Identity Protection


The key to protecting your personal information is being an informed consumer.

Identity Theft

What steps can be taken to reduce the risk of Identity Theft?

What steps should be taken if Identity Theft is suspected?

What is Phishing?

How does Phishing work?

What is Pharming?

What is Spyware?

Identity Theft

Identity thieves access personal information through credit card and bank statements stolen from mailboxes, e-mail solicitations such as phishing, phone scams, and by other means. To learn about how to safeguard yourself and your computer from identity theft, read further or visit the Federal Deposit Insurance Corporation (FDIC) online multimedia education tool.

What steps can be taken to reduce the risk of Identity Theft?
  1. Never provide personal financial information in response to an unsolicited Internet or telephone request.  Personal information includes your social security number, date of birth, driver’s license number, account numbers, and passwords.  Eastside Commercial Bank or any other financial institution would never ask you to verify your account information online. Thieves armed with this information and your account number could steal your identity or gain access to your accounts.  If you did not initiate the communication, you should not provide any information.

  2. Do not be intimidated by an e-mail or a caller who threatens actions based on failure to respond to their request.  Thieves will often use the threat of dire consequences if you do not immediately provide or verify financial information.  You have the right to ascertain that the source of the request is legitimate.

  3. If you believe the contact may be legitimate, contact the financial institution yourself. Call the institution directly, or go to the company’s web site by typing in the site address directly or using a page you have previously book marked, instead of a link provided in the email.  You can contact Eastside Commercial Bank at (425) 373-0400.  The key is that you should be the one to initiate the contact.

  4. Review account statements regularly to ensure all charges are correct.  If your account statement is late in arriving, call your financial institution to find out why.  Federal law limits your ability to dispute items on your bank statement to 60 days.  If your financial institution offers electronic account access (such as Eastside Commercial Bank’s Online Banking), utilize this service periodically to review activity online.  It can help you catch suspicious activity.

  5. Remember that identity theft can occur any time, not just immediately after your personal information has been fraudulently obtained.  So, be vigilant and monitor your account activity and credit history regularly.

Other Prevention Tips:
  • Never leave your wallet, purse, checkbook or credit receipts in your car.  Car prowl is a prime source for identity theft. Thieves know to look in merchandise bags for credit receipts – which often print your credit card number.

  • Have your mail delivered to a secure location. Don’t place bills with signed checks in unsecured mail boxes. Mail box theft is another common source for identity thieves. Your credit card bill has everything a criminal needs to make purchases by telephone or on the Internet, and signed checks can be altered and cashed or used fraudulently.

  • Be careful when using a debit card for shopping online.  Once funds are stolen from your account, it can be difficult to recover them. Consider using one credit card only for your online purchases. Use a secure browser when sending credit card numbers over the Internet. Review your bill carefully as soon as you receive it. Contest unauthorized charges.

  • Keep a list of all your credit/debit cards, card numbers and issuer phone numbers.  This will facilitate your reports to creditors/banks if your purse or wallet is stolen.

  • Memorize the personal identification number (PIN) for your ATM or debit card.  Never store the PIN in your purse or wallet.

  • Shred your financial garbage, including credit receipts, pre-approved credit offers and credit checks. Cross-cut shredders are most effective.

  • Never carry anything with your social security number on it.  If your health insurance card shows your social security number, ask your insurer for a new card without the social security number. Until you get your new insurance card, carry it only when you need to use it.

Prevent credit reporting agencies from selling your name, social security number, address and credit rating. Merchants who want to offer you credit cards or sell you merchandise buy your financial information. This is a source for personal information that can ultimately be published on the Internet. Contact the “Opt out” option of all credit reporting agencies.

What steps should be taken if Identity Theft is suspected?
  1. Contact your financial institution immediately and alert it to the situation. Your financial institution’s customer service department can assist you with reviewing your account and set up an online banking services to help you monitor your account. If you feel your account(s) may be at risk, you may want to close them and open a new account. Eastside Commercial Bank customers can contact the bank at (425) 373-0400.

  2. Report all suspicious contacts to the Federal Trade Commission through the Internet.

  3. Contact one of the three major credit bureaus and discuss whether you need to place a fraud alert on your file, which will help prevent thieves from opening a new account in your name. The credit bureaus can also provide you with a copy of your credit report.

  4. Here is the contact information for these credit bureaus:

    P.O. Box 740250
    Atlanta, GA 30374
    1-800 525-6285 (Fraud)
    1-800 685-1111 (Credit Reports)

    P.O. Box 1017
    Allen, TX 75013
    1-888 397-3742 (Fraud)
    1-888 397-3742 (Credit Reports)

    P.O. Box 6790
    Fullerton, CA 92634
    1-800 680-7289 (Fraud)
    1-800 888-4213 (Credit Reports)

  5. The law requires the three major credit bureaus to provide you with a free copy of your credit report each year, if requested. Credit reports contain information about you, including the accounts you have and your bill- paying history. Visit or call 1-877-322-08228 to order your free annual report. If you have questions or concerns about any of the information you see on your credit report, you can contact the appropriate credit reporting company listed above.

Other Contacts:

  • Federal Trade Commission. Accepts complaints from ID theft victims: Identity Theft Hotline: 1-877-IDTHEFT(438-4338), or, Identity Theft Clearinghouse, FTC, 600 Pennsylvania Ave. NW, Washington, D.C. 20580. To request the booklet “ID Theft, When Bad Things Happen to Your Good Name:” (877) FTC-HELP (382-4357), or mail a request to the FTC, Consumer Response Center at the above address. Find more ID theft information.

  • Social Security Administration. If you believe your social security number has been used by a stranger: (800) 269-0271, or SSA Fraud Hotline, P.O. Box 17768, Baltimore, MD. 21235. Fax: (410) 597-0118.

  • U.S. Postal Service. If theft of U.S. Mail is involved, or if the identity thief filed a change of address with the post office, contact the U.S. Postal Inspector.

  • Passports. If you have a passport, notify the passport office in writing that your identity has been stolen and to be on alert for anyone ordering a new passport in your name.

  • Department of Motor Vehicles. If you suspect someone has obtained a false driver’s license in your name or is using your driver’s license number: In Washington State call (360) 664-8885, or Department of Licensing, Driver Responsibility-Fraud Unit, PO Box 9030, Olympia, Washington 98507-9030.

What is Phishing?

"Phishing" is a type of Internet e-mail fraud.  It’s pronounced "fishing," and that’s exactly what these thieves are doing: "fishing" for your personal financial information, searching for account numbers, passwords, Social Security Numbers (SSN) and other confidential information they can use to steal from your checking account or run up bills on your credit cards.

With the sensitive information obtained from a successful phishing scam, these thieves can commit identity theft and take out loans or obtain credit cards and even driver’s licenses in your name.  They can do damage to your financial history and personal reputation that can take years to unravel.  If you understand how phishing works and how to protect yourself, you can help prevent this crime.

How does Phishing work?

In a typical case, you’ll receive an e-mail that appears to come from a reputable company that you recognize and do business with, such as your financial institution. In some cases, the e-mail may appear to come from a government agency, including one of the federal financial institution regulatory agencies.  The e-mail will probably warn you of something that requires your immediate attention.  It may use phrases such as "Immediate attention required," or "Please contact us immediately about your account."  The e-mail will then encourage you to click on a button to go to the institution’s web site.

In a phishing scam, you could be redirected to a phony web site that may look exactly like the real thing.  Sometimes, in fact, it may be the company’s actual site and may even have a fake” padlock icon” that ordinarily is used to denote a secure site.  In those cases, a pop-up window will quickly appear for the purpose of harvesting your financial information.  In either case, you may be asked to update your account information or to provide information for verification purposes: your SSN, your account number, your password, or the information you use to verify your identity when speaking to a real financial institution, such as your mother’s maiden name or your place of birth. If you provide the requested information, you may find yourself the victim of identity theft.

What is Pharming?

Pharming is a type of internet fraud. Pharming occurs when an attacker creates a fake web site on the Internet that looks like a valid site for a real company. They do this by changing a valid domain name record (e.g., on a Domain Name Server (DNS). The DNS would normally translate the domain name to the correct Internet Protocol (IP) address so that the user reaches the real web site. However, in the case of a pharming attack, the DNS server would contain the wrong IP address and direct users to the fake web site controlled by the attacker. Once there, the consumer is prompted to provide non-public information that is then used by criminals to commit fraudulent activities.

One way consumers can protect themselves is to make sure they land on special secure web pages that use encryption to protect data transfer, a standard practice for any financial web site. Consumers should always check the web site URL to make sure it begins with "https" or look for the lock icon on their web browser, which confirms that the site is using a secure socket layer (SSL) certificate to protect your information. The absence of this icon is a clue that something is wrong.

What is Spyware?

Spyware is software installed on a computer without the user’s knowledge, often through a virus or when a user downloads a free program. It is designed to let a hacker eavesdrop, collect personal or confidential information and perhaps track and record the user’s activities. Some spyware can obtain such information as passwords or credit card numbers. It also often bombards computer users with unwanted ads.

A number of techniques have emerged to counteract this risk, including software programs that are available to consumers and are designed to remove or to block spyware. Anti-spyware programs can combat spyware in two ways: real-time protection, which prevents spyware from being installed; and scanning and removal of spyware. The program inspects the contents of the Windows registry, the operating system files, and installed programs, and removes files and entries which match a list of known spyware components. Real-time protection from spyware works identically to real-time anti-virus protection: the software scans incoming network data and disk files at download time, and blocks the activity of components known to represent spyware.