As the holiday shopping season begins, the Pennsylvania Bankers Association (PA Bankers) is offering tips to help consumers proactively protect their information from the threat of identity theft.
A huge security breach at credit reporting company Equifax has exposed sensitive information, such as Social Security numbers and addresses, of up to 143 million Americans.
For the second time in less than three years, Kmart Stores is battling a malware-based security breach of its store credit card processing systems.
The Federal Trade Commission launched a new website devoted to protecting small businesses. The online resource aims to help business owners avoid scams, protect their computers and networks, and keep their customers' and employees' data safe.
To read the most recent update on the Wendy's breach, visit https://www.wendys.com/en-us/about-wendys/the-wendys-company-updates. A list of potentially affected restaurants, and relevant timeframes for each location, can be found here (https://payment.wendys.com/paymentcardcheck.html).
As a reminder, we are proactively making changes to protect our customers from unauthorized debit card activity. Effective immediately, certain transactions may be denied if the customer attempts to process the purchase as a signature-based (credit) transaction. If a transaction is denied, it should be processed again as a pin-based (debit) transaction. We apologize for any inconvenience this may cause; however, we feel it is in the best interest of our customers to implement these changes until further notice.
On July 20, 2016 we will be converting all of our debit cards to a new system which will provide greater security against fraud at which time, normal processing rules will be reinstated. You may have recently received a new PIN in the mail. This PIN should be used with the new "chip" debit card that you will be receiving in July. You should begin using your new PIN and new Chip Card beginning 7/20/16. Please use your current PIN with your current card until that time.
Please contact us at 800-326-9486 if you have questions.
Learn how to protect your business from Corporate Account Takeover (CATO)
New Resource for ID Theft Victims
The Federal Trade Commission has announced the launch of a new website, IdentityTheft.gov, a resource that makes it easier for victims to report and recover from identity theft. The new website provides an interactive checklist that walks people through the recovery process and helps them understand which recovery steps should be taken upon learning their identity has been stolen. It also provides sample letters, specialized tips for specific forms of identity theft, and advice for people who have been notified that their personal information was exposed in a data breach. A Spanish version of the site is also available.
FCCB debit cards that were used by our customers at Target Stores during the 11/27/13 – 12/15/2013 time frame are compromised. Replacement debit cards were issued to our customers who were impacted and need to be activated immediately to avoid losses. If necessary, FCCB may be closing the compromised cards. We recommend that any debit or credit card used at Target during that time frame be closed and replaced.
We are receiving reports of phishing emails being sent from what appears to be a NetTeller email address customer firstname.lastname@example.org with the subject line of NetTeller Watch Notice. These are "Phishing emails" trying to get customers to click on the embedded NetTeller access link. These emails are not coming from NetTeller. If you receive such an email, please do not click on the link. It is recommended to permanently delete the email. Please read the following article about phishing attempts.
"We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity."
"During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information."
Have you received email with a similar message? It's a scam called "phishing" and it involves Internet fraudsters who send spam or pop-up messages to lure personal information (credit card numbers, bank account information, Social Security number, passwords, or other sensitive information) from unsuspecting victims.
According to the Federal Trade Commission (FTC), the nation's consumer protection agency, phishers send an email or pop-up message that claims to be from a business or organization that you may deal with -- for example, an Internet service provider (ISP), bank, online payment service, or even a government agency. The message may ask you to "update," "validate," or "confirm" your account information. Some phishing emails threaten a dire consequence if you don't respond. The messages direct you to a website that looks just like a legitimate organization's site. But it isn't. It's a bogus site whose sole purpose is to trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.
Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for antivirus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.
A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It's especially important to run a firewall if you have a broadband connection. Operating systems (like Windows or Linux) or browsers (like Internet Explorer or Netscape) also may offer free software "patches" to close holes in the system that hackers or phishers could exploit.
You can learn other ways to avoid email scams and deal with deceptive spam at ftc.gov/spam.
The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint or to get free information on consumer issues, visit ftc.gov or call toll-free, 1-877-FTC-HELP (1-877-382-4357); TTY: 1-866-653-4261. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.
The FBI advises the following actions, depending on how the scam information was received:
Remember...if it sounds too good to be true...it probably is!
Customers continue to look for more convenient ways to conduct their banking. In response, banks have made access to account information and the ability to complete routine transactions available through the internet and mobile devices.
With this convenience comes increased risk as banks no longer have the face-to-face contact typically used to verify a person's identity. To take advantage of this trend, criminals have developed numerous methods of obtaining personal information from customers' computers, and of "taking over" online accounts to submit fraudulent transactions. The Federal Financial Institutions Examination Council (FFIEC) has issued guidelines to help banks strengthen their online security verification measures and make online transactions safer and more secure.
Knowledge and vigilance is the first line of defense to make sure your accounts and transactions are protected. Here are some important security tips:
See more tips in our Safe Online Banking guide
Business transactions generally occur with greater frequency and in higher dollar amounts than consumer transactions. This has made business accounts especially attractive targets for online fraud. We join the FFIEC in recommending that business customers periodically perform a risk assessment related to their use of online banking, and implement improved controls where weaknesses are found.
Consumers are provided certain protections from unauthorized electronic transfers under Federal Regulation E. These protections are described further in our consumer account disclosures.
Regulation E does not provide protection to business accounts.
If you notice suspicious activity within your account or experience security-related events such as an e-mail claiming to be from First Citizens asking for your personal information, please contact us immediately at 800-326-9486.
Release Date: 2/23/2012
Small businesses are crucial to the U.S. economy and they're very important to their owners -- the entrepreneurs who put their own money and long hours into operating and growing a company. The Winter 2011/2012 FDIC Consumer News features practical tips and information in a collection of articles entitled "Minding Your Own Business: Banking Tips for Small Companies." This issue also includes articles on protecting senior citizens from financial fraud and theft, and guidance for consumers turned down for a checking account because of mismanagement.
The latest issue can be read or printed online at www.fdic.gov/consumers/consumer/news/cnwin1112.
The Federal Deposit Insurance Corporation (FDIC) is warning consumers, businesses and financial institutions to be aware of fraudulent e-mails allegedly from, or related to, financial institutions that have been the subject of recent news stories. Phishing e-mails often incorporate aspects of high-profile news stories -- such as bank mergers, acquisitions and failures -- to create a sense of urgency and legitimacy for requesting information or action. These types of fraudulent e-mails may request recipients to verify computer logon credentials, update personal information, or activate new online security features. The fraudulent e-mails may include a link that directs the recipient to a fraudulent or "spoofed" Web site that looks similar to the subject institution's legitimate Web site. Once there, users may be prompted to provide information about online banking credentials or other personal and confidential information that could be used to gain unauthorized access to online banking services or perpetrate identity theft. These spoofed Web sites may also direct the user to download software updates or digital certificates, which may actually be malicious code or software attempting to collect online banking credentials or other personal and confidential information. Consumers, businesses and financial institutions should be wary of unsolicited e-mails purportedly from financial institutions recently in the news and take the following precautions:
For additional information about safe online banking and avoiding online scams, visit the following websites:
Read on for important information to protect you and your family from becoming victims of identity theft.
Release Date: December 5, 2008
A grandparent is contacted by a caller who identifies themselves as a grandchild. The imposter, posing as the grandchild, says that they have been in an accident in Canada and they need money sent to them immediately. They ask the grandparent to keep everything a secret because they don't want to worry the family or they don't want the family to know they were in an accident. The call is then transferred to a person who says that they are a police officer, attorney, or bail bondsman. The grandparent is told that their grandchild won't be allowed back in the United States until money is wired through Money Gram. They may say that the money is needed for restitution, hospital bills, or bail. The grandparent is told the money has to be sent immediately or the grandchild can't leave Canada. If the grandparent sends the money, the caller asks for more money for additional emergencies. Hundreds of US grandparents have sent money to Canada and their grandchildren were safe in the United States. Always verify with other family members that the grandchild has really called. Money sent outside of the United States by money transfer services can not be returned once the imposter has picked it up.
Identity theft scammers, pretending to work for local courts are calling potential victims with the news that they have failed to report for jury duty and that a warrant has been issued for their arrest. They then ask victims for personal confidential information, including Social Security numbers, birth dates, and credit card numbers for verification purposes. This is exactly the information that they need to commit identity theft. The jury duty scam has been reported in nine states: Arizona, Illinois, Michigan, Minnesota, Ohio, Oregon, Pennsylvania, Texas, and Washington. In reality, court workers do not call potential jurors and ask for their Social Security numbers, credit card numbers or other personal information. Most courts use snail mail exclusively for jury matters.
Phishing is a high-tech scam that uses e-mail or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security numbers, passwords, or other sensitive information. The e-mail claims to be from a business or organization that you deal with: for example, your Internet Service Provider (ISP), bank, online payment service, or even a government agency. The message usually says that you need to 'update' or 'validate' your account information. It might threaten some dire consequence if you don't respond. The purposed of the bogus site is to trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name. If you receive one of these e-mails, do not click on links associated with these phishing attempts as they can download malicious software.
Lately there have been many letters, e-mails, and faxes from Nigerians stating that they need assistance getting money out of Africa and are looking for people in the United States to help them. They say that a US bank account is needed to deposit funds that they are trying to get out of the country. These letters range in topic but always ask for account information. The account could be debited by way of an electronic debit transfer. Sometimes an amount of money is sent via a check or cashier's check to the party in the United States. Then an amount is asked to be returned to Nigeria. After the funds are sent to Nigeria, the original deposited check comes back fraudulent, and the victim has lost whatever funds they transferred to Nigeria. These counterfeit checks are often undetectable until the originating bank rejects them.
A similar scam to the Nigerian scam is called the "Lottery Scam" in which the victim is told that they have won some sort of Lottery. They may receive an e-mail, fax, or phone call to notify them that they have won. They are then sent a fraudulent cashier's check and are asked to wire taxes to the Canadian government. The customer deposits the cashier's check, wires a percentage of the money to an account in Canada to pay the fake taxes, then the original check is returned as fraudulent. The victim has then lost whatever money they had wired back to Canada.
A scam has resurfaces victimizing the elderly in our area. With this scam, an individual or group of people approach an elderly person's home and convince them that they done work for them in the past or that they need a new roof and that they will do the job for a fraction of what someone else would charge them. Once they gain the person's trust they may rob their homes or do an unacceptable job for an exorbitant fee.
Counterfeit US Postal Money Orders are being received by residents in our communities. Sometimes it is for an Internet purchase and the purchaser is sending a worthless money order. They are sometimes told that they have won a lottery of their assistance is needed in exchanging several $1,000 money orders into a cashiers check. In this scam, the sender will give the recipient a fee for combining small money orders into a bigger check. For instance, if the recipient will exchange ten $1,000 US Postal Money Orders into a cashier's check of $10,000, the sender will give the recipient $1,000.
Lately, many counterfeit payroll checks have shown up in our area causing many local businesses to lost money. These checks appear to have been written by legitimate local businesses. These con-artists will approach a cashier at a store that they know cashes payroll checks, product an authentic looking driver's license matching the name on the check, and leave with the money. Once a business cashes a counterfeit check there is usually no way to recover the money.
People have visited many community banks asking for a teller to change large bills into several smaller bills then change their minds as to which denomination they wanted. When the teller places the smaller bills on the counter, the quick change artists will touch the money and take it without the teller noticing. When the teller recounts the money that was changed, their drawer is short: usually by a few hundred dollars. Since no ID is required for a cash-for-cash transaction, finding these individuals is often impossible. This crime ring targets banks more than retail stores and usually attempt to pick out the newest teller that is working the teller line.
Recently our customers have notified us that they have received calls from the Public Computer System saying that their information has been posted on the Internet. These individuals have a name, address, and phone number and ask that the person they are contacting to verify their information in order to clear it off the Internet.
If you experience one of the above indicators, you should not assume that it is simply a clerical error. You should immediately notify the company or institution's fraud prevention department to initiate a detailed account investigation.
Learn more about recognizing and preventing identity theft in our Account Hijacking & Identity Theft guide
Publisher's Clearing House is a legitimate sweepstakes, but some criminals impersonate the sweepstakes to get your information. Here are 5 clear signs it is not the official contest:
Learn more at PCH's Blog