Always keep in mind that The Bank & Trust of Bryan/College Station will never send email containing attachments, or require customers to send personal information to us via email or pop-up windows. Any unsolicited request for a Bank & Trust account information you receive through emails or Web sites should be considered fraudulent and reported to us immediately.

In the worst case, you could find yourself a victim of identity theft. With the sensitive information obtained from a successful phishing scam, these thieves can take out loans or obtain credit cards and even driver’s licenses in your name. They can do damage to your financial history and personal reputation that can take years to unravel. But if you understand how phishing works and how to protect yourself, you can help stop this crime.

Here’s how phishing works:

In a typical case, you’ll receive an e-mail that appears to come from a reputable company that you recognize and do business with, such as your bank. In some cases, the e-mail may appear to come from a government agency, including one of the federal financial institution regulatory agencies. The e-mail will probably warn you of a serious problem that requires your immediate attention. It may use phrases, such as “Immediate attention required,” or “Please contact us immediately about your account.” The e-mail will then encourage you to click on a button to go to the bank’s Web site. In a phishing scam, you could be redirected to a phony Web site that may look exactly like the real thing. Sometimes, in fact, it may be the company’s actual Web site. In those cases, a pop-up window will quickly appear for the purpose of harvesting your financial information.

In either case, you may be asked to update your account information or to provide information for verification purposes: your Social Security number, your account number, your debit and credit card numbers, your Internet banking user codes, your password, or other information you may use to verify your identity such as your mother’s maiden name or your place of birth.

If you provide the requested information, you may find yourself the victim of identity theft.

How to protect yourself

1. Never provide your personal information in response to an unsolicited request, whether it is over the phone or over the Internet. E-mails and Internet pages created by phishers may look exactly like the real thing. They may even have a fake padlock icon that ordinarily is used to denote a secure site. If you did not initiate the communication, you should not provide any information.

2. If you believe the contact may be legitimate, contact the bank or company yourself. Don’t use the links in an email to get to any web page, if you suspect the message might not be authentic. The key is that you should be the one to initiate the contact, using contact information that you have verified yourself. Instead, call the company on the telephone, or log onto the website directly by typing in the Web address in your browser. For other financial institutions and companies, you can find phone numbers and Web sites on the monthly statements you receive, or you can look the company up in a phone book or on the Internet.

3. Never provide your password over the phone or in response to an unsolicited Internet request. Avoid filling out forms in email messages that ask for personal financial information. You should only communicate information such as credit card numbers or account information via a secure website or the telephone. Thieves armed with this information and your account number can help themselves to your savings. The Bank & Trust and other financial institutions will never ask you to verify your account information online.

4. Review account statements regularly to ensure all charges are correct. If your account statement is late in arriving, call us to find out why. Use our Internet banking systems to periodically review activity online to catch suspicious activity.

5. Ensure that your browser is up to date and security patches applied.

What to do if you fall victim:
Contact us at (979) 260-2100 immediately to alert us to the situation. If you have disclosed sensitive information in a phishing attack, you should also contact one of the three major credit bureaus and discuss whether you need to place a fraud alert on your file, which will help prevent thieves from opening a new account in your name. Here is the contact information for each bureau’s fraud division:

Equifax
800-525-6285
P.O. Box 740250
Atlanta, GA 30374

Experian
888-397-3742
P.O. Box 1017
Allen, TX 75013

TransUnion
800-680-7289
P.O. Box 6790
Fullerton, CA 92634

Report all suspicious contacts to the Federal Trade Commission by calling 1-877-IDTHEFT.

Other Simple Steps to Safeguard Your Identity

At The Bank & Trust, we put a combination of safeguards in place to protect customers, including employee training, rigorous security standards, data encryption and fraud detection. You can take these steps to avoid becoming a victim:

• Don’t give your Social Security or account numbers to anyone over the phone unless you initiated the call.
• Safeguard your checkbook and supply of checks.
• Always write checks in ink.
• Don’t put paid bills with checks inside of your mailbox for postal pickup.
• Tear up receipts, old account statements and unused credit card offers before throwing them away. Crooks could steal information from your trash and use it to get credit in your name.
• Review your account and credit card statements as soon as you receive them to check for unauthorized transactions.
• Protect your PINS and computer passwords; use a combination of letters and numbers and change them often. Never carry this information with you!
• Order copies of your credit report once a year to ensure accuracy. Call any of the three national credit reporting agencies: Trans Union (800) 888-4213, Equifax (800) 685-1111 and Experian (888) 397-3742.
• Report any suspected fraud to your bank and credit card issuers immediately so they can start to close accounts and clear your name right away.