out. Don't use your birth date or home address, for example. (More suggestions for guarding personal information appear elsewhere in this article.)</li>
<li style="margin-top:1em;margin-bottom:1em;"><strong>Deal only with legitimate, reputable businesses. </strong>Try to do business with companies you already know or that have been recommended. Do your research before giving money or personal information to an unfamiliar merchant (or charity or any other organization). For example, contact your state's Attorney General's office or the <a href="http://www.bbb.org/" target="_blank">Better Business Bureau</a> and ask about complaints, lawsuits or other matters involving a company's reputation. To check out an unfamiliar banking institution, contact the FDIC (see "For General Information from Financial Regulators").</li>
<li style="margin-top:1em;margin-bottom:1em;"><strong>Get key details in writing and read them thoroughly before agreeing to anything.</strong> Don't rely on a sales person's oral representations for a significant purchase or investment. Get as much written information as possible, including a contract, specifying cost information and your consumer rights. If a marketer refuses to supply written information or employs high-pressure sales tactics to get you to act fast, take that as your cue to say "goodbye."</li>
<li style="margin-top:1em;margin-bottom:1em;"><strong>Beware of "deals" requiring money up-front.</strong> "Congratulations, you've won a free vacation!" "Get rich quick–at no risk!" "We'll fix your credit problems–fast." Do these sound familiar? They're likely to be schemes to trick you into sending money or providing bank account information in exchange for promises of goods or services that will never be delivered. Be skeptical of any offer that's "free" or otherwise hard to believe and that, as a precondition, requires you to pay money (perhaps for a supposed "fee" or "tax").</li>
<li style="margin-top:1em;margin-bottom:1em;"><strong>Be extra careful when providing personal information over the telephone or Internet.</strong> Scam artists hide at the other end of the phone line or computer screen. So, don't give bank account information, Social Security numbers or personal data in response to an unsolicited phone call or e-mail (see our article on "<a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/../SecurityResources/Phishing.asp" target="_self">phishing</a>"). Remember that a legitimate company would never ask for passwords or other personal information by e-mail. Before providing credit card or other information to a Web site, confirm that the site is legitimate, not a copycat designed by a crook, by verifying that the Web site's address is an exact match for what appears in literature from the company or some other reliable source. You'd be wise to avoid an online merchant that doesn't list a phone number or physical address, as these are possible signs that the Web site and its owners are fraudulent.</li>
<li style="margin-top:1em;margin-bottom:1em;"><strong>Safeguard mail going to or from your home.</strong> It could include checks, credit card applications, bank statements and other items of value to a thief. Try to send and receive mail using locked mailboxes or otherwise secure locations. Remove incoming mail from your mailbox as soon as possible. If your mailbox is unlocked and you're going to be away on vacation or some other travel, have your mail held at the post office or picked up by a neighbor. If you're expecting a check, a credit card, or bank account information and it doesn't arrive in a reasonable period, notify the sender. As for outgoing mail containing a check or other personal financial information, put it in a blue Postal Service mailbox, hand it to a mail carrier, or take it to the post office.</li>
<li style="margin-top:1em;margin-bottom:1em;"><strong>Stop bandits from recycling your trash into cash. </strong>Thieves known as "dumpster divers" pick through garbage looking for credit card applications, monthly bank statements, receipts, "loan checks" (mailed by financial institutions with offers to "write yourself a loan") and other documents they can use to commit fraud. Before tossing out these items, destroy them, preferably using a "crosscut" shredder that turns paper into confetti. Before selling, donating or disposing of an old personal computer, use special software to completely erase files that contain financial records, tax returns, and other personal information. Thieves can sometimes access personal information from computer disks, even if you've deleted or revised the files on the disk. The easiest solution is to physically break any disk before throwing it away.</li>
<li style="margin-top:1em;margin-bottom:1em;"><strong>Limit the confidential information in your wallet in case it gets lost or stolen.</strong> Don't carry around more checks, credit cards or other bank items than you need. Consider reducing the number of credit cards you carry by canceling ones you don't use. Keep passports, Social Security cards, and birth certificates in a secure place, not in your wallet. Never keep passwords or PINs on or near your checkbook, credit card, ATM card, or debit card.</li>
<li style="margin-top:1em;margin-bottom:1em;"><strong>Review your credit card bills and bank statements as soon as they arrive, or go online even more often to review your recent account activity.</strong> If you notice something suspicious, perhaps a credit card purchase you didn't make or an unauthorized withdrawal from your checking account, contact the financial institution immediately. <br>
<br>
Also make sure you get your statement every month. If no statement arrives, that could be a sign that an identity thief has stolen it from your mailbox, or changed your mailing address for purposes of committing fraud in your name but from another location. Subscribe to Provident's e-Statements in order to avoid vulnerabilities of physical access to your statement.</li>
<li style="margin-top:1em;margin-bottom:1em;"><strong>Monitor your credit report for warning signs of fraud.</strong> Most experts say you should check your credit report at least once a year from each of the three major credit bureaus: <a href="http://www.equifax.com" target="_blank" >Equifax</a> (800-685-1111), <a href="http://www.experian.com" target="_blank" >Experian</a> (888-397-3742), and <a href="http://www.transunion.com" target="_blank" >TransUnion</a> (800-888-4213). When you get your report, look for anything suspicious, such as credit cards, loans, or leases that have been wrongfully taken out in your name.<br>
<br>
You can obtain a free copy of your credit report once a year from each of the three major credit bureaus. You also have the right to learn your credit scores, which are designed to help predict how likely you are to repay a loan or make payments on time. Plus, merchants must notify you if they plan to report negative information about you to a credit bureau. <br>
<br>
A copy of your credit report is also free in some states and some situations (such as if you believe you're a fraud victim or if you were recently denied credit or a job based on a credit report), but the most you'll pay under current rules is $9. <br>
<br>
Another option is to pay a service to help you monitor your credit report for possible signs of fraud. But beware of telephone or Internet scams promoting credit monitoring services, "free" credit reports, or credit card or ID theft insurance. These frauds typically use false or misleading statements to get you to send money or divulge personal information, including credit card or bank account numbers (see #1 and #5, above). </li>
</ol>
<p> </p>
<div id="inFrameBottomNav">
<span class="prev"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/DebitCards.asp" title=""><span>Credit/Debit/ATM Card Fraud</span></A></span><i> </i><span class="next"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/SecurePassword.asp"><span>Up to Date Info / Add Password</span></A></span><div><a href="http://www.providentcu.org/index.asp?i=security" target="_self" rel="Contents">Security Issues Index</a></div>
</div>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/N6tuSV7XOMU" height="1" width="1"/>http://www.providentcu.org/index.asp?i=security&search=10SimpleThingsKeep Your Info Up to Date, and Protect Your Account with a PasswordYou never know when we may need to contact you, so keeping your contact information up to date is important.
Also, did you know that you can add a password to your account to use over the phone?http://www.providentcu.org/+AccessAccounts/SecurityEtc/SecurityResources/SecurePassword.asp2007-01-01T12:20:00-08:002007-01-01T12:20:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/Student-Side.png">
<p>Provident Credit Union receives hundreds of pieces of returned mail due to out-of-date information. If you’ve recently changed your address, work or home phone number, or e-mail address, please be sure to notify us immediately so that we are able to get in touch with you. You never know when we may need to reach you.</p>
<h3>Choose Your Own Secure Password</h3>
<p>To protect your account information even further, we recommend that you set up a password that will serve as identification when you request account information or transactions through our Call Center or at one of our branches. At one time, Social Security Numbers and mother’s maiden names were commonly used. But these days, using these as a form of identification is something that people are concerned about, even with their financial institution. Creating a unique password is a safe and secure alternative. To select your password, give us a call at <!-- (650) 508-0300 or -->(800) 632-4600, send a <a href="http://www.providentcu.org/index.asp?i=signOn" target="_top" >secure e-mail</a> message through Account Manager with your requested password, or visit your local <a href="http://www.providentcu.org/index.asp?i=branches" target="_top">community branch</a>. We’ll have you set up in no time.</p>
<p> </p>
<div id="inFrameBottomNav">
<span class="prev"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/10SimpleThings.asp" title=""><span>Ten Ways to Fight Fraud</span></A></span><i> </i><span class="next"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/IDTheft.asp"><span>Go Online to Avoid ID Theft</span></A></span><div><a href="http://www.providentcu.org/index.asp?i=security" target="_self" rel="Contents">Security Issues Index</a></div>
</div>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/3sEXv7U7YKM" height="1" width="1"/>http://www.providentcu.org/index.asp?i=security&search=passwordPhoneIdentity Theft: Reduce the Risk by Using Provident's Online ServicesIs fear of identity theft keeping you from using online services, such as online banking?
Learn how frequent use of Account Manager and e-Statements actually reduces your risk.http://www.providentcu.org/+AccessAccounts/SecurityEtc/SecurityResources/IDTheft.asp2007-01-01T12:19:00-08:002007-01-01T12:19:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/Student-Side.png">
<p>If concern over security breaches has kept you from
utilizing <a href="http://www.providentcu.org/index.asp?i=AboutOnlineBanking" target="_top">Account Manager and
e-Statements</a>, our free online account services, you should know that electronic
access and delivery of your account information is much more secure than receiving it
in the mail.</p>
<p>Hard copy account statements are too easily intercepted. Between the
time they've been printed to the time they reach your mailbox, many human hands have
handled them, increasing the risk of your account information being compromised.</p>
<p>In fact, the majority of identity theft happens offline, such as by
people stealing your mail, rummaging through your trash, or stealing your wallet or purse.
With Account Manager, you are required to enter a PIN (Personal Identification Number)
that is only known to you, and you can check your account information regularly to ensure
nothing is amiss. With e-Statements, we notify you by e-mail when your e-Statement is
ready and you access it by signing on to Account Manager. With Provident's firewalls
and the high level of encryption, your account information is secure. It's that
simple and that safe.</p>
<p>Minimize the risk of identity theft--why not make this spring
the time you give <a href="http://www.providentcu.org/index.asp?i=AboutOnlineBanking" target="_top">Account Manager
and e-Statements</a> a try. If you are a first-time user of online banking services
or <a href="http://www.providentcu.org/index.asp?i=TTT" target="_top">Touch Tone Teller</a>, contact
our Call Center at <!-- (650) 508-0300 or -->(800) 632-4600 during business hours to request a
PIN. You'll be set to go in just minutes.</p>
<p> </p>
<div id="inFrameBottomNav">
<span class="prev"><a href="http://www.providentcu.org/AFrames/AccessAccounts/SecurityEtc/SecurityResources/SecurePassword.asp" title=""><span>Up to Date Info / Add Password</span></A></span><i> </i><span class="next"><A href="http://www.providentcu.org/index.asp?i=security" title="" rel="Contents"><span>Security Issues Index</span></A></span><div><a href="http://www.providentcu.org/index.asp?i=security" target="_self" rel="Contents">Security Issues Index</a></div>
</div>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/KCo-SuEZ7Sw" height="1" width="1"/>http://www.providentcu.org/index.asp?i=security&search=IDTheftVsOnlineUsing Your Smartphone Safely (CNET News, 1/5/2010)news.cnet.com: Worms, Trojans, and SMS attacks are risks for mobile devices like the iPhone, but the biggest practical threat to users is losing the device. Get your questions answered about protecting yourself in this age of mobile phone computing.http://news.cnet.com/8301-27080_3-10424759-245.html2007-01-01T12:18:00-08:002007-01-01T12:18:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/External_Link-Side.png"><b>news.cnet.com: </b>Worms, Trojans, and SMS attacks are risks for mobile devices like the iPhone, but the biggest practical threat to users is losing the device. Get your questions answered about protecting yourself in this age of mobile phone computing.
<p> </p>
<p><a href="http://www.providentcu.org/index.asp?i=security">Security Issues Index</a></p>
<p> </p>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/TNvUYhYia5M" height="1" width="1"/>http://news.cnet.com/8301-27080_3-10424759-245.htmlThe National Cyber Security Alliance: Stay Safe Onlinewww.staysafeonline.info: The go-to resource for cyber security awareness and education. A public-private partnership, NCSA provides tools and resources to empower people to stay safe online.http://www.staysafeonline.info/2007-01-01T12:17:00-08:002007-01-01T12:17:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/External_Link-Side.png"><b>www.staysafeonline.info: </b>The go-to resource for cyber security awareness and education. A public-private partnership, NCSA provides tools and resources to empower people to stay safe online.
<p> </p>
<p><a href="http://www.providentcu.org/index.asp?i=security">Security Issues Index</a></p>
<p> </p>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/p5Jmr974vx0" height="1" width="1"/>http://www.staysafeonline.info/On Guard Online | Your Safety Netonguardonline.gov: OnGuardOnline.gov provides practical tips from the federal government and the technology industry to help you be on guard against Internet fraud, secure your computer, and protect your personal information.http://onguardonline.gov/2007-01-01T12:16:00-08:002007-01-01T12:16:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/External_Link-Side.png"><b>onguardonline.gov: </b>OnGuardOnline.gov provides practical tips from the federal government and the technology industry to help you be on guard against Internet fraud, secure your computer, and protect your personal information.
<p> </p>
<p><a href="http://www.providentcu.org/index.asp?i=security">Security Issues Index</a></p>
<p> </p>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/zy_hqHybirU" height="1" width="1"/>http://onguardonline.gov/Don't Fall for the Nigerian Scamwww.snopes.com: It's a con that's been separating people from their cash since the 1920s, but its gotten much worse in the age of e-mail. Learn about this prevalent crime so that you do not become its next victim.http://www.snopes.com/crime/fraud/nigeria.asp2007-01-01T12:15:00-08:002007-01-01T12:15:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/External_Link-Side.png"><b>www.snopes.com: </b>It's a con that's been separating people from their cash since the 1920s, but its gotten much worse in the age of e-mail. Learn about this prevalent crime so that you do not become its next victim.
<p> </p>
<p><a href="http://www.providentcu.org/index.asp?i=security">Security Issues Index</a></p>
<p> </p>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/xmES1wsUOAE" height="1" width="1"/>http://www.snopes.com/crime/fraud/nigeria.aspFTC Resources to Help You Deal with Spamwww.ftc.gov: A list of Articles and Microsites with information you should know about Spam (unsolicited and unwanted e-mail), what you should do to avoid it, what to when you get it, and why this is important.http://www.ftc.gov/bcp/menus/consumer/tech/spam.shtm2007-01-01T12:14:00-08:002007-01-01T12:14:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/External_Link-Side.png"><b>www.ftc.gov: </b>A list of Articles and Microsites with information you should know about Spam (unsolicited and unwanted e-mail), what you should do to avoid it, what to when you get it, and why this is important.
<p> </p>
<p><a href="http://www.providentcu.org/index.asp?i=security">Security Issues Index</a></p>
<p> </p>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/TgO1Uvz_eFU" height="1" width="1"/>http://www.ftc.gov/bcp/menus/consumer/tech/spam.shtmFTC: How Not to Get Hooked by a Phishing Scamwww.ftc.gov: Don't be conned! Some e-mail looks legitimate, but is just there to get you to type in enough info for other people to steal your identity or spend your money, and ruin your credit.http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.shtm2007-01-01T12:13:00-08:002007-01-01T12:13:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/External_Link-Side.png"><b>www.ftc.gov: </b>Don't be conned! Some e-mail looks legitimate, but is just there to get you to type in enough info for other people to steal your identity or spend your money, and ruin your credit.
<p> </p>
<p><a href="http://www.providentcu.org/index.asp?i=security">Security Issues Index</a></p>
<p> </p>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/amiGTq1zgus" height="1" width="1"/>http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.shtmFTC: Protect Yourself Against Identity Theftwww.ftc.gov: Avoid being a victim of identity theft and learn what to do if you are victimized; visit this FTC Web site.http://www.ftc.gov/bcp/edu/microsites/idtheft/consumers/index.html2007-01-01T12:12:00-08:002007-01-01T12:12:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/External_Link-Side.png"><b>www.ftc.gov: </b>Avoid being a victim of identity theft and learn what to do if you are victimized; visit this FTC Web site.
<p> </p>
<p><a href="http://www.providentcu.org/index.asp?i=security">Security Issues Index</a></p>
<p> </p>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/MZD8C_33sy4" height="1" width="1"/>http://www.ftc.gov/bcp/edu/microsites/idtheft/consumers/index.htmlUS Treasury Department: Warning About Fraudulent E-Mail Schemeswww.ustreas.gov: In spite of what that e-mail might say, federal financial agencies do not communicate
with consumers by e-mail requesting important personal information such as your name, account
numbers, date of birth, or social security number.http://www.ustreas.gov/press/releases/js1130.htm2007-01-01T12:11:00-08:002007-01-01T12:11:00-08:00<img style="float:right; display:block;margin-left:1em;" src="http://providentcu.org/NewGraphics/NewerGraphics/categories_HomePage/w/External_Link-Side.png"><b>www.ustreas.gov: </b>In spite of what that e-mail might say, federal financial agencies do not communicate
with consumers by e-mail requesting important personal information such as your name, account
numbers, date of birth, or social security number.
<p> </p>
<p><a href="http://www.providentcu.org/index.asp?i=security">Security Issues Index</a></p>
<p> </p>
<img src="http://feeds.feedburner.com/~r/pcu-security/~4/FgLUxZy43mI" height="1" width="1"/>http://www.ustreas.gov/press/releases/js1130.htm