Information and Announcements
FDIC Consumer News
Avoid Scams While Shopping Online for Bargains
Protect yourself and know the signs
During the holiday season, we tend to make a lot more purchases online for travel and gifts, so it’s especially important to be vigilant about protecting your money. Here are some of the most common scams to watch for:
Fake websites and apps
Scammers often create fake websites that are so similar to the sites of popular retailers, it easily tricks consumers into providing payment information. The scammers take your information and your money, but you never receive the products. Scammers have also developed fake apps that contain malware. When you download the app, the malware steals personal information from your device or locks it, holding it for ransom until you pay the scammers. Other types of fraudulent apps ask you to login using your social media or email accounts that could expose your personal information for the scammers to steal.
Be careful of apps or websites that ask for suspicious permissions, such as granting access to your contacts, text messages, stored passwords, or credit card information. Also, poor grammar or misspelled words in an apps’ description or on a website is a red flag that it is not legitimate.
Avoid clicking on links in unsolicited emails or emails from unfamiliar sources. The links may lead to an illegitimate website attempting to get you to enter your credit card or other personal information. Some links may download malware (malicious software, such as computer viruses) to your computer when you click on them that can steal your banking information, including login identification, passwords, and credit or debit card numbers. These emails typically look very similar to ones sent by well-known retailers, banks, and other entities.
Be on the lookout for emails that have typos or other obvious mistakes. In addition, be skeptical of email attachments described as coupons, rebates, or payment forms – they could include malware. And avoid email offers that seem “too good to be true.” If an email promises popular items for free or a surprisingly low price, it is probably a scam.
Making payments on unsecure sites
Before paying for a purchase online, make sure the website you’re on has “https” at the beginning of its URL with a lock symbol:
This means the site has a protected network connection. Websites with “http” at the beginning of the URL with no “s” are more vulnerable to attacks by scammers who steal credit card information by monitoring network traffic. Also be aware of pop-up windows that appear while you are on a website asking for your credit card information to receive coupons or to win free items. Legitimate companies do not ask for your personal information for those purposes.
Using public wifi to shop or access sensitive information
Wireless connectivity, also known as wifi, allows your laptop, PC, or mobile device to connect to the internet without a physical wire connection. Many restaurants, hotels, libraries, and other places offer free public wifi, which is convenient when you’re on the go. However, these networks may not be secure (since they either do not require a password or provide the same generic password to all customers for access) and may expose your personal and banking information to scammers looking to steal names, social security numbers, and bank account numbers.
Avoid using public wifi to make purchases online, login to your financial accounts, or access other sites that have sensitive information about you. It’s also a good idea to stick with websites that have “https” encryption (discussed above) when in public places.
Package delivery confirmation scams
This scam is especially popular during the holidays when people receive gifts through the mail that they may not be expecting.
The scammers call or email claiming to be from the U.S. Postal Service or a major shipping company and state that you have a package waiting for delivery. To ensure the package is meant for you, you are asked to provide personal information, which the scammers steal to use to open credit accounts in your name. In response to this scam, the U.S. Postal Service explained it does not call people and ask for personal information if there is a problem with a delivery. Visit Fake USPS Phone Calls for more information.
Scammers also use email and text messages in their schemes. Read more with Beware, It’s a Scam! Avoid phishing, smishing, vishing, and other scams.
Don’t let these scams dampen your holiday spirits. Instead, here are precautions you can take to protect your money while shopping online:
• In general, always use difficult-to-guess, unique passwords on every account.
• If you’re using shopping apps, focus only on official retailer apps found on the retailer’s website or a reputable app marketplace, which offer stronger security.
• Never provide your credit card information unless you are on a secure site, showing “https” at the beginning of the URL and the lock symbol.
• Think about implementing two factor authentication on your accounts. Two factor authentication requires you to provide two pieces of evidence when logging into an account. It presents an extra layer of security to make it more difficult for someone who isn’t you to log into your account. For more information, visit the National Institute of Standards and Technology (NIST) - multi-factor-authentication.
• Monitor credit card bills and bank statements as well as app and other online transactions for unauthorized purchases or withdrawals. Immediately contact your bank if you see anything suspicious. In addition, you may want to consider signing up for alert services. Many credit card issuers, banks, and mobile app providers offer services that notify you about certain account activities, such as recent logins from unrecognized devices.
Phishing is an attempt to acquire sensitive information such as usernames, passwords, account information, etc. by masquerading as a trustworthy entity in an electronic communication. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by email spoofing and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
Phishing is a continual threat that keeps growing day by day. Phishing is used to portray trust in the user since you can usually not tell that the site or program being visited/used is not real. When this occurs the hacker has the chance to access the user's personal information such as passwords, usernames, security codes, account information, etc.
Phishers are targeting the customers of banks and online payment services. Emails have been used to gain sensitive data from U.S. banking customers.
If you ever receive an email that appears to be from Streator Home Savings Bank requesting account information do not click on the link to input that information. It is fraudulent. We will never request account or debit card information from our customers via email. If you have provided any personal, account or card information to an email, please contact us immediately at (815) 673-5566.
Synthetic Identity Theft
Synthetic identity theft is a form of fraud where criminals alter personal information for the purpose of accessing a person's banking information or credit card.
The perpetrators alter some details of a person's information, such as date of birth or one digit of a Social Security number. The credit-reporting agencies assume there is a typographical error and recognizes that information as belonging to that person. Thieves are stealing this personal information from the many data breaches occurring from retail businesses and companies that have been hacked by cyber thieves.
Victims of synthetic identity theft may not know they are victims until they start to receive unpaid bills, collection notices or overdue tax bills.
The best way to guard against any identity theft is to monitor your credit report. You can monitor your credit report for FREE at www.annualcreditreport.com or call 1-877-322-8228 to request your report. Federal law allows consumers to receive a free credit report from each of the three major reporting agencies annually.
Spear Phishing Scams
Spear phishing is an email that appears to be sent from a person or business that is familiar to the individual receiving the email. However, the email is sent from a cyber criminal who wants to gain access to your bank accounts, credit cards, passwords, etc.
The criminal thrives on familiarity. He/she knows your name, email address and some other personal information about you. The salutation of the message will most likely be personalized "Hi Bob!" rather than "Dear Sir". The email could contain a reference to a "mutual friend" or make reference to a recent online purchase you made. Because the message looks like it is coming from someone you know, you may let your guard down and provide the information requested.
Be proactive! If a "friend" emails you to ask for personal information or passwords, call your friend to verify that he/she was the person who contacted you. Do not reply to the email. Do the same thing for banks or businesses. Do not call a phone number that is listed in the email. Look up the phone number in a phone book or online. Call the phone number that is listed from a trusted resource. If it is a credit card, call the customer service phone number on the back of your credit card. Remember, legitimate businesses will not email you asking for personal information, account numbers or passwords.
A vishing scam is a type of fraud that uses a phone call or voicemail message to gain access to a person's banking or credit card information.
Scammers use a phone number list, such as a phone book or regional phone listing, to call everyone they can and leave an automated message to let the person know his/her credit card or bank account has been compromised, depleted or closed. When this process is done by email, it is called phishing. When done by phone, it is called vishing.
The criminal leaves a message with a phone number to call to learn more about the compromised account. The scammers use toll-free phone numbers for this and may also have, for caller ID purposes, set up the phone number to look like it is legitimately from the "company" that called. When a person calls the toll-free number, he/she is instructed to dial in the credit card number, bank account number or even his/her Social Security number. Once this information is received, the victim can talk to a "representative". The damage is done. The criminal now has the victim's information and can use it to commit financial theft from the victim.
Do not call the phone number that was left on the voicemail. Instead, look up the phone number in a phone book or online. If it is a credit card company, call the phone number on the back of your credit card. People are naturally concerned when they receive a call about the security of their account or credit cards. However, it will only take a few minutes to find the legitimate phone number of the "business" that called.
Request for account information via E-Mail
If you ever receive an email that appears to be from Streator Home Savings Bank requesting account or debit card information do not respond. It is fraudulent. We will never request account or debit card information from our customers via email. If you have provided any account or card information to an email, please contact us immediately at (815) 673-5566.
Automated call for De-activated Card
If you receive a call with an automated message stating that your debit card has been de-activated do not respond. This is a fraudulent call and should be ignored. If you have provided any information to an automated call, please contact us immediately at (815) 673-5566.
Learn More About Online Safety and Security at:
www.ftc.gov (Federal Trade Commission consumer response center)
www.usa.gov (consumer guides and protection)
www.onguardonline.gov (managed by the Federal Trade Commission)
Streator Home Savings Bank Routing Number
2023 Holiday Closings:
January 2 - New Year's Day observed
January 16 - Martin Luther King Jr. Day
February 20 - Presidents' Day
April 7 - Good Friday (closed at noon)
May 29 - Memorial Day
June 19 - Juneteenth Day
July 4 - Independence Day
September 4 - Labor Day
October 9 - Columbus Day
November 11 - Veterans' Day
November 23 - Thanksgiving Day
December 25 - Christmas Day
January 2, 2024 - New Year's Day