Security and Education
Did you know?
We consider it our responsibility to keep you safe and well-informed. This education center is designed to provide helpful banking and safety information. If you have additional questions or concerns after watching these educational videos and reviewing this information, please contact us for more details.
Customer Education: How we keep you safe
First Federal Savings is invested in keeping your financial information secure. We have specific procedures in place for contacting customers to keep your information and identity safe. The document below outlines the ways we will contact you, it also warns against providing account or personal information to outside sources. Please review this material and trust your instincts. Whenever something seems suspicious refuse to provide your information and contact us immediately at 800-589-8850.
Learn More: About Combating Fraud
Overview of Security
The Internet Banking login process includes several layers of security. This security is intended to prevent unauthorized access to your account, validate your identity, protect your account information from fraudulent use, and prevent the theft of your identity.
Learn More: Overview of Security
Check here for the latest security alerts and notifications.
Protect your identity and accounts
- Do not click suspicious links or open unexpected attachments or texts. Be aware of Phishing emails and Smishing texts.
- Do not provide account info to links in emails or texts.
- Do not provide account information over the phone to live or automated systems other than FFSL Touch Tel Phone Banking at:
- Always verify the identity of the person on the phone by calling back a known number, which are listed under FFSL Methods of Contact.
- Do not use unknown or unsafe devices to access your account. This includes cell phones, tablets or computers.
- Use only phones, tablets and computer with the latest software and security patches.
Use auto-update for all programs to receive the latest security patches. See Securing Your Device.
Windows XP and Windows Vista (as of 4/11/2017) are no longer updated by Microsoft. Consider Upgrading to Windows 10.
Use anti-virus software and keep it updated. See Securing Your Device.
Keep your browser updated. See Securing Your Device.
We are providing these instructions as a courtesy only. We cannot and will not provide any support beyond providing these written instructions. Do not call for technical support.
- Even with these recommendations, you the consumer must remain vigilant and suspicious of requests for information in order to protect yourself. Be very careful and report all suspicious activity to FFSL immediately.
- Report fraud immediately. Call us at (800) 589-8850.
- Click here for Approved FFSL Methods of Contact.
- Click here to download All FFSL Security & Education Information.
Phishing is a form of fraud in which the attacker tries to learn information such as login credentials or account information.
SmiShing is about sending false, fake text messages, claiming the mobile user that they have won a free product or need to enter information.
Online Banking security is intended to prevent unauthorized access to your account, validate your identity, protect your account information from fraudulent use, and prevent the theft of your identity.
7 Tips to Prevent Tax ID Fraud
SALEM, Ore., January 25, 2017 – As the 2017 tax season gets underway, the Oregon Bankers Association (OBA) is urging all Oregonians to take extra precaution when filing their return to prevent their exposure to tax fraud.
“Fraudsters are using very clever tactics to get a hold of your personal information and submit false tax claims,” said OBA President and CEO Linda Navarro. “Consumers must be suspicious of any communication from the IRS – through email, text or social media – that requests personal information, and should keep a watchful eye out for missing W-2s and mail containing sensitive financial information.”
Tax identity fraud takes place when a criminal files a false tax return using a stolen Social Security number in order to fraudulently claim the refund. Identity thieves generally file false claims early in the year and victims are unaware until they file a return and learn one has already been filed in their name.
To help consumers prevent tax ID fraud, the OBA is offering the following tips:
- File early. File your tax return as soon as you’re able giving criminals less time to use your information to file a false return.
- File on a protected Wi-Fi network. If you’re using an online service to file your return, be sure you’re connected to a password-protected personal network. Avoid using public networks like a Wi-Fi hotspot at a coffee shop.
- Use a secure mailbox. If you’re filing by mail, drop your tax return at the post office or an official postal box instead of your mailbox at home. Some criminals look for completed tax return forms in home mailboxes during tax season.
- Find a tax preparer you trust. If you’re planning to hire someone to do your taxes, get recommendations and research a tax preparer thoroughly before handing over all of your financial information.
- Shred what you don’t need. Once you’ve completed your tax return, shred the sensitive documents that you no longer need and safely file away the ones you do.
- Beware of phishing scams by email, text or phone. Scammers may try to solicit sensitive information by impersonating the IRS. Know that the IRS will not contact you by email, text or social media. If the IRS needs information, they will contact you by mail first.
- Keep an eye out for missing mail. Fraudsters look for W-2s, tax refunds or other mail containing your financial information. If you don’t receive your W-2s, and your employer indicates they’ve been mailed, or it looks like it has been previously opened upon delivery, contact the IRS immediately.
If you believe you are a victim of tax identity theft or if the IRS denies your tax return because one has previously been filed under your name, alert the IRS Identity Protection Specialized Unit at 1-800-908-4490. In addition, you should:
- Respond immediately to any IRS notice and complete IRS Form 14039, Identity Theft Affidavit.
- Contact your bank immediately, and close any accounts opened without your permission or tampered with.
- Contact the three major credit bureaus to place a fraud alert on your credit records:
- Equifax, www.Equifax.com, 1-800-525-6285
- Experian, www.Experian.com, 1-888-397-3742
- TransUnion, www.TransUnion.com, 1-800-680-7289
- Continue to pay your taxes and file your tax return, even if you must do so by paper.
There is a new scam you need to watch out for if you log into any of your accounts and have to wait for a text message sent to your phone to enter and only then log in. This more secure system is called "2-factor authentication". These two factors are:
- one thing you need to know-- your password
- one thing you have to have-- the text code on your phone
Now, criminal hackers are trying to get past this with a nasty trick you need to watch out for. Tens of millions of hacked user names and passwords have recently surfaced -- yours may be one of them -- and they are using these for this scam.
They send you a fake (spoofed) text that looks like it's from the company you have an account with, claiming that your account may be hacked or that there is suspicious activity happening.
In the same text they say they will send you your verification code and that you need to send that right back to them or your account gets closed. But if you text that verification code back, you have given the hacker just the thing they needed to hack into your account!
TIP TO STAY SAFE
If your accounts are protected by 2-factor authentication of this sort, the only time you will be sent the code is to verify an attempt to log into your account. That means if you did not just try to log in and you suddenly receive a verification code through a text message to your smartphone, it is because a scammer who already has your user name and password is trying to hack into your account.
Never provide your verification code to anyone. Only use it to input the code into your smartphone or computer when you log into a 2-factor authentication protected account. And as a reminder, never give out personal information, such as your Social Security number or credit card numbers in response to a text message (or email) because you simply cannot know for sure who is really on the other end of that communication line.
Remember, Think Before You Click!"
Customers have been receiving calls from individuals claiming to be from banking institutions. The callers are telling customers that their Debit Card has been compromised in an attempt to get information from them. From the information that we have received it appears that the call system is automated and usually appears as an "Unknown Number".
If you feel you have received one of these calls, please contact our Electronic Banking department (440) 282-6188 to report it.
Please remember that we will never contact you by phone, if your card is compromised. You will be notified by mail. Additionally, we will NEVER ask you for your full card number, account numbers, social security number or any other personal information over the phone.
Please Read Carefully:
Identity thieves are sending text messages to Ohio residents asking them to call their bank to reactivate debit/credit card accounts. The phone number used connects to a fraudulent group that steals card information. They try to make the phone number look local to your area. Often, the target of the text may not even have an account at the bank listed in the message. This is a nationwide scam. Notify your bank and the bank referenced in the message immediately, if you receive one of these text messages.
To notify First Federal Savings of Lorain, call our Electronic Banking Department at (440) 282-6197 or email email@example.com
Online Phishing Attempt September 2, 2014