What is Financial Malware and How to Protect Yourself

Tuesday, July 18 at 11:00 AM
Category: Personal Finance

What is Financial Malware?

Everywhere you turn today you seem to be bombarded with news coverage concerning the urgency of combating cybercrime, bad actors and hackers. There are many variations of malicious software, or “malware,” but financial malware, as its name implies is written specifically to commit financial fraud.

Cybercriminals use a variety of methods to infect their victims with malware including sending them email messages containing infected attachments or links to infected websites.

Once the victim is infected, the malware monitors the victim’s activity and may steal online banking credentials and other personal information using keystroke logging or screen shots images. 

In some cases, hackers may use the victim’s own web browser to collect sensitive information (e.g., the victim's PIN) by adding extra fields to legitimate online forms or by changing website wording and messaging, or by triggering legitimate-looking pop-up forms in real-time.

Financial malware may redirect the victim to a fake website designed to mimic a legitimate bank website. As the victim enters their credentials, the malware then redirects them into the legitimate site, potentially triggering a SMS or other second-factor authentication code that the Trojan can then capture via the fake website.

How to Protect Yourself
 
Most threats still need user interaction to infect a potential victim’s system. For this reason, becoming aware of these threats and diligently taking extra precautions can significantly reduce the risk of becoming a victim of cybercrime.  
 
  • Keep your operating system, web browser and other software up to date.
     
  • Make sure your computer has both an anti-spyware protection program that detects and removes spyware and an anti-virus program. Keep both programs updated. Scan your computer for viruses and spyware on a regular basis.
     
  • Be very protective of your personal account information. There are criminals who try to trick you by creating sites that look similar to real sites. The best way to know who you are dealing with is to type the address in your browser address bar; don’t click on a link that’s provided to you via email.
     
  • Do not open attachments in email messages if you do not know the sender or weren’t expecting the message. Attachments can contain viruses and spyware.
     
  • Avoid logging into password protected websites, such as online banking or email services from public computers. Instead, use trusted or secured networks.
     
  • Avoid downloading apps to your mobile phone from unofficial stores and pay attention to the permissions requested by apps before their installation.
     
  • Always sign off from sessions and close your browser after using password protected websites. 
     
  • Avoid using unencrypted email to conduct financial transactions or send sensitive information.
     
  • If you suspect your computer may be infected or that your online banking credentials may have been compromised, contact your bank and change your password from a different trusted computer. Contact a computer security professional for assistance in removing malicious software.
     
  • Regularly review your bank account activity and immediately notify your bank if you notice suspicious transactions in your account.
Tags: Consumer Protection, Financial Education, Privacy and Security, Technology
 

Consumers Find Convenience, Security in Digital Wallets

Thursday, July 13 at 10:00 AM
Category: Personal Finance

It’s no secret mobile phones serve consumers as more than just a communication device these days.

Smartphones alternate as cameras, navigation tools, encyclopedias and other resources on a daily basis. And as digital devices offer more and more, the more irreplaceable they become to those same consumers.

Enter the digital wallet of the 21st century. Payment options like Apple Pay™, Android Pay™ and Samsung Pay are increasing in popularity among the digital consumer. This means more and more smartphones also are alternating as wallets for many consumers.

This is especially true among Millennials. According to an August 2016 study published in The Financial Brand, 21 percent of these digital natives don’t carry or use cash for purchases, and 53 percent choose to pay only by debit or credit card. The shift in payment preferences is also growing among consumers of other age groups, as they become more familiar with the benefits of using a digital wallet.

Arvest Bank believes mobile payments are an easier and safer form of payment than most consumers realize, and digital wallets have the potential to be the dominant form of payment in the future, although cash and credit will always be options.

The biggest advantage of the digital wallet is convenience. Consumers can leave their traditional wallets at home and use a mobile payment option for everything from ordering coffee to shopping to ride sharing.

The potential for identity theft gives wary consumers pause when it comes to trusting technology with their money, but financial experts say contactless payments are more secure than using cash or a debit or credit card. Whereas cash can be lost or stolen, and debit or credit cards can be compromised, digital wallets offer multiple layers of protection against identity theft.

A customer’s account number that is stored in a digital wallet is never shared with the merchant. Instead, the technology in the phone produces a different code for every transaction, greatly lowering the chance for identity theft. Many digital wallets also require a password or fingerprint to authorize and finalize payment, which is added security in the event a phone is lost or stolen.

Integration with pre-existing loyalty and coupon programs is another driver of mobile payment adoption, and web-based data and statistics company Statista projected mobile payments to rise from less than $10 billion in 2015 to more than $300 billion in 2020 in a recent report.

Similar to mobile phones, digital wallets are becoming more comprehensive in what they offer. As consumers increase their adoption and fuel broader integration among retailers, the future of the digital wallet could expand well beyond users’ expectations.

Tags: Financial Education, Mobile Banking, Technology
 

Android Pay™ and Samsung Pay Now Available!

Thursday, June 29 at 01:30 PM
Category: Arvest News
Android and Samsung users, the wait is over! Using your Arvest Bank debit card just became easier. 

Enjoy all the benefits and security of your Arvest Bank debit card while using Android Pay and Samsung Pay where it is accepted — simple, secure and private ways to make purchases right from your Android phone** and Samsung phone***.

Simply download the Android Pay app* or Samsung Pay app* (if you can’t find it already pre-installed on your device), snap a photo of your debit card and place your unlocked device near a contactless terminal to make purchases at a number of locations. Check out where you can use Android Pay* and where you can use Samsung Pay*.
 
If you have additional questions you can use Ask Arvest, visit Google’s Android Pay Help Center*, visit Samsung’s website*, visit our Android Pay web page and visit our Samsung Pay web page for details.

Start enjoying Android Pay and Samsung Pay today!

**Android Pay
 is only compatible on Android devices that are NFC- and HCE-enabled and run KitKat 4.4 or later. Android, Android Pay, and the Android Logo are trademarks of Google Inc. The Android Robot is reproduced or modified from work created and shared by Google and used according to terms described in Creative Commons 3.0 Attribution License.

***Galaxy S7 edge, Galaxy S7, Galaxy S6 edge+, Galaxy Note5, Galaxy S6 edge, Galaxy S6 active, Galaxy S6, Gear S2 (Beta with NFC only), and Gear S3 and other select devices.* Samsung Pay, Samsung Galaxy (and other device names) are trademarks or registered trademarks of Samsung Electronics Co. Ltd.

Google Play is a trademark of Google Inc. 

Links marked with * go to a third-party site not operated or endorsed by Arvest Bank, an FDIC-insured institution.  
 
Tags: Technology
 

Tech Support Scams

Monday, April 17 at 09:35 AM
Category: Personal Finance

In a recent twist, scam artists are using the phone to try to break into your computer. They call claiming to be computer techs associated with well-known companies like Microsoft. They say that they’ve detected viruses or other malware on your computer to trick you into giving them remote access or paying for software you don’t need. But the purpose behind their elaborate scheme isn’t to protect your computer – it’s to steal your identity or/and to make money.

How Tech Support Scams Work
Scammers have been peddling bogus security software for years. They set up fake websites, offer free “security” scans*, and send alarming messages to try to convince you your computer is infected. Then, they try to sell you software to fix the problem. At best, the software is worthless or available elsewhere for free. At worst, it could be malware — software designed to give criminals access to your computer and your personal information.
 
The latest version of the scam begins with a phone call. Scammers can get your name and other basic information from public directories. They often try to gain your trust by pretending to be associated with well-known companies or confusing you with a barrage of technical terms. They may ask you to go to your computer and perform a series of complex tasks. Sometimes, they target legitimate computer files and claim they are viruses. Their tactics are designed to scare you into believing they can help fix your “problem.”
 
Once they’ve gained your trust, they may:
  • Ask you to give them remote access to your computer and then make changes to your settings that could leave your computer vulnerable.
  • Try to enroll you in a worthless computer maintenance or warranty program.
  • Ask for credit card information so they can bill you for phony services — or services you could get elsewhere for free.
  • Trick you into installing malware that could steal sensitive data, like user names and passwords.
  • Direct you to websites and ask you to enter your credit card number and other personal information.
Regardless of the tactics they use, their purpose is to steal your identity or/and to make money.

If You Get a Call
If you get a call from someone who claims to be a tech support person, hang up and call the company yourself on a phone number you know to be genuine. A caller who creates a sense of urgency or uses high-pressure tactics is probably a scam artist.
 
Keep these other tips in mind:
  • Don’t give control of your computer to a third party who calls you out of the blue.
  • Do not rely on caller ID alone to authenticate a caller. Criminals spoof caller ID numbers. 
  • If you want tech support, look for a company’s contact information on their software package or on your receipt.
  • Never provide your credit card or financial information to someone who calls and claims to be from tech support.
  • If a caller pressures you to buy a computer security product or says there is a subscription fee associated with the call, hang up. If you’re concerned about your computer, call your security software company directly and ask for help.
  • Never give your password on the phone. No legitimate organization calls you and asks for your password.
  • Put your phone number on the National Do Not Call Registry*, and then report illegal sales calls*.
If You’ve Responded to a Scam
If you think you might have downloaded malware from a scam site or allowed a cybercriminal to access your computer, don’t panic. Instead:
  • Get rid of malware*. Update or download legitimate security software and scan your computer. Delete anything it identifies as a problem. 
  • Change any passwords you gave out. If you use these passwords for other accounts, change those accounts, too.
  • If you paid for bogus services with a credit card, call your credit card provider and ask if they can reverse the charges. Check your statements for any other charges you didn’t make, and ask to reverse those, too.
  • If you believe someone may have accessed your personal or financial information, visit the FTC’s identity theft website*. You can minimize your risk of further damage and repair any problems already in place.
  • File a complaint with the FTC at ftc.gov/complaint*.
How to Spot a Refund Scam
If you paid for tech support services, and you later get a call about a refund, don’t give out any personal information. The call is almost certainly another trick to take your money.
 
The refund scam* works like this: Several months after the purchase, someone might call to ask if you were happy with the service. When you say you weren’t, the scammer offers a refund. Or, the caller may say the company is going out of business and providing refunds for “warranties” and other services.
 
In either case, the scammers eventually ask for a bank or credit card account number. Or they ask you to create a Western Union account. They might even ask for remote access to your computer to help you fill out the necessary forms. But instead of putting money in your account, the scammers withdraw money from your account. If you get a call like this, hang up, and report it at ftc.gov/complaint*.

Conclusion
You don’t need to be a victim of a tech support scam. Learn how these scams work, so you can detect them for what they are and protect yourself.

Information courtesy of Federal Trade Commission Consumer Information.

Links marked with * go to a third-party site not operated or endorsed by Arvest Bank, an FDIC-insured institution.  

Tags: Consumer Protection, Financial Education, Fraud Alert, Privacy and Security, Technology
 

Android Pay and Samsung Pay Compatibility Delayed

Tuesday, November 22 at 08:00 AM
Category: Arvest News

Android Pay and Samsung Pay availability to Arvest debit and credit cardholders has been delayed. Arvest is not able to move forward with the launch of Android Pay and Samsung Pay until our card processing partner completes its work. At this time we do not have a release date. We understand this is disappointing for you, our valued customers, and for us. We apologize for previously communicating Android Pay and Samsung Pay would be ready in late 2016.

Once Android Pay and Samsung Pay are available we’ll announce it on Facebook and Twitter

We’re sorry for this delay and are anxious to bring this capability to our customers.
 
Tags: Mobile Banking, Technology
 

Arvest ATMs Read Chip-enabled Cards

Tuesday, October 25 at 09:30 AM
Category: Arvest News

All Arvest Bank ATMs now read chip-enabled debit cards. The ATMs’ physical appearance has not changed, but the process to conduct transactions has changed slightly.

Now your debit card will remain in the ATM during your transaction. The ATM will eject your debit card before cash is dispensed or after the completion of a balance inquiry, transfer or deposit. If you want to conduct another transaction, you will need to reinsert your debit card. 

For your protection, if you forget your debit card in the ATM, then the ATM will capture the card, and it will be destroyed by the bank, rather than be left in the dip reader. If you have left your debit card at an Arvest ATM, please contact your local branch or call customer service at (866) 952-9523 to order a new card.

If you have questions about chip-enabled debit cards, check out our frequently asked questions. If you need ATM assistance, please call (866) 952-9523. 

Blog updated by Blog Admin on 10/25/16 to reflect ATM changes are now here.

Tags: ATM, Technology

Choose one or more categories to subscribe to:

Cancel