Tips to Avoid IRS & Online Banking Fraud
It’s tax time so I’ve decided to dedicate this issue to banking and IRS Fraud. Even my mother and close friends have been victims of ID theft with the subsequent IRS return fraud.
The good news is that my brother, Neil Karadbil, an Assistant US Attorney with the Southern District of Florida and his team successfully convicted two defendants for their participation in a stolen identity tax refund scheme resulting in millions of dollars in fraudulent activity.
A copy of this press release may be found on the website of the United States Attorney’s Office for the Southern District of Florida at http://www.usdoj.gov/usao/fls.
10 TIPS FOR SAFER ONLINE BANKING
It’s convenient and most of us do it; online banking. However, now we ask ourselves what is the risk of being compromised by hackers and those who illegally access our accounts due to identity theft.
The most important thing that you can do is monitor your account(s) closely. More than two million people per year have money stolen from their bank accounts, losing on average close to $1,200 or more.
Of course, you don’t have to be online to become a bank fraud victim. Crooks gain access to your account and debit card details through a variety of “old school methods”.
Even when I tried to stop my health insurance company from debiting my bank account since I had switched insurance companies I was told that my payee had to agree to stop withdrawing the insurance premium amount. This is an ACH (Automatic Clearing House) debit which most companies prefer than having bank checks automatically sent via the mail.
Here are some helpful guidelines to assist you in keeping your financial life safer:
- You need to log into your account(s) to closely monitor your balances and payments often;
- Refrain from doing your online banking transactions in public areas or on public networks because access is more readily available to cybercriminals;
- Avoid clicking on links to your bank in an email. It’s much safer to go to the actual website and login. Do NOT log in from your Google searches or other searches go directly to the actual website or page. The email could be a fake that appears genuine. Clicking links could lead to a spoof bank site phishing for your sign-on details. Even if it is legitimate, the best practice is to go to the website itself.
- Check to see that all sites are secure by looking for the “https” at the beginning of the website address. The “s” verifies that is secure (“s”).
- Change all your passwords regularly, and be sure that your antiviral software is up to date. Malware can capture passwords when you key them in if your antiviral software doesn’t prevent that from happening so constantly update.
While this is a fairly comprehensive list that when followed can help you travel a much safer online/financial road, be aware that nothing is 100% hack proof these days.
Crooks have become more sophisticated and computer technology has changed. Therefore, law enforcement and financial protection organizations have added more recommendations to bolster your online banking defenses and it’s a good practice to question what your bank or institution might be using just so you can sleep better at night knowing you are safer than the day before.
If you are banking on your hand held devices, please try and follow these tips:
- If you use a mobile device for your banking, make sure it’s properly protected against physical theft. That puts the responsibility on you to keep your device(s) close to you at all times. Some devices have alerts that will tell you buzz, ring, chime or sing out (your choice of music) to let you know that you have left it behind.
Do not set up automatic logins to any accounts because it’s much easier for a hacker to access your information. Take the extra 20 seconds to log in each time you log on.
Do password protect your device(s) so thieves can’t access it at all. Each device is different so when you purchase it ask how to password protect it, or if you already have a device and you haven’t done so, call the manufacturer or go to the local store and ask how. This includes laptops, tablets, cell phones, iPads, and any other mobile device you are using.
DO NOT store passwords for sensitive accounts on your devices or in your browsers no matter what you are using.There are password managers where you can store all of your passwords, but for better safety, I would simply put them in a safe place where no one can get to them. This is a personal option.
There are a number of password managing products such as Scambusters which includes Last Pass (free), KeePass (free) and RoboForm (paid-for and free versions).
Whether you utilize a password managing product or simply have another system, be sure to generate difficult passwords that are not easy to figure out.
Here are a few more tips:
- Always log out after using your online account(s). Do not simply hit the “close” buttons that are on your menu bar. By logging out you are assuring that you have CUT OFF immediate access to your information. This prevents a hacker or possibly a burglar from gaining access.
- Most banks and some other accounts online will automatically log you out after a brief period of time due to inactivity – each one is different – maybe 5 minutes, maybe more or less. DO NOT COUNT ON THAT. Log yourself out each and every time.
- Some banks offer extra security through what is known as “two factor authentication” which is exactly what it states. You must enter your ID, password, and then some other form of verification before you can access your account. One bank I know has 3 factors that you must get through before you can gain access to your account.
- The extra step might be a text message to your phone with a specific site key or with others you may have to answer personal questions. Banks are offering other additional security codes and passwords to make it tougher for criminals to access your information. To learn more about two factor authentications, see this Wikipedia entry: http://en.wikipedia.org/wiki/Two-step_verification
- Arrange for your bank to send your balance and transaction notifications either daily or in intervals to let you know what activity is going on with your accounts.
Be certain that you are working with a properly constituted bank because just as criminals can set up fraudulent online stores, they can also set up BANKS THAT REALLY DON’T EXIST.
If you are just starting out with online banking and setting up a new bank, be CERTAIN that you read the US Federal Deposit Insurance Corporation (FDIC) “About Us” section on a bank website.
It will show its history, official name and main office (corporate headquarters) address. The bank should also be covered by FDIC insurance to ensure your funds are properly protected.
The FDIC logo should be easily located on the webpage but if this is a bank that you have not heard of or properly researched, note the FDIC logo can certainly be duplicated/forged.
A good practice is to visit the FDIC’s site and search the name of the bank to ensure its credibility. Here’s the link: http://research.fdic.gov/bankfind/
If a bank isn’t registered with the FDIC it doesn’t necessarily mean it’s a scam, however, it would be highly unusual and I would go with another bank that is. If it’s an overseas bank that doesn’t have FDIC protection for your funds and it folds, your funds will fold with it.
You can contact the FDIC toll free at 1-877-275-3342 to check the validity of a bank.
Finally, THE GOLDEN RULE, whether you bank online or at a physical bank, NEVER NEVER NEVER provide your personal account details in response to any messages, including SMS texts, emails or pop-ups.
One of the popular scans is that you may be told your account is frozen, systems are being upgraded or all sorts of stories designed to convince you to disclose the information. REMEMBER, BANKS DO NOT WORK THAT WAY – NEITHER SHOULD YOU.
Now you’re set for safer online banking — but don’t let your guard down!