blue digital mesh wave

Cybersecurity

Stay agile to keep yourself safe in an increasingly digital world.

Tax Day is Tuesday, April 15! This time of year, scammers may contact you claiming that you owe money to the IRS or that you have unclaimed refunds. They can reach you via text, phone call, email or traditional mail. The IRS does not initiate contact with taxpayers by email, text or social media to request personal or financial information. Do not give out any sensitive information
over the phone.

Spoofing creates a realistic caller ID that tax scammers may use to pose as the IRS.
Robocalls are phone calls made with an autodialer and likely contain a prerecorded or robotic message.
Smishing is SMS phishing. Scammers send deceptive texts pretending to be the IRS or your bank to draw personal information out of you or with links that can install malware into your device.

The overall goal of these scams is to fool taxpayers into thinking they owe the IRS money and getting access to personal or financial information.

The IRS compiles an annual list of popular, impactful tax scams called the “Dirty Dozen.” The scams on this list peak during tax season but are a problem throughout the year. You can read about these scams at irs.gov/newsroom/dirty-dozen.

Protect yourself from fraud.
  1. Know the warning signs of scams.
  2. Know your rights under the Telephone Consumer Protection Act. Read more at fcc.gov/consumers/guides/stop-unwanted-robocalls-and-texts
  3. Report suspicious activity to the Federal Trade Commission (FTC) and/or the Federal Communications Commission (FCC).
    1. Report an IRS scam to the FTC at reportfraud.ftc.gov/#/
    2. File a complaint about fraudulent phone calls and texts with the FCC at https://consumercomplaints.fcc.gov/hc/en-us

General Cybersecurity Tips

Cybersecurity stays a top priority in the decisions our team makes. Agility clients can rest easy knowing their information is safe, secure and protected. Every member of our staff completes regular cybersecurity training, and we always keep an eye out for suspicious behavior. But, what can you do to keep your data safe?
 
Recognize Phishing
Phishing is a form of messaging fraud where the attacker pretends to be a reputable source and "baits" the victim into providing personal information. If you receive an unsolicited email, look out for the following:
  1. Urgent language that may include consequences if the request isn't met. (ex. Your security training is past due. Click this link to complete before tomorrow.)
  2. Requests to send personal or financial information. (ex. Hi Jane, Your HR manager is requesting your SSN for tax information. Please send ASAP.)
  3. Untrusted URLS. Never click a link in an email without first verifying the source.
  4. Incorrect email addresses or frequent typos. (ex. Gma!l.com)
Use Strong Passwords
We are all guilty of using the same password for everything. However, this makes it easy for a cyber attacker to access all your private accounts. Switch it up and keep your information safe.
  1. Use long passwords. Longer is stronger! Ideally, passwords should contain 16 characters.
  2. Use unique passwords. Don't reuse passwords across different accounts.
  3. Use random passwords. A list of numbers and special characters works, but if you can't remember that, a random phrase works too! (ex. $#%7462%*%_^#) (ex. TheCowJumpedOverTheMoon!2023)
Enable Multi-Factor Authentication
What is MFA? MFA confirms our identities when logging in to our accounts. When an account asks for secondary ID verification by sending a code to your phone or email, that's MFA.

MFA can make us significantly safer online. Even if our passwords become compromised, unauthorized users will be unable to meet the second step requirement and will not be able to access our accounts. Enable it wherever you can.

Keep Software Updated
Many software updates fix security risks. When you keep your software updated, you keep yourself safer! So, watch for update notifications and complete the update as soon as possible, or turn on automatic software updates for your devices!
 
To get more tips and information about cybersecurity, visit www.cisa.gov.

How does Agility keep clients safe?

.Bank Domain
You may notice in the URL that our website is hosted by a '.bank' domain, instead of the standard '.com' or '.net' domain. This is because banking has been a highly-phished industry for more than ten years. Agility Bank has enhanced its cybersecurity against phishing and spoofing*, the leading causes of breaches, identity theft and financial fraud. Publicly available domains, like '.com' and '.net,' make it easy for fraudulent domains to commit business email compromise (BEC)**. Agility pivoted away from these easily abused domains to limit their exposure to cyberattacks. A '.bank' domain is like ‘.gov’ and ‘.edu’, but for the banking sector.

Employees, vendors and clients can look for the .bank at the end of emails and links to help prevent breaches, identity theft and financial fraud in day-to-day interactions and when engaged with new digital products and services. And remember, the Agility Bank team will never ask for personal information on any unencrypted platform.

File Share
Submit files to your Agility banker or lender safely with File Share. As an encrypted document-sharing channel, File Share protects your personal information and documents. Simply contact your banker to request the unique password to their portal, and then visit our File Share webpage and follow the instructions under your banker's picture. 

Secure Chat
Our online chat feature is an invaluable way to have encrypted conversations with a banker on the Agility website and in our online banking portal. Click the "Let's Talk!" button in the bottom right corner of your screen to get started. And, if you're trying to connect with us after business hours, our secure chat feature will let you leave a message.

Email Encryption
All outgoing Agility emails are automatically encrypted to protect sensitive information. This provides a secure communication channel between you and your banker.

*Information in the Tax Season Tips section is from the Federal Communications Commission (FCC) website at fcc.gov/tax-season-phone-scams-and-taxpayer-id-theft.