Fraud Alerts

If you receive an email, text message, or telephone inquiry asking for your personal information, DO NOT RESPOND! Responding puts your accounts at risk.

Bank of Galesville will never make telephone inquiries or send text messages or emails to verify or update your confidential customer information.

Never give out the 3-digit security code on the back of your debit and credit cards, UNLESS you initiate a purchase whether by telephone or through the Internet using a secure site.

If you think you have been a victim of a scam, contact us immediately at 608-582-2233


Ongoing - Important Reminders
 

Malicious links in emails or on websites are the most common and easiest way for fraudsters to get access to your private information.  Think before you click!

1.  Never respond to an urgent email claiming to be from the bank (or any company) that requests your account information or personal details.  Call the company directly with a telephone number that you have (not one listed in the email as it's likely more fraud) to report the suspicious email.

2.  Always visit websites directly for information or downloads.  Do not click on links, open attachments or install free software from unexpected emails or unknown sources; this may expose your computer and the information on it to unauthorized sources. 
 
 3.  Be cautious about messages you receive on social networking sites that contain links. Even links that look like they come from friends can sometimes be harmful or fraudulent Ė and in fact may be attempts to gain control of your computer or steal your personal information. If you're suspicious, donít click the link. Contact your friend or the business directly to verify the validity of the email.
 
4.  Install a comprehensive firewall/antivirus/anti-spyware software package on your computer. These software suites help detect and remove viruses and spyware, that can steal vital information

5.  Most importantly, keep your computer operating system and browser up to date with the latest software and security downloads. Often called patches or service packs, these should be installed as soon as possible.

_______________________________________________________________________________________________

 

February 2015

On January 29, 2015, Anthem, Inc. (Anthem) discovered that cyber attackers executed a sophisticated attack to gain unauthorized access to Anthemís IT system and obtained personal information relating to consumers who were or are currently covered by Anthem or other independent Blue Cross and Blue Shield plans that work with Anthem. Anthem believes that this suspicious activity may have occurred over the course of several weeks beginning in early December, 2014.

Current or former members of one of Anthemís affiliated health plans may be impacted. In addition, some members of other independent Blue Cross and Blue Shield plans who received healthcare services in any of the areas that Anthem serves over the last 10 years may be impacted.

The information accessed may have included names, dates of birth, Social Security numbers, health care ID numbers, home addresses, email addresses, employment information, including income data. Anthem has no reason to believe credit card or banking information was compromised, nor is there evidence at this time that medical information such as claims, test results, or diagnostic codes, was targeted or obtained.

For more information about the breach visit:  http://www.anthemfacts.com/

For Your Protection: Anthem is working with AllClear ID, a leading and trusted identity protection provider, to offer 24 months of identity theft repair and credit monitoring services to current or former members of an affected Anthem plan dating back to 2004.

This includes customers of Anthem, Inc. companies Amerigroup, Anthem and Empire Blue Cross Blue Shield companies, Caremore, Unicare and HealthLink. Additionally customers of Blue Cross and Blue Shield companies who used their Blue Cross and Blue Shield insurance in one of fourteen states where Anthem, Inc. operates may be impacted and are also eligible: California, Colorado, Connecticut, Georgia, Indiana, Kentucky, Maine, Missouri, Nevada, New Hampshire, New York, Virginia, and Wisconsin.

 

You can learn more about the identity protection services and how to sign up for them online at

https://anthem.allclearid.com/ and for additional information regarding your protections,
please visit: https://anthem.allclearid.com/faqs.

 __________________________________________________________________________________________

 

September 2014

 

Home Depot gives customers update on payment breach:

 

Last Tuesday, September 2, we disclosed that we were investigating a possible breach of our payment data systems. We want you to know that we have now confirmed that those systems have in fact been breached, which could potentially impact any customer that has used their payment card at our U.S. and Canadian stores, from April forward. We do not have any evidence that the breach has impacted stores in Mexico or customers who shopped online at HomeDepot.com.
We apologize for the frustration and anxiety this causes our customers.

 

We also want to emphasize that you will not be responsible for any fraudulent charges to your accounts, and weíre offering free identity protection services, including credit monitoring, to any customer who has shopped at a Home Depot store in 2014, from April on.

 

You can learn more about the identity protection services and how to sign up for them

 

https://homedepot.allclearid.com/

 

It is important to closely monitor your payment card accounts and report unusual activity to your issuing bank.

 

 

 

__________________________________________________________________________________________

 

June 2014

eBay has announced that information for 145 million customers may have been compromised.

 

Itís been reported that during the end of February and beginning of March, a number of employee logon credentials were compromised allowing attackers to gain access to their database. Information copied included names, email addresses, street addresses, phone numbers, dates of birth and encrypted passwords.

eBay officials are instructing users to immediately change their password. While officials say that no payment card information was included, PayPal is a common source of payment for eBay users and often times the same password is used for both accounts. If this is the case, the password should be changed for both eBay and PayPal and it is recommended to never use the same password for accounts.

Since email addresses were included in the breach, it makes sense to expect targeted phishing email attempts from fraudsters. It is important to remain suspicious of unusual emails, especially of those requesting that you click on links or download a file to your computer. Remember that reputable companies will not send you email requesting you fill out a form or send them confidential information!

More information can be found here:

http://www.ebayinc.com/in_the_news/story/faq-ebay-password-change

____________________________________________________________________

April 2014

As you likely have heard, a new internet bug was discovered this week, called the Heartbleed bug.  The Heartbleed bug allows an attacker to randomly pull data from a web server's working memory if that web server is using an older version of the OpenSSL protocol for encrypting data.  Some experts estimate 66% of the public sites on the web use OpenSSL to encrypt data and are vulnerable to this bug.

At Bank of Galesville, we are aware of the Heartbleed bug and have taken swift action to protect the bank and your confidential information we hold.

Specific to our Website and Internet Banking, these systems do not use the OpenSSL protocol and were never vulnerable.

We understand how concerning this Heartbleed bug is to you.  You can have confidence in Bank of Galesville that your private information will stay just that, private.

Thank you for your continued business,
Bank of Galesville

___________________________________________________________________________________

December 2013

It's been announced that Target reported a data security incident affecting cardholders that used their debit or credit card at Target Stores between 11/27/2013 and 12/15/2013.

The information breached contained customer names, credit card numbers and the security codes appearing on the back of the card.  Other information such as the bank account PIN was not released. The information involved in the breach is enough to for fraudsters to create new plastic cards.

We are notifying customers so that together we can take action to minimize or eliminate potential harm. Because this is a serious incident, we strongly encourage you to closely monitor your financial accounts if you used your card at Target during the specified time frame and, if you see any unauthorized activity, contact Bank of Galesville immediately.  As we are notified of affected cardholders, we will be cancelling those cards to protect customers from fraudulent use.  New cards will be reissued at no cost to the customer.

Itís also important to note that all Visa credit and debit cards are protected with Visaís Zero Liability* policy in the rare event fraud does occur, which means you pay nothing for unauthorized purchases on your account.

February 2013

Residents in the area have received bogus phone calls and/or text messages recently in regards to their debit cards. The automated caller states that the customerís debit card has been suspended and asks them to enter their card number to re-activate their debit card. These calls are bogus. As always, we would never contact you via phone, text, or email to verify your account information Ė as your Bank, we already have your account information on file. If you receive this type of message, do not give out your personal information to the caller. If you are ever in doubt, tell the caller you will call them back Ė but do not call on the 800 number the caller provides. ALWAYS contact Bank of Galesville using the phone number you know is valid, 608-582-2233


August 2012

Fraudulent email claiming to be from Wells Fargo. The link in the email goes to a website that has been reported to Microsoft for containing threats to your computer that might reveal personal or financial information.

Fraud Wells Fargo


February 2012

FBI warns of new email scam

The FBI is warning of a new email scam that attempts to steal bank account information. victims receive a fraudulent email claiming to come from the Federal Reserve Bank, or the FDIC, or the national automated clearing House Association.

The email claims there is a problem with the victimís banking accounts and asks them to click a link to correct the error. The link takes the victim to a fake website that forces their computer to download malware which then steals any banking information on the computer.

DO NOT open any unsolicited emails from the Federal Reserve Bank, FDIC , or NACHA. None of these reputable agencies sends out unsolicited emails to the public.

The FBI reminds the public to make certain your computerís anti-virus program is update to date.

If you believe you have been a victim of such an email scam, notify Bank of Galesville immediately


December 2011

Microsoft telephone scam

On December 13th someone posing as a technician from Microsoft called a local resident claiming that their computer was at risk of crashing if some maintenance wasn't completed. After some convincing, the caller then asked the resident to perform a variety of tasks to help combat the (bogus) threat and directed them to give the caller remote access to their computer, tricking them into downloading malware, and in the end, asking for their credit card information to pay for these services. The resident didn't provide their card information but did end up having to take their computer in for service to have the malware removed

If you receive a call from someone claiming to want to help you fix your computer, Microsoft offers the following advice:

  • Be wary of unsolicited calls related to a security problem, even if they claim to represent a respected company.
  • Never provide personal information, such as credit card or bank details, to an unsolicited caller.
  • Do not go to a website, type anything into a computer, install software or follow any other instruction from someone who calls out of the blue.
  • Take the caller's information down and report it to the police.
  • Ensure you have the latest security updates for Windows and all programs running on your PC.
  • Always use a strong, unique password and change it regularly
  • Keep your firewall turned on and run an up-to-date antivirus program.

If you think you may have already fallen victim to this scam, Microsoft advises you to change the passwords on your computer, main e-mail account, and your bank and credit card accounts. Then scan your computer's hard drive for malware using your antivirus program or Microsoft's free Safety Scanner. You should also contact your financial institutions to warn them about potential suspicious activity on your accounts.


November 2011

Recently, we've been notified of a e-mail scam informing customers that their Direct Deposit was cancelled because their business software was out of date. You are not required to have any software to receive Direct Deposits. Please disregard this e-mail.


The image below shows an email that was sent claiming to be from Bank of America. It includes a link to an interactive form where the sender wants you to provide an incredible amount of personal information:

Bank of America email fraud

Screen shots below are of the information they are requesting. NEVER supply your personal information if you have not initiated the communication. When in doubt, CALL YOUR BANK!

Bank of America false comfirmation 1

Bank of America false confirmation 2


The email below describes a telephone conversation where the caller is trying to obtain credit card information.

Visa scam 1

Visa scam 2