Tips from the bank's top cybersecurity officer to avoid online threats

Tim Held, chief information security officer for U.S. Bank, shares simple and effective ways to protect yourself from scams

Tackling cybercrime requires everyone in the public and private sector working together, which is why the president of the United States has declared October as Cybersecurity Awareness Month for the past 21 years. U.S. Bank prioritizes this campaign each year, sharing educational tools and resources to help consumers build their digital defense against cyberthreats.

Earlier this year, the Federal Trade Commission released data showing that consumers reported losing more than $10 billion to fraud and scams in 2023. 

We recently sat down with Tim Held, chief information security officer for U.S. Bank, to ask him how the bank stays on top of the latest tactics used by cybercriminals and what consumers need to know to avoid becoming a victim.

What are the best ways for consumers to spot a scam?

Cybercriminals use phishing to get information like your passwords or credit card number. It’s their most popular tool, and 96 percent of phishing attempts are email scams. The email is disguised to look and sound like it’s from a legitimate source, including financial institutions and other places where you might have accounts. Email scams try to bait you with common tactics like creating a sense of urgency or offering big prizes.

How can consumers avoid taking the bait?

Statistically, seven out of 10 people will take phishing bait, so it’s important to stay suspicious.  Avoid rushed replies - “hurrying” is the number one way to let cybercriminals in the door. Always check email addresses for inconsistencies and avoid clicking on any links or attachments if you’re not sure a message is legitimate. And remember, if it seems too good to be true, it probably is.

It’s good practice to contact a company’s customer service department if you suspect a scam. If you receive something from U.S. Bank that looks suspicious, you can call our Fraud Liaison Center at 877-595-6256.

Cyberthreats aren’t going away anytime soon - what’s the best way to defend against them?

U.S. Bank clients should visit our Security Center to review features they’ve activated on their accounts and check out other ways they can boost their security.

Generally, the most important things anyone can do are to regularly update passwords, enable multi-factor authentication and know how to recognize and report phishing attempts.

How is U.S. Bank protecting client information?

Our clients’ privacy and security are a top priority. We’re consistently monitoring and preparing for emerging and future threats through intelligence gathering, training and detection activities. That’s essential because cybercrime is becoming more sophisticated due to rapidly evolving technology, and what banks knew yesterday won’t necessarily make them safe today.

We closely follow federal regulations and have robust policies and procedures in place to ensure we handle personal and confidential information with the utmost care. Sometimes it may seem like an inconvenience – like taking extra steps to safely send cardholder data instead of simply including it in an email – but these are industry-leading procedures that are in place to protect you and your data.

Read more about ways to keep your money and identity safe.