Fraud Alerts

Stay updated on the latest fraud alerts and scams to avoid becoming a victim of fraud or identity theft.


Important notice regarding Target data breach

December 2013

FCCB debit cards that were used by our customers at Target Stores during the 11/27/13 – 12/15/2013 time frame are compromised. Replacement debit cards were issued to our customers who were impacted and need to be activated immediately to avoid losses. If necessary, FCCB may be closing the compromised cards. We recommend that any debit or credit card used at Target during that time frame be closed and replaced.


Guides

Safe Online Banking - Online Banking, Data Security & You

Account Hijacking & Identity Theft

Be on the lookout for fraudulent emails that purport to be from NetTeller customer service

April 2012

We are receiving reports of phishing emails being sent from what appears to be a NetTeller email address customer _service@cm.netteller.com with the subject line of NetTeller Watch Notice. These are "Phishing emails" trying to get customers to click on the embedded NetTeller access link. These emails are not coming from NetTeller. If you receive such an email, please do not click on the link. It is recommended to permanently delete the email. Please read the following article about phishing attempts.

From www.ftc.gov

How Not to Get Hooked by a "Phishing" Scam

"We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity."

"During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information."

Have you received email with a similar message? It's a scam called "phishing" and it involves Internet fraudsters who send spam or pop-up messages to lure personal information (credit card numbers, bank account information, Social Security number, passwords, or other sensitive information) from unsuspecting victims.

According to the Federal Trade Commission (FTC), the nation's consumer protection agency, phishers send an email or pop-up message that claims to be from a business or organization that you may deal with -- for example, an Internet service provider (ISP), bank, online payment service, or even a government agency. The message may ask you to "update," "validate," or "confirm" your account information. Some phishing emails threaten a dire consequence if you don't respond. The messages direct you to a website that looks just like a legitimate organization's site. But it isn't. It's a bogus site whose sole purpose is to trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.

The FTC suggests these tips to help you avoid getting hooked by a phishing scam:

  • If you get an email or pop-up message that asks for personal or financial information, do not reply. And don't click on the link in the message, either. Legitimate companies don't ask for this information via email. If you are concerned about your account, contact the organization mentioned in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company's correct Web address yourself. In any case, don't cut and paste the link from the message into your Internet browser -- phishers can make links look like they go to one place, but that actually send you to a different site.
  • Area codes can mislead. Some scammers send an email that appears to be from a legitimate business and ask you to call a phone number to update your account or access a "refund." Because they use Voice Over Internet Protocol technology, the area code you call does not reflect where the scammers really are. If you need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card. In any case, delete random emails that ask you to confirm or divulge your financial information.
  • Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge.

Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for antivirus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.

A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It's especially important to run a firewall if you have a broadband connection. Operating systems (like Windows or Linux) or browsers (like Internet Explorer or Netscape) also may offer free software "patches" to close holes in the system that hackers or phishers could exploit.

  • Don't email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization's website, look for indicators that the site is secure, like a lock icon on the browser's status bar or a URL for a website that begins "https:" (the "s" stands for "secure"). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
  • Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
  • Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer's security.
  • Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems.
  • If you believe you've been scammed, file your complaint at ftc.gov, and then visit the FTC's Identity Theft website at www.consumer.gov/idtheft. Victims of phishing can become victims of identity theft. While you can't entirely control whether you will become a victim of identity theft, you can take some steps to minimize your risk. If an identity thief is opening credit accounts in your name, these new accounts are likely to show up on your credit report. You may catch an incident early if you order a free copy of your credit report periodically from any of the three major credit bureaus. See www.annualcreditreport.com for details on ordering a free annual credit report.

You can learn other ways to avoid email scams and deal with deceptive spam at ftc.gov/spam.

The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint or to get free information on consumer issues, visit ftc.gov or call toll-free, 1-877-FTC-HELP (1-877-382-4357); TTY: 1-866-653-4261. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.

Consumer Resources

Credit Agencies

  • Equifax
  • Report Fraud: 800-525-6285
  • Order a Credit Report: 800-685-1111
  • Experian
  • Report Fraud: 888-397-3742
  • Order a Credit Report: 888-397-3742
  • TransUnion
  • Report Fraud: 800-680-7289
  • Order a Credit Report: 800-916-8800

What to do if you encounter one of these scams

The FBI advises the following actions, depending on how the scam information was received:

  • E-Mail - do not respond and delete the message
  • Fax - do not respond and throw it away
  • US Mail - send the letter and envelope to the US Postal Inspector's Office at PO Box 60035, Harrisburg, PA 17106 or visit http://postal-service.com
  • If a customer did respond, and if there was a loss involved, the person should contact the United States Secret Service at 570-346-5781, PO Box 247, Scranton, PA 18501.

Remember...if it sounds too good to be true...it probably is!

Important Notice to Online Banking Customers

January 2012

Customers continue to look for more convenient ways to conduct their banking. In response, banks have made access to account information and the ability to complete routine transactions available through the internet and mobile devices.

With this convenience comes increased risk as banks no longer have the face-to-face contact typically used to verify a person's identity. To take advantage of this trend, criminals have developed numerous methods of obtaining personal information from customers' computers, and of "taking over" online accounts to submit fraudulent transactions. The Federal Financial Institutions Examination Council (FFIEC) has issued guidelines to help banks strengthen their online security verification measures and make online transactions safer and more secure.

What you can do to help avoid online fraud

Knowledge and vigilance is the first line of defense to make sure your accounts and transactions are protected. Here are some important security tips:

  • Never give your account information or online sign-on information to anyone. First Citizens will never call or e-mail you and ask you for this information.
  • Don't click on attachments or weblinks contained in unsolicited e-mail messages. Phishing attempts try to trick you into revealing personal information or downloading malicious software (malware) such as keyloggers and banking trojans. Many phishing e-mails claim to be from regulatory agencies such as the Federal Reserve, NACHA, FDIC, IRS, etc.
  • Make your computer safer by installing and regularly updating your:
  • Anti-virus and anti-malware software
  • Computer and network firewalls
  • Operating system patches and updates
  • Select strong online banking passwords, and frequently change your passwords. Never use passwords that can be easily guessed by others.
  • Regularly monitor your account activity and report any suspicious activity immediately.
  • Check out these free websites for more information about internet security: www.ftc.gov, www.idtheft.gov.

See more tips in our Safe Online Banking guide

Businesses should do more

Business transactions generally occur with greater frequency and in higher dollar amounts than consumer transactions. This has made business accounts especially attractive targets for online fraud. We join the FFIEC in recommending that business customers periodically perform a risk assessment related to their use of online banking, and implement improved controls where weaknesses are found.

"Reg E" Protections

Consumers are provided certain protections from unauthorized electronic transfers under Federal Regulation E. These protections are described further in our consumer account disclosures.

Regulation E does not provide protection to business accounts.

Call Us!

If you notice suspicious activity within your account or experience security-related events such as an e-mail claiming to be from First Citizens asking for your personal information, please contact us immediately at 800-326-9486.

FDIC Consumer Newsletter Featured Banking Tips for Small Businesses

Release Date: 2/23/2012

Small businesses are crucial to the U.S. economy and they're very important to their owners -- the entrepreneurs who put their own money and long hours into operating and growing a company. The Winter 2011/2012 FDIC Consumer News features practical tips and information in a collection of articles entitled "Minding Your Own Business: Banking Tips for Small Companies." This issue also includes articles on protecting senior citizens from financial fraud and theft, and guidance for consumers turned down for a checking account because of mismanagement.

The latest issue can be read or printed online at www.fdic.gov/consumers/consumer/news/cnwin1112.

The Federal Deposit Insurance Corporation (FDIC) is warning consumers, businesses and financial institutions to be aware of fraudulent e-mails allegedly from, or related to, financial institutions that have been the subject of recent news stories. Phishing e-mails often incorporate aspects of high-profile news stories -- such as bank mergers, acquisitions and failures -- to create a sense of urgency and legitimacy for requesting information or action. These types of fraudulent e-mails may request recipients to verify computer logon credentials, update personal information, or activate new online security features. The fraudulent e-mails may include a link that directs the recipient to a fraudulent or "spoofed" Web site that looks similar to the subject institution's legitimate Web site. Once there, users may be prompted to provide information about online banking credentials or other personal and confidential information that could be used to gain unauthorized access to online banking services or perpetrate identity theft. These spoofed Web sites may also direct the user to download software updates or digital certificates, which may actually be malicious code or software attempting to collect online banking credentials or other personal and confidential information. Consumers, businesses and financial institutions should be wary of unsolicited e-mails purportedly from financial institutions recently in the news and take the following precautions:

  • Do not follow Web links in unsolicited e-mails from apparent financial institutions. Instead, use Web browser bookmarks or type your institution's Web address into the browser address bar when accessing your bank's Web site or online banking services.
  • Always use anti-virus software and ensure the virus signatures are automatically updated. Ensure the computer operating system and common software applications are up-to-date with security patches installed.
  • Do not open unsolicited or unexpected e-mail attachments claiming to be from a financial institution because of the risk of malicious code or software. As a precaution, call the financial institution using an appropriate telephone number, such as one from an account statement, to validate the e-mail and attached file before opening any attachment.
  • Be aware that phishing e-mails frequently use new and innovative ways to trick recipients into providing logon credentials and confidential information or into unleashing malicious code.
  • Regularly review financial account statements and immediately report any discrepancies to your institution.
  • Be mindful that financial institutions generally deliver notices to consumers in writing about changes in account terms and conditions unless the consumer previously agreed to receive the notice electronically.

For additional information about safe online banking and avoiding online scams, visit the following websites:

Read on for important information to protect you and your family from becoming victims of identity theft.

Granny Scam

Release Date: December 5, 2008

A grandparent is contacted by a caller who identifies themselves as a grandchild. The imposter, posing as the grandchild, says that they have been in an accident in Canada and they need money sent to them immediately. They ask the grandparent to keep everything a secret because they don't want to worry the family or they don't want the family to know they were in an accident. The call is then transferred to a person who says that they are a police officer, attorney, or bail bondsman. The grandparent is told that their grandchild won't be allowed back in the United States until money is wired through Money Gram. They may say that the money is needed for restitution, hospital bills, or bail. The grandparent is told the money has to be sent immediately or the grandchild can't leave Canada. If the grandparent sends the money, the caller asks for more money for additional emergencies. Hundreds of US grandparents have sent money to Canada and their grandchildren were safe in the United States. Always verify with other family members that the grandchild has really called. Money sent outside of the United States by money transfer services can not be returned once the imposter has picked it up.

Identity Theft Phone Scam

Identity theft scammers, pretending to work for local courts are calling potential victims with the news that they have failed to report for jury duty and that a warrant has been issued for their arrest. They then ask victims for personal confidential information, including Social Security numbers, birth dates, and credit card numbers for verification purposes. This is exactly the information that they need to commit identity theft. The jury duty scam has been reported in nine states: Arizona, Illinois, Michigan, Minnesota, Ohio, Oregon, Pennsylvania, Texas, and Washington. In reality, court workers do not call potential jurors and ask for their Social Security numbers, credit card numbers or other personal information. Most courts use snail mail exclusively for jury matters.

Phishing

Phishing is a high-tech scam that uses e-mail or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security numbers, passwords, or other sensitive information. The e-mail claims to be from a business or organization that you deal with: for example, your Internet Service Provider (ISP), bank, online payment service, or even a government agency. The message usually says that you need to 'update' or 'validate' your account information. It might threaten some dire consequence if you don't respond. The purposed of the bogus site is to trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name. If you receive one of these e-mails, do not click on links associated with these phishing attempts as they can download malicious software.

Nigerian Scam

Lately there have been many letters, e-mails, and faxes from Nigerians stating that they need assistance getting money out of Africa and are looking for people in the United States to help them. They say that a US bank account is needed to deposit funds that they are trying to get out of the country. These letters range in topic but always ask for account information. The account could be debited by way of an electronic debit transfer. Sometimes an amount of money is sent via a check or cashier's check to the party in the United States. Then an amount is asked to be returned to Nigeria. After the funds are sent to Nigeria, the original deposited check comes back fraudulent, and the victim has lost whatever funds they transferred to Nigeria. These counterfeit checks are often undetectable until the originating bank rejects them.

Lottery Scam

A similar scam to the Nigerian scam is called the "Lottery Scam" in which the victim is told that they have won some sort of Lottery. They may receive an e-mail, fax, or phone call to notify them that they have won. They are then sent a fraudulent cashier's check and are asked to wire taxes to the Canadian government. The customer deposits the cashier's check, wires a percentage of the money to an account in Canada to pay the fake taxes, then the original check is returned as fraudulent. The victim has then lost whatever money they had wired back to Canada.

Home Improvement Scam

A scam has resurfaces victimizing the elderly in our area. With this scam, an individual or group of people approach an elderly person's home and convince them that they done work for them in the past or that they need a new roof and that they will do the job for a fraction of what someone else would charge them. Once they gain the person's trust they may rob their homes or do an unacceptable job for an exorbitant fee.

Counterfeit U.S. Postal Money Orders

Counterfeit US Postal Money Orders are being received by residents in our communities. Sometimes it is for an Internet purchase and the purchaser is sending a worthless money order. They are sometimes told that they have won a lottery of their assistance is needed in exchanging several $1,000 money orders into a cashiers check. In this scam, the sender will give the recipient a fee for combining small money orders into a bigger check. For instance, if the recipient will exchange ten $1,000 US Postal Money Orders into a cashier's check of $10,000, the sender will give the recipient $1,000.

Counterfeit Payroll Checks

Lately, many counterfeit payroll checks have shown up in our area causing many local businesses to lost money. These checks appear to have been written by legitimate local businesses. These con-artists will approach a cashier at a store that they know cashes payroll checks, product an authentic looking driver's license matching the name on the check, and leave with the money. Once a business cashes a counterfeit check there is usually no way to recover the money.

Quick Change Artists

People have visited many community banks asking for a teller to change large bills into several smaller bills then change their minds as to which denomination they wanted. When the teller places the smaller bills on the counter, the quick change artists will touch the money and take it without the teller noticing. When the teller recounts the money that was changed, their drawer is short: usually by a few hundred dollars. Since no ID is required for a cash-for-cash transaction, finding these individuals is often impossible. This crime ring targets banks more than retail stores and usually attempt to pick out the newest teller that is working the teller line.

Public Computer System Scam

Recently our customers have notified us that they have received calls from the Public Computer System saying that their information has been posted on the Internet. These individuals have a name, address, and phone number and ask that the person they are contacting to verify their information in order to clear it off the Internet.

Ten Ways Thieves Steal Your Information

  • Snatching a purse or wallets. Pickpockets and purse snatchers
  • Stealing personal mail. Information in the form of a credit card.
  • Dumpster Diving. Going through your trash.
  • Household and Computer burglary . Breaking into your home. Cyber thieves invading your computer.
  • Credit Bureau Fraud. By posing as someone else, such as a bank employee, thieves could obtain financial data.
  • Eavesdropping and shoulder surfing. Listening to private conversations or watching over your shoulder while entering your PIN number.
  • Skimming. By running an unsuspecting customer's card through a bogus reader designed to copy the card number.
  • Pretexting, phishing, scamming, and spoofing . Thieves pretend to be from businesses with a seemingly good reason for needing your social security number and/or mother's maiden name.
  • Family theft. Relatives who have access to your financial records, social security number, etc.
  • Corporate date theft. Thieves backing their way into corporate and banking databases, and steal physical files. One method to gain access to account information, thieves will often fill out a change of address form in the victim's name.

Four Warning Signs that Your Identity Has Been Stolen

  • Denied! Your application for credit or a job is turned down based on your credit report and, as far as your know, your credit history is good.
  • Ripped Off! Your credit card, bank balance, or other financial statements show charges you never made. Or you receive a statement for a credit card you didn't know you had.
  • Harassed! Collection agencies start calling you out of the blue to collect on never incurred debts.
  • Missing Mail! If your bills stop coming, it's a bad sign. It might mean an identity thief has changed your address on your credit card statement so you won't notice the fraudulent charges on your account.

If you experience one of the above indicators, you should not assume that it is simply a clerical error. You should immediately notify the company or institution's fraud prevention department to initiate a detailed account investigation.

Learn more about recognizing and preventing identity theft in our Account Hijacking & Identity Theft guide

Five Ways to Know If It's A Publishers Clearing House Scam

Publisher's Clearing House is a legitimate sweepstakes, but some criminals impersonate the sweepstakes to get your information. Here are 5 clear signs it is not the official contest:

  • You are required to pay money for the prize — PCH is always free
  • You are asked to load up a Green Dot MoneyPak or other money transfer card — again, PCH is always free
  • You are contacted in advance regarding the prize delivery — PCH is a surprise visit!
  • You are notified you won on the phone — PCH visits your door in person to notify you
  • You receive a PCH friend request or private message on Facebook — PCH will never reach out to you on Facebook

Learn more at PCH's Blog