Security and Fraud
Here at Ann Arbor State Bank we handle privacy and the security of your financial data with the utmost care. We encourage you to use the following practices to protect your financial data from scams and identity theft.
“Social engineering” is the practice used by fraudsters to obtain confidential information by manipulating the behaviors of legitimate users. It uses vulnerabilities in human behavior to gather personal and financial information from unwitting victims. Thieves who employ social engineering are highly skilled in psychological persuasion and use it to their advantage to gain your trust.
Identity thieves use the phone, the Internet, and will even go through your trash (or “dumpster dive”) in order to obtain your sensitive information.
Over the phone they’ll employ a well-rehearsed script and pretend to be someone important or official in order to gather your private information. Identity thieves gain their victims’ trust to coax out important information such as their Social Security numbers, bank account numbers, and passwords.
Online, thieves use official-looking emails with attachments that try to convince you to open them, but these can contain malicious software programs that can record your keystrokes (including usernames and passwords) and send the information to identity thieves without your knowledge.
Follow three simple rules when you see emails that may be part of a phishing scheme:
Phishers typically include upsetting or exciting (but false) statements in their emails with one purpose in mind. They want people to react immediately to that false information, by clicking on the link and inputting the requested data before they take time to think through what they are doing. Resist that impulse to click immediately. No matter how upsetting or exciting the statements in the email may be, there is always enough time to check out the information more closely.
Look more closely at the claims made in the email and think about whether those claims make sense. Be highly suspicious if it asks for numerous items of your personal information such as account numbers, usernames, or passwords. For example:
If the email indicates that it comes from a bank or other financial institution where you have a bank or credit card account, but tells you that you have to enter your account information again, that makes no sense. Legitimate banks and financial institutions already have their customers’ account numbers in their records. Even if the email says a customer’s account is being locked or terminated, the real bank or financial institution will still have that customer’s account number and identifying information.
If the email says you’ve won a prize but asks for financial or personal data there is good reason to be suspicious. Legitimate companies that want to give you a real prize don’t ask you for extensive amounts of personal and financial information before you’re entitled to receive it.
If the email or website purports to be from a legitimate company or financial institution, call or email that company directly and ask whether the email or website is really from them. To be sure you’re contacting the real company or institution where you have an account, use the toll-free phone numbers from statements or the backs of your cards. Don’t rely on a telephone number contained in the suspect email.