Protect Yourself from Card Skimming

Tuesday, October 18 at 09:30 AM
Category: Personal Finance

Become an educated consumer to help protect yourself from ill-intentioned people who may try to skim your debit or credit card. 

What is a Card Skimmer? 
A card skimmer is an electronic method of capturing a victim's personal information to be used by thieves. The skimmer is a small device that scans a credit or debit card and stores the information contained in the card’s magnetic strip. 

Installed Skimmers
Skimmers are often installed where you normally swipe your card – on ATMs, gas pumps and payment machines at merchants. They are difficult to see and could be just a piece of plastic over the normal card slot, but with a tiny computer inside.

Skimmers can quickly read everything they need when you use your card, and they store that information for thieves to use later. Some skimmers send the information wirelessly, which reduces risk for thieves.
In many cases, skimmers do not interfere with your transaction, so you don’t know your card number has been stolen. Your card passes right through the skimmer, and everything seems normal.

Handheld Skimmers
Skimmers can also be “mobile” devices, tucked away in a pocket. For example, when you hand your card to a dishonest waiter to pay for dinner, it only takes a second to run your card through a skimmer while walking back to the cash register.

In addition to the card reader, skimming scams often use hidden cameras and other equipment to capture your personal identification number (PIN). Popular camera locations include: in the card reader, mounted at the top of the ATM or in plastic cases holding brochures.
Another technique is to alter the keypad (possibly by placing a fake keypad over the original one) with a device that records your PIN. Heat-sensitive cameras on mobile devices can also help with figuring out your PIN.
How to Avoid Skimming Scams
  • Know your location: It’s best to swipe your card in secure areas, and avoid insecure areas.  
  • Protect your PIN: When you enter your PIN, no matter where you are, cover your hand (with your other hand). This makes it harder for cameras to record your PIN and prevents anybody from watching what you enter.
  • Check for Tampering: If something looks odd, such as a different color or material, graphics that aren’t aligned correctly, or anything else that does not look right, walk away and use a different machine. Skimmers sometimes stick out an extra half-inch, but many of them are extremely well-designed and difficult to spot. 
  • Don’t accept “help”: If you get offers to help from strangers hanging around the machine, decline the offer and leave. They may say they were having trouble also, and you just need to enter your PIN again.
We regularly monitor for unusual activity on your account and will contact you if we detect suspicious charges. If you suspect your card has been skimmed or see unauthorized charges on it, please contact us at (866) 952-9523. 
By learning tactics thieves can use to skim cards, you can become more alert and help protect yourself and your cards.
Tags: Fraud Alert, Privacy and Security

Business Cyber Security and Fraud Conference

Wednesday, September 28 at 07:05 AM
Category: Business Banking

Arvest Bank and the Fayetteville Chamber of Commerce join Arkansas Small Business and Technology Development Center to offer informational seminar.

FAYETTEVILLE, Ark. — Business owners and managers work hard to earn every penny they take in from their customers, so safeguarding earnings is important in the internet age when cyber attackers can empty out business accounts in mere minutes.

According to fraud advisories issued by federal law enforcement agencies — including the United States Secret Service and the Federal Bureau of Investigation — cyber criminals are targeting financial accounts of owners and employees of businesses, resulting in significant business disruption and substantial monetary losses due to fraudulent transfers from those accounts. Often those funds cannot be recovered.

Arvest Bank, the Fayetteville Chamber of Commerce and the Walton College Arkansas Small Business and Technology Development Center are co-sponsoring the “Business Cyber Security and Fraud Conference” at the Reynolds Center Auditorium of the Sam M. Walton College of Business, University of Arkansas at Fayetteville, from 1 to 5 p.m. on Oct. 11, 2016. 

A panel of six industry professionals will define and address topics and offer practical solutions useful in today’s cyber business and banking world:

- Jon Pascoe of Arvest Bank

- Amanda Kastler of Elliott, Robinson & Co., LLP, CPA

- Tom Douglas of JMark Business Solutions, Inc.

- Jeff Eiserman of Ollis/Akers/Arney

- Special Agent Jason Frankenberger of the Federal Bureau of Investigation

- Dewayne Burns of eSCO

Free parking is provided in the Harmon Avenue parking garage. Patrons may present their parking coupon at check-in for validation. 

Seating is limited to 300. Pre-registration is required at*

Links marked with * go to a third-party site not operated or endorsed by Arvest Bank, an FDIC-insured institution.

Tags: Arkansas, Arvest Biz, Business Banking, Fayetteville, Press Release, Privacy and Security

Businesses – Beware of Ransomware

Wednesday, June 08 at 06:55 AM
Category: Business Banking

Ransomware is a form of malware that targets both human and technical weaknesses in organizations in an effort to deny the availability of critical data and/or systems. When the victim organization determines they are no longer able to access their data, the cyber actor demands the payment of a ransom, at which time the actor purportedly provides an avenue to the victim to regain access to their data. Recent iterations target enterprise end users, making awareness and training a critical preventative measure.

Infection Vectors
Ransomware is frequently delivered through phishing emails with malicious attachments or/and links. Early ransomware emails were often generic in nature, but more recent emails are highly targeted to both the organization and individual, making scrutiny of the document and sender important to prevent exploitation.

While the FBI normally recommends organizations invest in measures to prevent, detect, and remediate cyber exploitation, the key areas to focus on with ransomware are prevention, business continuity, and remediation.

Prevention Considerations
  • Focus on awareness and training. Since end users are targeted, employees should be made aware of the threat of ransomware, how it is delivered, and trained on information security principles and techniques.
  • Patch the operating system, software, and firmware on devices. 
  • Ensure anti-virus and anti-malware solutions are set to automatically update and regular scans are conducted.
  • Manage the use of privileged accounts. Implement the principle of least privilege. Those with a need for administrator accounts should only use them when necessary.
  • Disable macro scripts from office files transmitted via email. 
  • Implement software restriction policies (SRP) or other controls to prevent the execution of programs in common ransomware locations.
Business Continuity Considerations
  • Regularly back up data and verify its integrity.
  • Secure your backups. Ensure backups are not connected to the computers and networks they are backing up.
Other Considerations
  • Implement application whitelisting. 
  • Use virtualized environments to execute operating system environments or specific programs.
  • Categorize data based on organizational value, and implement physical/logical separation of networks and data for different organization units. 
  • Require user interaction for end user applications communicating with websites uncategorized by the network proxy or firewall. 
The Ransom
The FBI does not advocate paying a ransom to an adversary. Paying a ransom does not guarantee an organization will regain access to their data. Paying a ransom emboldens the adversary to target other organizations for profit and provides a lucrative environment for other criminals to become involved. 
Finally, by paying a ransom, an organization is funding illicit activity associated with criminal groups, including potential terrorist groups, who likely will continue to target an organization. While the FBI does not advocate paying a ransom, there is an understanding that when businesses are faced with an inability to function, executives will evaluate all options to protect their shareholders, employees and customers.

In all cases, the FBI encourages organizations to contact their local FBI Cyber Task Force immediately to report a ransomware event and request assistance. The FBI works with federal, state, local and international partners to pursue cyber actors globally and assist victims of cyber crime. Victims are also encouraged to report cyber incidents to the FBI’s Internet Crime Complaint Center*.
Information courtesy of the Federal Bureau of Investigation – Cyber Division. 

Links marked with * go to a third-party site not operated or endorsed by Arvest Bank, an FDIC-insured institution.

Tags: Arvest Biz, Business Banking, Privacy and Security, Technology

How to Keep Your Devices Secure

Monday, May 23 at 10:55 AM
Category: Personal Finance

This is the third of a three-part series on protecting your personal information. 

Securing your electronic devices is just as essential as securing your information offline. Here are some ways to make sure you’re being smart with your use of technology.  

Use Security Software
Install anti-virus software, anti-spyware software and a firewall. Set your preference to update these protections often. Protect against intrusions and infections that can compromise your computer files or passwords by installing security patches for your operating system and other software programs.

Avoid Phishing Emails
Don’t open files, click on links, or download programs sent by strangers. Opening a file from someone you don’t know could expose your system to a computer virus or spyware* that captures your passwords or other information you type.

Be Wise About Wi-Fi
Before you send personal information over your laptop or smartphone on a public wireless network* in a coffee shop, library, airport, hotel or other public place, see if your information will be protected. If you use an encrypted website, it protects only the information you send to and from that site. If you use a secure wireless network, all the information you send on that network is protected.

Lock Up Your Laptop
Keep financial information on your laptop* only when necessary. Don’t use an automatic login feature that saves your user name and password, and always log off when you’re finished. That way, if your laptop is stolen, it will be harder for a thief to get at your personal information.

Read Privacy Policies
Yes, they can be long and complex, but they tell you how the site maintains accuracy, access, security and control of the personal information it collects; how it uses the information; and whether it provides information to third parties. If you don’t see or understand a site’s privacy policy, consider doing business elsewhere.

Technology greatly benefits our lives, but we need to protect it so it doesn’t harm our lives too.

Information courtesy of FTC Consumer Information.

Links marked with * go to a third-party site not operated or endorsed by Arvest Bank, an FDIC-insured institution. 

Tags: Consumer Protection, Privacy and Security

How to Keep Your Personal Info Secure Online

Monday, May 16 at 10:35 AM
Category: Personal Finance

This is the second of a three-part series on protecting your personal information. Check out the first part about how to keep information secure offline.

In addition to securing your personal information offline, as discussed previously, it’s critical to also use protective measures online. Know who you share your information with. Also, store and dispose of your personal electronic devices securely.

Be Alert to Impersonators
Make sure you know who is getting your personal or financial information. Don’t give out personal information on the phone, through the mail or over the internet unless you’ve initiated the contact or know who you’re dealing with. If a company that claims to have an account with you sends email asking for personal information, don’t click on links in the email. Instead, type the company name into your web browser, go to their site, and contact them through customer service. Or, call the customer service number listed on your account statement. Ask whether the company really sent a request.

Safely Dispose of Personal Information
Before you dispose of a computer*, get rid of all the personal information it stores. Use a wipe utility program to overwrite the entire hard drive.

Before you dispose of a mobile device*, check your owner’s manual, the service provider’s website, or the device manufacturer’s website for information on how to delete information permanently, and how to save or transfer information to a new device. Remove the memory or subscriber identity module (SIM) card from a mobile device. Remove the phone book, lists of calls made and received, voicemails, messages sent and received, organizer folders, web search history and photos.
Encrypt Your Data
Keep your browser secure. To guard your online transactions, use encryption software that scrambles information you send over the internet. A “lock” icon on the status bar of your internet browser means your information will be safe when it’s transmitted. Look for the lock before you send personal or financial information online.

Keep Passwords Private
Use strong passwords with your laptop, credit, bank and other accounts. Be creative. One idea is to think of a special phrase and use the first letter of each word as your password. Substitute numbers for some words or letters. For example, “I want to see the Pacific Ocean” could become 1W2CtPo.

Don’t Overshare on Social Networking Sites
If you post too much information about yourself, an identity thief can find information about your life, use it to answer “challenge” questions on your accounts, and get access to your money and personal information. Consider limiting access to your networking page to a small group of people. Never post your full name, Social Security number, address, phone number, or account numbers in publicly accessible sites.
Proactive measures online to safeguard your personal information can help prevent you from being a victim of identity theft.

Information courtesy of FTC Consumer Information.

Links marked with * go to a third-party site not operated or endorsed by Arvest Bank, an FDIC-insured institution. 

Tags: Consumer Protection, Privacy and Security

How to Keep Your Personal Info Secure Offline

Monday, May 09 at 11:20 AM
Category: Personal Finance

This is the first of a three-part series on protecting your personal information.

Protecting your personal information can help reduce your risk of identity theft. There are several main ways to do it:
  • Know who you share information with
  • Store and dispose of your personal information securely, especially your Social Security Number
  • Ask questions before deciding to share your personal information
Lock It Up
Lock your financial documents and records in a safe place at home, and lock your wallet or purse in a safe place at work. Keep your information secure from roommates or workers who come into your home.
Limit what you carry. When you go out, take only the identification, credit cards and debit cards you need. Leave your Social Security card at home. Make a copy of your Medicare card and black out all but the last four digits on the copy. Carry the copy with you — unless you are going to use your card at the doctor’s office.

Before you share information at your workplace, a business, your child's school, or a doctor's office, ask why they need it, how they will safeguard it and the consequences of not sharing.

Shred It
Shred receipts, credit offers, credit applications, insurance forms, physician statements, checks, bank statements, expired charge cards and similar documents when you don’t need them any longer. Destroy the labels on prescription bottles before you throw them out. Don’t share your health plan information with anyone who offers free health services or products.

Manage Your Mail
Take outgoing mail to the post office. Promptly remove mail that arrives in your mailbox. If you won’t be home for several days, request a vacation hold* on your mail. When you order new checks, don’t have them mailed to your home, unless you have a secure mailbox with a lock.

Opt Out
Consider opting out* of prescreened offers of credit and insurance by mail. You can opt out for five years or permanently. To opt out, call (888) 567-8688 or go to*. The three nationwide credit reporting companies operate the phone number and website. Prescreened offers can provide many benefits. If you opt out, you may miss out on some offers of credit.

Secure Social Security Number
Keep a close hold on your Social Security number and ask questions before deciding to share it. Ask if you can use a different kind of identification. If someone asks you to share your or your child’s Social Security number, ask:
  • Why they need it
  • How it will be used
  • How they will protect it
  • What happens if you don’t share the number
The decision to share is yours. A business may not provide you with a service or benefit if you don’t provide your number. Sometimes you will have to share your number. Your employer and financial institutions need your Social Security number for wage and tax reporting purposes. A business may ask for your Social Security number so they can check your credit when you apply for a loan, rent an apartment or sign up for utility service. 
Information courtesy of FTC Consumer Information.

Links marked with * go to a third-party site not operated or endorsed by Arvest Bank, an FDIC-insured institution. 

Tags: Consumer Protection, Privacy and Security

Choose one or more categories to subscribe to: