Meadows Bank October Newsletter - Two-Factor Authentication

Home

October 2023 Newsletter

TWO-FACTOR AUTHENTICATION

Two-Factor Authentication (2FA) also referred to as Multi-Factor Authentication (MFA), utilizes a combination of verification methods to secure your online banking profile. 2FA combines something you know, such as your username and password with something you have, such as your phone (text verification code), or email (emailed verification code) and something you are such as your fingerprint, or facial recognition to confirm your identity prior to allowing access to your online accounts.

Meadows Bank requires our customers to have the following information in order to access any of our online products:

Your user ID and password,
An authentication code which is sent to your phone number or email address on file, either by text message (SMS) or secure email.

If you are logged in to your Meadows Bank Online Banking profile and request access to a new service such as Bill Pay, Mobile Deposit or Zelle, Meadows Bank will send you a verification code by text or email prior to allowing your enrollment in that new product to be completed. For example, as you create new payees within our bill payment system, add new users within Treasury Management, or create new Zelle recipients, you will again be required to input a verification code before proceeding. Our system is designed to prompt you every step of the way for any products or services that could put your accounts at risk if your username and password have fallen into the wrong hands.

These passwords are for you and you alone and should never be shared with anyone, not even a bank representative. Would be scammers often portray themselves as being from your bank in an attempt to convince you to provide this information to them, do not fall for it! Bank’s will never ask you for your user password, or verification codes.

As Two-Factor Authentication becomes the norm, and fraudsters are no longer able to compromise your online account(s) by stealing your user ID and password, they have stepped up their game in an attempt to trick you into sharing that information with them, here’s how it works:

You receive a text from someone claiming to be your bank, they inform you that in order to verify your identity they need you to provide them with the authentication code that they are about to send to you. In reality what is occurring, is that the bad guy has input your user ID and password but cannot get pass the computer-generated text verification code without your help. If you fall for their scam and text them back with the authentication code you received, they immediately input that code, login to your online banking profile, and immediately take over your account by changing your password, security questions and the phone numbers associated with that account. Once they’ve changed your information, they begin using your account to drain your funds and send your money to their accounts at different banks.

Since you participated in the fraud by providing the bad guys with the secure information, they needed in order to access your account, you often are left with no recovery rights when disputing the funds, the fraudsters move on to their next victim and you are left to deal with the fall out. Below are some reminders on how to protect yourself from 2FA scams:

Never reply to a text asking you to send your authentication code.
If you receive texst or emails from your bank containing authentication codes that you were not expecting or did not participate in requesting, your online profile may have been compromised. Log in to the banking website or app directly (do not click on any links from your texts or emails) and immediately change your password for that account. Once completed, call your bank to report the potential incident, the bank will take the appropriate steps to protect you and your account. DO NOT provide any information to anyone calling claiming to be from your bank, hang up and dial a trusted number or stop into your local branch for assistance.
Remember, your bank will never call you and ask you to provide your password, authentication information etc., that information is yours and should never be shared. If you feel you may have fallen victim to a scam, immediately call your bank and let them know.
Listen to your gut, if it doesn’t feel right, it’s probably wrong.

*All content contained in this newsletter is for informational purposes only and should not be relied upon to make any financial, accounting, tax, legal or other related decisions. Each person must consider his or her objectives, risk tolerances and level of comfort when making financial decisions and should consult a competent professional advisor prior to making any such decisions. Any opinions expressed through the content in this newsletter are the opinions of the particular author only.