• Recent Fraud Alerts
• 5 Tips to Stay Safe on Public Wi-Fi
• Calculate your Online Identity Risk Score
• OnGuard Online Web Site Provides Valuable Online Security Info 
• Social Engineering - Phishing, Vishing and Smishing!!!
• FBI Fraud Alert - Don't Get Scammed!
• Identity Theft -- What Is It and What to Do 
• Protect Yourself and Your Computer
• Government Agency Links
• Visit the Business Fraud Education Center
   

---

Recent Fraud Alerts

Please be alert for scammers trying to take advantage of the recent Boston Marathon bombing in an effort to get you to send them your money. There has been a significant increase in the number of bogus emails and websites that are soliciting donations. Please remember the following:

1)      If you receive an email that you did not ask for and\or are not expecting, think twice before opening any attachment or clicking on any link contained within the email.

2)      Prior to making any type of donation, verify the validity of the organization to which you are donating.

 

Please see important news from the Federal Trade Commission on Mystery Shopper Scams.

How to Guard Against Internet Thieves and Electronic Scams

New Internet Scam Warning from FBI – ‘Ransomware’ Locks Computers, Demands Payment

OCC Issues Alert on Fraudulent Correspondence

---

5 Tips to Stay Safe on Public Wi-Fi

Check out this great article by Kim Komando that appeared in USA Today. These are great tips to follow to protect yourself while accessing public Wi-Fi.

Read the article 5 Tips to Stay Safe on Public Wi-Fi

 

---

Calculate your Online Identity Risk Score

This tool is sponsored by StaySafeOnline.org from the National Cyber Security Alliance.  It gives insight into understanding your current level of exposure to online identity theft, as well as helpful preventive tips.

http://www.emc.com/fraudgame

 

---

OnGuard Online Web Site Provides Valuable Online Security Info

OnGuardOnline.gov is the federal government’s website to help you be safe, secure and responsible online.

The Federal Trade Commission manages OnGuardOnline.gov, in partnership with the federal agencies listed below. OnGuardOnline.gov is a partner in the Stop Think Connect campaign, led by the Department of Homeland Security, and part of the National Initiative for Cybersecurity Education, led by the National Institute of Standards and Technology.

Click the following link to access OnGuard Online: OnGuardOnline.gov.

 

---

Social Engineering - Phishing, Vishing and Smishing!!!

Social Engineering

Social Engineering is the act of manipulating people into performing actions or divulging confidential information. The term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim.

Types of Social Engineering

“Phishing” is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication or email. 
Example Scenario:
1. A criminal will send email messages to a list of email addresses stolen from a financial institution. 
2. The email messages alert the consumer that their credit card has had fraudulent activity or that their bank account has had unusual activity. 
3. The email message instructs the victims to call a phone number or click on a link to visit a website where their personal information is requested. 
4. Once the victim calls the phone number in the text message or visits the website and provides the information requested, the “Phisher” has the information necessary to make fraudulent use of the card or access the account.

“Vishing” is a combination of Voice and phISHING. Vishing is the criminal practice of using social engineering over the public telephone system. 
Example Scenario: 
1. A criminal will call a list of phone numbers stolen from a financial institution. 
2. When the victim answers the phone, an automated message is played to alert the consumer that their credit card has had fraudulent activity or that their bank account has had unusual activity. 
3. The automated message instructs the victim to “call the following phone number immediately”. The same phone number is often shown in the spoofed caller ID and given the same name as the financial company they are pretending to represent. 
4. When the victim calls the number provided, it is answered by automated instructions to enter their credit card number or bank account number on the key pad. 
5. Once the victim enters their credit card number or bank account number, the “Visher” has the information necessary to make fraudulent use of the card or to access the account.

“Smishing” is a combination of SMS and phISHING. SMS (Short Message Service) is the technological protocol used for sending and receiving text messages on cell phones. Smishing is the criminal practice of using social engineering over the cellular phone system. 
Example Scenario: 
1. A criminal will send text messages to a list of cellular phone numbers stolen from a financial institution. 
2. The text messages alert the consumer that their credit card has had fraudulent activity or that their bank account has had unusual activity. 
3. The text message instructs the victims to call a phone number or visit a website where their personal information is requested. 
4. Once the victim calls the phone number in the text message or visits the website and provides the information requested, the “Smisher” has the information necessary to make fraudulent use of the card or access the account.

PROTECT YOURSELF against Social Engineering, malware, viruses, etc…

• Be skeptical of suspicious e-mail, text messages, unfamiliar sites and links and any unprompted requests for personal information.
• Protect your personal information. Keep your user names and passwords secret and be skeptical of any requests for personal information.
• Always look for "https://" in the address of any site where you enter personal information; this indicates a secure connection.
• Do not click on links contained within e-mails. Open a new browser window and type the address yourself.
• Do not reply to phishing, smishing or vishing attempts. Never reply to phone calls, e-mail, or text messages asking for personal or financial information unless you can confirm the requestors identity.
• Keep security software (antivirus, anti-malware) up-to-date and keep firewall settings active.

Click on the following link for more detailed information on phishing scams and how to protect yourself.

• American Bankers Association – Don't Get Phished

 

---

FBI Fraud Alert - Don't Get Scammed!

Cash Advance Scams Are Increasing. You Could Be Involved In A Fraud Or About To Be Scammed!

• • Mystery Shopper Scams: Paying a fee to be a “Mystery Shopper”
  • Lottery Winning Scams: Paying Fees or Taxes to receive winnings
  • Agent Scams: Paying Commission for facilitating Items
  • Inheritance Scams: "A Long Lost Family Member Has Died"
  • Have you been instructed to either "Wire", "Send by Western Union", or "Ship" money, as soon as possible, to a foreign country, such as Canada, England, Nigeria or to a different area of the United States?

There are different variations on the types of frauds listed above. Please take the time to ask bank employees for assistance before depositing or cashing any checks that may be suspicious!

You are responsible for any checks you cash or deposit! Amount of items returned will be charged against your account!

For more information visit www.fakechecks.org.

 

---

Identity Theft -- What Is It and What to Do

Identity theft and account fraud are making big headlines. How can someone steal your identity? Identity theft occurs when someone uses your personal information such as your name, Social Security Number, credit card number, account number, or other identifying information, without your permission to commit fraud or other crimes.

Identity theft is a serious crime. People whose identities have been stolen can spend months or years - and their hard-earned money - cleaning up the mess thieves have made of their good name and credit record. In the meantime, victims may lose job opportunities, be refused loans, education, housing or cars, or even get arrested for crimes they didn't commit.

Your bank works hard every day to ward off these threats. Security is paramount in gathering personal data, as well as tracking transactions. There is a great deal of emphasis and specialization on things like encryption of information and strict authentication practices, but maximum security is possible only with your help.

Educating yourself on how to protect against privacy invasions is critical. Once you understand what information should be protected and what to do in case that information is compromised, you'll feel much more secure.

Here are some things you can do to prevent these crimes from happening and protect your assets and your good name:

• • Don't give out financial information such as checking and credit card numbers and especially your Social Security number over the phone unless you initiated the call and know the person or organization you're dealing with.
  • Report lost or stolen checks immediately. Also, review new deliveries of checks to make sure none has been lost in transit.
  • Do not carry all your credit cards, your Social Security card, passport, etc in your wallet or purse at all times. Carry these only when need them.
  • Carefully monitor your monthly bank and credit card statements and order a credit report once a year to check for inaccuracies and fraudulent use of your accounts.
  • Guard your ATM Personal Identification Number and the ATM receipts.
  • Be very careful when using your credit card on the Internet, or providing other information such as your Social Security number or other personal information.
  • Always shred preapproved credit applications, credit card receipts, bills and other financial information before discarding them in the trash.
  • If you applied for a new credit card or your regular bills have not arrived in a timely manner, call the bank or company involved.
  • Don't put outgoing mail in or on your mailbox. Drop it into a secure, official Postal Service collection box.

If you think your identity has been stolen, here's what to do now:

• • Contact your bank(s) and credit card issuers immediately so that the following can be done: access to your accounts can be protected/restricted; stop payments on missing checks; personal identification numbers (PINS) and online banking passwords changed; and a new account opened if appropriate. Be sure to indicate to the bank or card issuer all of the accounts and/or cards potentially impacted including ATM cards, check (debit) cards and credit cards. Customer service or fraud prevention telephone numbers can generally be found on your monthly statements.
  • Contact the fraud departments of any one of the three major credit bureaus (see list below) to place a fraud alert on your credit file. The fraud alert requests creditors to contact you before opening any new accounts or making any changes to your existing accounts. As soon as the credit bureau confirms your fraud alert, the other two credit bureaus will be automatically notified to place fraud alerts, and all three credit reports will be sent to you free of charge.

Credit Bureau Web sites and Phone Numbers

Equifax: www.equifax.com 800-525-6285

Experian: www.experian.com 888-397-3742

TransUnion: www.transunion.com 800-680-7289

• • Close the accounts that you know or believe have been tampered with or opened fraudulently.
  • File a police report. Get a copy of the report to submit to your creditors and others that may require proof of the crime.
  • File your complaint with the FTC (www.ftc.gov ). The FTC maintains a database of identity theft cases used by law enforcement agencies for investigations. Filing a complaint also helps us learn more about identity theft and the problems victims are having so that we can better assist you.

For more in-depth information on recovering from identity theft and help with protecting your personal records, visit  www.consumer.gov/idtheft.

 

---

Protect Yourself and Your Computer

There are many nasty things that can happen to your computer resulting in loss of data and/or unintended divulgence of personal information. Following are things that could make you and your PC very unhappy and some recommended ways to protect yourself…

 

Viruses/Worms

Definition:

A program or piece of computer code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses are capable of replication to other computers. Viruses can compromise computer and network resources and bypass security systems. Some people distinguish between general viruses and worms. A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other programs.

Protection:

- Purchase Antivirus (AV) software – AV software detects and removes viruses/worms from your computer (McAfee, Symantec).

- Purchase Firewall software - firewall software protects your computer from anything (or anyone) on the Internet that tries to access or alter files on your PC without your permission (McAfee, Symantec).

• • Regularly update the virus definition files associated with the AV software.
  • Regularly scan your computer for viruses.
  • Do not click on or follow hyperlinks you are not familiar with or do not trust.
  • Do not open e-mail attachments sent from a source you are not familiar with or do not trust.

 

Spyware/Adware/Malware/Keyloggers

Definition:

Software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are inadvertently installed when visiting a website or clicking a hyperlink. Once installed, spyware monitors user activity on the Internet and transmits that information covertly to someone else. Spyware can also gather and transmit personal information (e-mail addresses, passwords, credit card numbers, etc…). Spyware can also cause problems with computer resources causing PC's to run slowly or erratically.

Protection:

• • Purchase software that protects your computer from anything (or anyone) on the Internet that tries to access or alter files on your PC without your permission (AdAware, Spybot).
  • Minimize unnecessary “surfing” on the Internet
  • Do not click on or follow hyperlinks you are not familiar with or do not trust.
  • Do not open e-mail attachments sent from a source you are not familiar with or do not trust.

Spam

Definition:

Electronic junk mail or junk newsgroup postings. Some people define spam even more generally as any unsolicited e-mail. E-mail advertising for some product sent to a mailing list or newsgroup.

Protection:

• • Purchase Anti-Spam Software - this software filters your e-mail for SPAM and either deletes it or directs it to a destination of your choosing. There are many companies who offer anti-spam software packaged with AV software (McAfee, Symantec).
  • Utilize SPAM filters provided by your email provider.

 

---

Government Agency Links

• FDIC Consumer Identity Theft and Fraud Site
• Department of Homeland Security Internet Hoaxes
• Federal Trade Commission – ID Theft Site
• FBI Scams & Safety Site