New Alert!

Fraudulent Email Notice
MutualBank has become aware of emails purporting to be from eNFACT.  Enfact is our fraud monitoring service that will call customers to verify transactions that are suspected to be fraudulent.  Our service only uses phone verification and does not email customers to verify transactions.  If you receive any of these emails do not click on any links in the email and delete it immediately.

Fradulent Calls from Medicare
We’ve been made aware that some individuals have received phone calls from someone saying they are from Medicare issuing new cards. In order to issue new cards, they need you to confirm your address and bank account information including your bank’s location. Please be aware of this scam and do not give out your personal information or banking information.  If you have questions or concerns, please call us at 800-382-8031.

Identity Theft Protection

No matter how careful you are, you can still become a victim of identity theft. Each day, criminals find new ways to steal personal information, like Social Security and driver's license numbers, so they can take over existing accounts and open fraudulent new ones. Reduce your chances of being a victim of Identity Theft and take action now to protect your identity.

Click Here to participate in the Identity Theft Prevention Training Program.
Click Here to enroll in the Deluxe ID TheftBlock®

Fraudulent Emails & Web sites

If you receive e-mail that appears to be from MutualBank and it asks you to enter your account or personal information into the e-mail or on a non-secure webpage, it is probably a fraudulent e-mail. Although the e-mail or website appear to be from MutualBank, they are not. It has been designed with the intent to trick you into providing private information about yourself and your accounts. This practice is known as "phishing" and the numbers of people who fall victim to this scam is unfortunately rising.

It is not our practice to:

• Send e-mail that requires you to enter personal information directly into the e-mail.
• Send e-mail threatening to close your account if you do not take the immediate action of providing personal information.
• Send e-mail asking you to reply by sending personal information.
• Send e-mail asking you to enter your User ID, Password or account numbers into an e-mail or non-secure webpage.

If you receive a suspicious e-mail, you should never reply to it, click it, or enter any information. We actively investigate each of these attempts and work hard to stop any further unauthorized e-mails from being sent. Although we did not send the e-mail, please know that we regret any inconvenience or concern the e-mail may have caused you. If you do receive any such email please forward it to us at customersupport@bankwithmutual.com. We stand ready to answer your questions about what MutualBank does to secure your privacy and security at the same address.

Protecting Your Identity

The number of Americans who have experienced identity theft has surpassed 27 million, with the incidence rate increasing every year. Substantial measures are in place at your bank to protect your identity and your accounts against theft and fraud. For example, stringent bank privacy policies protect your personal and financial information.

Password protection for online transactions helps assure online security. When using our online services, you develop a secret password that only you know. Encryption of online transactions with your bank converts your information into secure code, protecting you against hackers.

Maximum security is possible only with your help. Here's what you can do to stop these crimes before they happen:

1. Do not give out financial information such as checking and credit card numbers, or your Social Security number, unless you know the person or organization.
2. Report lost or stolen checks immediately. Your bank will block payment on them.
3. Notify your banker of suspicious phone inquiries such as those asking for account information to "verify a statement" or "award a prize."
4. Closely guard your ATM Personal Identification Number and ATM receipts.
5. Shred any financial solicitations and bank statements before disposing of them.
6. Put outgoing mail into a secure, official Postal Service collection box.
7. If regular bills fail to reach you, call the company to find out why.
8. If your bills include questionable items, don't ignore them. Instead, investigate immediately to head off any possible fraud.
9. Periodically contact the major credit reporting companies to review your file and make certain the information is correct.

MutualBank will not contact customers via email, phone or mail to request or verify security information about passwords or personal identification numbers (PINs).

Monitor Your Financial Identity by Reviewing Your Credit Report

One step to ensure that no one has stolen your financial identity or established fraudulent credit in your name is to review your credit report. There are three large credit reporting agencies – Experian, TransUnion and Equifax – that receive, store and make information available on the borrowing of most consumers.

The credit agencies receive information when someone applies for credit as well as the payment history on most individual borrowing. Lenders can then access that information when they are considering making loans to individuals. To ensure that your information is correct and that no one has taken loans in your name, you should know what is in your credit report.

The Federal Trade Commission established a program with the three credit agencies that enables consumers to receive a copy of their credit reports from each of the three credit agencies once a year. You can request and receive the free reports at the AnnualCreditReport.com website (www.annualcreditreport.com). You can also request the reports by phone (1-877-322-8228) and by mail.

This is the only government authorized program for this service. AnnualCreditReport.com does not solicit consumers by email, telemarketing, or direct mail. You should be very wary of advertisements promising free credit reports or credit report monitoring. They are probably attempts to sell reports or services that you probably do not need.

You can also call the credit reporting agencies directly, but there may be a charge.

Experian – 888/397-3742

TransUnion – 800/888-4213

Equifax – 800/997-2493

You should review your credit report carefully when you receive it. Do not be surprised if the reports are somewhat different from the different companies. Each company gets information from many sources. If you find the information in your file is inaccurate or unfair, you can take steps to correct it or at least get your side of the story attached to your file. If a creditor has made an inaccurate complaint, you can write to the creditor and insist the record be corrected. You should also write to the credit bureau and request their records be corrected.

If you see totally unusual items in your report, contact the credit agencies immediately.

Most email scams end up involving requests to send money, cash checks, establish business relationships or requests for information.

Suspicious Emails Targeting Business Customers

Please be aware of the following suspicious email circulating that is targeting business banking customers.  Attached to the emails is a ZIP file which contains a malicious payload, designed to infect Windows computers.  Do not open any attachments in this email!

EXAMPLE:

From: Federal Deposit Insurance Company “Convened@fdic.gov”

Email Subject contains: FDIC: About Your Business Account

Dear Business Customer,
We have important information about your bank.
Please refer to attached file to view information.
This includes information on the acquiring bank (if applicable), how your accounts and loans are affected, and how vendors can file claims against the receivership

The attached filename, containing the malware, is FDIC_Information_About-your-business-account-JAN2012-XXXXX.zip (where 'XXXXX' is a random number).

Banking Trojan hits Android Phones

A banking Trojan that has plagued Symbian, BlackBerry and Windows Phone users has now made its way to Android devices. The Zitmo Trojan, which has been used by the ZeuS criminal gang to steal banking information, was confirmed to be on Android devices by security firm Fortinet last week. In a blog post on the company's website, senior antivirus analyst Axelle Apvrille said that the Trojan poses as a banking activation application and then once installed sniffs out SMS sent from the bank to the user. It then combs through the SMS to pull out the mobile transaction authentication number (mTAN) that is used as a one-time password to complete mobile banking transactions. More at Networkworld:http://www.networkworld.com/news/2011/071411-android-banking-trojan.html?

Nigerian Letter

This scam has been used for decades and has migrated from mail to faxes to email. An email will often start off with an introduction indicating that a government official (or some other person that would appear to have access to large amounts of funds) has died and left a large amount of money that is available to be transferred. The message then encourages the recipient to participate in the transfer in return for a share of the funds. Over time, the sender may ask for funds to cover taxes, bribes to others and legal fees that will be reimbursed once the funds are transferred.

Over the years, the deceased individual has been described as a minister of mining or natural resources, successful business owners and royalty. The locations have also changed over time.

There is no deceased official and no funds available to be transferred. The scam appeals to an individual's greed and a willingness to skirt foreign laws.

Canadian, South African, Netherlands, United Kingdom, "You Name It" Lottery

This scam appeals to one's greed and sense of being lucky. An email will arrive notifying the recipient that they have won a lottery. The email may even mention a legitimate lottery organization, but just because the email includes that name, the email is not from the organization. There is usually a request to keep the winning secret. The email then asks that a claims agent (or some other official sounding person) be contacted to arrange for payment. Once those conversations start, there is usually a request for funds to cover taxes, legal fees or other processing costs.

There are several things that should make one very suspicious:

• Unless you bought a lottery ticket, you are not going to win.
• Any taxes on lottery winnings are withheld from the payments and not paid up front.
• Legitimate lottery organizations do not charge fees.
• Most of these emails come from free email accounts like Yahoo, Hotmail, Gmail, MSN or those provided by an Internet service provider.

Check Cashing Schemes

These may take the form of an email indicating that the sender wants someone to cash checks in return for keeping a portion. "I will send a check made payable to you drawn on XYZ Bank in the amount of $10,000. All you have to do is deposit it. In return for doing this, you can keep $1,000 and wire $9,000 back to me."

This scam is usually promoted through emails but may also be found on job listing sites. The original check and the scam artist are usually from overseas, but not always.

The check may look real, but in reality, there is no account or the account has insufficient funds to cover the check. Because of the way check clearing works, funds are probably available to be transferred out before the incoming check has actually cleared. In this scam, the victim wires the $9,000 to the thief and a couple of days later receives word that the check he received has bounced. The result is a loss of $9,000.

Refund Scams

These schemes can take many forms, but usually involve an email indicating that the recipient has a refund due, but needs to provide information to speed the processing of the refund. The scam artists may claim to represent the IRS, state tax officials or even stores where someone may have purchased something.

The email directs the recipient to a website that may look legitimate but is a faked or spoofed site. Once there, the person will be requested to provide various personal information such as Social Security number, credit card number or account information so the refund can be directly deposited.

Providing this information is dangerous. Once in the hands of a fraudster, it can lead to credit card fraud, unauthorized access to your financial accounts or identity theft.

The IRS and most state taxing authorities do not use email to correspond about refunds. Commercial establishments may use email but you should be very wary of emails like this. Before providing the information online, contact the establishment by phone to make sure the request for information is legitimate.

Financial Account Confirmation Scams

Emails that request sensitive information are often called phishing emails. They often take the form of a message from a financial institution asking for the recipient to provide their account information due to a computer error, as part of a system upgrade or even as part of an enhanced Internet security initiative.

The recipient is usually directed to website that may look real, but is not. The information requested may include account numbers, user names, access codes and passwords. All of this information is dangerous in the hands of scam artists.

Financial institutions never ask for this type of information. If you receive this type of phishing email, contact your institution.

Contact a Representative Today

Back to Education Resources