General Security Tips
Personal Computer Security
General Security Tips
While anyone can fall prey to fraud and identity theft, many ways exist
to minimize your risk. Washington Mutual provides these security tips so you can
guard against fraud and identity theft.
If you feel you may be a victim of identity theft, visit our Identity Theft
page in this section for more information and a list of resources.
Return to top
Privacy
- Never give out personal information online or over the phone unless you have initiated
the contact. Washington Mutual will never request that you submit confidential information
over non-secure channels such as e-mail or phone calls initiated by us.
- Don't include information such as your driver's license or Social Security Number
on your pre-printed checks.
- Memorize all Personal Identification Numbers (PINs), such as your ATM card PIN and
online passwords. Do not keep such numbers in your wallet or purse.
- Avoid using easily guessed or learned information such as your online password,
PIN or Telephone Access Code (TAC).
- We offer you the ability to select a TAC to be used as identification when accessing
our automated phone system. We encourage you to select a TAC rather than using your
Social Security number.
Return to top
Safeguard Accounts
- Store new and cancelled checks in a secure place and shred unnecessary financial
documents. Consider signing up for a check safekeeping service.
- Avoid writing your account number on envelopes or other items that may be thrown
away later.
- Register your credit cards, ATM, check and debit cards with a liability protection
service.
Return to top
Protect Your Mail
- If you stop receiving bills, statements or other monthly mailings, or if a bill
is not received when expected, contact the issuing company immediately.
- Promptly collect incoming mail, and use a locking mailbox if possible.
- Send outgoing mail from a secured mailbox or a post office; try to avoid leaving
outgoing mail in your home mailbox.
- Shred all unwanted pre-approved offers for credit cards, convenience checks or loans.
Return to top
Personal Computer Security
Introduction
One way a thief can get personal information about you is from your home
computer. The following tips detail how you can add to the security of personal
information on your home computer.
Return to top
Passwords and User IDs
For each computer or online service you use, you should have a user ID
and password. Try to create the most bizarre and original password, and make sure
you protect it. Commit your password to memory and don't share it with anyone.
The following easily-identifiable items should be avoided when creating passwords:
- Your birth date or a family member's birth date
- Names of family members or pets
- Social Security number
- Phone numbers
- Dates of important events, such as anniversaries
Tips for creating strong passwords:
- Use a combination of numbers, letters and punctuation.
- Longer passwords are better.
- Make sure it's something you can remember without writing it down.
Return to top
Install and Use Anti-Virus Programs
Viruses can infect a home computer in many ways: through floppy disks,
CDs, e-mail, Web sites and downloaded files. Anti-virus programs help protect your
computer against most viruses, worms, Trojans and other unwanted invaders that can
make your computer "sick." Viruses, worms and the like often perform malicious acts,
such as deleting files, accessing personal data or using your computer to attack
other computers. If a file is found to be infected with a virus, most anti-virus
programs provide you with options of how to respond, such as removing the harmful
item or deleting the file. Installing an anti-virus program and keeping it up-to-date
is the best defense for your home computer.
Return to top
Firewalls: What Are They and How Do I Use
Them?
Before you connect your computer to the Internet, you should install
a firewall. A firewall can be generally described as a security guard for your home
computer. The guard is a piece of software or hardware that helps protect your PC
against hackers and many computer viruses and worms. With a firewall, you define
which connections between your computer and other computers on the Internet are
allowed and which are denied. There are firewall programs, both free and available
for purchase, that provide the capabilities you need to help make your home computer
more secure.
Return to top
E-mail Scams: Phishing
What is phishing?
All Internet users should be aware of the online scam known as "phishing"
(pronounced "fishing"). Phishing involves the use of e-mail messages that appear
to come from your bank or another trusted business, but are actually from imposters.
Phishing e-mails typically ask you to click a link to visit a Web site, where you're
asked to enter or confirm personal financial information such as your account numbers,
passwords, Social Security number or other data. Although these Web sites may appear
legitimate, they are not. Thieves can collect whatever data you enter and use it
to access your personal accounts.
Return to top
How can I spot a phishing scam?
Look for these warning signs:
- Language and tone. The message you receive may urge you to act
quickly by suggesting that your account is threatened. It may say that if you fail
to update, verify or confirm your personal or account information, access to your
accounts will be suspended. The wording may also be sloppy and
contain misspellings.
- Requests for personal information. Scam e-mails typically ask for
personal or account information such as:
- Account numbers
- Credit and check card numbers
- Social Security numbers
- Online banking user IDs and passwords
- Mother's maiden name
- Date of birth
- Other confidential information
- E-mailed instructions to download software. All your online banking
should be done through our secure Web site, and we will not send you e-mail instructions
to download any banking software to your computer. Do not install software downloads
directly from e-mail messages, or from companies or Web sites you do not recognize.
When in doubt, contact the company directly or call our customer service number
at 800.788.7000.
- Non-secure Web pages. Clever thieves can build a fake Web site
that looks nearly identical to an authentic one. They can even alter the URL (the
Web address) that appears in your browser window. Watch out for non-secure Web pages
that ask for sensitive information (secure sites will typically display a lock in
the status bar at the bottom of your browser window).
Return to top
How can I decrease my risk of being a phishing victim?
Here are some safety tips:
- Be suspicious of demanding messages. Messages threatening to terminate
or suspend your account without your quick response should be treated as suspicious.
A legitimate bank or business should not request personal information from you over
an unsecured Web site. When in doubt, call the business' customer service number
(available on your account statement) to confirm the status of your account. Do
not use telephone numbers found on the suspected Web site.
- Be cautious of downloads. Installing unknown software on your computer
can put your personal information at risk and potentially harm your computer's hard
drive. Make sure the software comes from a legitimate Web site, not an e-mail message.
If you're not sure whether you should download a program, contact a customer service
representative for more information.
- Always type in the URL of the Web page you need. Phishing scams
rely on embedded links that take you to fake Web sites. It's safer to type your
bank's Web address directly into your browser so you know you're visiting the legitimate
site.
- Protect your password. Don't write down sensitive personal information
such as your password or Social Security number. Change your password frequently.
- Keep your computer up-to-date. Washington Mutual recommends that
you install anti-virus and firewall programs to help keep your computer safe. Learn more.
Report an online scam
If you receive suspicious e-mail that appears to come from Washington Mutual,
please notify us immediately by forwarding the e-mail to
spoof@wamu.com (do not open any attachments or click any links found in
the suspicious e-mail).
You may also want to forward it to the Federal Trade Commission at
spam@uce.gov, or contact them at
www.consumer.gov/idtheft* or 877.IDTHEFT (877.438.4338).
If you believe you have provided personal or account information in response to
a fraudulent e-mail or Web site, please contact Washington Mutual at 800.788.7000
and contact the other financial institutions with which you have accounts.
Learn more about phishing
To learn more about phishing, read the phishing brochure* provided by The Office of the Comptroller
of the Currency (OCC). The OCC charters, regulates and supervises all national banks.
Recent phishing scams
- Customers have reported receiving an e-mail message urging them to download software
programs to assist them in online banking. By clicking on a link in the message,
users are taken to a fake page that appears to be part of wamu.com, and they're
given the chance to download the free software. Installing software applications
from an unknown or fraudulent source can be extremely dangerous, and could give
scammers access to your personal banking details.
- Some customers have recently received e-mail messages stating that "there have been
a large number of identity theft attempts targeting wamu.com customers." The e-mail
requests that customers confirm their identity for personal online banking by clicking
a link and logging onto their accounts.
- Another recent fraudulent e-mail pretends to be a "Security Center Advisory" that
informs customers their account "has been randomly selected for maintenance," and
that they need to click a link to verify their identity.
- Yet another fraudulent e-mail states that there is a pending charge (often a quite
large one) to the customer's account, and in order to decline the transaction, the
customer needs to click a button or a link in the e-mail.
All of these e-mail messages include links that appear to take
customers to Washington Mutual's Web site—however, the Web pages they go to are
not legitimate. They actually take customers to fake Web pages
where the scammers collect personal and account information. If you receive
a suspicious e-mail message or are directed to an unfamiliar Web page, call a customer
service representative at 800.788.7000 before giving up any personal details or
downloading software.
Return to top
E-mail Attachments
E-mail viruses and worms are fairly common. Here are steps you can use
to help you decide what to do with every e-mail message attachment you receive.
You should only open and read a message that passes all of these tests:
- The know test—is the e-mail from someone you know?
- The received test—have you received e-mail from this person before?
- The expect test—were you expecting e-mail with an attachment from
this sender?
- The sense test—does the e-mail subject make sense based on who
is sending the e-mail? Would you expect this type of attachment from this person?
- The virus test—does this e-mail contain a virus? To determine this,
you need to install and use an anti-virus program.
Return to top
Purchasing and Installing
Programs
Apply these practices when you select software for your home computer.
- Learn as much as you can about the product and what it does before
you purchase it.
- Understand the refund/return policy before you make your purchase.
- Buy from a local store that you already know or a national chain
with an established reputation.
Return to top
Keep Your System Up-to-Date
Most software vendors provide free patches to fix problems in their products.
You can usually download these patches from the vendor's Web site. When you purchase
a program, it's a good idea to find out how the vendor provides customer support.
Return to top
Backups: How Important?
It is a good practice to back up important files and folders on your computer.
To back up files, you can make copies onto media that you can safely store elsewhere,
such as CDs or floppy discs.
For more information on home computer security, visit http://www.cert.org/.*
Return to top