Your financial security is one of Fox Chase Bank's primary concerns. We strive to keep your personal identity and your
banking assets safe and secure. Yet, we need your help too. The information in this section is provided to help you do
your part in securing your personal identity and your banking assets. Check back often, to get the latest news, up to date videos and to learn tips for protecting yourself and your finances.
In addition to the security alerts below, here are some useful links from the Federal Trade Commission's website which provide detailed information to help you deter, detect, and defend against identity theft.
At Fox Chase Bank we know that your Smartphone has become an integral part of your everyday life. We also know that as we use our Smartphones for more and more things, the more attractive they become to hackers and other criminals. The dangers that existed on PCs and laptops – for example malware, viruses and identity theft - are now beginning to impact Smartphones. You may have even seen some recent news stories covering mobile security dangers, such as the Svpeng mobile malware threat.
As a result of this, you should be sure to take some precautions in protecting your Smartphone:
- Password protect your phone with a fairly complex password. (at least 6 digits)
- Only open emails and text messages from a source you trust. If you do not know who sent you a message, do not open it. If you do open it, do not click on any links or open any file attachments. Malware and viruses can be hidden in these links.
- Strongly consider downloading a security application that will scan your phone for viruses and malware. Such applications are available either through your cell phone service provider or via an app store. (e.g., Google Play, iTunes, Amazon)
If you have any concerns that your mobile device has been affected, immediately contact your service provider.
If you have any questions about your Fox Chase Bank accounts or would like information on our new mobile banking apps, please contact Customer Care at 866-369-2427.
“Heartbleed” Bug Information
Fox Chase Bank takes your online banking security seriously. We are monitoring developments related to the “Heartbleed” computer software bug that you may have heard about. We have analyzed our online banking services and at this time have not uncovered any vulnerabilities related to this bug. Rest assured that we are keeping a close watch on the situation and will keep you updated if we become aware of any additional developments.
As always, please keep in mind the following recommended practices:
- Be sure to use different passwords for the various online sites you may use - especially for online banking.
- Update/change your online banking password regularly.
- Closely monitor all transactions occurring in your Fox Chase Bank accounts by checking your online banking history and/or monthly account statements.
Should you have any questions or see any unusual activity in your accounts, please be sure to contact our Customer Care Center at 866–369–2427 between 8:00 – 6:00 PM on Monday – Friday and 9:00am – 1:00pm on Saturday.
Please be on the alert for a text message from the "Consumer Protections Department." The text reads as follows: "Your ATM card debit has been put on hold. Call Customer Protection Department end follow the steps to rezolve this issue."
Please note, this text is not from Fox Chase Bank. Fox Chase Bank will never contact you via text for confidential personal information. If you receive a text similar to the one above, please delete it. If you have concerns, please do not hesitate to contact our Customer Care Center at 866-369-2427.
Recent Security Breaches
Important information concerning recent debit card security breaches
Target Security Breach
Target has reported that an unauthorized party gained access to credit and debit card information recently. Specifically, anyone who paid with any credit or debit card at a Target
store between November 27, 2013 and December 15, 2013 may have had their card information compromised. If you used your Fox Chase Bank Visa Check Card at a Target store during the
period in question, a Fox Chase Bank representative has already been in contact with you.
We are sending you this communication today to warn you about additional scams that may be perpetrated as a result of Target's reported payment card compromise. Target is
instructing their customers:
If you receive a call, text, or email from anyone who says they are from Target asking for your social security number, credit card number, and/or other
personal information, DO NOT PROVIDE IT.
In addition, be wary of scams that may appear to offer some kind of protection but are really trying to get personal information from you. If you have any suspicions about the
authenticity of an email or text, do not click the links in it.
Target has also recommended that customers with any questions or concerns should visit Target.com/PaymentCardResponse
as a resource for official communications that
Target has sent to their customers.
Fox Chase Bank apologizes for any inconvenience that this incident may cause you. If you have questions or concerns, please do not hesitate to call our Customer Care Center at 1-
866-369-2427. Our business hours are Monday through Friday 8:00am to 6:00pm and Saturday from 9:00am to 1:00pm.
Fraud alert: How to prevent holiday-related identity theft
Although identity theft is a year-round problem, fraud prevention experts warn that the holiday season is prime time for this crime.
A recent survey found that 21 percent of online shoppers would provide their mother's maiden name to make a purchase; 14 percent would provide a family member's birthday. And even though the number was small, 2 percent would give out their Social Security number. If identity thieves get this information, they can find other information about you resulting in identity theft.
When registering on an online shopping website, it is recommended that you create a different password than what you have used for any other sensitive online accounts such as online banking, credit card, or websites where you pay a bill. It may cause you an inconvenience, but if thieves steal your password, they may attempt to hack into other website accounts that you have.
Listed below are other ways that identity thieves may try to steal your information:
Bogus websites with screaming deals
Beware of websites that offer popular holiday gifts that are significantly cheaper than everywhere else. Identity thieves will sometimes create these bogus sites. If you buy something, you won't get your merchandise and the crooks will have your card number and other personal information. If you are using a new merchant website for the first time, check the merchant out before you provide any personal information. Determine how long have they been around and whether they are rated by the Better Business Bureau.
Digital greeting cards loaded with merry malware
Identity thieves are also known to send out holiday eCards that are loaded with viruses and other malware. They use social media sites to send infected greeting cards that look like they're from someone you know. Don't click the links in the body of an email alerting you about an eCard and don't open any attachment. You can always check to see if that person really did send you a card. The safest way to get an eCard is to go to the greeting card company's website and enter the greeting card number listed in the email.
Bogus shipping notices
Identity thieves send out bogus shipping alerts designed to look like they're from FedEx, UPS or the U.S. Postal Service. They're hoping you'll click on the link, which loads malware onto your computer or takes you to a phishing website they've created. Only use tracking numbers provided to you in the initial email you get right after you make the purchase. Go to the store's website to track any packages you're expecting.
The Office of the Comptroller of the Currency (OCC) has been informed that an entity entitled AmTrade International Bank is involved in a scheme that involves soliciting consumers for semi-secured credit cards through the U.S. mail. Potential victims receive solicitations and program agreements, which may mention that Credit One Bank, N.A., is connected with the card agreement. Credit One Bank, N.A., has no connection to this entity. The victim is requested to submit a check payment in an amount ranging from $500 to $900 as a deposit to obtain a semi-secured credit card, with the understanding that he or she is entering into a program to rebuild poor credit. The check is cashed, but the victim never receives the anticipated credit card.
This fraudulent entity is purportedly located at 601 NE 11th Street, Suite #418, Fort Lauderdale, Fla. Both the Web site of AmTradeInternational.com and the associated telephone number of (800) 470-1082, which are provided within the AmTrade International Bank correspondence, are no longer in service.
Because of the possibility that variations on this scheme may be used, consumers should use caution when responding to any unsolicited correspondence, especially when an entity is requesting that funds be provided.
US Airlines Scam: This scam arrives in the mail and, oftentimes, includes a letter notification and a voucher check. The letter alerts you that the enclosed voucher can be redeemed for 2 round trip airlines tickets.
Although these letters may look legitimate, they are not. The phony name "US Airlines" is supposed to resemble the real "United Airlines" or "US Airways". The letters are NOT from a real airline. Additionally, what appears to be a check is not and should not be deposited into your bank account. This is a phishing scam attempting to acquire your personal information.
Click here to view a copy of the scam.
'Project Mayhem' hacks accounting software. Researchers December 6 unleashed proof-of-concept code that would allow an attacker to basically write himself a check from the victim organization's account. The Python-based tool is just one example of the type of advanced financial fraud that could be perpetrated against accounting applications and databases, according to SecureState researchers, who at Black Hat Abu Dhabi demonstrated their tool and findings on threats to accounting software. They focused their efforts on Microsoft's Dynamics Great Plains application, but they said the same types of attacks could also be aimed at other accounting packages. No vulnerabilities were discovered or exploited in the Microsoft product. The Mayhem script detects that the Microsoft software is running, and creates a backdoor for the attacker to remotely make SQL queries and commit all types of financial fraud. ?It doesn't even need to install a traditional piece of [trojan] backdoor malware like? most financial fraud malware does today, said the manager of SecureState's penetration testing team. ?We compare it with a banking Trojan that hijacks [automated clearing house] ACH and wire transfers without the user's knowledge, but this time we're looking at the accounting system instead of the online banking session,? he said. Microsoft's accounting program is not the only potential victim. The manager said the same concept could be applied to MAS 90, Peachtree, Oracle, and SAP.
Recent IRS Scam
If you receive an email, similar to the one below, from the IRS please delete it immediately and do not click on the links:
Dear business owners,
Due to the alterations in the taxation policies that have been recently ratified, IRS informs that LLC, C-Corporations and S-Corporations have to validate their EIN in order to confirm their actual status. You have 14-day period in order to examine all the changes and make necessary amendments. We are sorry to cause inconvenience.
For the details please refer to:
Internal Revenue Service Representative
If you have any doubt about the authenticity of a website, do not provide any personal information.
If you believe you have been the victim of a Phishing attempt or are unsure about the authenticity of any correspondence related to a Fox Chase Bank service please contact us immediately at email@example.com or call 866-369-2427 option 1.
The Hidden Dangers of QR Codes...
Those black and white squares you see in ads may look harmless, but lurking behind the quick response code is the very real possibility of a malicious attack.
More than 30%of QR code readers in the Google Play app store are malicious, according to the Chief Technology Officer at database security company GreenSQL.
Oftentimes, companies do not generate their own QR codes and use a third party that lets them generate the codes through their system. Even if the original link was legitimate the ownership of the original link can be manipulated and forwarded to a site where malware can attack the smartphone.
What can you do to protect yourself? Make sure the link inside the QR code is under the company's domain such as foxchasebank.com. This will make it much harder for a fraudster to manipulate or hack in.
Fraudsters are becoming increasingly more sophisticated in their cyber-crime schemes. The newest threat is called Citadel. Cyber-criminals using Citadel can hijack a computer with "drive-by downloads" - which are websites that automatically install malware that overtakes a computer. Once launched the malware locks the computer and displays a message that the user has violated a federal law. Oftentimes the message appears to be from the FBI, stating that a user has visited a website with illegal content.
In order to unlock the computer the user is asked to pay a fine to a government agency. This fine is a scam and an attempt to capture personal information, online banking credentials, credit card info or other personal information.
To help mitigate such threats all customers should download Fox Chase Bank's Trusteer Rapport security solution. Trusteer creates a secure connection between a computer and Fox Chase Bank's online banking system. In addition, the solution will protect access to other designated websites, alerting you to any fake websites, as well as guard your log-in credentials from being stolen by an unauthorized party.
On April 10, 2012 in a Consumer Alert, the Federal Deposit Insurance Corporation (FDIC) advised that it has received numerous reports of a fraudulent e-mail that has the appearance of being sent from Publishers Clearing House with reference to FDIC.
The e-mail informs the recipients that they have won a large cash prize, but requires a "Check Insurance Certificate from FDIC." The message states that FDIC will be "requesting a fee of $1,000.00" to provide the "Check Insurance Certificate." A phone number and e-mail address are provided to obtain instructions on how to send the requested fee.
The e-mail is fraudulent and was not sent by FDIC or Publishers Clearing House. Recipients should consider this to be an attempt to steal money or collect personal or confidential information.
WARNING: Fraudulent email
If you receive an email similar to the one shown below, please be aware that it is a scam. Do not click on any of the links in the email and delete it immediately. Please always be cautious of links that appear in emails and of emails referring to passwords and personal information.
This notification is mailed to you concerning your online banking user password has been expired.
Create a new user password by following these steps:
1. Log into your online banking by our secure link for Expired Password and entering the temporary password below.
Your temporary password is: cn34R%vnjerFD
2. You will then be prompted to change your password.
This temporary password will expire in 24 hours.
Warning from the OCC
Fictitious correspondence, allegedly issued by the Office of the Comptroller of the Currency (OCC) regarding funds purportedly under the control of the OCC and other government entities, is in circulation. Correspondence may be distributed via e-mail, fax, or postal mail.
Any document claiming that the OCC is involved in holding any funds for the benefit of any individual or entity is fraudulent. The OCC does not participate in the transfer of funds for, or on behalf of, individuals, business enterprises, or governmental entities.
The letters may indicate that funds are being held by the OCC, the U.S. Department of Homeland Security, or the U.S. Department of Justice because of the need for payment of a 0.059 percent revenue charge to the U.S. Internal Revenue Service.
The correspondence in question contains forged signatures of actual OCC officials. In addition, the material contains a fictitious mailing address that is not associated with the OCC.
Before responding in any manner to any proposal supposedly issued by the OCC that requests personal information or personal account information, or that requires the payment of any fee in connection with the proposal, you should take steps to verify that the proposal is legitimate. At a minimum, the OCC recommends that you
contact the OCC directly to verify the legitimacy of the proposal (1) via e-mail at firstname.lastname@example.org; (2) by mail to the OCC's Special Supervision Division, 250 E St. SW; Mail Stop 2-7, Washington, DC 20219; (3) via fax to (202) 874-5214; or (4) by calling the Special Supervision Division at (202) 874-4450.
contact state and/or local law enforcement.
file a complaint with the Internet Crime Complaint Center at www.ic3.gov, if the proposal appears to be fraudulent and was received via e-mail or the Internet.
file a complaint with the U.S. Postal Inspector Service by telephone at (888) 877-7644, by mail at U.S. Postal Inspection Service, 222 S. Riverside Plaza, Suite 1250, Chicago, IL 60606-6100, or via online complaint form at: https://postalinspectors.uspis.gov/forms/MailFraudComplaint.aspx, if the proposal appears to be fraudulent and was delivered through the U.S. Postal Service.
FTC Offers Warning, Advice on Tax-Related Identity Theft
Did you know that your Social Security number can help an identity thief get a job, or the tax refund that should be yours?
The Federal Trade Commission, the nation's consumer protection agency, cautions that thieves can use a stolen Social Security number to apply for a job or file for a tax refund under a false identity. The FTC advises that, if you think this has happened to you, or if you get an Internal Revenue Service notice indicating a problem, contact the IRS immediately for help with your tax return, any refund, and protecting your IRS account from identity theft in the future.
The FTC also recommends three steps to minimize the potential damage from identity theft:
Put a fraud alert on your credit reports
Review your credit reports
Create an identity theft report by filing an identity theft complaint with the FTC and filing a police report.
Read the FTC's Tax-Related Identity Theft to learn how to uncover and deal with this problem, how to avoid phishing scams, and how to contact the IRS. For more information, visit the FTC's identity theft website.