Stay updated on the latest fraud alerts and scams to avoid becoming a victim of fraud or identity theft.
Capital One Breach Information
On July 19, 2019, Capital One determined that an outside individual, who has since been arrested, had gained unauthorized access and obtained certain types of personal information about Capital One credit card customers and individuals who had applied for Capital One card products. Capital One immediately fixed the issue and based on analysis as of July 31, 2019, believe it is unlikely that the information was used for fraud or disseminated by this individual.
While the breach impacted 100 million individuals in the US and approximately 6 million in Canada, no credit card account numbers or log-in credentials were compromised and less than 1% of social security numbers were compromised.
The largest category of information accessed was on consumers and small businesses as of the time they applied for a Capital One credit card from 2005 through early 2019. This information included names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth and self-reported income. Beyond this data, the individual obtained portions of credit card customer data, including customer status data (credit scores, credit limits, balances, payment history, contact information) and fragments of transaction data from a total of 23 days during 2016, 2017 and 2018.
The individual also obtained the following data:
- About 140,000 Social Security numbers of Capital One credit card customers and
- About 80,000 linked bank account numbers of Capital One secured credit card customers.
These customers will be directly notified by Capital One via the mail. Please note, it is Capital One’s practice to tokenize select data fields, most notably Social Security numbers and account numbers. Tokenized data remained protected.
What should customers do that receive a letter from Capital One?
Capital One will be providing free credit monitoring and identity protection to everyone affected.
Capital One is encouraging customers to enroll in account alerts to help them keep track of activity on their accounts. Customers can sign in to online banking and set up text or email alerts, based on their preferences.
Monitor your credit card accounts for unusual or suspicious activity that they do not recognize and call the phone number on the back of their Capital One card or on their statement as soon as possible.
Be alert to increase risk of phishing attempts
Events such as this may trigger an increase in phishing attempts which is an attempt to acquire personal information via electronic communication. Capital One customers should know that Capital One does not call customers asking for personal information. If you believe you have received a fraudulent email that claims to be from Capital One:
- Do not reply to the email.
- Do not click on any of the links embedded in the email.
- Forward the email to [email protected], then delete the email.
- Be sure to monitor your credit card account and call Capital One right away if you notice any unusual activity.
Capital One is not calling or texting customers to ask for credit card or account information, or Social Security numbers over the phone or via email.
Request a free copy of your credit report once every 12 months from each of the three national credit reporting agencies: Equifax, Experian and TransUnion. To obtain free credit reports, simply visit www.annualcreditreport.com, call 1-877-322-8228, or complete the Annual Credit Report Request Form, which can be found here, and mail it to: Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281.
Additionally, you can call the toll-free fraud number of any one of the three nationwide credit bureaus and place an initial or extended fraud alert on your credit report.
- Equifax: 1-800-525-6285; Equifax Information Services LLC, P.O. Box 105069, Atlanta, GA 30348-5069
- Experian: 1-888-EXPERIAN (397-3742); P.O. Box 9532, Allen, TX 75013
- TransUnion: 1-800-680-7289; Fraud Victim Assistance Department, P.O. Box 2000, Chester, PA 19016
An initial fraud alert stays on your credit report for 90 days and acts as an alert to potential lenders. An extended fraud alert is intended for victims of identity theft and stays on your credit report for seven years.
Contacting Capital One
Their website includes updated information on the breach at https://www.capitalone.com/facts2019; however, if you’d like to speak with an agent, call 1-800-227-4825.
Microsoft Windows 7 Coming to an End
Microsoft will end Windows 7 Support on January 14, 2020. This means that Security Updates will no longer be available for Windows 7 users, and continuing to run Windows 7 is a security risk. Those who continue to run Windows 7 will have an elevated fraud risk. Click here to read more.
Staying Cyber-Safe on Summer Vacation
Typical travelers heading out on their summer vacation check that they have the right supplies and clothes for their trip before they hit the road. Expert travelers will be also checking to ensure they are educated and prepared to be cyber-safe with their devices and data while on the road! Thinking of your smartphones and devices as being just as important as your wallet is a proper step in the right direction. These devices contain everything from your banking and payment information to your treasured family photos and ensuring they are secure and protected when away from home is paramount. In partnership with the National Cybersecurity Alliance (NCSA), we have put together some key tips, strategies, and resources to aid you in being secure during your travels.
To do before your trip:
Update your devices: One of the most simple and effective ways to stay cyber-secure is to continuously update your devices. Those updates don’t just contain new features, but fix security flaws and keep you protected!
Password/Passcode protect your devices: Always establish a strong passcode with at least 6 numbers or a swipe pattern with at least 1 turn of direction when protecting the lock screen of your smartphone. On laptops, a minimum of 8 character password or phrase is recommended including uppercase and lowercase letters, special characters, and numbers.
Set your device to lock after an amount of time: Once you have the passcode, password, or swipe pattern established, you should set an automatic device lock prompting for the access code after a specified time of inactivity. This will prevent a criminal from getting onto your device if you accidentally leave it unlocked.
Book your trip with trusted sites: When planning your trip and booking transportation, lodging, and experiences, it is important to complete those transactions with trusted, known businesses. If possible, double check the reviews and reputation of a site you are unfamiliar with but are considering to use for your booking. By sticking to reputable sites, you guarantee a higher standard of security for your data and transaction.
Staying secure and connected during your trip:
Keep track of your devices: Not only are your devices themselves worth a great deal of money, but your sensitive information that is accessible by that device is also valuable. Ensure that you keep your devices close at hand or secured away safely when not in use. Theft of mobile devices, from smartphones to tablets and laptops, is all too common and can spoil a fun trip to a great extent.
Limit your activity on public Wi-Fi networks: Public Wi-Fi that does not require credentials or logging in is not protected by encryption, so browsing and activity is not secure from prying eyes. To ensure your information is not put at risk, avoid logging into your personal accounts or making transactions while on public or hotel networks.
- Use your phone carrier’s internet connection, or use your phone as a personal hotspot (if your cell carrier’s plan allows) when logging into personal accounts or conducting transactions.
- Ensure your device is set to ask your permission before connecting to a wireless network while on your trip.
- If you intend to use a hotel or establishment’s customer wireless network, verify what network is the correct one to use with a member of the staff.
Don’t overshare on social media: Consider posting updates about your trip after you return. Criminals may see that you are away from home based on social media content and attempt to steal from your home! If you also share too many details about where you are on your trip, some scammers may attempt to contact your family and friends with a variety of scam tactics. Additionally, consider setting your social media accounts to only allow friends to view your posts and content.
By following these tips and being a cyber-safe traveler, you will have a smooth and enjoyable vacation! There are more resources available from NCSA and our partners on staying secure on trips and at home, check them out below to learn more:
Avoid Charity Scams
Donation requests often increase during the holidays. If you're prompted to donate, we recommend first checking out the charity with these reliable organizations:
Find out if the charity or fundraiser must be registered in your state by contacting the National Association of State Charity Officials. If they should be registered, but they’re not, consider donating through another charity.
- Safe Online Banking — Online Banking, Data Security & You
- Account Hijacking & Identity Theft
- OnGuard Online
- Don't Become an Online Victim
- FTC Credit Reports
- National Do Not Call Registry
- Federal Trade Commission (FTC) Identity Theft Hotline Toll-free 877-IDTHEFT (438-4338)
- Internet Crime Complaint Center (IC3)
- First Gov (Your First Click to the U.S. Government) Toll-free 1-800-333-4636
- Social Security Administration Report Fraud 800-269-0271
- Identity Theft Resource Center 858-693-7935
- U.S. Postal Inspectors 800-372-8347
Financial Abuse Resources for Seniors
- 5 Ways to Spot a Lottery Scam
- Don't Fall Victim to the Grandparent Scam
- 14 Red Flags for Elder Financial Abuse
- 7 Tips to Help Older Adults Choose the Right Caregiver
- Report Fraud: 800-525-6285
- Order a Credit Report: 800-685-1111
- Report Fraud: 888-397-3742
- Order a Credit Report: 888-397-3742
- Report Fraud: 800-680-7289
- Order a Credit Report: 800-916-8800
Debit Card Security
FRAUD - it's everywhere.
This extra level of security protects your identity by ensuring you are the person behind the purchase!
While making purchases online, you may be prompted for a special and unique one-time password to complete your purchase. This instant password will be sent to you via text message. Simply enter the password on your screen and continue with your purchase.
What if you don’t have a cell phone? Well, then the system will ask you knowledge-based questions to verify your identity. For example, you could be asked to provide your address, zip code or birthdate.
We are confident this extra layer of security will help keep our valued customers safe when they choose to make purchases online with their debit card. As always, if you ever have questions about your debit card transactions or this new security measure, please stop by any First Citizens branch, or give us a call at (800) 326-9486.