Security Alerts

We take the security of your account very seriously and have deployed several different strategies to protect your account.  Herring Bank will never call and ask you for any account information.  If you receive a call asking for details about your account do not provide any information. Hang-up and call us at 866-348-3435 and speak to a representative.

Fake Calls About Your SSN

February 5, 2019

The FTC is getting reports about people pretending to be from the Social Security Administration (SSA) who are trying to get your Social Security number and even your money. In one version of the scam, the caller says your Social Security number has been linked to a crime (often, he says it happened in Texas) involving drugs or sending money out of the country illegally. He then says your Social Security number is blocked – but he might ask you for a fee to reactivate it, or to get a new number. And he will ask you to confirm your Social Security number.

In other variations, he says that somebody used your Social Security number to apply for credit cards, and you could lose your benefits. Or he might warn you that your bank account is about to be seized, that you need to withdraw your money, and that he’ll tell you how to keep it safe.

But all of these are scams. Here’s what you need to know:

  • The SSA will never (ever) call and ask for your Social Security number. It won’t ask you to pay anything. And it won’t call to threaten your benefits.
  • Your caller ID might show the SSA’s real phone number (1-800-772-1213), but that’s not the real SSA calling. Computers make it easy to show any number on caller ID. You can’t trust what you see there.
  • Never give your Social Security number to anyone who contacts you. Don’t confirm the last 4 digits. And don’t give a bank account or credit card number – ever – to anybody who contacts you asking for it.
  • Remember that anyone who tells you to wire money, pay with a gift card, or send cash is a scammer. Always. No matter who they say they are.

If you’re worried about a call from someone who claims to be from the Social Security Administration, get off the phone. Then call the real SSA at 1-800-772-1213 (TTY 1-800-325-0778). If you’ve spotted a scam, then tell the FTC at ftc.gov/complaint. For more information, visit Fake Calls about your SSN.

Thank you,

Stacy Canan
Office for Older Americans
Consumer Financial Protection Bureau

FDIC Consumer Cybersecurity

March 9, 2016

The FDIC has released a guide for all banking customers regarding cybersecurity with helpful advice for staying safe online.  You can read more about it at the following link.

FDIC Cybersecurity Guide

PHISHING ALERT

January 15, 2014

Victims of the Target data breach are vulnerable to phishing attacks right now. Remember, we will never ask you for personal information or your account number in an email; do not respond to emails that warn of dire consequences; check your accounts regularly; look for the padlock key when submitting sensitive info over the internet. File complaints with the Internet Crime Complaint Center: http://www.ic3.gov/default.aspx

DEBIT CARD ISSUE

December 19, 2013

Herring Bank has been informed by MasterCard that some Herring Bank debit cards may have been compromised as a result of the recent Target Corp. data breach reported in the news. All compromised debit cards have been put in INACTIVE status, and must be replaced. A replacement debit card has been ordered for compromised embossed debit cards. Also, you may visit your local Herring Bank branch to receive a temporary replacement debit card. Please contact the Herring Bank Call Center at 866-348-3435 for any questions you may have.

Herring Bank takes the security of your debit card and account very seriously, and will do all we can to protect your account.

Target’s Press Release: Target Press Release

OpenSSL Heartbleed Bug

April 14, 2014

On April 7, 2014, security researchers disclosed a flaw in certain versions of OpenSSL software that is used by some websites to encrypt communication between a web browser and a server. This flaw has been named the Heartbleed bug and has been widely publicized.

In response to this vulnerability, we have taken the following actions:
– Verified that all webservers used by Herring Bank are not susceptible to this bug. Our servers do NOT use the versions of OpenSSL that are vulnerable to Heartbleed.
– Verified with vendors providing services to Herring Bank and our customers that they have no indication that Heartbleed has been used against their systems and that they have taken steps to ensure that they are not vulnerable to this exploit.
Security experts recommend the following actions to all internet users:
– Contact online services that you use and verify that they are either not affected by Heartbleed or that they have taken steps to address the vulnerability.
– Change all of your passwords for those online services. When changing your password choose secure passwords and use different passwords for each website.
– Monitor your accounts for suspicious activity
If you have any questions please contact the Customer Contact Center at 866-348-3435.

We help protect your account by using:

  • Industry standard encryption
  • Multi-factor authentication
  • Timed logoff of your Internet Banking account
  • Fraud scanning

You can help protect yourself online by:

  • Using unique usernames and passwords on all your internet sites
  • Using a strong password
  • Stay-up-to-date on your software patches and antivirus software
  • Never give out account details unless you are sure of the website

You can protect yourself from fraudsters and scammers by:

  • Always protect your credit/debit cards.
  • Only use trusted ATM’s or get money back from retailers.
  • Never give out account information over the phone unless you personally initiated the call.
  • If someone asks for your account details over the phone, ask them for a callback number and call them back or go to the company’s website and find a phone number to call.