Thomas Scott Hired as AVP, Director of Customer Experience

Thomas Scott, AVP, Director of Customer Experience.Sawyer Savings Bank announced today that Thomas Scott has joined the Bank as Assistant Vice President, Director of Customer Experience. The newly created position underscores the Bank’s commitment to elevating the customer experience and positioning the bank for long-term growth and success.

“Mr. Scott will be responsible for streamlining and managing sales growth across multiple business lines, including branch banking and lending originations”, added James Whitaker, President, and CEO of Sawyer Savings Bank.   “I anticipate he will deliver an even deeper value to our internal and external customers as part of Sawyer’s ongoing work to remain a forever community bank.”

Scott brings over 12 years of experience invigorating and transforming the customer journey in residential and commercial lending, sales, and branch management. Scott started his career in banking as a branch manager and has since held a series of important roles including senior residential mortgage lender, loan officer, and mortgage consultant for high performing financial institutions. Scott will work directly with Sawyer Savings Bank’s leadership team to drive operational excellence and enhance the overall customer experience.

“Having grown up in Saugerties, I am thrilled to join my hometown’s community banking team that’s deeply dedicated to serving our local neighborhoods with genuine and sincere commitment”, said Scott.  “Throughout my career I have always been focused on elevating the customer experience and increasing satisfaction. Sawyer Savings Bank has a strong foundation of success and I’m excited to build upon that momentum as we continue with the bank’s commitment to putting the customer first.”

“We are thrilled to welcome Thomas Scott to Sawyer Savings Bank” said Jenn Gutheil Denier, SVP & COO. “Thomas is an extremely energetic and accomplished leader, who deeply understands all aspects of retail banking, and appreciates his local roots and our Hudson Valley market. He will be very valuable as he supports the continued execution of the Bank’s mission.”

Thomas graduated from Siena College with a degree in history and resides in Saugerties with his wife, Allie, and their four children. Mr. Scott enjoys spending time with his family, playing the drums & guitar, and working out at the gym. Scott has volunteered his time as the former VP of the Hyde Park Chamber of Commerce, prior Deacon of Family of Hope Church, RUPCO, and The United Way of Dutchess-Orange Counties.

Nicole Lowrey Promoted to AVP, Director of Bank Operations

Nicole Lowrey, Promotion Announcement to Director of Bank Operations
Nicole Lowrey

Sawyer Savings Bank is pleased to announce the promotion of Nicole Lowrey to Assistant Vice President, Director of Bank Operations. In this new role, Mrs. Lowrey will bring her experience in Finance, Lending and Deposit Operations to support the bank’s continued growth and success throughout all of Sawyer’s Delivery Channels.

With over 12 years of experience in the banking industry, most recently successfully serving as the Bank’s Lending Officer, Mrs. Lowrey has consistently demonstrated outstanding leadership in loan processing, compliance oversight, and customer service. She has successfully guided the loan servicing and lending originations team, ensuring the efficient management of the Bank’s existing loan portfolio as well as loan applications and approvals while delivering exceptional results. This promotion reflects her steadfast commitment to quality, innovation, and building strong client relationships.

“Nicole’s newly created role is a key part of our organizational changes as we embrace our commitment to be a Forever Community Bank,” said James Whitaker, President, and CEO of Sawyer Savings Bank. “This restructuring is a strategic move that will not only ensure greater operational compliance but also drive enhanced efficiency. I am confident that these changes will help us better serve our community and position the bank for long-term success.”

In her new role as AVP, Director of Bank Operations, Nicole will not only continue overseeing loan servicing, assess loan applications, conduct risk evaluations, and recommend credit decisions that align with the bank’s strategic goals, but will also now assume oversight for the back office activities of the Deposit Operations department. She will serve as a key resource for addressing questions, managing work allocation, and leading staff development and training initiatives.

“Nicole has demonstrated exemplary problem-solving, leadership and motivational skills throughout her successful tenure with Sawyer Savings Bank,” said Jenn Gutheil-Denier, S.V.P. & C.O.O. of Sawyer Savings Bank. “We believe Nicole is the perfect choice to lead bank wide operations. She brings significant value and perspective to our already-talented leadership team as we continue to strive for improvement and growth.”

“I am honored with this promotion,” said Lowrey. “I look forward to working with my colleagues to continue advancing our technological capabilities, improving operational efficiencies, and ensuring that we provide the best possible customer experience for our  customers, communities, and staff.”

Mrs. Lowrey is a very involved member of the community where she and her husband, Jon, are raising two children, Cierra and Bradley. She currently is a board member for the Saugerties Outlaws Youth Football league and an extremely active volunteer with her local volunteer fire department.

What is Social Engineering?

women using mobile phone but looks suspicious

Stop Social Engineering Scams! How To Safeguard Your Personal Information Online

With modern technology, we are more interconnected than ever before. While this offers immense opportunities for nearly instantaneous communication all over the world, it can also leave us open to social engineering scams.

These scams come in a variety of shapes and sizes, but their primary goal is to manipulate people into giving away personal information that can be used for fraudulent purposes, whether that’s identity theft or system access. Internet users of all ages should be aware of social engineering as scammers continue to become more sophisticated—and harder to spot!

You’ve probably already encountered one of these attempts. Maybe an email claimed you won a large sum of money, but you need to send in a small “processing fee.” Or a phone call that looks like it’s from an official number tells you there’s a problem with your account. These are both examples of social engineering.

Understanding Social Engineering Works

Unlike traditional hacking that takes advantage of security vulnerabilities, social engineering exploits human nature and emotions. By preying on fear, excitement, or urgency, scammers can trick you into giving up personal data.

Take that email, for example. The natural first response when someone says, “You’ve won!” is excitement. A calmer, second reaction would be to wonder, “Did I sign up for any contests?” Scammers are relying on that first burst of emotion to override your caution, which is the entire point of social engineering.

The Many Faces of Manipulation

Social engineering scams come in many forms, but they are all designed with one purpose in mind: to manipulate victims into actions that are against their best interests. Here are some the most common tactics to watch out for.

  • Phishing Scams

    Usually arriving in the form of emails, phishing communications may look like they come from legitimate sources, even using real (albeit stolen) logos and possibly even your real name. They’ll request sensitive information or direct you to fake websites that capture your data. They may also come with attachments that, when opened, download malware to your device.

  • Smishing Scams

    Smishing is short for “SMS phishing,” and uses similar tactics. These text messages usually give you a link to click or a phone number to call to “fix” a problem or claim a prize. The link may take you to a fake website or download malware, and the phone number is a direct line to a scammer who’s out for your information.

  • Vishing / Voice Phishing

    With vishing scams, you’ll get a call either from a recorded phone system or possibly a real person. The phone number may even look like it’s coming from someone you trust, like your financial institution or your local utilities. With the recent advances in AI, it’s even become possible for scammers to use recordings of a family member or friend (often from social media) to trick you into thinking they’re in trouble and need money.

  • Pretext Calls

    Often part of voice phishing, a scammer on a pretext call might pose as a technician, asking for access to your financial or personal information in order to “fix” a problem.

  • Imposter Scams

    In an imposter scam, the caller takes advantage of your trust in a person or entity, like a known charity, to solicit funds or information. These often become more frequent in the wake of a natural disaster or other event when people want to help out.

  • Baiting Attacks

    This sort of scam takes advantage of your curiosity, using something as “bait” to lure you in. For example, if you find a USB found on the ground, you might be tempted to plug it into your computer to see if you can discover who it belongs to or if there’s anything important on it. There likely is something on it—malware that will infect your computer.

  • Quid Pro Quo

    Like the Latin phrase it comes from, “quid pro quo” scams operates on the principle that you have to give something to get something. For example, if you give a tech support representative remote access to your computer, you’ll get your computer fixed. And while this works in theory, you’ll want to be very sure who it is on the other end of the line who you’ve just given access to.

    Employment scams are another example of quid pro quo. In order to apply for a job, you’re asked for important personal financial information like your Social Security number or bank account numbers. Legitimate jobs won’t ask for this information at the application stage.

Protecting Yourself from Social Engineering

While the sheer number of scams can feel overwhelming, there are some basic steps you can take to protect yourself and your personal information. In general, a little awareness and skepticism can go a long way toward keeping you safe. Here are some proactive strategies to defend yourself against social engineering scams.

  • Be cautious!

    Never give out personal information to anyone you don’t know and trust, regardless of how urgent or important they sound. Be especially wary if it’s an unsolicited phone call. Hang up, then call them back at a number you know is legitimate.

  • Verify, Verify, Verify!

    If you receive a call, email, or text message claiming to be from a legitimate source, don’t respond directly. Instead, type in the company’s website by hand to log in to your account or look up the company’s phone number and contact them directly.

  • Think before you click!

    Don’t click on links or attachments in emails or text messages unless you’re absolutely sure who sent it. For emails, you can click on the “From” field to see the source email. A long string of nonsense letters or otherwise questionable address is a dead giveaway. Report the email or text as junk and delete it immediately.

  • Be mindful of what you share online.

    Review your privacy settings on social media and limit the amount of personal information you share publicly. Scammers spend a great deal of time browsing social media and collecting information about you that they can use to try to trick you.

  • Educate yourself and your family!

    Empower your family—especially your teens and pre-teens—with knowledge. Talk to them about social engineering scams and how to stay safe online.

  • Keep your software and devices updated.

    Many updates include security patches that can help protect you from malware and other threats. Turn on automatic updates to help ensure your devices are up to date.

  • Report suspicious activity!

    If you do encounter a scam, report it to the Federal Trade Commission (FTC) at https://reportfraud.ftc.gov/. The more information they have, the better able they are to prosecute scammers and put them out of business for good.

Further Support and Resources

Recognizing and protecting against social engineering scams is an ongoing effort. By staying informed about the latest fraud tactics, you can be on guard against new threats as they arise. You can also check out these websites for more resources:

  • CISA (Cybersecurity & Infrastructure Security Agency) is the government agency in charge of cyber defense. Check out their website at https://www.cisa.gov/ for some great information on cybersecurity.
  • https://www.knowbe4.com/ is a great resource for knowledge and training on social engineering scams, especially if you happen to own a small business.

Building a Secure Online Presence

Just like you lock your doors and shred sensitive papers to protect yourself in the physical world, it’s important to protect yourself in the digital realm, too. Understanding the ways scammers use social engineering techniques can help you stay safe and reduce the chances that you’ll fall for a scam.

Stay vigilant, stay informed, and, most of all, stay safe so you can continue to enjoy the benefits of our connected world.

What is a Credit Freeze?

debit card freeze

Fraud Prevention Toolkit: Understanding Credit Freezes

In this digital era, identity theft has become a prevalent and insidious threat. It preys on the personal information in your credit report and creates significant financial and emotional risks to everyone, regardless of income.

Stealthy threats like identity theft have made personal credit monitoring crucially important to the average American, allowing you to quickly take steps to safeguard your financial information.

Today, there are many resources available to protect yourself from the damages caused by fraud or a stolen identity. Credit freezes stand out as a powerful tool to protect against the devastating consequences. While the idea of “freezing credit” may seem intimidating to some people, a credit freeze is something each person can implement on their own accounts when they think an account might have been compromised.

But what exactly is a credit freeze, and how does it work? Let’s take a closer look.

What is a Credit Freeze?

A credit freeze, also known as a security freeze, is a tool that allows you to restrict access to your credit report. Since lenders and other companies rely on the information in your credit report to grant loans or open new accounts, freezing your credit prevents any new activity.

To initiate a credit freeze, individuals must contact each of the three major credit bureaus – Equifax, Experian, and TransUnion – and provide the requisite personal information. While you can do this online, by phone, or by mail, utilizing the online option is generally recommended due to its convenience and time-saving advantages.

How a Credit Freeze Works

When you place a freeze on your credit report, it prevents someone obtaining credit or loans in your name. No lenders will be able to view your credit information, which makes it difficult for bad actors to open new accounts with your information.

When placing a credit freeze, you will either receive a unique PIN or be asked to set up an account that you can use to lift the freeze when you need to apply for credit or open a new account. Your PIN or account password is essential, as it is the only way to lift the freeze and allow access to your credit report.

Without this PIN or password, fraudsters will have a difficult time opening new accounts in your name.

Benefits of a Credit Freeze in Protecting Personal and Financial Information

Credit freezes provide a robust layer of protection against identity theft by preventing unauthorized access to credit reports. With a credit freeze in place, fraudsters are effectively barred from obtaining credit or loans in an individual’s name, significantly reducing the risk of financial losses and reputational damage. This helps minimize the financial impact of identity theft by limiting the potential damage caused by fraudulent transactions.

Temporary Lifting or Complete Removal of a Credit Freeze

Credit freezes can be temporarily lifted or completely removed when an individual needs to apply for loans, credit cards, or utility services. This flexibility ensures that legitimate credit applications are not hampered by the freeze. Understanding when and how to lift or remove the freeze is crucial to avoid potential issues with credit applications.

If you need to apply for credit or open a new account, you will need to lift the credit freeze temporarily. Here’s how you can do it:

Contact the Credit Bureaus

As with the implementation of the credit freeze, you will need to contact each credit bureau and provide your PIN or password to lift the freeze.

Specify the Timeframe

You can specify the timeframe for the lift, such as a specific date or a specific number of days. You’ll need to allow some time for the freeze to be lifted, so plan ahead if you know you’re going to be applying for credit or opening a new account.

Limitations of a Credit Freeze

While credit freezes offer substantial protection against identity theft related to credit checks, they do not safeguard against other types of fraud that do not require credit checks. Tax fraud, for instance, remains a potential threat even with a credit freeze in place. Moreover, credit freezes do not restrict the use of existing credit or bank cards, so stay vigilant and continue to monitor your financial accounts.

Alternatives to a Credit Freeze

While a credit freeze is an effective tool for fraud prevention, it may not be the best choice for everyone. There are other alternatives to consider when trying to protect against identity theft.

  • Fraud alerts can be placed on credit reports to notify lenders of potential fraudulent activity.
  • Credit monitoring services can also be utilized to track changes to credit reports and receive alerts of suspicious activity.
  • Credit locks, while similar to credit freezes, offer more granular control over which entities can access credit reports.

Choosing the most appropriate identity theft prevention measures depends on your own individual circumstances and risk tolerance, so be sure to do your research.

Don’t Get Left Out in the Cold

Credit freezes are a powerful tool in the fight against identity theft, preventing unauthorized access to credit reports and mitigating the risk of fraudulent credit applications. By understanding how they work, the benefits, and the limitations of credit freezes, you can make informed decisions about incorporating them into your identity theft prevention strategies.

Remember that credit freezes are not foolproof and should be used with other protective measures such as fraud alerts, credit monitoring services, and smart financial management practices. By adopting a comprehensive approach, you can help safeguard your personal and financial information and stay safe from identity theft.

Protect Yourself from Check Fraud

man depositing check with mobile phone

A Guide to Check Fraud Prevention

When was the last time you looked closely at a check? Think for a moment about all the information it contains: your full name, your address, your routing number, your bank account number, and your signature. Now, imagine all that information falling into the hands of a thief.

This isn’t paranoia – it’s the reality of check fraud. Paper checks, while convenient, are vulnerable to theft and alteration, making them a prime target for fraudsters.

Check fraud is more common than you might think and can leave you (or your business) with significant financial loss and headaches. Check fraud is a widespread problem affecting hundreds of thousands of people every year, with losses in the millions.

We often don’t consider the vulnerability of a simple paper check, but in the wrong hands, it can lead to counterfeit schemes, forged signatures, and worse. A stolen check can not only drain your bank account, but also expose your personal information, leading to identity theft.

Read on to arm yourself with the knowledge to safeguard your checks—and your identity.

The Dangers of Mailing Your Checks

Even in our digital world, the humble paper check remains a staple of personal and business transactions. But this means of transferring funds comes with significant risks, especially given the advances in fraudulent techniques.

Unsecured mailboxes are easy targets for thieves to steal your check. A paper check can be “washed” and rendered blank, an alteration made, and the payee modified without your knowledge. Checks can be snatched and quickly altered using simple chemicals and cashed in by someone entirely different than the intended recipient. However, there are several ways to protect yourself from fraud.

Understanding the Types of Check Fraud

Fraudsters have various ploys when it comes to checks. They may set up counterfeit check scams, forge signatures, alter checks to change payee names or amounts, or, most alarmingly, take over your entire bank account. These frauds aren’t just financial crimes; they often lead to headaches like liability disputes and damaged credit.

Here are some common types to be aware of:

  • Counterfeit Checks: Fraudsters create fake checks that resemble legitimate ones.
  • Forged Signatures: Thieves steal your check and forge your signature to cash it.
  • Alterations (Washing): Criminals use chemicals to remove the original payee and amount information on a check, then rewrite it with their own details.
  • Account Takeover: Hackers gain access to your bank account information to write and cash fraudulent checks electronically.

The Best Defense is a Good Offense

It’s essential to be cautious in your financial dealings, especially those involving checks. With check fraud, prevention is key. There are simple, proactive measures you can take to protect yourself or your business from these financial landmines.

Pen Power and Secure Writing

It may sound like something out of a spy movie, but the type of pen you use to write checks matters. Opt for black gel pens for enhanced protection. The type of pigments used in gel pens seep into the fibers of the check, making it much harder to “wash.”

Ensuring Safe Mailing and Monitoring

Deposit checks as close to mail collection times as possible, or better yet, directly at the post office, to minimize the window of opportunity for theft. By timing your check deposits to coincide with mail collection times and regularly checking bank statements, you can drastically reduce the chances of fraudsters getting hold of your checks.

Record Keeping and Fast Action

Maintain a record of all issued checks (payee, amount, date), and closely monitor your bank statements or online banking activity for cleared checks. Look for discrepancies and utilize check images when available to verify payee information hasn’t been altered.

If you suspect check fraud, contact us immediately to report the incident and take steps to secure your account.

Make the Switch to Electronic Payments

Whenever possible, skip the check entirely and make an electronic payment. Many businesses offer online bill payment options, and for sending money to friends and family, consider a peer-to-peer (P2P) payment service. Online bill payments and electronic transfers offer a high level of security, significantly reducing the risk of fraud that comes with paper checks.

Stop Fraud with Safer Strategies in Your Financial Security

Implementing these practices is relatively simple and can save you a significant amount of money and stress. Take control of your financial security by being vigilant and purposeful in the way you handle paper checks.

There are additional steps you can take, in business and at home, to minimize the risk of check fraud even when you aren’t actively writing paper checks.

  • Be Wary of Personal Information Sharing: Don’t readily share your bank account details or write checks to unknown parties.
  • Monitor Your Statements: Regularly review your bank statements (online or paper) to identify any discrepancies or unauthorized transactions.
  • Beware of Unsolicited Checks: Be cautious of offers to receive unsolicited checks, especially if they require you to send money back. These could be scams.
  • Dual Control for Businesses: Businesses and freelancers should implement dual control procedures for check writing, requiring two authorized signatures before issuing a check.
  • Regular Audits: Conduct regular internal audits to identify potential vulnerabilities in your check-writing process.
  • Invest in Security: Consider using secure check printing technologies that make checks more difficult to alter.

Don’t Let Your Rent Check Become Someone Else’s Payday

Remember, while checks are a useful method of payment, they aren’t without risks. Combining electronic payment options with the safety measures outlined above can significantly reduce the risk of check fraud.

To recap, that means:

  • prioritize electronic payments whenever possible,
  • use gel pens when writing checks,
  • be mindful of mailing times,
  • and diligently monitor your bank statements.

Taking these steps empowers you to protect your hard-earned money and safeguard yourself from the growing threat of check fraud. It’s an investment in peace of mind that is well worth the effort.

What is Multifactor Authentication?

hand with mobile phone and doing a Multi Factor Authentification

Understanding Today’s MFA Security Methods

In today’s digital age, online security is more important than ever. Cyberattacks and data breaches are increasingly common, making Multi-Factor Authentication (MFA) a crucial shield against unauthorized access. But what exactly is MFA, and how does it enhance online security?

The Importance of Multi-Factor Authentication

With the rise of cyber-attacks and data breaches, it’s no longer enough to rely on just a password for protection. Passwords can be hacked or even accurately guessed by a savvy intruder with the right information. A second or third factor in the process can’t be easily obtained by an unauthorized person. Each added authentication step provides more opportunities to block intruders.

What is MFA?

Multi-Factor Authentication, or MFA, is a security process that goes beyond simple passwords. The definition of MFA security is any protection that requires two or more verification methods before granting access. MFA is useful because it adds extra systems of security, making it difficult for hackers and unauthorized users to access your account.

Imagine needing not just a key, but also a fingerprint scan to enter your home. That second step, the fingerprint scan, is an added authentication factor. It layers your defenses, making it harder for hackers to breach your accounts.

Where You Find MFA

MFA authentication is used in a variety of industries and applications to enhance online security. Some MFA examples include:

  • Banking: MFA in banking is leveraged to authenticate users and protect sensitive financial information.
  • Healthcare: Patient records are secured with MFA, ensuring only authorized personnel can access them.
  • Government: Classified information and government systems are shielded by MFA, safeguarding national security.
  • E-commerce: Online shopping platforms use MFA to protect customer data and prevent fraudulent transactions.

By implementing MFA across different industries, organizations can significantly enhance online security and protect sensitive information from unauthorized access.

How Does MFA Work?

MFA typically employs a combination of three factors:

  • Something you know: A password or PIN that is unique to every user.
  • Something you have: A physical device like a smartphone or security token.
  • Something you are: Biometric data like fingerprints or facial recognition.

When logging into an account or system with MFA enabled, the user will first enter their password or PIN. Then, the user will be prompted to provide the second factor, such as a code sent to their phone or a fingerprint scan. Without the extra level of authentication, they won’t be able to access the account. If a hacker obtained a user’s password, they would still have a hard time bypassing the second lock.

Types of MFA Security

MFA security consists of several parts, requiring different actions from an end user at each step. There are several types of MFA, each with its own unique method of authentication.

Examples of MFA protection include:

  • SMS-Based: A one-time code sent to your phone via text message.
  • Email-Based: A one-time code sent to your email address.
  • App-Based: A temporary code is generated through mobile apps like Google Authenticator.
  • Hardware Token: Security tokens or smart cards that generate unique passcodes.
  • Biometric: Fingerprint or facial recognition for verification.

A website or app can provide more robust protection to online accounts and systems by combining these MFA methods. Additional options include challenge questions, one-time passcodes, and different devices for verification.

Challenge Questions

Challenge questions require users to answer specific questions before accessing their accounts. These questions are typically personal and can only be answered by the account owner.

One-time Passcodes

One-time passcodes are generated separately by a different process. The codes are then sent to the user’s smartphone or email, as the second authentication step. They are unique and can only be used once, making it difficult for hackers to gain unauthorized access.

Using Different Devices

Different devices may be involved in verifying account information in MFA security. Each device, individually, requires their own forms of authentication before a user is allowed access. A thief would need to steal multiple devices to gain access to one account. The average account holder may find the extra steps annoying, but the process would be more frustrating for the thief.

Additional Steps to Protect your Account Information

There are several other important methods to protect your information and enhance online security.

  • Always use strong passwords that are unique and not easily guessable. A strong password should include a combination of uppercase and lowercase letters, numbers, and special characters.
  • Be on the lookout for Phishing Scams. If an email, text message, or phone call seems suspicious, don’t give out any personal information. Never click on internet links from unknown sources.
  • Make sure to add all available security options provided by the platforms or services you use. This may include enabling two-factor authentication, using biometric authentication methods, or setting up security questions.
  • It is crucial to protect the devices you carry or use in public places. Set up a strong password or PIN and change it regularly. You should also enable device encryption and regularly update your device’s software and security patches.
  • Always sign out of your accounts and devices when you are finished using them. This is especially important when using public computers or shared devices. This helps prevent unauthorized access to your accounts and ensures that your personal information is still secure.

By implementing these additional security measures, you can significantly enhance the protection of your personal information and sensitive data online.

Protect Your Online Security at Work and at Home

MFA is a vital tool for safeguarding your digital life. By requiring multiple verification steps, it significantly enhances online security. MFA is crucial for protecting your personal information and ensuring peace of mind in the digital world.

Protecting Your Digital Presence: How to Prevent Online Account Takeovers

hands on laptop with security badge overlay

When was the last time you thought about how many accounts you have online? Between digital banking, online shopping, and your various social media accounts, it’s probably a lot. Have you ever thought about what would happen if someone gained access to your accounts?

Online account takeovers are one of the fastest-growing threats in the digital landscape. Read on to learn how online account takeovers happen, their impact, and actionable steps to keep your accounts safe.

How Online Account Takeovers Happen

An account takeover involves cybercriminals gaining unauthorized access to your online accounts. Once inside, they can steal sensitive data, make unauthorized purchases, or use your account for phishing scams. They can gain access to your accounts using a variety of methods.

  • Credential Stuffing

    Oftentimes attackers obtain large numbers of usernames and passwords from data breaches. They then use automated tools to “stuff” these credentials into as many different sites as possible. The success of these attacks is a result of reusing usernames and passwords across accounts.

  • Phishing Attacks

    Phishing schemes trick users into sharing sensitive information like usernames and passwords. These attacks often involve fake emails or websites that look convincingly real, tricking victims into revealing their credentials.

  • Malware

    Malicious software can infect devices and steal personal information, including login credentials. This can be downloaded by clicking on links or files in emails, or by visiting unsafe sites. They then use techniques like keystroke logging to steal your credentials.

  • Exploiting App Vulnerabilities

    Outdated or poorly coded apps can have security flaws that allow hackers to bypass protections and gain unauthorized access to accounts.

The Impact of Account Takeovers for Consumers

Online account takeovers can have serious consequences. Some of the potential impacts are long lasting and hard to fix once the damage has been done.

  • Financial Loss

    Depending on what accounts the hackers gain access to, the financial damage can be severe. If it’s a shopping site, they may use the stolen accounts to make unauthorized purchases using your financial information. This is one of the reasons it’s always a good idea to use credit cards for online purchases, as most come with some sort of fraud protection.

    If the attackers gain access to your banking information, the damage can be even more severe, and much more difficult to recover from.

  • Identity Theft

    Sensitive personal information, such as social security numbers and addresses, can be compromised.   This can lead to further financial loss, damaged credit, and long-lasting financial impact for you.

Preventing Online Account Takeovers

While the consequences of online account takeovers can be severe, the good news is that there are steps you can take to protect your accounts.

  • Use Strong, Unique Passwords

    You’ve probably heard it dozens of times, but that’s because it’s the first, best line of defense when protecting your accounts. Create strong passwords, and don’t repeat them across your accounts.

    Here are a few other tips to help you:

    • Create complex passwords that incorporate upper and lowercase letters, numbers, and special symbols.
    • Use a password manager to track and generate secure login credentials.
    • Avoid common phrases, predictable patterns, and reusing passwords across different sites.   Some of the most common (and easily guessable) passwords include variations on 1234, qwerty, P@ssw0rd, or other similar overused options.
  • Enable Multifactor Authentication (MFA)

    Whenever possible, enable multifactor authentication. With MFA, even if someone steals your password, they’ll need a secondary authentication factor—like a text message or app-generated code—to access your account, making it much more difficult to gain unauthorized access.

  • Beware of Phishing Attempts

    Be cautious of emails, messages, or phone calls that ask for personal information or want you to click a link or download a file. If you get a message that claims there’s a problem with one of your accounts, type in the address to visit the site and log in from there or call the service number listed on their site.

  • Use Secure Wi-Fi Networks

    The security of your Wi-Fi plays an important role in protecting your accounts. While public Wi-Fi networks are convenient, they often lack robust security measures and can be easily targeted by hackers. For sensitive activities like accessing online accounts, avoid using public Wi-Fi unless you are connecting through a Virtual Private Network (VPN) that encrypts your data. Alternatively, use your mobile data network, as cellular providers encrypt your data and provide a safer connection than an unsecured network.

  • Set Up Alerts

    Many online accounts offer alerts to notify you of unexpected or suspicious activity. Both mobile and online banking offer a variety of alerts to let you know about things like password or contact information changes, or a sign-on from a new device.

  • Keep Software Updated

    Keep your software and operating systems, including mobile devices and apps, up to date to address security vulnerabilities. You can simplify this process by turning on automatic updates whenever possible.

  • Monitor Account Activity

    Regularly review your accounts for any unusual or suspicious activity. Many apps will give you an option to view which locations/devices are signed into your account. Check these lists on a regular basis to look for suspicious activity.

  • Use Security Software

    Install and use reputable antivirus and anti-malware software. You can also add anti-phishing software to protect your browser and email.

What to Do After an Online Account Takeover

Account takeovers can be scary, but by moving quickly to counter the damage, you can limit the impact – and hopefully prevent it from happening again.

  • Recognize the Signs of an Account Takeover

    Look out for signs such as unfamiliar login notifications, unexpected password changes, missing funds, or unauthorized purchases.

  • Act Quickly

    As soon as you realize your account has been compromised, take immediate action to regain control. The longer you wait, the more damage the fraudster can potentially do.

  • Notify the Account Provider

    Contact the provider of the compromised account, whether it’s a bank, email service, social media platform, or other online service. Use the provider’s official contact information, not any contact details provided by the fraudster.

  • Change Your Passwords

    If possible, change the password for the compromised account immediately. If you reused that password anywhere else, change it for those accounts as well (just remember to use a different strong password!).

  • Enable Two-Factor Authentication (2FA)

    If you haven’t already enabled two-factor authentication for the affected account, do so immediately.

  • Check for Unauthorized Activity

    Review your account activity and transaction history to identify any unauthorized transactions or changes made by the fraudster. Report any suspicious activity to the account provider immediately.

  • Secure Your Devices

    If the account takeover occurred due to malware or a security vulnerability on your device, scan your computer, smartphone, or other devices for malware and take steps to secure them. Update your operating system, antivirus software, and other security programs to the latest versions.

    You should also check the account’s list of authorized devices, if available, and revoke access to all other devices. If you share your account between devices or family members, you can always go back later and re-add them where necessary once your account has been secured.

  • Monitor Your Accounts

    Keep a close eye on all of your financial and online accounts for any further signs of unauthorized activity. Regularly review your account statements and set up alerts for unusual transactions or changes.

  • Report the Incident

    If the account takeover involved financial fraud or identity theft, report the incident to the relevant authorities, such as your local law enforcement agency or the Federal Trade Commission (FTC) at www.identitytheft.gov. Provide as much detail as possible about the fraudster’s activities and any losses you’ve incurred.

  • Alert Your Contacts

    If the fraudster used your compromised account to send phishing emails or messages to your contacts, alert them about the situation. Advise them not to interact with any suspicious communications purportedly from you and to be cautious of similar scams.

  • Educate Yourself

    Take this opportunity to educate yourself about common tactics used by fraudsters to take over accounts and how to protect yourself from future attacks. Stay informed about the latest cybersecurity threats and best practices for securing your accounts and personal information.

Safeguard Your Future with Knowledge

Account takeovers can happen to anyone, but with a little preparation and vigilance, you can protect your accounts—and minimize the damage if you ever become a victim. Strong passwords, two-factor authentication, and account alerts are simple ways to boost your account security.

Online safety isn’t a one-time event; it’s an ongoing process. Make account monitoring and security improvements a regular part of your digital habits.

Take the first step toward better protection today—your accounts (and your peace of mind) will thank you.

Text Scams are on the rise!

Staying vigilant and informed is the best way to protect yourself.

Scammers continue to exploit commonly used communication channels to target victims. They pose as trusted entities, individuals, or businesses to deceive unsuspecting victims. These fraudsters impersonate government officials, pose as family members in danger, and even pretend to be bank or credit union employees.

Common Texts Sent by Fraudsters

A recently emerging scam involves initiating contact through text messages, where the fraudsters pretend to be representatives from a bank or credit union’s fraud department. The messages will usually cite suspicious or concerning activity and may resemble the following:

 

These text messages are often crafted to manipulate the recipient into taking a specific action, such as confirming a transaction or clicking on a malicious link. The goal is to engage the victim and convince them to follow fraudulent instructions.

If a phone call is answered, scammers will impersonate bank personnel, claiming to be from the “fraud or security department.” They will appear as if they are there to help but, in truth, their intentions are to obtain access to online banking accounts. They do this by seeking login details, such as usernames and passwords, gathering personal identification data and account numbers, or persuading victims to make payments to rectify an alleged “issue.”

Be prudent when answering a call from an unknown entity, person, or company, especially following a suspicious text message. If you are asked for any of the following information, STOP and hang up.

Sawyer Savings Staff will never ask for the following:

  • Digital Banking remote access
  • Username for Digital Banking
  • Password for Digital Banking
  • Social Security Numbers (in entirety)
  • One-time passcodes
  • To download any app or software so that you can share your screen
  • Debit or Credit Card PIN numbers
  • Full Debit or Credit Card numbers
  • Mother’s maiden name, street you grew up on, or any other security related questions and answers

 

Tips to Prevent Text Scams

Fraudsters convince people to provide these sensitive pieces of information under the guise of helping to solve the issue or concern. The following tips can help you avoid becoming a victim of a Text Scam:

    • Always be wary of any caller, even if you recognize the Caller ID. Exercise sound judgment when receiving and responding to text messages, even if you believe you recognize the Sender ID. Fraudsters can spoof bank and financial institution contact numbers to appear legitimate. If you think it is your bank calling, find contact information through the bank’s legitimate website. For Sawyer Savings Bank, contact information is found at Contact Us:
  • Do not click on links in text messages or emails. Instead, visit the financial institution’s website or log in to your Digital Banking through the application on your cellphone. Exercise caution when you receive a text message with a link, even from known contacts. If a link in a text directs you to enter your personal identifying information (e.g. Digital Banking User ID/Password, Social Security Number), do not enter. Instead, go to a known location (e.g. your financial institution’s App or Website) to complete any intended tasks.
  • Financial institutions will never pressure you into taking immediate action. Stop, take a minute, and think through what is being asked of you. Exercise caution and restraint when a text message is directing you to take immediate action on an “urgent” matter. Your financial institution will never act in a manner that creates a sense of immediacy or urgency and will always allow you the time and information needed to make informed decisions.
  • Never provide any verification codes verbally over the phone. This is a tactic used by fraudsters so they can gain access to your account. Verification codes should only ever be entered manually on the website to confirm your identity.
  • Never use the phone number provided in the text message or email to call. Refer to the contact information on your financial institution’s website, your bank/ monthly statement, or debit or credit card when initiating communications to your financial institution.

 

Learn to block and report unwanted texts:

How To Block Unwanted Calls | Consumer Advice (ftc.gov)

How to Recognize and Report Spam Text Messages | Consumer Advice (ftc.gov)

Sawyer Savings Bank Welcomes New Branch Manager to Saugerties

Branch Manager Katelyn Cady
Katelyn Cady, Saugerties Branch Manager

Sawyer Savings Bank is pleased to announce that Katelyn Cady has joined the Bank as Branch Manager at the Saugerties Branch location. Katelyn brings over 10 years of experience in the field of retail banking and deposit operations to her new position.

As Branch Manager, Ms. Cady is responsible for overseeing all aspects of the day-to-day operations, business development, employee growth and development, and community involvement through active participation in various civic and service club organizations.

“I am excited to take on this role as Branch Manager and look forward to leveraging my banking experience to further strengthen community connections and leading an enthusiastic team that continues to provide exceptional customer service to the Hudson Valley,” said Cady.

“We are excited about the talent and knowledge Katelyn brings to the Sawyer Savings Bank team as Branch Manager for our Saugerties location.” said Sawyer Savings Bank COO Jennifer Gutheil-Denier. “She brings a wealth of experience in banking and a passion for community involvement which ensures she will have a positive impact in shaping the growth of our branch.”

Cady holds a Bachelor’s degree in Business Management from the State University of New York at New Paltz, and is a 2023 graduate of Ulster Chamber Foundations Leadership Ulster. A native of Hyde Park, Katelyn enjoys collecting baseball cards, drone photography, and videography in her spare time.

Jennifer Gutheil-Denier, CFMP Promoted to SVP and Chief Operating Officer.

Jennifer Gutheil-Denier, Senior Vice President, Chief Marketing Officer, and Customer Experience Officer
Jennifer Gutheil-Denier, Senior Vice President, Chief Operations Officer

Sawyer Savings Bank is pleased to announce the promotion of Jennifer Gutheil-Denier, CFMP to Senior Vice President and Chief Operating Officer (COO). In her new role Ms. Gutheil-Denier will continue to oversee bank wide Customer Experience, Deposit Retail Branch Operations, Loan Servicing and Marketing, while now also leading the Commercial and Residential Lending departments.

“I am grateful for the confidence Mr. Whitaker and the board have placed in me,” said Gutheil-Denier. “I look forward to advancing the Bank’s growth strategy while providing operational support to both our employees and customers. My experience in the financial service industry over more than two decades, combined with my tenure at Sawyer, provides a solid foundation to drive both customer and community engagement to foster long-term growth.  Plans to evaluate our current procedures and implement new systems and metrics for future success are already underway”

Jenn will continue to report to James Whitaker, President and CEO of Sawyer Savings Bank, and will be responsible for managing a comprehensive range of financial products and services. She will play a key role in directing bank operations, aiding the Bank’s mission and achieve its long-term objective of sustaining independence as a Mutual Savings Bank.

“Jenn has consistently translated our vision for increased reach, impact, and community leadership into meaningful and measurable actions,” said James Whitaker. “I firmly believe that she will continue to impress me and the board with her ability to identify and manage operational risks, ensuring excellence in the service we provide to our customers and continued success for our Bank.”

Jenn Gutheil-Denier is a graduate of Saugerties High School, SUNY Ulster, Ulster Leadership Development Institute (ULDI Leadership Ulster), and the American Bankers Association (ABA) School of Bank Marketing and Management earning a CFMP designation. An active member of the community, Jenn has previously been involved with local not for profits organizations such as Junior League of Kingston, the Saugerties Chamber of Commerce, Grant D Morse PTA, Saugerties Jr/Sr High School PTSA as well as other Saugerties Central School District community committees. She currently serves as a board member for The Ulster County Regional Chamber of Commerce, beginning as Treasurer in January, a member of Saugerties American Legion Ladies Auxiliary, Ulster County Italian American Foundation and the committee for the Dutchess/Ulster County Walk to End Alzheimer’s.

Ms. Gutheil-Denier resides in Saugerties with her husband Anthony and children Anthony and Mia. In her free time, Jenn enjoys attending her children’s high school and college sporting events, hosting family gatherings and gardening.