Libertyville Savings Bank - Offering Checking, Savings and Lending for Personal and Business Banking in Fairfield, Libertyville, Keosauqua, Keota and Eldon, Iowa. Libertyville has Online Internet Banking, 24 Hour Express Customer Phone Service, Personal and Business Loans, Overdraft Defender, Visa Gift Cards and Lock Boxes.

In The Know

6/7/2016

FBI warns against email extortion.

Mike Burnett, IT Director

This extortion scam can hit both work and home.  Hopefully, it can prevent a variety of trouble by warning ahead of time.

 [WARNING] The FBI issued an alert about a new scam you need to be aware of. This is an email you receive which threatens to make public all your personal, and sometimes very private information unless you pay a ransom in an electronic currency called Bitcoin. It is easy to get intimidated by threats like this, and you might be pushed into trying to prevent possible negative consequences. However, do not fall for pressure tactics like this, because if you do, your data will be sold to other scammers who will continue to haunt you. If you receive email extortion demands, do not answer, and do not pay anything. Report this scam to the FBI’s Internet Crime Complaint Center (IC3) instead. Here is their website: http://www.ic3.gov/default.aspx Remember… Always Think Before You Click!

4/19/2016

12 things consumers can do to protect the data on their mobile device.

Mike Burnett, IT Director

As consumer use of mobile devices continues to climb, cyber criminals are targeting them more frequently.

 

  1. Use the passcode lock on your smartphone and other devices. This will make it more difficult for thieves to access your information if your device is lost or stolen.
  2. Log out completely when you finish a mobile banking session.
  3. Protect your phone from viruses and malicious software, or malware, just like you do for your computer by installing mobile security software.
  4. Use caution when downloading apps. Apps can contain malicious software, worms, and viruses. Beware of apps that ask for unnecessary “permissions.”
  5. Download the updates for your phone and mobile apps.
  6. Avoid storing sensitive information like passwords or a social security number on your mobile device.
  7. Tell your financial institution immediately if you change your phone number or lose your mobile device.
  8. Be aware of shoulder surfers. The most basic form of information theft is observation. Be aware of your surroundings especially when you’re punching in sensitive information.
  9. Wipe your mobile device before you donate, sell or trade it using specialized software or using the manufacturer’s recommended technique. Some software allows you to wipe your device remotely if it is lost or stolen.
  10. Beware of mobile phishing. Avoid opening links and attachments in emails and texts, especially from senders you don’t know. And be wary of ads (not from your security provider) claiming that your device is infected.
  11. Watch out for public Wi-Fi. Public connections aren’t very secure, so don’t perform banking transactions on a public network. If you need to access your account, try disabling the Wi-Fi and switching to your mobile network.
  12. Report any suspected fraud to your bank immediately.  

3/30/16

What You Need to Know about the Verizon Enterprise Data Breach

A message from ID Shield

News outlets are reporting that Verizon Enterprise suffered a data breach in which contact information of 1.5 million Verizon customers was stolen in a network attack. Although Verizon reportedly claims that no “customer proprietary network information” or other data was accessed.

Be Aware of the Possibility of Phishing Attacks

The primary threat of a breach of this type is being “phished” by a scammer. If they have your phone number and/or email address, then a scammer can call, text or email and pose as a Verizon representative.

A thief could formulate a story that explains the need for whatever it is that they are trying to obtain from you such as money, financial information, access to accounts or personal identification data. Then, they could take that information and do something else with it, which could include identity theft.

Quick Tips to Avoid Trouble

  • Understand that legitimate businesses do not send email or text messages asking for your sensitive personal information. Delete these without responding.
  • Legitimate businesses do not call to ask for personal information “out of the blue.” Don’t respond unless you are sure the call is in response to a request from you.
  • Often automated or “robo” calls are a scammer’s attempt to reach you. Hang up without responding or pushing any buttons on your phone.
  • Don’t trust Caller ID. Scammers can mask their number.
  • Be wary of email even if it looks legitimate. Scammers can copy logos and mask the sender’s address to appear to be from a trusted business.
  • Think about what you are asked for before providing your sensitive personal information whether by phone, clicking on a link in an email, or responding to a text message. Be stingy with your personal data.

3/21/16

Motor Vehicles Increasingly Vulnerable to Remote Exploits

This PSA is a joint product by the Federal Bureau of Investigation, the
Department of Transportation and the National Highway Traffic Safety Administration.

 

As previously reported by the media in and after July 2015, security researchers evaluating automotive cybersecurity were able to demonstrate remote exploits of motor vehicles. The analysis demonstrated the researchers could gain significant control over vehicle functions remotely by exploiting wireless communications vulnerabilities. While the identified vulnerabilities have been addressed, it is important that consumers and manufacturers are aware of the possible threats and how an attacker may seek to remotely exploit vulnerabilities in the future. Third party aftermarket devices with Internet or cellular access plugged into diagnostics ports could also introduce wireless vulnerabilities.

Modern motor vehicles often include new connected vehicle technologies that aim to provide benefits such as added safety features, improved fuel economy, and greater overall convenience. Aftermarket devices are also providing consumers with new features to monitor the status of their vehicles. However, with this increased connectivity, it is important that consumers and manufacturers maintain awareness of potential cyber security threats.

Vehicle hacking occurs when someone with a computer seeks to gain unauthorized access to vehicle systems for the purposes of retrieving driver data or manipulating vehicle functionality. While not all hacking incidents may result in a risk to safety – such as an attacker taking control of a vehicle – it is important that consumers take appropriate steps to minimize risk. Therefore, the FBI and NHTSA are warning the general public and manufacturers – of vehicles, vehicle components, and aftermarket devices – to maintain awareness of potential issues and cybersecurity threats related to connected vehicle technologies in modern vehicles.

How are computers used in modern motor vehicles?

Motor vehicles contain an increasing number of computers in the form of electronic control units (ECUs). These ECUs control numerous vehicle functions from steering, braking, and acceleration, to the lights and windshield wipers. A wide range of vehicle components also have wireless capability: from keyless entry, ignition control, and tire pressure monitoring, to diagnostic, navigation, and entertainment systems. While manufacturers attempt to limit the interaction between vehicle systems, wireless communications, and diagnostic ports, these new connections to the vehicle architecture provide portals through which adversaries may be able to remotely attack the vehicle controls and systems. Third-party devices connected to the vehicle, for example through the diagnostics port, could also introduce vulnerabilities by providing connectivity where it did not exist previously.

What are some of the ways an attacker can access vehicle networks and driver data?

Vulnerabilities may exist within a vehicle’s wireless communication functions, within a mobile device – such as a cellular phone or tablet connected to the vehicle via USB, Bluetooth, or Wi-Fi – or within a third-party device connected through a vehicle diagnostic port. In these cases, it may be possible for an attacker to remotely exploit these vulnerabilities and gain access to the vehicle’s controller network or to data stored on the vehicle. Although vulnerabilities may not always result in an attacker being able to access all parts of the system, the safety risk to consumers could increase significantly if the access involves the ability to manipulate critical vehicle control systems.

Example: Recently Demonstrated Remote Exploits

Over the past year, researchers identified a number of vulnerabilities in the radio module of a MY2014 passenger vehicle and reported its detailed findings in a whitepaper published in August 2015.a The vehicle studied was unaltered and purchased directly from a dealer. In this study, which was conducted over a period of several months, researchers developed exploits targeting the active cellular wireless and optionally user-enabled Wi-Fi hotspot communication functions. Attacks on the vehicle that were conducted over Wi-Fi were limited to a distance of less than about 100 feet from the vehicle. However, an attacker making a cellular connection to the vehicle’s cellular carrier – from anywhere on the carrier’s nationwide network – could communicate with and perform exploits on the vehicle via an Internet Protocol (IP) address.

In the aforementioned case, the radio module contained multiple wireless communication and entertainment functions and was connected to two controller area network (CAN) buses in the vehicle. Following are some of the vehicle function manipulations that researchers were able to accomplish.

  • In a target vehicle, at low speeds (5-10 mph):
    • Engine shutdown
    • Disable brakes
    • Steering
  • In a target vehicle, at any speed:
    • Door locks
    • Turn signal
    • Tachometer
    • Radio, HVAC, GPS

What did the manufacturer in the recent case do to fix or mitigate the identified vulnerabilities?

In this case, NHTSA believed the vulnerability represented an unreasonable risk to safety based on a number of critical factors: once exploited, the vulnerability allowed access to and manipulation of critical vehicle control systems; the population of vehicles potentially at risk was huge; and the likelihood of exploitation was great given that the researchers were scheduled to publish the bulk of their work product. As a result, almost one and a half million vehicles were recalled (NHTSA Recall Campaign Number: 15V461000). Before the researchers’ report was released, the cellular carrier for the affected vehicles blocked access to one specific port (TCP 6667) for the private IP addresses used to communicate with vehicles. However, the recall was still necessary to mitigate other, short-range vulnerabilities.

The manufacturer and cell service provider have provided a remedy to mitigate the specific vulnerabilities. The manufacturer announced it would notify owners of vehicles affected by the recall and would mail them a USB drive containing the update and additional security features for the vehicle software. Alternatively, the manufacturer announced that owners could visit a Web site to check if their vehicle was included in the recall and to download the software update to a USB drive. Owners who did not wish to install the update via USB to their own vehicles were given the option to have their vehicle dealer install the update.

Cybersecurity Recalls and Consumer Action

How can consumers determine whether their vehicle has been recalled for a vehicle cybersecurity issue?

When a vehicle is included in a recall, the manufacturer sends a notification to vehicle owners informing them of the issue and how to obtain a free remedy to address the problem.

In general, it is important that consumers maintain awareness of the latest recalls and updates affecting their motor vehicles. This can be done by following the instructions on NHTSA’s safercar.gov Web site, media and news announcements of recalls, contacting your nearest vehicle dealership, or checking the vehicle manufacturer’s Web site for recall-related information. Vehicle owners should check the vehicle’s VIN for recalls at least twice per year using this Web link: http://vinrcl.safercar.gov

Consumers can also look for other related information for their vehicles at the following Web links:

http://www-odi.nhtsa.dot.gov/owners/SearchSafetyIssues

http://www.recalls.gov/nhtsa.html

How can consumers help minimize vehicle cybersecurity risks?

1. Ensure your vehicle software is up to date

If a manufacturer issues a notification that a software update is available, it is important that the consumer take appropriate steps to verify the authenticity of the notification and take action to ensure that the vehicle system is up to date.

As a note of caution, if manufacturers regularly make software updates for vehicles available online, it is possible that criminals may exploit this delivery method. A criminal could send socially engineered e-mail messages to vehicle owners who are looking to obtain legitimate software updates. Instead, the recipients could be tricked into clicking links to malicious Web sites or opening attachments containing malicious software (malware). The malware could be designed to install on the owner’s computer, or be contained in the vehicle software update file, so as to be introduced into the owner’s vehicle when the owner attempts to apply the update via USB. Additionally, an attacker could attempt to mail vehicle owners USB drives containing a malicious version of a vehicle’s software. To mitigate potential risks, vehicle owners should always:

  • Verify any recall notices received by following the steps for determining whether a vehicle has been recalled for a vehicle cyber security issue, as outlined above.
  • Check on the vehicle manufacturer’s Web site to identify whether any software updates have been issued by the manufacturer.
  • Avoid downloading software from third-party Web sites or file-sharing platforms.
  • Where necessary, always use a trusted USB or SD card storage device when downloading and installing software to a vehicle.
  • Check with the vehicle dealer or manufacturer about performing vehicle software updates.

If uncomfortable with downloading recall software or using recall software mailed to you, call your dealer and make an appointment to have the work done by a trusted source.

2. Be careful when making any modifications to vehicle software

Making unauthorized modifications to vehicle software may not only impact the normal operation of your vehicle, but it may introduce new vulnerabilities that could be exploited by an attacker. Such modifications may also impact the way in which authorized software updates can be installed on the vehicle.

3. Maintain awareness and exercise discretion when connecting third-party devices to your vehicle

All modern vehicles feature a standardized diagnostics port, OBD-II, which provides some level of connectivity to the in-vehicle communication networks. This port is typically accessed by vehicle maintenance technicians, using publicly available diagnostic tools, to assess the status of various vehicle systems, as well as to test emissions performance. More recently, there has been a significant increase in the availability of third-party devices that can be plugged directly into the diagnostic port. These devices, which may be designed independent of the vehicle manufacturer, include insurance dongles and other telematics and vehicle monitoring tools. The security of these devices is important as it can provide an attacker with a means of accessing vehicle systems and driver data remotely.

While in the past accessing automotive systems through this OBD-II port would typically require an attacker to be physically present in the vehicle, it may be possible for an attacker to indirectly connect to the vehicle by exploiting vulnerabilities in these aftermarket devices. Vehicle owners should check with the security and privacy policies of the third-party device manufacturers and service providers, and they should not connect any unknown or un-trusted devices to the OBD-II port.

4. Be aware of who has physical access to your vehicle

In much the same way as you would not leave your personal computer or smartphone unlocked, in an unsecure location, or with someone you don’t trust, it is important that you maintain awareness of those who may have access to your vehicle.

What should you do if you suspect you are a victim of vehicle hacking?

In much the same way as you would not leave your personal computer or smartphone unlocked, in an unsecure location, or with someone you don’t trust, it is important that you maintain awareness of those who may have access to your vehicle.

1. Check for outstanding vehicle recalls or vehicle software updates

It is important that you check to identify whether there are any outstanding recalls related to your vehicle. This can be done by following the steps outlined above. You may also check on the manufacturer’s Web site to determine whether there are any software updates that may need to be applied.

2. Contact the vehicle manufacturer or authorized dealer

An important step is being able to diagnose whether any anomalous vehicle behavior might be attributable to a vehicle hacking attempt. Contact your vehicle manufacturer or authorized dealer and provide them with a description of the problem so that they can work with you to resolve any potential cyber security concerns.

3. Contact the National Highway Traffic Safety Administration

In addition to contacting the manufacturer or authorized dealer, please report suspected hacking attempts and perceived anomalous vehicle behavior that could result in safety concerns to NHTSA by filing a Vehicle Safety Complaint.

4. Contact the FBI

In addition to the above steps, please reach out to your local FBI field office and the Internet Crime Complaint Center (IC3).

Agency and Industry Action

What is NHTSA doing on vehicle cyber security?

NHTSA is the regulatory agency that sets and enforces the federal motor vehicle safety standards for new vehicles. They are actively working on several initiatives to improve the cyber security posture of vehicles in the United States. More information about their vehicle cyber security activities can be found at:

http://www.nhtsa.gov/staticfiles/administration/pdf/presentations_speeches/2015/NHTSA-VehicleCybersecurity_07212015.pdf

What are automakers doing on vehicle cyber security?

In addition to the steps taken by individual automakers to address vehicle safety and security, the auto industry has established an Information Sharing and Analysis Center (ISAC) to provide a trusted mechanism for exchanging cyber security information. The Auto ISAC will act as a central hub for gathering intelligence to help the industry analyze, share, and track cyber threats. Automakers are also collaborating on best practices for enhancing the cyber resiliency of motor vehicle electronics and associated in-vehicle networks.

 

3/15/16

Unwanted software can cause unwelcome problems

November 30, 2015

by Nicole Vincent Fleming Consumer Education Specialist, FTC

Does your internet browser ever display ads that just seem wrong — for example, an inappropriate ad on a kid’s website, an ad that blocks content on the page, or an ad on a government site?

Unwanted software could be to blame. Free downloads sometimes come with hidden software that can:

  • cause your computer to slow down or crash
  • modify your security settings, greatly increasing your risk of viruses
  • inject scammy and inappropriate ads into your browser
  • make it difficult to remove the softwareBetter yet, take these steps to avoid unwanted software in the first place:
  • If your computer has symptoms like these, take steps to get rid of the malware. Check to see if your browser or security software has tools to delete it and restore your settings. If that doesn’t work, you might want to get help from a professional.
  • Get well-known software directly from the source. Sites that offer lots of different browsers, PDF readers, and other popular software for free are more likely to include malware.
  • Read each screen when installing new software. If you don’t recognize a program, or are prompted to install additional “bundled” software, decline the additional program or exit the installation process.
  • Don’t click on popups or banner ads about your computer’s performance. Scammers insert unwanted software into banner ads that look legitimate, especially ads about your computer’s health.

Computers that don’t use adequate security software are more likely to be targeted by malware, so set your security software to update automatically.

a Online research paper; Chris Valasek, Charlie Miller; IOActive Security Services Technical Whitepaper; “Remote Exploitation of an Unaltered Passenger Vehicle”; 10 August 2015; http://www.ioactive.com/pdfs/IOActive_Remote_Car_Hacking.pdf; 17 September 2015. IOActive is a computer security services company. Authors have researched vehicle vulnerabilities for several years.

3/1/16

Tips to Protect Your Personal Information While Online

IRS Security Awareness Tax Tip Number 7, January 4, 2016

The IRS, the states and the tax industry urge you to be safe online and remind you to take important steps to help protect your tax and financial information and guard against identity theft. Treat your personal information like cash – don’t hand it out to just anyone.

Your Social Security number, credit card numbers, and bank and utility account numbers can be used to steal your money or open new accounts in your name. Every time you are asked for your personal information think about whether you can really trust the request. In an effort to steal your information, scammers will do everything they can to appear trustworthy.

The IRS has teamed up with state revenue departments and the tax industry to make sure you understand the dangers to your personal and financial data. Taxes. Security. Together. Working in partnership with you, we can make a difference.

Here are some best practices you can follow to protect your tax and financial information:

Give personal information over encrypted websites only. If you’re shopping or banking online, stick to sites that use encryption to protect your information as it travels from your computer to their server. To determine if a website is encrypted, look for “https” at the beginning of the web address (the “s” is for secure). Some websites use encryption only on the sign-in page, but if any part of your session isn’t encrypted, the entire account and your financial information could be vulnerable. Look for https on every page of the site you’re on, not just where you sign in.

Protect your passwords. The longer the password, the tougher it is to crack.  Use at least 10 characters; 12 is ideal for most home users. Mix letters, numbers and special characters. Try to be unpredictable – don’t use your name, birthdate or common words. Don’t use the same password for many accounts.  If it’s stolen from you – or from one of the companies with which you do business – it can be used to take over all your accounts. Don’t share passwords on the phone, in texts or by email.  Legitimate companies will not send you messages asking for your password.  If you get such a message, it’s probably a scam. Keep your passwords in a secure place, out of plain sight.

Don’t assume ads or emails are from reputable companies. Check out companies to find out if they are legitimate. When you’re online, a little research can save you a lot of money and reduce your security risk. If you see an ad or an offer that looks too good, take a moment to check out the company behind it. Type the company or product name into your favorite search engine with terms like “review,” “complaint” or “scam.” If you find bad reviews, you’ll have to decide if the offer is worth the risk. If you can’t find contact information for the company, take your business and your financial information elsewhere. The fact that a site features an ad for another site doesn’t mean that it endorses the advertised site, or is even familiar with it.

Don’t overshare on social media – Do a web search of your name and review the results. Mostly likely, the results while turn up your past addresses, the names of people living in the household as well social media accounts and your photographs. All of these items are valuable to identity thieves. Even a social media post boasting of a new car can help thieves bypass security verification questions that depend on financial data that only you should know. Think before you post!

Back up your files. No system is completely secure. Copy important files and your federal and state tax returns onto a removable disc or a back-up drive, and store it in a safe place. If your computer is compromised, you’ll still have access to your files.

Save your tax returns and records. Your federal and state tax forms are important financial documents you may need for many reasons, ranging from home mortgages to college financial. Print out a copy and keep in a safe place. Make an electronic copy in a safe spot as well. These steps also can help you more easily prepare next year’s tax return. If you store sensitive tax and financial records on your computer, use a file encryption program to add an additional layer of security should your computer be compromised.

To learn additional steps you can take to protect your personal and financial data, visit Taxes. Security. Together. You also can read Publication 4524, Security Awareness for Taxpayers.

Each and every taxpayer has a set of fundamental rights they should be aware of when dealing with the IRS. These are your Taxpayer Bill of Rights. Explore your rights and our obligations to protect them on IRS.gov.

2/23/16

Latest Cyber Scam

Cybercriminals are targeting Netflix users with several scams you need to watch out for. Some of these scams claim you need to update your payment information, and others try to trick you into downloading software for a cheaper version of Netflix. Do not fall victim for any of these tricks.

This is just another example of what to do when you get a link in an email.

  • Never click anywhere in that email.  Do not click on links in email.
  • If you think the email is from a legitimate company, go to that company’s website and get the information there.  Do not click on links in email.

You can also call that company or their customer service if you want to be 100% sure.  Don’t click on links in email.

2/16/16

Tips for Using Credit Bureaus to Help Protect Your Financial Accounts

IRS Security Awareness Tax Tip Number 6, December 28, 2015

If you believe you are a victim of identity theft, you should contact one of the three major credit bureaus to place a “fraud alert” on your credit account.

This critically important step makes it harder for identity thieves to open additional financial accounts, such as a bank account, in your name. This helps prevent identity thieves from directing fraudulent tax refunds into bank accounts they created or opening additional credit cards in your name.

The IRS has teamed up with state revenue departments and the tax industry to make sure you understand the dangers to your personal and financial data. Taxes. Security. Together. Working in partnership with you, we can make a difference.

Contacting a credit bureau if you think you are an identity theft victim can help you in many ways, including helping protect your tax information.

The three main credit bureaus:

  • www.Equifax.com/CreditReportAssistance; 888-766-0008.
  • www.Experian.com/fraudalert; 888-397-3742.
  • www.TransUnion.com/fraud; 800-680-7289.A fraud alert is free, and it lasts for 90 days. You can renew it. It provides a red flag to other businesses where the thieves may be trying to open accounts and legitimate businesses may take additional steps to verify identities.
  • Three types of fraud alerts are available:
  • If you are an identity theft victim, you need contact only one of the three to request a fraud alert. One bureau must notify the others when a fraud alert is requested. You’ll get a letter from each credit bureau. It will confirm that they placed a fraud alert on your file.
  1. Initial Fraud Alert. If you’re concerned about identity theft, but haven’t yet become a victim, this fraud alert will protect your credit from unverified access for at least 90 days. You may want to place a fraud alert on your file if your wallet, Social Security card, or other personal, financial or account information are lost or stolen.
  2. Extended Fraud Alert. For victims of identity theft, an extended fraud alert will protect your credit for seven years.
  3. Active Duty Military Alert. For those in the military who want to protect their credit while deployed, this fraud alert lasts for one year.

Also, you should get your free credit report right away to ensure identity thieves have not opened additional accounts. Go to annualcreditreport.com, which is operated by the three major bureaus, or call 877-322-8228.

If you want even stronger protections or if you were part of a large-scale data breach, you might consider a “credit freeze” which applies even stronger protections but often times for a fee that varies by state.

A credit freeze, also known as a security freeze, lets you restrict access to your credit report, which in turn makes it difficult for identity thieves to open new accounts in your name. You must contact each of the three credit bureaus to establish a credit freeze.

What’s the difference between a credit freeze and a fraud alert? A credit freeze locks down your credit. A fraud alert allows creditors to get a copy of your credit report as long as they take steps to verify your identity.

After receiving your freeze request, each credit reporting company will send you a confirmation letter containing a unique PIN (personal identification number) or password. Keep the PIN or password in a safe place. You will need it if you choose to lift the freeze.

If you apply for credit, a home mortgage or a job, you will have to temporarily lift the freeze so that the businesses may confirm your credit record. There is a fee for lifting a freeze as well.

To learn additional steps you can take to protect your personal and financial data, visit Taxes. Security. Together. You also can read Publication 4524, Security Awareness for Taxpayers.

Each and every taxpayer has a set of fundamental rights they should be aware of when dealing with the IRS. These are your Taxpayer Bill of Rights. Explore your rights and our obligations to protect them on IRS.gov.

2/9/16

Talk to Your Family about Security Online and at Home

IRS Security Awareness Tax Tip Number 5, December 21, 2015

For families with children and aging parents, it’s important to make sure everyone guards their personal information online and at home.

It may be time for “the conversation.”

The IRS, state revenue departments and the tax industry have teamed up to combat identity theft in the tax arena. Our theme: Taxes. Security. Together. Working in partnership with you, we can make a difference.

Especially in families that use the same computer, students should be warned against turning off any security software in use or opening any suspicious emails. They should be instructed to never click on embedded links or download attachments of emails from unknown sources.

Identity thieves are just one of many predators plying the Internet. And, actions by one computer user could infect the machine for all users. That’s a concern when dealing with personal financial details or tax information.

Kids should be warned against oversharing personal information on social media. But oversharing about home addresses, a new family car or a parent’s new job gives identity thieves a window into an extra bit of information they need to impersonate you.

Aging parents also are prime targets for identity thieves. If they are browsing the Internet, they may need the same conversation about online security, avoiding spam email schemes and oversharing on social media.

They may also need assistance for someone to routinely review charges to their credit cards, withdrawals from their financial accounts. Unused credit cards should be canceled. An annual review should be made of their credit reports at annualcreditreport.com to ensure no new accounts are being opened by thieves, and reviewing the Social Security Administration account to ensure no excessive income is accruing to their account.

Seniors also are especially vulnerable to scam calls and pressure from fraudsters posing as legitimate organizations, including the Internal Revenue Service, and demanding payment for debts not owed. The IRS will never make threats of lawsuit or jail or demand that a certain payment method, such as a debit card, be made.

Fraudsters will try to trick seniors, telling them they have won a grand prize in a contest or that a relative needs money – anything to persuade a person to give up personal information such as their Social Security number or financial account information.

Some simple steps – and a conversation – can help the young and old avoid identity theft schemes and scammers.

To learn additional steps you can take to protect your personal and financial data, visit Taxes. Security. Together. You also can read Publication 4524, Security Awareness for Taxpayers.

Each and every taxpayer has a set of fundamental rights they should be aware of when dealing with the IRS. These are your Taxpayer Bill of Rights. Explore your rights and our obligations to protect them on IRS.gov.

2/2/16

What You Need to Know to Protect Your Passwords

IRS Security Awareness Tax Tip Number 4, December 14, 2015

It’s time to have a word about your password.

Many of us use the same sign-on and password over and over for our online accounts.

That’s why phishing scams, which often seek password information, are so successful. Once a criminal has your password for one account, it’s highly likely you’ve used the same sign-on information for other accounts.

The IRS, state revenue departments and the tax industry have teamed up to combat identity theft in the tax arena. Our theme: Taxes. Security. Together. Working in partnership with you, we can make a difference.

That’s why we have all agreed to new stronger standards that you will see when you access your tax software products for 2016 and file your taxes. These include:

  • A password that has eight or more characters, including upper case, and lower case letters as well as numbers and a special character.
  • New features include a timed lockout and limits on unsuccessful log-in attempts.
  • You must complete three security questions.
  • Tax software partners must verify email addresses. In many cases, this means a PIN will be sent to your email or text that you must use to verify your address before you can proceed with your tax software.While we are taking these steps, it’s a good time for you to think about the passwords you use for other accounts. You should always use strong passwords with a mix of letters, numbers and special characters. Do not use the same password for multiple accounts. The longer, the better. And change your passwords regularly.To learn additional steps you can take to protect your personal and financial data, visit Taxes. Security. Together. Also read Publication 4524, Security Awareness for Taxpayers.
  • We all have a role to play in fighting identity theft. Join with us to fight identity theft.
  • These are just a few of the new protections that will be in place for the 2016 tax season to protect you from identity thieves. Most of the protections we are taking may not be visible to you, but they will add layers of protection nonetheless, adding new and stronger protections during tax time.

Each and every taxpayer has a set of fundamental rights they should be aware of when dealing with the IRS. These are your Taxpayer Bill of Rights. Explore your rights and our obligations to protect them on IRS.gov.

1/26/16

How to Spot and Avoid Credit Card Skimmers

By Fahmida Y. Rashid

October 15, 2014

If you ever swipe your credit or debit card at a gas station pump, an ATM, or a vending machine, your account information could be stolen. Here’s how to avoid card skimmers

With all the recent headlines about point-of-sale malware infecting retailers and restaurants around the country, it’s easy to forget the more common way cyber-criminals steal credit and debit card numbers: card skimmers. If you ever swipe your card at a gas station pump, withdraw cash from an ATM, or buy tickets from a vending machine, then you are at risk.

Cyber-criminals install skimmers, which are essentially malicious card readers that grab the data off the card’s magnetic stripe, on to the real payment terminals so that they can harvest data from every person that swipes their cards. The thief has to come back to the compromised machine to pick up the file containing all the stolen data, but with that information in hand he can create cloned cards or just break into bank accounts to steal money.

“Classic skimming attacks are here to stay,” and will likely continue to be a problem even after banks make the shift to chip-and-PIN cards, said Stefan Tanase, a security researcher at Kaspersky Lab. Even if the cards have a chip, the data will still be on the card’s magnetic strip in order to be backwards-compatible with systems that won’t be able to handle the chip, he said.

The typical ATM skimmer is a device smaller than a deck of cards that fits over the existing card reader. Most of the time, the attackers will also place a hidden camera somewhere in the vicinity with a view of the number pad in order to record personal-identification-numbers. The camera may be in the card reader, mounted at the top of the ATM, or even just to the side inside a plastic case holding brochures. Some criminals may install a fake PIN pad over the actual keyboard to capture the PIN directly, bypassing the need for a camera.

Skimmer2

 

 

 

 

 

The above picture is a real-life skimmer in use on an ATM. You can see how the arrows are very close to the reader; that is a sign a skimmer was installed over the existing one, since the real card reader would have some space before the arrows.

When you are pumping gas or grabbing some money for lunch out of the ATM, the last thing you want to worry about is your card information getting stolen. Here are some tips, straight from the experts.

Check for Tampering When you approach an ATM, check for some obvious signs of tampering at the top of the ATM, near the speakers, the side of the screen, the card reader itself, and the keyboard. If something looks different, such as a different color or material, graphics that aren’t aligned correctly, or anything else that doesn’t look right, don’t use that ATM.

It’s a good idea to quickly take a look at the ATM next to yours and compare them both. If there are any obvious differences, don’t use either one, and report the suspicious tampering to your bank. For example, if one ATM has a flashing card entry to show where you should enter the ATM card and the other ATM has a plain reader slot, you know something is wrong. Since most skimmers are glued on top of the existing reader, that will obscure the flashing indicator.

If the keyboard doesn’t feel right—too thick, perhaps—then there may be a PIN-snatching overlay, so don’t use it.

Wiggle Everything Even if you can’t see any visual differences, push at everything, Tanase said. ATMs are solidly constructed and generally don’t have any jiggling or loose parts. Pull at protruding parts like the card reader. See if the keyboard is securely attached and just one piece. Does anything move when you push at it?

Skimmers read the magnetic stripe as the card is inserted, so give the card a bit of a wiggle as you put it in, Tanase advised. The reader needs the stripe to go in a single motion, because if it isn’t straight in, it can’t read the data correctly. If the ATM is the kind where it takes the card and returns it at the end of the transaction, then the reader is on the inside. Wiggling the card as you enter it in the slot won’t interfere with your transaction, but will foil the skimmer.

Think Through Your Steps Just assume there is someone looking at your PIN, whether it’s over your shoulder or through a hidden camera. Cover your hand when you enter the number sequence on the PIN pad, Tanase said.

Even if you don’t notice the skimmer and swipe your card, covering your hand when you enter your PIN can keep you safe. Obtaining the PIN is essential, since the criminals can’t use the stolen magnetic stripe data without it, Tanase said. Of course, that assumes the attacker is using a camera and not an overlay to obtain your PIN.

Criminals frequently install skimmers on ATMs that aren’t located in overly busy locations since they don’t want to be observed installing malicious hardware or collecting the harvested data. The ATMs in banks are generally safer because of all the cameras, although some daring criminals do still succeed. The ATM inside a grocery store or restaurant is generally safer than the one that is outside on the sidewalk. Stop and consider the safety of the ATM before you use it.

The chances of getting hit by a skimmer are higher on the weekend than during the week, since it’s harder for customers to report the suspicious ATMs to the bank. Criminals typically install skimmers on Saturdays or Sundays, and then remove them before the banks reopen on Monday.

Just a Note If you don’t notice a card skimmer and your card data does get stolen, take heart. As long as you report the theft to your card issuer (for credit cards) or bank (where you have your account) as soon as possible, you will not be held liable for the lost amount and your money will be returned. Business customers, on the other hand, don’t have the same legal protection and may have a harder time getting the money back.

Just remember: If something doesn’t feel right about an ATM, don’t use it.

1/12/16

Don’t Take the Bait; Avoid Phishing and Malware to Protect Your Personal Data

IRS Security Awareness Tax Tip Number 2, November 30, 2015

“Update your account now.”  “You just won a cruise!” “The IRS has a refund waiting for you.”

In the cyber world of phishing, the sentences are “bait” – lures from emails, telephone calls and texts all designed to separate you from your cash, your passwords, your social security number or your very identity.

The IRS has teamed up with state revenue departments and the tax industry to make sure you understand the dangers to your personal and financial data. Taxes. Security. Together. Working in partnership with you, we can make a difference.

No doubt you’ve heard that warning to beware of phishing many times. But, phishing remains a problem because it works. Cybercriminals on a daily basis concoct new ways to trick people into turning over cash or sensitive data that can affect your taxes.

When it comes to this type of crime, the main line of defense is not technology, it is you.

Criminals pose as a person or organization you trust and/or recognize. They may hack a friend’s email account and send mass emails under their name.  They may pose as your bank, credit card company or tax software provider. Or, they may pose as a state, local or federal agency such as the Internal Revenue Service or a state agency. Criminals go to great lengths to create websites that appear legitimate but contain phony log-in pages.

Just remember: No legitimate organization – not your bank, not your tax software company, not the IRS – will ever ask for sensitive information through unsecured methods such as emails. And the IRS never sends unsolicited emails or makes calls with threats of lawsuits or jail.

Scam emails and websites also can infect your computer with malware without you even knowing it. The malware can give the criminal access to your device, enabling them to access all your sensitive files or track your keyboard strokes, exposing login information.

Here are a few simple steps you can take to protect yourself:

  • Avoid suspicious phishing emails that appear to be from the IRS or other companies; do not click on the links- go directly to their websites instead.
  • Beware of phishing scams asking you to update or verify your accounts.
  • To avoid malware, don’t open attachments in emails unless you know who sent it and what it contains.
  • Download and install software only from websites you know and trust.
  • Use security software to block pop-up ads, which can contain viruses.
  • Ensure your family understands safe online and computer habits.Each and every taxpayer has a set of fundamental rights they should be aware of when dealing with the IRS. These are your Taxpayer Bill of Rights. Explore your rights and our obligations to protect them on IRS.gov.
  • To learn additional steps you can take to protect your personal and financial data, visit Taxes. Security. Together. You also can read Publication 4524, Security Awareness for Taxpayers.

1/5/16

Seven Tips to Protect Your Computer Online

IRS Security Awareness Tax Tip Number 1, November 23, 2015

The Internal Revenue Service, the states and the tax industry urge you to be safe online and remind you to take important steps to help protect yourself against identity theft.

Taxes. Security. Together. Working in partnership with you, we can make a difference.

Scammers, hackers and identity thieves are looking to steal your personal information – and your money. But there are simple steps you can take to help protect yourself, like keeping your computer software up-to-date and giving out your personal information only when you have a good reason.

We all have a role to play to protect your tax account. There are just a few easy and practical steps you can take to protect yourself as you conduct your personal business online.

Here are some best practices you can follow to protect your tax and financial information:

  1. Understand and Use Security Software. Security software helps protect your computer against the digital threats which are prevalent online. Generally, your operating system will include security software or you can access free security software from well-known companies or Internet providers. Other options may have an annual licensing fee and offer more features. Essential tools include a firewall, virus/malware protection and file encryption if you keep sensitive financial/tax documents on your computer. Security suites often come with firewall, anti-virus and anti-spam, parental controls and privacy protection. File encryption to protect your saved documents may have to be purchased separately. Do not buy security software offered as an unexpected pop-up ad on your computer or email! It’s likely from a scammer.
  2. Allow Security Software to Update Automatically. Set your security software to update automatically. Malware – malicious software – evolves constantly and your security software suite is updated routinely to keep pace.
  3. Look for the “S” for Encrypted “https” Websites.  When shopping or banking online, always look to see that the site uses encryption to protect your information. Look for https at the beginning of the web address. The “s” is for secure. Unencrypted sites begin with an http address. Additionally, make sure the https carries through on all pages, not just the sign-on page.
  4. Use Strong Passwords.  Use passwords of eight or more characters, mixing letters, numbers and special characters. Don’t use your name, birthdate or common words. Don’t use the same password for several accounts. Keep your password list in a secure place or use a password manager. Don’t share your password with anyone. Calls, texts or emails pretending to be from legitimate companies or the IRS asking you to update your accounts or seeking personal financial information are generally scams.
  5. Secure Your Wireless Network. A wireless network sends a signal through the air that allows you to connect to the Internet. If your home or business wi-fi is unsecured it also allows any computer within range to access your wireless and steal information from your computer. Criminals also can use your wireless to send spam or commit crimes that would be traced back to your account. Always encrypt your wireless. Generally, you must turn on this feature and create a password.
  6. Be Cautious When Using Public Wireless Networks.  Public wi-fi hotspots are convenient but often not secure. Tax or financial Information you send though websites or mobile apps may be accessed by someone else. If a public Wi-Fi hotspot does not require a password, it probably is not secure. If you are transmitting sensitive information, look for the “s” in https in the website address to ensure that the information will be secure.
  7. Avoid Phishing Attempts. Never reply to emails, texts or pop-up messages asking for your personal, tax or financial information. One common trick by criminals is to impersonate a business such as your financial institution, tax software provider or the IRS, asking you to update your account and providing a link. Never click on links even if they seem to be from organizations you trust. Go directly to the organization’s website. Legitimate businesses don’t ask you to send sensitive information through unsecured channels.

To learn additional steps you can take to protect your personal and financial data, visit Taxes. Security. Together. Also read Publication 4524, Security Awareness for Taxpayers. Each and every taxpayer has a set of fundamental rights they should be aware of when dealing with the IRS. These are your Taxpayer Bill of Rights. Explore your rights and our obligations to protect them on IRS.gov.

12/22/15

Tis the Season for Fraud

The latest scam to hit our area is one that we see frequently. You get a phone call most likely from an automated voice that tells you your debit/credit card has been compromised in some way. Then you are told that you need to enter in your card number in order to ensure you will still be able to use the card. This is just one of many ways that scammers try to get your debit and credit card numbers. Once they have that information they can rack up charges until the fraud is recognized and the card is closed. We know that it can be a challenge to recognize a fraudulent call from a real one at times, but please remember if you are ever in doubt, hang up and call the bank back. If it is truly a legitimate call it will be a bank staff member calling you. Also the bank will never ask for all of your personal information over the phone.

Always remember…..

  1. Never give your social security number to someone calling you.
  2. Never give out your account information to someone calling you.
  3. Never give out your debit or credit card numbers to someone calling you.
  4. If there is an issue with your account a friendly member of the LSB staff will contact you, not a pushy scam artist.
  5. And finally, never hesitate to call us or stop in at any of our 5 locations if you have questions on your account. Our staff will be happy to review your account and show you ways to help protect you from fraud.

12/8/15

Happy Shopping

As the calendar turns from November to December thoughts turn from turkey to Christmas and shoppers tend to spend a little extra in the stores.  We want to remind you that your debit cards have daily limits on them. These limits are there for your protection. Imagine if your debit card information accidentally fell into the hands of a thief. You wouldn’t want them to have full access to drain your account. There is a daily ATM limit for cash you can withdrawal, and then a daily limit for point of sale transactions where you swipe the card at the store.

If you plan to be Black Friday shopping or holiday shopping in general feel free to stop in or call any of our 5 branches to learn more about your debit card limits. We can always temporarily raise your limit for a day or two if you know you will need it to be higher.

11/25/15

Happy Thanksgiving!

If you are going to brave the storm on Black Friday and hit the sales…good luck to you.  For those of you who also go for the on-line version called Cyber Monday remember to shop safely.

Here are some tips for Cyber Monday from OnGuardOnline (Department of Homeland Security):

Know the seller and the item. Put the company or product name in a search engine, along with “review,” “complaint,” or “scam.” Read the reviews. Be sure you can contact the seller if you have a dispute.

Avoid clicking links in emails. Scammers know it’s Cyber Monday, too. Their phishing scams are after your money or personal information. If an unexpected email promises awesome online deals, don’t click on those embedded links. Check out the company first, confirm its web address, and type it in yourself.

Pay by credit card. Credit cards give you extra protections – like the right to dispute charges and temporarily withhold payment during an investigation. Whatever the deal might be, never mail cash or wire money to online sellers. And if a company insists you only pay with a gift card, it’s probably a scam.

Ensure happy returns. What are the site’s return or exchange policies? Is there a re-stocking fee?

Have a safe checkout. Look for a URL that starts with https. (The ‘s’ stands for secure). If there’s no ‘s,’ if you have doubts, or if you’re asked to email payment info, leave the site.

Keep records. Print or save records of online transactions until you get the goods. Keep the product description and price, receipt, return policy, and any emails related to your purchase.

10/14/15

Words of Wisdom from the Libertyville Savings Bank

Information Technology Director, Mike Burnett

Here is some advice regarding computer security to help you protect yourself and your data.

 

Passwords:

I know everyone hates long complex passwords and I know everyone hates to change their passwords.

I hate it too. However, it could save you tons of money and headaches.

Here are some suggestions that you should follow when choosing passwords:

  1. Use a strong password – this means long (should be at least 15 characters) and complex (alpha-numeric with special characters). Again, I know you
    hate this, but trust me; the pain is worth the risk you are mitigating!
  2. Don’t use words that can be found in a dictionary, because the first thing the bad guy does with your password is run it against a dictionary
    password cracker. Do not use your name, your kid’s name, your dog’s name, etc. as your password or part of your password. Make it random.
  3. Don’t use the same password for multiple logins. I know it is easy once you come up with a password that you can remember, but if a site that you
    used that password on gets hacked then the bad guy is smart enough to try that same password on other sites or your computer.

 

 

Supported Operating Systems:

An insecure operating system that is no longer supported like Windows XP is inviting bad guys into your system.

 

 

Protection:

You should install anti-virus/anti-malware software on your operating system. Anti-virus is used to detect malicious software on your computer. It’s the
smart thing to do.

 

 

Patching:

Keep everything up-to-date with patches. Microsoft releases operating system patches at a minimum of once per month. These patches fix security holes that
are found on a particular operating system as well as update other issues.

There are also patches for other applications that are running on your operating system like Microsoft Office, Java, Adobe, Chrome, Firefox, to name a few.

And don’t forget to keep your anti-virus software patched as well. Updating is the only way your anti-virus program will be able to know about new
malicious code that comes out.

 

 

Firewall:

A firewall comes with your windows operating system and protects your computer from bad guys trying to get in. Don’t turn it off.

 

 

Downloading:

Be careful of what you download. It doesn’t matter if you do everything I have advised you to do above, if you download malware, all bets are off. It will
circumvent everything you have been working to prevent. Don’t open email attachments that you are not expecting even though it is from a friend or
relative. And don’t click on links inside emails…..Period.

7/28/15

Did you book that night at the hotel’s site?

July 14, 2015

by Amy Hebert

Consumer Education Specialist, FTC

Whether you travel a lot or just a little, you’ve probably gone online to book a hotel stay. Sometimes you might find a travel comparison site gets you the best deal. Other times, you might book directly at a hotel’s website — maybe to earn points for the company’s reward program, or because you have some special requests for your stay.

For those times you’re looking to book directly with a hotel, make sure that’s what you’re doing. The FTC has heard from people who searched online and thought they were booking on a hotel website, only to find they’d unknowingly been doing business with someone else.

The confusion resulted in problems like:

  • arriving and finding no reservation
  • having trouble canceling or modifying a reservation, or disputing charges through the hotel
  • finding reserved rooms didn’t reflect special requests like disability access
  • being charged undisclosed fees
  • paying a higher rate than what’s advertised by the hotel
  • getting credit card charges from the third party, not the hotel
  • not earning points with their hotel reward programYour best bet to avoid surprises — look closely at your search results. If you know you want to deal directly with a hotel, take the time to look for signs you might be on a third-party site, like another company’s logo. It’s also a good idea to find the hotel phone number yourself, rather than rely on what’s listed on the site.
  • It can be hard to tell that you’re not on the hotel’s site. You might see a hotel’s name in the URL, or call the number shown next to the hotel’s address and not realize it’s the reservation company — not the hotel — you’re talking to.

Source: OnGuardOnline.gov

7/28/15

The New EMV Chip

With all the security breaches being reported in the news these days, consumers and banks are wondering what they can do to protect themselves from fraud. There is an answer to problems with debit and credit card fraud coming soon. Many industrialized countries use a technology called EMV or chip technology that protects against mass breach fraud.  EMV is named after the companies that invented the technology: Europay, MasterCard, and VISA (EMV). The technology places a chip in debit and credit cards and does away with the magnetic stripes we currently use in the United States. Magnetic stripe cards are easily copied (skimmed) with a card reader.  Chip technology cards are much harder to duplicate because they create a one time unique transaction code. United States merchants and card issuers have already started to switch to this technology and full conversion in the United States is expected by year-end 2017. One reason the United States is slow to make the switch is because of the cost to change. The cost of this transition is estimated between 5 billion and 13 billion dollars. The reason the switch is so costly is because new cards will need to be issued, banks will need new ATM machines, and merchants will need new card readers, not to mention the cost of education. Even though this technology is very costly, it comes with many benefits. The most important benefit is the increased security for card users. Some of the other benefits include mobile payments and one card could have multiple accounts linked to it. Once the switch has been made, merchants who do not have the new chip technology card readers may be held liable for card fraud that could have been prevented with EMV technology.  This may result in some merchants not accepting cards at all but rather going back to cash only transactions.  You will hear more about this in the news as the United States catches up with the rest of the world.

EMV-web

5/22/15

If you get a consumer complaint notification from the FTC. It’s a scam.

The email tells you there’s a complaint against your business, and wants you to click on a link. Here’s what one of the scammy emails said:

“This notification has been automatically sent to you because we have received a consumer complaint, claiming that your company is violating the CCPA (Consumer Credit Protection Act).
According to our policy, we have initiated a formal investigation before taking legal action. You can download the document containing the complaint and the plaintiff contact information, from…” followed by a link.

At first glance, it might look legitimate. It has the FTC seal, the email appears to come from an FTC email address, and the web address looks like it goes to an FTC site. But if you hover over the web address, you’ll see the link actually sends you somewhere else.

If you get an email like this, don’t open it. And most important: don’t click on the links. Don’t open any attachments, either. If you do, you could install malware on your computer, causing your device to crash, or allowing a scammer to monitor and control your online activity, steal your personal information, send spam, and commit fraud. You can forward the phony email to the IT department to check it out — but then delete it.

Government imposters aren’t just impersonating the FTC. If you get an unexpected email that says it’s from the government and asks you to click on links, open attachments, or share personal information, don’t do it. Even if you think it’s legitimate, it’s best to look up the number and contact the agency directly to check it out.

 

5/21/2015

Footsteps to Financing Your Dream Home

  1. Call Libertyville Savings Bank to schedule a meeting with a Licensed Mortgage Loan Originator (MLO) or go on-line to www.libertyvillesavingsbank.com and select the Mortgage Center to apply for pre-approval.
  2. Work with MLO to determine what is affordable.
  3. Work with MLO to determine down payment and closing cost requirements.
  4. Provide necessary requested information to MLO to obtain a pre-qualification Letter.
  5. Notify MLO when you locate your desired home.
  6. Meet with MLO to sign preliminary loan documents.
  7. MLO reviews your income and asset verifications.
  8. MLO orders your appraisal and legal work.
  9. Final Loan Approval is granted.
  10. Loan Closing is scheduled.

 

home

Home, sweet home!

 

4/28/2015

Gas Pump skimming epidemic. Please read.

LSB is dedicated to providing our customers with the most current and up-to-date fraud information. There is currently an epidemic of “Gas Pump” skimming reported along Interstate 10 from Florida to California. We want to urge everyone to be cautious no matter where you use your debit or credit card.  

Here are a few tips to prevent your card from being “skimmed”:

  •  Be aware of you surrounding. In the case of the gas station:
    • Lighting conditions around the station
    • Condition of the gas pumps themselves
    • Any signs of tampering or something out of place
  • Check to make sure the gas pump dispenser cabinet is closed and has not been tampered with. Many stations are now putting a piece of security tape over the cabinet to ensure it has not been opened by unauthorized individuals.
  • Use a gas pump closer to the front of the store. Thieves often place skimmers at the gas pumps farther away from the store so they are not noticed as quickly.
  • Monitor bank accounts regularly to spot any unauthorized charges.

To protect your LSB debit card, sign up for LSB Guardian to receive alerts when fraud is suspected. It’s fast and easy. Go to the link on our home page and sign up today!

 

4/14/2015

New mobile app available!

We recently updated our Mobile Banking Applications for Android and iPhone, and added and application for the iPad.  Check out our new app in the  Google Play Store, click this link:  https://play.google.com/store/search?q=libertyville%20savings%20bank . Check out our new app in the  App Store, by searching for Libertyville Savings Bank on your Apple device.  Please give us a call at 641-472-9839 if you have any questions!

3/25/15

Overview of a credit score.

  • How do you get a good credit score?
  • What can hurt your credit score.
  • What the numbers mean, and more.

Click the link for additional information.

What is a credit score.

3/13/15

Seven things to know about getting more time to file your Tax Return

Can’t make the April 15, 2015 tax deadline and need more time to file your tax return?  Here are some tips from the IRS to help you get an automatic six month extension of time to file:

File on time even if you can’t pay. If your return is completed but you are unable to pay the full amount of tax due, do not request an extension. File your return on time and pay as much as you can. The IRS will send you a bill or notice for the balance due. To apply online for a payment agreement, go to the IRS website at http://www.irs.gov and click “Apply for an Online Payment Agreement (OPA)” at the left side of the home page under Online Services. If you are unable to make payments, call the IRS at 800-829-1040 to discuss your options. 2. Extra time to file. An extension will give you extra time to get your paperwork to the IRS, but it does not extend the time you have to pay any tax due. You will owe interest on any amount not paid by the April 15 deadline, plus you may owe penalties. 3. Form to file. Request an extension to file by submitting Form 4868, Application for Automatic Extension of Time to File U.S. Individual Income Tax Return, to the IRS by April 15, 2015, or make an extension-related electronic credit card payment. For more information about extension-related credit card payments, see Form 4868. 4. E-file extension. You can e-file an extension request using tax preparation software with your own computer or by going to a tax preparer who has the software. The IRS will acknowledge receipt of the extension request if you file by computer. 5. Traditional Free File and Free File Fillable Forms. You can use both Free File options to file an extension. Access the Free File page at http://www.irs.gov. 6. Electronic funds withdrawal. If you ask for an extension via computer, you can also choose to pay any expected balance due by authorizing an electronic funds withdrawal from a checking or savings account. You will need the appropriate bank routing and account numbers. For information about these and other methods of payment, visit the IRS website at http://www.irs.gov or call 800-TAX-1040 (800-829-1040).

  1. How to get forms. Form 4868 is available for download from the IRS website or may be ordered by calling 800-TAX-FORM (800-829-3676).You can also obtain the form at your local IRS office. Telephone requests normally take 7 – 15 days to process and ship.

 

 

All information was provided from the website www.irs.gov

 

3/10/15

PRESS RELEASE:

When it comes to banking, the Libertyville Savings Bank adopts the Unstoppable Model.

Banking isn’t what it used to be, and neither are modern day bankers.  Jill D. Burnett, CEO and the Executive Team of the Libertyville Savings Bank, have made a commitment in 2015 to raise funds to build a school in Africa.  This initiative is in addition to the Libertyville Savings Bank’s (LSB) continued support of numerous community, school, non-profit and local related activities in the five communities they serve. Burnett stated that “at LSB they believe every child deserves an education and a chance for a better life. We will raise these funds by donating $5.00 to the Unstoppable Foundation® when a new or existing customer signs up for any of our online products. Customers using these products save us money that in turn we will use to support this cause.”

“The Unstoppable Foundation® is a non-profit humanitarian organization bringing sustainable education to children and communities in developing countries, thereby creating a safer and more just world for everyone” states their website www.UnstoppableFoundation.org. Their mission is to ensure that every child has access to an education and a better life. The Unstoppable Foundation’s model not only builds schools, but provides the entire community with access to clean water and sanitation, food and nutrition, healthcare, and alternative income training for parents.  “Statistics show that investing in education is the single most effective way to reduce poverty, save lives and transform entire communities.  Just learning to read and write could lift 170 million people out of poverty” per their website. Everyone at the bank is committed to this project said Burnett.  “In 2015 our goal is to be “Unstoppable” in everything we do, including raising money for the school”.

The Libertyville Savings Bank was founded in Libertyville Iowa in 1901.  They currently have five offices in southeast Iowa.  The home office is located in Fairfield and the other offices are in Libertyville, Eldon, Keosauqua and Keota.  The bank was named in the Des Moines Register’s “Top 100 Places to Work” in 2014 and Jill Burnett is a past recipient of the Extraordinary Banker Award.

 

2/26/15

Be sure to check out our LSB Guardian!!  

Sign up today to protect your debit card from fraudulent or unauthorized charges.

  • How do I get started?  Signing up is quick and easy.  Follow the links on our home page. It’s FREE and extremely convenient!
  • How does it work?  You will receive a text message on your registered mobile phone for the following debit card charges:  If your card is used out of state, if a single transaction is more than $500, or if your card is not present at the vendor (i.e. phone or online orders).
  • Once I receive the text message what do I do?  If the transaction is yours simply ignore the message and the charge will go through.  However, if the charge is NOT yours, it will send you a code to reply with.
  • What will happen if it isn’t my charge and I respond?  Risk Management will block the card so that no further transactions can be done on your card.  Then someone from the Risk Management team or from LSB will contact you to follow up on getting the charges disputed and getting a new card ordered and printed.

Still have questions? Feel free to call one of our 5 convenient locations for more information.

 

1/28/14

Bank to Bank transfers

We now have available to our internet banking customers, Bank to Bank transfers!  The Bank to Bank transfers allows customers to perform inbound and outbound transfers using a drop-down menu within our internet banking service.  They can select the accounts they want to transfer funds to or from, specify transfer dollar amounts, and choose frequency.  Customers provide the bank names, routing numbers, and account numbers for the accounts they want to enroll in the service.  That information is submitted to the host bank where the external accounts are automatically validated with small deposit amounts for customer verification.  Please refer to the Bank to Bank Transfer Agreement available after you log in to internet banking for fees and restrictions.

 

1/12/15

One of the most important rules for staying safe online is to use a different password for every different website and service. 

Trying to think of a different password for every application that you use is very difficult and trying to remember all of the passwords for all of the different applications is even harder.

Password manager programs were developed to assist you with this issue.  Password managers hide your information behind a master password that only you know.  Most password manager utilities will also generate strong random passwords for you.  There are many password managers to choose from.  A few of the most popular are 1Password, Dashlane, LastPass, PasswordBox, and KeyPass.

When dreaming up your passwords, you will also want to use a combination of upper case and lower case letters, numbers, and symbols.  Do not use dictionary words.  Change your passwords every 3 months and utilize two-factor authentications when they are available.

You should also turn on your phone’s screen-lock setting to prevent others who may pick up your phone from getting into all of your information.  Make sure your operating system and your applications are kept up-to-date with security patches and keep your anti-virus program updated as well.  Go safe!

12/31/14

Staples Fraud Update

In October of 2014 reports of an investigation into a potential data compromise at Staples, the office supply chain, was announced.

Staples have now confirmed that a malware intrusion this year at some of its stores resulted in a credit card breach.  The security experts detected that the criminals deployed malware to some of the stores point-of-sale systems.  Approximately 115 of its more than 1,400 U.S. retail stores have been compromised. Information Staples believes that may have been accessed is:  cardholder names, payment card numbers, expiration dates, and card verification codes.   The timeframe that they are looking at is for at 113 stores is purchases made between August 10, 2014 through September 16, 2014. At the remaining two stores the malware may have allowed access to data from purchases made from July 20, 2014 through September 16, 2014.   The company believes that approximately 1.16 million payment cards may have been affected.

More Details: 

http://krebsonsecurity.com/2014/12/staples-6-month-breach-1-16-million-cards/

Store Locations:

http://staples.newshq.businesswire.com/sites/staples.newshq.businesswire.com/themes/staplesREDESIGN_newshq_businesswire_com_theme/pdf/List%20of%20Impacted%20Stores.pdf

 

12/17/14

Shopping Online by OnGuardOnline.gov

Know who you’re dealing with.

Anyone can set up shop online under almost any name. Confirm the online seller’s physical address and phone number in case you have questions or problems. And if you get an email or pop-up message that asks for your financial information while you’re browsing, don’t reply or follow the link. Legitimate companies don’t ask for information that way.

Know what you’re buying.

Read the seller’s description of the product closely, especially the fine print. Words like “refurbished,” “vintage,” or “close-out” may indicate that the product is in less-than-mint condition, while name-brand items with bargain basement prices could be counterfeits.

Know what it will cost.

Check out websites that offer price comparisons and then compare “apples to apples.” Factor shipping and handling into the total cost of your purchase. Do not send cash or money transfers under any circumstances.

Check out the terms of the deal, like refund policies and delivery dates.

Can you return the item for a full refund if you’re not satisfied?  If you return it, who pays the shipping costs or restocking fees, and when you will get your order? A Federal Trade Commission (FTC) rule requires sellers to ship items as promised or within 30 days after the order date if no specific date is promised. Many sites offer tracking options, so you can see exactly where your purchase is and estimate when you’ll get it.

Pay by credit card.

If you pay by credit or charge card online, your transaction will be protected by the Fair Credit Billing Act.  Under this law, you can dispute charges under certain circumstances and temporarily withhold payment while the creditor investigates them. In the event that someone uses your credit card without your permission, your liability generally is limited to the first $50 in charges. Some companies guarantee that you won’t be held responsible for any unauthorized charges made to your card online; some cards provide additional warranty, return, and purchase protection benefits.

Keep Records.

Print or save records of your online transactions, including the product description and price, the online receipt, and the emails you send and receive from the seller. Read your credit card statements as you receive them; be on the lookout for charges that you don’t recognize.

Protect Your Information

Don’t email any financial information.

Email is not a secure method of transmitting financial information like your credit card, checking account, or Social Security number. If you begin a transaction and need to give your financial information through an organization’s website, look for indicators that the site is secure, like a URL that begins https (the “s” stands for secure). Unfortunately, no indicator is foolproof; some fraudulent sites have forged security icons.

Check the privacy policy.

Really. It should let you know what personal information the website operators are collecting, why, and how they’re going to use the information. If you can’t find a privacy policy — or if you can’t understand it – consider taking your business to another site that’s more user-friendly.

 

12/4/12

FREE IS NOT ALWAYS FREE

Who doesn’t want to take advantage of a “Free Trial” or “Special Promotion”?  They often sound too good to be true and many times they are just that.   The fine print will sometimes explain that if you do not cancel the transaction within so many days, they will send you the product monthly at an inflated price.  And, once you have received the product and your checking account has been charged, it can be difficult to get it cancelled or reversed.

We here at Libertyville Savings Bank just want to remind everyone to please be sure to read the fine print or ask the right questions so that you aren’t paying for more than you bargained for. We have listed a few example questions below but you may have additional questions of your own.

  1. How much will this cost me today?
  2. Am I signing up for more than just the initial product?
  3. Will I need to cancel this within a certain time frame in order to avoid additional charges?
  4. Will you be sharing my information with others that will try to solicit me later?
  5. If I do decide that I want to order more of the product later how much will the product cost me?
  6. Will you send the product to me automatically or will I be able to order it as I need it?

Examples of some of the products/sites to beware of:

  • Dating Sites
  • Weight Loss Products
  • Muscle Building Products
  • Credit Score Websites
  • Shoe Clubs
  • Book Clubs

 

11/24/14

Are you ready for holiday shopping?

For your protection, your Libertyville Savings Bank debit card has a daily limit.  Also, if you plan to make purchases on line internationally, you need to contact the bank prior to purchase.  If you experience any other issues or have other questions or concerns, please call the bank at 641-472-9839 or email us at customerservice@libertyvillesavingsbank.com.

Thank you and happy shopping!

 

10/30/14

How to Remove Personal Information

Your mobile device probably holds sensitive information like addresses and phone numbers, passwords, account numbers, email, voicemail, and text message logs. When getting rid of your old device, it’s important to take steps to help ensure this information doesn’t fall into the wrong hands.

First, try to use the factory reset. Many devices allow you to “wipe” your device and clear nearly all the information in its memory. Sometimes, this is called a “hard reset,” or “factory reset.” You may be able to save or transfer the information to your new device before you delete it from your old one. For detailed instructions on how to “wipe” your device, read your owner’s manual or check the website of your mobile provider or the device manufacturer.

Second, remove or erase SIM and SD cards. Many mobile devices store information on a SIM card or an external SD card as well as in the device’s internal memory. If you’re keeping your phone number, ask your mobile provider about transferring your SIM card to your new device. SD cards often contain photos and other sensitive information. Even when you “wipe” your device, your SIM card or SD cards may retain information about you. Remove them from your device or delete the data that’s stored on them.

Checking Twice

After you’ve deleted your personal information, it’s good to double-check to make sure it’s gone. Check your:

  • phone book
  • logs for both dialed and received calls
  • voicemails
  • sent and received emails and text messages
  • downloads and other folders
  • search histories
  • personal photos

If you stored apps on your device, remove them and the data associated with them.

Discarding with Care

Once you have a “clean” phone, it up to you to decide what to do next.  Recycling it is one option. Many mobile device manufacturers, wireless service providers, and other groups have programs to refurbish mobile devices or recycle their components, including accessories like chargers.

For more information, check the websites of:

  • The Environmental Protection Agency (EPA)
  • CTIA – The Wireless Association
  • Your wireless phone carrier

Another option is to donate your device. Many organizations collect used mobile devices for charitable purposes. You also might decide to trade in your device for a credit toward a new one; resell it to a person or an organization; or just dispose of it altogether. If that’s your choice, keep the environment in mind. The EPA recommends that you check with your local health and sanitation agencies for their preferred way to dispose of electronics.

10/23/14

Be smart about your phone

You just bought the latest smartphone. You loaded all your favorite apps — online banking, GPS, even an app to track your health.

But now your phone is full of information about you — how much money you have, where you are and whether you’ve gained a little weight. Your information can cause problems if it’s in the wrong hands. Want to protect it? These tips are for you:

  • Set your phone to lock automatically. When you don’t use your phone for a few minutes, the phone should automatically lock itself and require a password to reopen.
  • Use passwords for your phone. In addition to a password to unlock your phone, use different passwords for each shopping or financial app.  Don’t share your passwords with anyone.
  • Be wise about Wi-Fi. Don’t send personal information on a public wireless network in a coffee shop, library or hotel. Wait until you can use an encrypted Wi-Fi network that requires a password.
  • Foil phishing attempts. Don’t text or email personal information, and delete any texts or email messages that ask for it. If you must give out personal information, do it only if you type in the organization’s web address yourself and you see signs that the site is secure — either “https” (the “s” stands for secure) or a lock icon.
  • Connect to Bluetooth carefully. Bluetooth makes it easier for you to connect your phone with other devices. But, like other wireless connections, Bluetooth also can make it easier for thieves to steal your personal information. So, connect to Bluetooth in private, uncrowded areas only. Don’t forget to turn off Bluetooth when you aren’t using it.
  • Now you’re ready to start using your new phone, right?
  • Before you toss your old smartphone, remove all your personal information. It’s important to protect your personal information from the moment you start using your phone until you get rid of it.

9/25/14

Scheduled Maintenance for Bill Pay

Due to scheduled maintenance, Bill Pay will be unavailable the weekend of October 4. All other features of OnLine Teller will be available.  The scheduled downtime for Bill Pay will occur throughout the weekend beginning 8:00 A.M. CT on Saturday, October 4 and will conclude by 5:00 A.M. CT on Monday, October 6. Thank you for banking with us!

9/23/14

mc

 

8/25/14

In The Know

In The Know

July 16, 2014

Extremely Important – Please read!

RE: Keota Internet Banking and Bill Pay Customers

Dear Valued LSB Customer,

During the weekend of August 8, 2014, we will be undergoing a complete and comprehensive upgrade of our Keota location’s computer system. Internet Banking and Bill Pay products will not be converting. Therefore, in order to retain your transaction history, you will need to download/export your history prior to August 8, 2014.

Following the weekend of August 8, 2014, you will need to sign up for your new Internet Banking/Bill Pay service by going to www.libertyvillesavingsbank.com and clicking on “Enroll in OnLine Teller”.

If you have any questions, please call 641-636-2193.

We are looking forward to serving you!  We appreciate your business. Thank you.

Sincerely,

Jill Burnett

CEO

 

July 15, 2014

 Extremely Important – Please read!

RE: LSB/Keota Debit Cards

Dear New LSB Customer,

During the second weekend in August, 2014, we will be undergoing a complete and comprehensive upgrade of Keota customer’s debit cards. This will result in many awesome benefits and improvements:

  • real time data processing (your transactions will post to your account upon completion of the transaction at the teller line or on-line transactions)
  • same day issuance of debit cards (lose your debit card and get a replacement card within hours, not days or weeks)
  • set your own PIN at the bank ATM machine

In conjunction with this upgrade, we will be issuing brand new debit cards to all of our Keota debit card holders. At 2:00 a.m., Monday, August 11, 2014 your old debit cards will expire and your new card will be active. You will receive your new card in the mail mid-July. You will receive an assigned PIN soon after in a separate mailing. You will be able to change your assigned PIN to a PIN of your choice at the bank ATM machine or by stopping in the bank after August 11, 2014.

We are looking forward to being able to better serve you! Please expect more information to follow regarding how this upgrade may affect you. We appreciate your business. Thank you.

Sincerely,

 

Jill Burnett

CEO

6/20/14

6-18-14 (2)

Come on in! The new customer entrance on the east side of our Fairfield office is now open. The west customer entrance will be closing in the next couple days as we begin construction of the building addition. Thanks for your patience over the past several weeks as we established the new drive-up and east entrances.

5/19/14

Watermark Images for Mobile and Internet Banking

Our internet banking provider is discontinuing the use of a watermark. It will be removed from our mobile banking product first and in the future the watermark will be removed from our online banking also. No actions need to be taken as result of this change. There are a few reasons for the change:

  • Watermarks have become easy for hackers to work around.
  • Most users do not pay attention to them.
  • The security industry is moving away from using watermarks.

Our internet banking provider employs a multi-tiered approach to security and continues to enhance our security with the best practices available today. Thank you for banking with us!

4/29/14

Savings Bonds

As of March 15, 2014, when replacing or reissuing savings bonds, they will no longer be issued in paper form, but instead, will be issued as electronic bonds in Treasury Direct. To read more about replacing or reissuing savings bonds, please go to this website www.treasurydirect.gov or call toll free number 1-800-553-2663.

4/11/14

Heartbleed Security Risk

The Heartbleed Bug creates a vulnerability that may open the security of a system and can leave personal information open to a third party attack.  To protect yourself, we suggest quickly changing passwords for the web sites you use.  These should include email, social media, bank accounts, credit card online access and others.

 Libertyville Savings Bank Customers

We have been working to assess and minimize any potential risk to our clients since we were made aware the Heartbleed OpenSSL issue.  We have conducted a preliminary assessment of our primary software provider which supports your internet banking, bill pay, mobile banking, debit card and ATM service and have been assured that this software is not vulnerable to the Heartbleed Bug.

We will continue to monitor this situation.  Thank you.

4/7/14

President Signs Farm Bill

On February 7, 2014 President Obama signed into law the Agricultural Act of 2014. Known as the Farm Bill, a more appropriate name for this legislation might be the Food Bill. Nearly 80% of the funds in this legislation are allocated to nutrition assistance programs. The bill will provide some long-term certainty to US farmers by outlining Ag policy for the next 5 years. This should be a welcome relief when compared to the last 18 months that saw the 2008 farm bill allowed to expire twice. Some highlights of the newest farm bill are:

  • The 2014 farm bill eliminates direct subsidy payments. To replace direct payments, the new bill allocates more money for government subsidized crop insurance programs. The intent of this reform is to ensure that farmers have actual financial losses before they are eligible to receive federal payments.
  • A provision in the bill removes subsidies for fuel pumps that blend higher levels of biofuels, like corn based ethanol. This is another recent setback for the ethanol industry. In November, the EPA proposed reducing the Renewable Fuel Standard (legislative requirement of renewable fuel blended into transportation fuel) by nearly 3 Billion gallons for 2014.
  • Reforms dairy policy by eliminating old policies that included price support programs & Milk Income Loss Contract (MILC), and replaces them with a new Margin Protection Program.
  • The Agricultural Act of 2014 makes the first reforms to food stamp programs since 1996 that are intended to reduce spending on the Supplemental Nutrition Assistance Program (SNAP) by $ 8 billion
  • over the next 10 years. Most of the cuts come from closing loopholes within the food stamp program.
  • The reforms include:
    • Closing the “Heat & Eat” loophole that artificially inflates the benefit level of SNAP recipients.
    • This reform will be responsible for much of the savings in the bill.
    • Eliminates current abuses of the SNAP program i.e. (Lottery Winners, Traditional College Students, Illegal Immigrants, and Deceased) do not receive benefits.
    • Prohibits the USDA from SNAP recruitment activities and promotion on TV, radio, and billboards.
  • The 2014 bill modifies Country of Origin Labeling (COOL) that was initiated in the 2002 farm bill. The bill requires that meat sold in the US be labeled where it was born, raised, and processed. Canada and Mexico have threatened tariffs on US meats over this legislation.

3/14/14

Libertyville Savings Bank….purchasing Farmers Savings Bank, Keota, Iowa

The Libertyville Savings Bank (LSB) has submitted applications to the Iowa Division of Banking and to the FDIC for approval to purchase the Farmers Savings Bank (FSB) of Keota, Iowa.  FSB was looking for a buyer and LSB was chosen over other potential buyers.  FSB is primarily an agriculturally based bank with assets of approximately 100 million and operates one location in the town of Keota in Keokuk County, Iowa.  LSB is also extremely

agriculturally focused with assets of approximately 200 million operating 4 locations in Libertyville, Fairfield, Eldon and Keosauqua, Iowa.  As indicated, the transaction is contingent upon regulatory approval that could take up to 90 days.   If  approved, the merger should be complete this year and FSB will become a branch office location of the LSB.  Existing LSB customers will see no changes to their level of quality customer care or bank personnel.

We feel it is a very good match that will diversify and strengthen our bank as a whole.

We appreciate your business very much and encourage you to contact us at the bank should you have any questions or concerns.  Thank you!

 

2/21/14

Social Security Field Office Service Changes Coming Later This Year

To meet increasing service demands despite shrinking budgets, Social Security has invested in technological innovations offering more convenient, cost-effective and secure options for the public. Considering these factors, Social Security is making some service changes in our field offices across the country.

On August 1, 2014, Social Security will stop offering Social Security number printouts. Also, on October 1, 2014, our offices no longer will issue benefit verification letters.  As a result of these changes, we ask agencies and organizations that routinely need access to these materials to use the data exchanges specifically developed for this purpose.

Social Security has collaborated with other federal, state and local agencies to build hundreds of robust data exchanges during the past few years. Today, Social Security provides more than 1.6 billion electronic verifications of Social Security numbers or benefit information to employers, state and local agencies, and other authorized third parties. Agencies and organizations should use available data exchanges to get the necessary verifications.

People needing proof of their Social Security or Supplemental Security Income benefits can get verification letters online instantly through a my Social Security  account at www.socialsecurity.gov/myaccount.  They also can get one mailed to them by calling our toll-free number, 1-800-772-1213 (TTY 1-800-325-0778).

2/18/14

Upcoming Scheduled Maintenance May Cause Service Interruption

Due to regularly scheduled maintenance, there may be sporadic availability of images on the OnLine Teller accounts over the weekend of February 22nd and 23rd.

More specifically, beginning Saturday, February 22 at 12:00 A.M. CDT through Monday, February 24th at 3:00 A.M. CDT, you may not have access to images on internet banking (OnLine Teller).

Thank you!

2/12/14

Upcoming Scheduled Maintenance May Cause Service Interruption

Due to regularly scheduled maintenance, there may be sporadic availability of images on the OnLine Teller accounts over the weekend of February 16th and 17th.

More specifically, beginning Saturday, February 16 at 12:00 A.M. CDT through Monday, February 18th at 3:00 A.M. CDT, you may not have access to images on internet banking (OnLine Teller).

Thank you!

1/31/14

E Statement Additional Recipients

The LSB internet banking (OnLine Teller) customer can select parties in addition to themselves to receive their E Statements, such as bookkeepers, accountants, spouses, etc.

To accomplish this, the LSB OnLine Teller customer needs to login to their OnLine Teller account, click on the E Statements tab, then click on the sub tab “Additional Recipients”.  Create a user name, enter the recipient’s email address and an access PIN which will be the recipient’s password.  Next, assign what documents you would like your new recipient to receive, then “save”.  When the E Statement is ready, the new recipient will receive an email along with a PDF shell login to enter their user name and access PIN or password.

1/27/14

EMV Technology

As debit and credit card fraud is becoming more prevalent, consumers and banks are wondering how they can prevent this type of fraud. There may be an answer to problems with debit and credit card fraud coming in the future. Many industrialized countries use a technology called EMV or chip technology. This technology could protect consumers from this type of fraud. EMV is named after the inventors of the technology Europay, MasterCard, and VISA. This technology would put a chip in debit and credit cards and do away with the magnetic strips we currently use in the United States. Magnetic strip cards are easily copied (skimmed) with a card reader.  Chip technology cards are much harder to duplicate. The United States is one of the few industrialized countries that have not made the switch to EMV card technology. The goal is to make the switch by October of 2015. One reason the United States is slow to make the switch is because of the cost to change to EMV cards. The cost of this transition is estimated between 5 billion and 13 billion dollars. The reason the switch is so costly is because new cards will need to be issued, banks will need new ATM machines, and merchants will need new card readers, not to mention the cost of education. Even though this technology is very costly, it comes with many benefits. The most important benefit is the increased security for card users. Some of the other benefits include mobile payments and one card could have multiple accounts linked to it. Once the switch has been made, merchants who do not have the new chip technology card readers may be held liable for card fraud that could have been prevented with EMV technology.

1/2/14

OnLine Teller – coming soon, new password requirement!

Starting February 1, 2014 and moving forward, passwords for our OnLine Teller accounts will have the following new requirement:

  •  They must have 1 letter, 1 number and 1 special symbol

Existing conditions that will remain after February 1, 2014 are:

  • They must be a minimum of 8 characters and a maximum of 25 characters
  • They will not be case sensitive
  • They cannot replicate your two previous passwords

The next time your password expires and you are prompted to create a new one; the above requirements will be explained and in effect.

This new requirement was recommended by our information technology auditors and we feel it is important to your security.  Thank you for banking with us!

12/26/13

Updated Information Regarding the Target Breach

From Target directed to REDcard holders:

  • You do not need to call Target unless you found charges on your account that you didn’t make.
  • You will not be held liable for any fraudulent charges.
  • We (Target) have made changes to our REDcard fraud detection and authorization procedures to further protect you.
  • We (Target) are offering free credit monitoring for one year to every single person who was impacted by this crime.  We will give you more information about that soon.

From Libertyville Savings Bank’s Software Provider directed to LSB as card issuer:

  • Both networks (MasterCard and Visa) believe that the compromise dates are between 11/27 and 12/15.
  • The information compromised was Card Number, Customer Name, Expiration Date and CVV (3 digit security code on the back of the card).
  • Forensic research continues to ensure PIN data was not compromised and no reports of PIN fraud have been received.
  • Approximately 41,000 point of sale terminals (retail checkout machines) were possibly affected.
  • Only Target stores in the U.S. were involved in the compromise.
  • 53% of the fraud that has attributed to this compromise had been card present transactions (not internet or phone transactions, the card had to be swiped through a machine).
  • Alerts of affected cards have all been distributed by MasterCard and Visa.
  • Both networks (MasterCard and Visa) require fraud reporting to be completed on all fraudulent transactions.
  • It is too early in the compromise to discuss holding Target liable for Issuer losses.

12/26/13

Virtual Deposit Ticket

With our latest technology advancement at the teller line, if you make a deposit without providing a deposit ticket, your image for that deposit will be what we call a “Substitute Image or Virtual Document”.  The deposit will credit your account just fine, but the virtual deposit ticket will not provide a listing of what items made up your deposit.  So, if you need a record of the items that you are depositing, you should use a paper deposit ticket and list those items or keep record of them some other way(i.e. QuickBooks, Quicken, Excel Spreadsheet, Copies) prior to depositing.  Thank you!

 

Virtual Deposit Ticket

 

 

 

 

 

 

 

 

12/26/13

Change of Address Forms – Required!

To change your address with us, by law we must have a signed change of address form.  Changing your address with the postal service or the address on your checks is not sufficient.  Please let us know if your address will or has changed and we will help you with a change of address form.  Thank you!

12/23/13

Kudos to the LSB Team on handling the Target store card compromise challenge!  On Friday morning, December 20th, our team received a list of over 250 LSB customers that were affected by the breach.   By 8:00 pm Friday night, all of our customers had been contacted.  Their new debit cards were printed and ready for customer pick up Saturday morning.  We know this could’ve been a serious inconvenience for our customers during this holiday time. Thanks to the ability of our new software, instant issue debit cards saved the day.

 

Jill Burnett – CEO LSB

12/23/13

Last Processing Day for LSB

 

Our last processing day for 2013 is Tuesday December 31, 2013. All bank transactions that you want included in 2013 business, need to be at any one of our locations by

12:00 pm on Tuesday, December 31, 2013.  Any mail or night drop left after we close at noon will be processed on January 2, 2014.

All internet banking transactions will be accepted for 2013 business

until our normal cut off time of 4:00 pm.

Happy Holidays!

LSB

12/20/13

Target Credit and Debit Card Breach

Yesterday morning Target announced that as many as 40 million customers who shopped at Target from November 27th through December 15th using credit and debit cards, the card information was compromised.  Target said that customers who made purchases at its U.S. stores during that time frame should call them at 866-852-8680.  On-line purchases have not been affected.

As soon as the bank receives the list of our customers who have been affected by this, we will contact each customer immediately, cancel your card and issue you a new one.  If you do not hear from us, your card was not compromised.

Thank you!

Libertyville Savings Bank

12/6/13

Identity Theft

With Christmas shopping going on now, I felt we should be reminded to keep our personal information safe.  Identity theft has become a serious problem and if you become a victim it can turn your whole world upside down.  The criminals are very ruthless and go to extremes to get your personal information.

Here are some ways to protect your personal information and identity:

  • Read your credit reports. You have a right to a free credit report every 12 months from each of the three major credit reporting companies.   To order go to annualcreditreport.com or call 1-877-322-8228.
  • Shred all documents that show personal financial and medical information before you throw them away.
  • Don’t respond to email, text and phone messages that ask for personal information.
  • Read your bank, credit card, and account statements. If a statement has mistakes or doesn’t come on time, contact the business.
  • Create passwords that mix letters, numbers, and special characters. Don’t use the same password for more than one account.
  • If you shop or bank online, use websites that protect your financial information with encryption. An encrypted site has “https” at the beginning of the web address; “s” stands for “secure”.
  • If you use a public wireless network, don’t send information to any website that isn’t fully encrypted.
  • Use anti-virus and anti-spyware software, and a firewall on your computer.
  • Set your computer’s operating system, web browser, and security system to update automatically.

These are some helpful hints to protect yourself.   And, if you do find that someone has stolen your identity, please be sure to contact us at the bank.  We have procedures in place to help people begin the process of notifying authorities and getting alerts put on your credit reports.   We also have a credit monitoring product called Identity Theft Shield to protect you for a small monthly fee.

Happy Shopping

Merry Christmas and Happy New Year

Dena Clark, VP

 

12/5/13

How to save your E Statements to a flash or thumb drive:

Insert flash or thumb drive into the USB port of your computer.  Make note of what drive letter your computer assigns it.  Login to OnLine Teller.  Click on the E Statements tab.  This will list out all E Statements that are available to you.  Choose the E Statement that you want to save and click on view.  There will be a popup that displays at the bottom of your screen that says “open, save or cancel”.  Click on the arrow to the right of the word save and choose “save as”.  This will pop up another box, click on computer and choose the drive letter assigned to your flash or thumb drive, change the filename if you want, and click save.  Continue this for any and all E statements you want to save on the flash or thumb drive.  When you are finished logoff of OnLine Teller, then click on your start button, click on computer, and right click on the drive letter your flash or thumb drive was assigned and click eject.  Now it is safe to unplug your flash or thumb drive.

10/28/13

(10/24) Police Chief Harvey Warns Citizens To Be Aware Of Scammers

The Fairfield Police Department has received several calls from citizens saying they received phone calls and the caller is requesting personal information such as social security numbers and bank account information. In one instance the caller was told the social security office needed to send the person a new social security card and needed the above mentioned information. In a second instance the called asked the person for personal information in order to set up a Paypal account for the local citizen.

Remember banks will never call a person and ask for bank account information or personal information. A bank will ask you to verify security information. If in doubt hang up and call your bank or go to the bank in person.

The social security office does not periodically send out new social security cards. The social security office only issues a new card if a request is made in person in the office with at least two forms of identification.

Additionally, Paypal accounts are done online and the company has never called people asking them if they want to sign up. The caller is trying to trick you info providing personal information.

The older scams include citizens receiving calls they have won a cash prize, inherited money from someone they don’t know, or have won the lottery. Again, the caller is trying to obtain personal information to defraud you. If it is too good to be true, it is probably a scam. Never give out any personal information over the phone.

Source: exploreseiowa.com

10/24/13

Iphone App is now available for Mobile Banking

You can locate the Iphone app on your apple mobile device by searching under Iphone apps for Libertyville Savings Bank in the Itunes store.  Our Android app is available by searching Libertyville Savings Bank in the Google Play store.  As always you can still go to www.lsbmb.com on any mobile device to login without an app.  Remember you use your existing user id and password you have for internet banking.

10/2/13

Libertyville Savings Bank receives 2013 Iowa Excellence Award

October 2nd 2013 – Libertyville Savings Bank has been selected for the 2013 Iowa Excellence Award amongst all its peers and competitors by the Small Business Institute for Excellence in Commerce (SBIEC).

Each year the SBIEC conducts business surveys and industry research to identify companies that have achieved demonstrable success in their local business environment and industry category. They are recognized as having enhanced the commitment and contribution of small businesses through service to their customers and community. Small businesses of this caliber enhance the consumer driven stature that Iowa is renowned for.

Libertyville Savings Bank has consistently demonstrated a high regard for upholding business ethics and company values. This recognition by SBIEC marks a significant achievement as an emerging leader within various competitors and is setting benchmarks that the industry should follow.

As part of the industry research and business surveys, various sources of information were gathered and analyzed to choose the selected companies in each category. This research is part of an exhaustive process that encapsulates a year long immersion in the business climate of Iowa.

About SBIEC

The SBIEC is a leading authority on researching, evaluating and recognizing companies across a wide spectrum of industries that meet its stringent standards of excellence. It has spearheaded the idea of independent enterprise and entrepreneurial growth allowing businesses of all sizes to be recognized locally and encouraged globally.

Particular emphasis is given to meeting and exceeding industry benchmarks for customer service, product quality and ethical practices. Industry leading standards and practices have been developed and implementation of the same has been pioneered by the dedicated efforts of the business community and commerce leadership.

More information on SBIEC can be found at www.sbiec.org

10/1/13

How to tell if a bill is counterfeit?

1. Look for security features on the bill. Each of the following bills $5, $10, $20, $50 or $100 has a security strip running from top to bottom.  The strip says USA and the denomination of the bill.  These denominations of bills also have a watermark on them.  Hold the bill up to the light and a watermark image of the person who is on the front of the bill should appear on the right side of the bill.  The watermark can be seen from both sides of the bill.

2. Feel the texture of the bill.  Counterfeit bills have a slick feel to them.  Most counterfeit bills feel like wax paper.

3. Compare the bill with another bill of the same denomination and series. Counterfeit bills are usually a little smaller in size when comparing them to a regular bill.

4. Look for colored fibers in the paper.  All U.S. bills have tiny red and blue fibers embedded in the paper.

5. Examine the serial numbers on the bill.  Make sure the numbers on the bill match.  Counterfeit bills have serial numbers that are not evenly spaced.

9/9/13

Syrian Electronic Army (SEA) Spear Phishing Activity Indicators

The FBI has released an alert containing detailed information on the malicious online activities of the Syrian Electronic Army (SEA).  The following information can be shared with your supervised institutions.

Details/Background

The SEA is a pro-regime hacker group that has, in the past several months, successfully compromised multiple high-profile US media outlets and websites.  Recent activity has been executed through successful spear phishing efforts.  The FBI assesses the possibility of US military action in Syria may lead to further escalation of computer network operations by pro-regime or other aligned cyber actors.

Every organization is at risk of being the target of a spear phishing e-mail.  Malicious actors craft e-mails that appear to be from a legitimate source to lure victims into providing login credentials.  The e-mails contain a hyperlink that appears to be legitimate; however, the user is directed to a credential harvester that looks like a legitimate Outlook Web Access (OWA) or other login page.

The FBI has identified twenty phishing domains and IP addresses utilized by SEA actors, as well as four “watering hole” sites.  The FBI is distributing this information to enable network defense activities and to reduce the risk of similar attacks in the future. The FBI recommends that your organization help victims identify and block these phishing domains.  The FBI will continue to provide additional domains as they are identified.  Below the spreadsheet contains attack indicators including phishing domains, IP addresses registrant information, web site domains etc.

Phishing Domain Domain IP Registrant
comoj.com 31.170.164.145 Hostinger International Ltd
comule.com 31.170.164.144 www.000webhost.com
comuv.com 31.170.164.139 Hostinger International Ltd
comxa.com 31.170.164.136 www.000webhost.com
comyr.com 31.170.164.145 www.000webhost.com
coreware.co.uk 31.12.72.1 The Tannery (UK)
epicmetrics.com 64.22.77.244 Epic Notion (Ghana)
gloryshipsghana.com 64.22.77.244 Sheeltech (Ghana)
host22.com 31.170.164.126 www.000webhost.com
iroshipping.com 64.22.77.244 Smollett (Ghana)
karisdiscounts.com 64.22.77.244 Smollett (Ghana)
miladafrica.com 85.153.46.80 Olcalc (Turkey)
net 76.net 31.170.164.135 www.000webhost.com
net63.net 31.170.164.139 www.000webhost.com
net84.net 31.170.164.136 www.000webhost.com
netai.net 31.170.164.139 Hostinger International Ltd
rvg-ghana.com 64.22.77.244 Smollett (Ghana)
site88.net 31.170.164.145 www.000webhost.com
site90.net 31.170.164.139 www.000webhost.com
vehayatbilgisi.com 85.153.46.80 Gulcan Hercicek (Turkey)
Watering Hole Sites
startbreathing.com
kulalars.com
sws-schulen.de
limelight.com
SEA Web site Domains
sea.sy
syrianelectronicarmy.com
qatar-leaks.com
SEA Web site Domain IPs
213.178.225.3
213.178.225.4
141.105.64.37

9/4/13

Text Banking

To set up Text Banking login to OnLine Teller click on the options tab then mobile settings, then text mobile settings.

Here are the commands for Text Banking:

Bal=All Acct Bal
Bal Acct Name=Single Acct Bal
Hist=All Accts Recent Activity
Hist Acct Name=Single Acct Activity
Help=Commands
Stop=Cancel

8/26/13

Password protecting your mobile devices and tablets:

Last week I attended a meeting put on by a law firm. One of the presentations was on mobile banking and the security relating to that. One recommendation was given multiple times…. password-protect your mobile phone and tablet. It is estimated that over 54% of users do not have their devices password-protected. Something as easy as that will go a long way in protecting your information in the chance you lose your device!

7/26/13

Scam

Beware:  A scam is in operation where a caller says you have won a sweepstakes of a large amount of money.  All you have to do is call a phone number and meet someone to get your “green card” after you pay them $400 in cash.

7/10/13

Bill Pay Maintenance

The bill pay website will be down for maintenance between 10:00PM CST on Friday, July 12th through 6:30AM CST on Monday, July 15th. If you still experience bill pay website issues after this timeframe, please call 866-215-3156 for bill pay related questions.

7/9/13

Statement Options

You have the option to change the lay out of your checking account statement. If you would prefer the following layout, please contact any of our offices to have the changed completed.  Thanks for banking with Libertyville Savings Bank.

Statement Option

7/3/13

Installment Loan Payments:

If you have an installment loan payment at Libertyville Savings Bank, which means any loan that has scheduled payment either weekly, bi weekly, monthly, quarterly or annually, amounts that you pay above and beyond the regular required amount, will all be applied to principal. Also, please note, your next payment will be due at its regularly scheduled time.

Example: You have a car loan that calls for $100.00 monthly payments. Each month you pay $150.00 or $50.00 extra. The extra $50.00 that you pay will reduce the principal amount owed and payoff your loan faster, however you will still owe the next full payment the next month. The extra amount will not bump your payment date ahead and allow you to skip a payment.

If you want to pay ahead, you need to contact your loan officer.

6/22/13

Past E-Statements are now available on OnLine Teller!

Jack Henry has completed converting over our old E statements for customers to be able to access through the new interent banking site. They are now avaliable for our customers. Jack Henry converted over the last 3 statements in 2011, all of 2012 and year to date 2013.

Important – Please read!
** E Statement Customers **
This is your interim bank statement.
This time only – you will not receive it electronically.
Due to an upgrade to our banking software currently in progress, every LSB checking account holder is receiving a bank statement with transactions through May 17, 2013.
This paper statement is a one-time occurrence due to the software upgrade.  You are still registered as an E Statement customer and moving forward, you will continue to receive your future statements electronically.
Year-to-date 2013 E Statements (including this interim statement) will be transferred to the new OnLine Teller internet banking service in the near future.  You will receive an email when that information is accessible.
We apologize for any inconvenience this may cause and appreciate your patience during the upgrade.  No service charges will be assessed on any statements during the month of May, 2013.
We appreciate your business.  Thank you for banking with us!
Libertyville Savings Bank

5/14/13

Mobile Banking Users: Extremely Important! Please read.

Following the upgrade to our banking technology that will take place over the 3rd weekend in May, our mobile banking service will change.  If you use an app, you will need to delete it and re-install.  If you use an Android phone, please go to the Google Play Store to download the new app.  For an IPhone go to App Store.  Effective May 20th, you will need to re-enroll for our mobile banking service at www.lsbmb.com or through your newly installed Libertyville Savings Bank app.
Thank you so much for your patience and understanding during this upgrade!  We appreciate your business.


5/13/13

Internet Banking Download Users: Extremely Important!  Please read.

Attention internet banking customers. On May 20th, 60 days of viewable history will be transferred to our updated system.  Starting May 20th going forward, our viewable history will be changing to 90 days. We recommend any customer downloading information from our site to have it completed prior to May 17th.

Thank you so much for your patience and understanding during this upgrade!  We appreciate your business.


5/8/13

Bill Pay Customers: Extremely Important!  Please read.

Due to the upgrade to our banking technology taking place over the 3rd weekend in May, our bill payment service will change.

Bill pay will be unavailable starting Friday afternoon, May 17th and can be accessed again Monday morning, May 20th after signing into the new internet banking service described in a previous email.  All of your payees and automatic or recurring payments will carry over to the new system.

Bill payment customers will not be able to initiate payments between May 13th and May 20th.  Payments initiated prior to May 13th and scheduled to be processed between May 13th and May 17th will occur successfully.

Thank you so much for your patience and understanding during this upgrade!  In order for us to facilitate your questions or concerns in the most efficient manner, please direct them to customerservice@libertyvillesavingsbank.com.


5/7/13

Internet Banking Customers: Extremely Important!  Please read.

Due to the upgrade to our banking technology taking place over the 3rd weekend in May, our internet banking service will change.

Internet banking will be unavailable for most of Friday afternoon and evening on May 17th.  During the rest of the weekend your existing user ID’s and passwords will still be effective, but the access will be restricted to view-only mode (you will not be able to transact business).

Starting Monday, May 20th, on our website, the new internet banking access link is called OnLine Teller.  Existing internet banking customers will use the same ID as you have now, but your password will default to the last 4 digits of the primary account holder’s social security number.  You will instantly be prompted to create a new password, you must agree to the terms and conditions, and you may be required to set up new security questions and answers.  Your internet banking accounts and history will transfer over.

Thank you so much for your patience and understanding during this upgrade!


5/6/13

This is your new Debit/ATM card issued in conjunction with our banking technology upgrade.

The PIN for this card has been mailed to you in a separate mailing. Existing limits apply.

Your old card will expire at 2:00 a.m., Monday, May 20th and this new card will become effective 9:00 a.m., Monday, May 20th. You must use this card at an ATM machine the first time to activate.

If you have provided any payees or creditors your debit card information for payment, you will need to provide this new card number to those creditors/payees to be effective May 20th.

After June 1, 2013 you may choose your own PIN by using the option at any of our ATM’s and you may exchange this card for a photo debit card (we take your photo) or a personalized debit card (you provide the photo in jpeg form) by visiting any of our 4 locations.

Thank you for banking with Libertyville Savings Bank! We appreciate your business.


On the weekend of May 18th, LSB will be undergoing a comprehensive software upgrade. We’re very excited for the advanced technology this will provide for us to better serve our customers! A copy of the first informational letter is posted here.

Questions may be directed to any of us at LSB. Thank you!

April 15, 2013

Extremely Important – Please read!

RE: LSB Computer Software Upgrade

Dear Valued LSB Customer,

We are thrilled to announce an upcoming improvement to our banking technology! On the third weekend in May, 2013 we will be undergoing a complete and comprehensive upgrade of our banking system software. This will result in many awesome benefits and improvements for our customers including, but not limited to:

Ø real time data processing (your transactions will post to your account upon completion)
Ø real time debit card and ATM transactions (no wait for balancing to see updated transaction activity)
Ø same day, on the spot, issuance of debit cards
Ø deposits will be accepted and credited up until closing time (no more 2pm cut off time)

On Friday, May 17th, 2013 all checking accounts will have a statement processed including activity through May 17th. Depending on your regular checking account statement cycle, you may receive interim partial statements or multiple statements during the month of May. No service charges will be assessed on these statements or your first monthly statement following the software upgrade. To insure monthly checking account statements that cover calendar month dates, please sign up for our E Statements. They are extremely convenient and can be stored electronically for future research and/or reference.

In conjunction with this upgrade, we will be issuing brand new debit cards to all of our debit card holders. At 2:00 a.m., Monday, May 20th your old debit cards will expire and beginning at 9:00 a.m., Monday, May 20th your new cards will be operational. You will receive your new card in the mail mid-May. You will receive an assigned PIN soon after in a separate mailing. You will be able to change your assigned PIN to a PIN of your choice by contacting the bank after June 1st.

We are looking forward to being able to better serve you! Please expect more information to follow regarding how this upgrade may affect you. We appreciate your business. Thank you.

Sincerely,

Jill Burnett
CEO

24 Hour Express Line from Libertyville Savings Bank
Safe & Secure Online Banking from Libertyville Savings Bank in Iowa

 

Member FDIC and Equal Housing Lender