Email viruses and worms have become very common and can be very destructive. Please review the questions below to help identify whether or not to open an email you receive. You should only open a message that you feel confident is safe. Messages with attachments can be especially dangerous, as some viruses and worms can spread just by opening the message without opening the attachment. Even if you have antivirus software installed, the virus may be new enough that your software will not yet detect it.

1. Do you know the person that sent the email?
2. Have you received email from him/her before?
3. Did you expect an email from this sender?
4. If there is an attachment, was it expected? (Please note that Columbia Bank and its employees generally do not send emails with attachments to our customers.)
5. Does the subject of the email make sense based on the sender? Would this person normally send an attachment to you of this type?

Remember that you are the only person who can protect your computer from viruses, worms and other malicious code. When connecting to the Internet, using email, or sharing files with others, be sure to keep your virus software up-to-date and consider using firewall software as well.

To protect yourself, please visit the FTC's Identity Theft Site, which offers information on identity theft and how to prevent it. The site offers valuable resources and guidance for protecting your identity, before it is compromised as well as steps you can take in the event that your identity has been compromised.

If you suspect an incident of identity theft, please report it to the FTC. The identity theft hotline is 1-877-IDTHEFT (1-877-438-4338).

At Columbia Bank, the security of your accounts and personal information is our top priority. Recently, the Federal Trade Commission has warned consumers about fraudulent emails, pop-up advertisements and phony web sites that attempt to bait consumers into disclosing confidential personal information. These emails may appear to be from legitimate companies that you do business with - such as your bank, an online auction site, or your Internet service provider. You are then asked to validate or confirm your billing or personal information to keep their records active by clicking on a link or opening an attachment. Many times these messages can contain viruses, designed to record your keystrokes. These emails can also direct you to web sites that appear to be genuine.

Columbia Bank will never request personal information from customers via email or pop-up windows.

One way to help fight this type of fraud is to educate yourself and be cautious when providing information and learn the steps you can take to protect your personal information. To find out more, please visit www.ftc.gov or call toll free to 1-877-382-4357 to file a complaint or get free information on how to prevent and avoid e-mail scams. The FDIC has also created a helpful and informative Phishing Brochure.

Vishing, a term that is a combination of “voice” and “phishing”, is the practice of using social engineering over the telephone system to gain access to private personal and financial information.  To protect yourself, consumers are advised to be highly suspicious when receiving messages directing them to call and provide credit card or bank numbers. Rather than provide any information, contact the bank or credit card company directly to verify the validity of the message.

Passwords or personal identification numbers (PINs) should be used when accessing an account online. Your password should be unique to you and you should change it regularly. Do not use birthdates or other numbers or words that may be easy for others to guess. Always carefully control to whom you give your password.

For further information, please also see Online Banking • Security.

If you are a homeowner who needs money to pay bills or for home repairs, you may think a home equity loan is the answer. But not all loans and lenders are the same -- you should shop around. The cost of doing business with high-cost lenders can be excessive and, sometimes, downright abusive. The attached brochure provided by the FDIC explains that borrowing from an unscrupulous lender, especially one who offers a high-cost mortgage loan using the borrower's home as security, could result in the loss of the borrower's home and money. Certain lenders, called "predatory lenders," target homeowners with low incomes or credit problems or who are elderly by deceiving them about credit terms or making loans which they cannot afford to repay.

Learn more by reading the brochure Putting Your Home on the Line is Risky Business.

Within the last several months, the FBI has seen a significant increase in fraud involving the exploitation of valid online banking credentials belonging to small and medium businesses, municipal governments, and school districts. In a typical scenario, the targeted entity receives a “spear phishing” e-mail which either contains an infected attachment, or directs the recipient to an infected website. Once the recipient opens the attachment or visits the website, malware is installed on their computer. The malware contains a key logger which will harvest the recipients business or corporate bank account log-in information. Shortly thereafter, the perpetrator either creates another user account with the stolen log-in information, or directly initiates funds transfers by masquerading as the legitimate user. These transfers have occurred as both traditional wire transfers and as ACH transfers.

Further reporting has shown that the transfers are directed to the bank accounts of willing or unwitting individuals within the United States. Most of these individuals have been recruited via work-at-home advertisements, or have been contacted after placing resumes on well-known job search websites. These persons are often hired to “process payments”, or “transfer funds”. They are told they will receive wire transfers into their bank accounts. Shortly after funds are received, they are directed to immediately forward most of the money overseas via wire transfer services such as Western Union and Moneygram.

Customers who use online banking services are advised to contact their financial institution to ensure they are employing all the appropriate security and fraud prevention services their institution offers.

The United States Computer Emergency Readiness Team (US-CERT) has made information on banking securely online available at http://www.us-cert.gov/reading_room/Banking_Securely_Online07102006.pdf

Protecting your computer against malicious software is an ongoing activity and, at minimum, all computer systems need to be regularly patched, have up to date anti-virus software, and a personal firewall installed. Further information is available at
http://www.us-cert.gov/nav/nt01/

If you have experienced unauthorized funds transfers from your bank accounts, or if you have been recruited via a work-at-home opportunity to receive transfers and forward money overseas, please notify the IC3 by filing a complaint at www.ic3.gov.

For a detailed analysis of this scam please visit http://www.ic3.gov/media/2009/091103-1.aspx