A person commits the crime of identity theft if, without the authorization, consent, or permission of the victim, and with the intent to defraud for his or her own benefit or the benefit of a third person, he or she does any of the following:

  1. Obtains, records, or accesses identifying information that would assist in accessing financial resources, obtaining identification documents, or obtaining benefits of the victim.
  2. Obtains goods or services through the use of identifying information of the victim.
  3. Obtains identification documents in the victim's name.
  4. Obtains employment through the use of identifying information of the victim.

Minimize Your Risk

  • Visit the Federal Trade Commission’s website, www.ftc.gov/idtheft to learn how personal information is stolen and what you can do to protect yours, monitor your personal information to discover problems quickly, and know what to do when you suspect your identity has been stolen.
  • By monitoring your account statements each month and checking your credit report on a regular basis you may be able to limit the damage caused by identity theft.  The Fair Credit Reporting Act requires each of the nationwide consumer reporting companies to provide you with a free copy of your credit report, at your request, once every 12 months.  The three nationwide consumer credit reporting companies are: Equifax, Experian and TransUnion.  To order, visit www.annualcreditreport.com.
  • Sometimes identity thieves pretend to be from financial institutions or credit or service providers you may deal with regularly.  They do this as a means to obtain your personal information directly from you.  If you did not initiate the contact don’t give out information such as your Social Security number, date of birth, account numbers, debit card number, online account access credentials via e-mail, instant messaging, telephone calls, or text messages.
  • Be skeptical of e-mail messages or pop-up messages requesting your personal information
  • Protect your purse or wallet at all times, and store personal information in secure locations.
  • Shred bank, mortgage, credit card, physician, etc., statements before throwing away to prevent unauthorized access to your personal and account information.
  • When mailing items that contain your personal or account information use the U.S. Postal boxes rather than your personal mail box for pick-up.
  • Don't share online credentials with others and store this information somewhere inaccessible by unauthorized users.

Avoid Social Engineering Attacks

Social engineering attacks attempt to exploit the human tendency to trust in order to steal your information. In a social engineering attack, an attacker influences a person to rovide their personal/confidential information.   Once this information has been provided it can be used to commit fraud or identity theft.

Criminals use a variety of social engineering attacks to attempt to steal information, including:

Website Spoofing

The act of creating a website, as a hoax, with the intention of misleading users into sharing identifying information.  Normally, the spoof website will look almost exactly like the target website and sometimes has a similar web address.  Below are some tips to prevent becoming a victim of website spoofing:

  • avoid clicking links on social networking sites, pop-up windows, or non-trusted websites.  Clicking on these links can take you to a different website than what the label claims.  Directly typing in the web address or using a favorite shortcut/bookmark is advised.
  • avoid entering your identifying information in a website unless it is using a secure connection.  Secure connections are identifiable by the "https://" (the "s" is for secure) at the beginning of the web address.  Look for "https://" rather than "http://".
  • avoid entering your identifying information if you are suspicious of a website, it is better to close it and contact the company directly.
  • avoid ignoring the web addresses of websites you're accessing with or that contain your identifying information.  A website may look aesthetically legitimate but may provide some clues to indicate it is not.  Some of the things to look for are misspellings and a different domain than what you are used to seeing.
  • avoid dismissing errors or warnings displayed by your web browser.


The creation and use of a fraudulent but legitimate looking/sounding e-mail, instant or text message, and telephone call with the intent to obtain identifying information and/or financial information for criminal purposes.  Below are some tips to prevent becoming a victim of phishing attempts:

  • avoid giving out identifying information to someone that e-mails, messages, or calls and states that you or your account has been victimized.  Your credit card company/bank may call if there is an unusual pattern on your account, however they usually only ask questions related to a particular transaction and they already have your account number and other identifying information.
  • avoid blindly trusting anyone who contacts you unexpectedly and asks for your identifying information.  This is suspicious activity.
  • avoid following links to web addresses sent to you in unsolicited messages.  Even if you feel the message is legitimate, go to the web address by directly typing it in or using a favorite shortcut/bookmark you have previously saved.
  • use anti-phishing features that may be availalbe in your e-mail client and/or web browser.  It could also be beneficial to use an e-mail SPAM filtering solution.

Report Fraudulent or Suspicious Activity

If you suspect that you have fallen victim to a social engineering attack and have diclosed information concerning your First Community Bank of Central Alabama account(s), please contact us immediately either by calling us at 334-567-0081 or visiting your local branch.