If you believe you are a victim of identity theft, you should place fraud alerts in your file at the nationwide consumer credit reporting companies as soon as possible.
You have the right to ask that nationwide consumer credit reporting companies place "fraud alerts" in your file to let potential creditors and others know that you may be a victim of identity theft. A fraud alert can make it more difficult for someone to get credit in your name because it tells creditors to follow certain procedures to protect you. It also may delay your ability to obtain credit.
You may place a fraud alert in your file by calling just one of the three nationwide consumer credit reporting companies. As soon as that agency processes your fraud alert, it will notify the other two, which then also must place fraud alerts in your file.
FDIC Consumer Education
The Federal Deposit Insurance Corporation provides news and information to help you protect against identity theft and steps to take if you become a victim. FDIC’s website
The Federal Trade Commission developed in-depth information to help you minimize your risk by managing your personal information wisely and cautiously. We advise you to take the time to read this publication. Take Charge: Fighting Back Against Identity Theft.
Mandated by the 2003 Fair and Accurate Credit Transactions Act (FACT), every consumer has access to one free annual credit report from each of the major credit reporting companies, Equifax, Experian and TransUnion. AnnualCreditReport.com enables you to request your credit report online. We advise you to close your browser after obtaining your report to ensure that your personal information is not at risk.
E-Mail fraud, sometimes referred to as spoofing, phishing, or imposter e-mail, is increasing at an alarming rate. It involves sending customers what appears to be a legitimate e-mail request for account information, often under the guise of “helping” the customer by defining a potential security threat. The originator of the e-mail will ask for sensitive information like your social security number, account numbers, User ID, and passwords.
How’s it done? There are many varieties and versions of e-mail fraud. This describes the general theme.
The email itself might contain a form for the customer to complete. Or, the e-mail might include a link to the perpetrator’s web site that contains a form for entering personal information. Like the e-mail, the web site is designed to trick the customer into believing it belongs to the bank.
In the end, the goal of the fraud is to use the customer’s information to gain unauthorized access to financial accounts or to engage in other illegal activities.
Much has been written on the problem of Identity Theft. Our research led us to the Federal Trade Commission web site. Once again, we advise you to take the time to visit their website at http://www.consumer.ftc.gov/features/feature-0014-identity-theft.
If you are a victim of identity theft, call the FTC’s Identity Theft Hotline toll-free at 1-877-IDTHEFT (438-4338).
The Federal Deposit Insurance Corporation (FDIC) has produced a multimedia presentation to help you protect yourself from identity theft. The presentation provides information on steps you should take to secure your computer and protect yourself from identity theft, as well as actions you should take if you become a victim of identity theft. The presentation is on the FDIC’s website at http://www.fdic.gov/consumers/consumer/guard/index.html.
We cannot state enough how seriously we take the responsibility as caretaker of your accounts. It is important for you to be able to recognize an authentic email from us and follow safe internet practices.
1. Somerset Trust Company will NEVER request personal information from you via email. For that matter, no reputable organization should request personal information from you via public email. Likewise – DO NOT SEND an email to us that contains your personal information.
If you receive an email that looks like it came from us and requests your personal information, do not respond to it. Tell us about the email by calling 800-972-1651 or 814-443-9200.
Personal information includes:
STC OnLine Banking provides for secure messaging after you login to online banking between you and the bank. This electronic messaging system is your one-to-one connection with us. It has nothing to do with any outside email service you may subscribe to. This assures you of full confidentiality and security of your messages. Please feel free to include as much detail as possible, including full account numbers, names, etc. in the messages you send Somerset Trust Company through STC OnLine Banking.
2. If a public email requests your personal information, don’t reply to it. Be wary of emails that ask you to submit any personal information or one that sends you personal information and asks you to verify or update it.
3. Access STC OnLine Banking, Trust Account Access, or Credit Card Access by typing Somerset Trust Company’s web site address into your web browser. Never go to a website from a link in an email and enter your personal details. Our web site address is www.somersettrust.com.
4. Review your bank account, credit card statements and phone bills as soon as you receive them to determine if there are any unauthorized charges. If your statement is late, call the appropriate business and confirm your billing address and account balances.
5. Look for the secure site symbol on your browser. Secure browsers employ secure sockets layer (SSL) technology to communicate with servers. This technology encrypts, or scrambles, your account information so it’s virtually impossible for anyone other than the Bank to read it.
You can identify that your online information is encrypted by locating a symbol of a closed lock or unbroken key displayed within your browser. Also, the website’s address should read https: for a secure website, not http:. Look for the ’s’. Again – https: indicates a secure website.
6. Change your passwords or PIN often. Use both letters and numbers and both upper and lower case letters if possible. Use a different password if you have multiple online account access points.
Wired Access by Home Computer:
You will need a current anti-virus/anti-spyware scanning program, a current patched operating system, and a secure browser program. The Windows firewall should be activated, or another software firewall should be on the computer along with Intrusion Prevention or Intrusion Detection.
Access by Wireless Home Network:
You will need all of the security measures applicable to the wired home computers plus the wireless router should have strong password protection, and it is recommended the wireless network have at least WP A or WP A-2 PSK encryption rather than WEP encryption.