Skip to content

Stay updated on the latest fraud alerts and scams to avoid becoming a victim of fraud or identity theft.

{beginAccordion H2}

Recent News

Don't Fall for the Apple ID Deactivation Hoax!

This morning we learned of a fraudulent series of emails threatening to deactivate Apple ID’s. The fraudulent email’s subject line reads, “Confirmation Change Password.” The email says, “We have recently detected that your Apple ID has been having an issue with your billing account…Your Apple ID has been suspended and a notification has been sent to the billing account owner…We will deactivate your Apple ID unless the billing owner corrects the violation by filling out the Account Verification Form within 24 hours.”
 
Once a user clicks the link to the “Account Verification Form” they are asked a series of questions, including a section to enter their debit card number. This is fraudulent. Do not enter your debit card number. Within 24-hours, users who complete the form start to see fraudulent charges from apple.com/bill on their checking account. There is also a similar series of emails from Google.com. 
 
Remember, scammers try to copy email and text messages from legitimate companies to trick you into entering personal information and passwords. Never follow links or open attachments in suspicious or unsolicited messages.
 
If you need to change or update personal information, contact the company directly. 
 
These signs can help you identify phishing scams:
  • The sender’s email address or phone number doesn’t match the name of the company that it claims to be from.
  • Your email address or phone number is different from the one that you gave that company.
  • The message starts with a generic greeting, like “Dear customer.” Most legitimate companies will include your name in their messages to you.
  • A link appears to be legitimate but takes you to a website whose URL doesn’t match the address of the company’s website.
  • The message looks significantly different from other messages that you’ve received from the company.
  • The message requests personal information, like a credit card number or account password.
  • The message is unsolicited and contains an attachment.
If you receive what you believe to be a phishing email that's designed to look like it’s from Apple,
please send it to [email protected].
 
If you notice fraudulent activity on your First Citizens bank account,
please contact our Fraud Department by calling (800) 326-9486 or visit your local branch.
If you need to contact us after hours, please call (800) 528-2273. 

Capital One Breach Information

On July 19, 2019, Capital One determined that an outside individual, who has since been arrested, had gained unauthorized access and obtained certain types of personal information about Capital One credit card customers and individuals who had applied for Capital One card products. Capital One immediately fixed the issue and based on analysis as of July 31, 2019, believe it is unlikely that the information was used for fraud or disseminated by this individual.

While the breach impacted 100 million individuals in the US and approximately 6 million in Canada, no credit card account numbers or log-in credentials were compromised and less than 1% of social security numbers were compromised. 

The largest category of information accessed was on consumers and small businesses as of the time they applied for a Capital One credit card from 2005 through early 2019.  This information included names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth and self-reported income.  Beyond this data, the individual obtained portions of credit card customer data, including customer status data (credit scores, credit limits, balances, payment history, contact information) and fragments of transaction data from a total of 23 days during 2016, 2017 and 2018.

The individual also obtained the following data:

  • About 140,000 Social Security numbers of Capital One credit card customers and
  • About 80,000 linked bank account numbers of Capital One secured credit card customers.

These customers will be directly notified by Capital One via the mail.  Please note, it is Capital One’s practice to tokenize select data fields, most notably Social Security numbers and account numbers. Tokenized data remained protected. 

What should customers do that receive a letter from Capital One?

Capital One will be providing free credit monitoring and identity protection to everyone affected. 

Capital One is encouraging customers to enroll in account alerts to help them keep track of activity on their accounts.  Customers can sign in to online banking and set up text or email alerts, based on their preferences. 

Monitor your credit card accounts for unusual or suspicious activity that they do not recognize and call the phone number on the back of their Capital One card or on their statement as soon as possible. 

Be alert to increase risk of phishing attempts

Events such as this may trigger an increase in phishing attempts which is an attempt to acquire personal information via electronic communication. Capital One customers should know that Capital One does not call customers asking for personal information.  If you believe you have received a fraudulent email that claims to be from Capital One:

  • Do not reply to the email.
  • Do not click on any of the links embedded in the email.
  • Forward the email to [email protected], then delete the email.
  • Be sure to monitor your credit card account and call Capital One right away if you notice any unusual activity.

Capital One is not calling or texting customers to ask for credit card or account information, or Social Security numbers over the phone or via email.

Request a free copy of your credit report once every 12 months from each of the three national credit reporting agencies: Equifax, Experian and TransUnion. To obtain free credit reports, simply visit www.annualcreditreport.com, call 1-877-322-8228, or complete the Annual Credit Report Request Form, which can be found here, and mail it to: Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281.

Additionally, you can call the toll-free fraud number of any one of the three nationwide credit bureaus and place an initial or extended fraud alert on your credit report.

  • Equifax: 1-800-525-6285; Equifax Information Services LLC, P.O. Box 105069, Atlanta, GA 30348-5069
  • Experian: 1-888-EXPERIAN (397-3742); P.O. Box 9532, Allen, TX 75013
  • TransUnion: 1-800-680-7289; Fraud Victim Assistance Department, P.O. Box 2000, Chester, PA 19016

An initial fraud alert stays on your credit report for 90 days and acts as an alert to potential lenders. An extended fraud alert is intended for victims of identity theft and stays on your credit report for seven years.

Contacting Capital One

Their website includes updated information on the breach at https://www.capitalone.com/facts2019; however, if you’d like to speak with an agent, call 1-800-227-4825. 

Microsoft Windows 7 Coming to an End

Microsoft will end Windows 7 Support on January 14, 2020. This means that Security Updates will no longer be available for Windows 7 users, and continuing to run Windows 7 is a security risk. Those who continue to run Windows 7 will have an elevated fraud risk. Click here to read more

Tips to Avoid Fraud

Staying Cyber-Safe on Summer Vacation

Avoiding Charity Scams

5 Ways to be Cyber-Secure at Work

5 Steps to Protecting Your Digital Home

E-Skimming

Identity Theft and Internet Scams

Creating a Password

Online Privacy

Phishing

Social Media Cybersecurity

Cybersecurity While Traveling

A How-to-Guide for Multifactor Authentication

Ransomware Outbreak

Malware

10 Cybersecurity Tips for Small Businesses

Business Email Imposters

Tech Support Scams

Helpful Articles

What to Do - Facebook Breach

What to Do After a Data Breach

Cybersecurity for Small Businesses

Defend Against Ransomware

Protect Yourself From Tech Support Scammers

Getting Business Credit

Merchants Beware: New “Free Money from the Government” Scam May Cost You

Is your business prepared for an emergency? Is your data?

PA Bankers Association Offers Identity Theft Protection Tips to Consumers This Holiday Season

The Equifax Data Breach - What to Do

Credit Card Breach at Kmart Stores

A New Website for Protecting Small Businesses

Fast Food Chain Arby's Acknowledges Breach 

IRS, States and Tax Industry Renew Alert about Form W-2 Scam Targeting Payroll, Human Resource Departments 


Consumer Resources

Financial Abuse Resources for Seniors

Credit Agencies

  • Equifax 
    • Report Fraud: 800-525-6285
    • Order a Credit Report: 800-685-1111
  • Experian 
    • Report Fraud: 888-397-3742
    • Order a Credit Report: 888-397-3742
  • TransUnion 
    • Report Fraud: 800-680-7289
    • Order a Credit Report: 800-916-8800.

Business Resources


Debit Card Security

FRAUD - it's everywhere. 

This extra level of security protects your identity by ensuring you are the person behind the purchase!

While making purchases online, you may be prompted for a special and unique one-time password to complete your purchase. This instant password will be sent to you via text message. Simply enter the password on your screen and continue with your purchase.

What if you don’t have a cell phone? Well, then the system will ask you knowledge-based questions to verify your identity. For example, you could be asked to provide your address, zip code or birthdate.

We are confident this extra layer of security will help keep our valued customers safe when they choose to make purchases online with their debit card. As always, if you ever have questions about your debit card transactions or this new security measure, please stop by any First Citizens branch, or give us a call at (800) 326-9486.

{endAccordion}