Stay updated on the latest fraud alerts and scams to avoid becoming a victim of fraud or identity theft.
Don't Fall for the Apple ID Deactivation Hoax!
- The sender’s email address or phone number doesn’t match the name of the company that it claims to be from.
- Your email address or phone number is different from the one that you gave that company.
- The message starts with a generic greeting, like “Dear customer.” Most legitimate companies will include your name in their messages to you.
- A link appears to be legitimate but takes you to a website whose URL doesn’t match the address of the company’s website.
- The message looks significantly different from other messages that you’ve received from the company.
- The message requests personal information, like a credit card number or account password.
- The message is unsolicited and contains an attachment.
Capital One Breach Information
On July 19, 2019, Capital One determined that an outside individual, who has since been arrested, had gained unauthorized access and obtained certain types of personal information about Capital One credit card customers and individuals who had applied for Capital One card products. Capital One immediately fixed the issue and based on analysis as of July 31, 2019, believe it is unlikely that the information was used for fraud or disseminated by this individual.
While the breach impacted 100 million individuals in the US and approximately 6 million in Canada, no credit card account numbers or log-in credentials were compromised and less than 1% of social security numbers were compromised.
The largest category of information accessed was on consumers and small businesses as of the time they applied for a Capital One credit card from 2005 through early 2019. This information included names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth and self-reported income. Beyond this data, the individual obtained portions of credit card customer data, including customer status data (credit scores, credit limits, balances, payment history, contact information) and fragments of transaction data from a total of 23 days during 2016, 2017 and 2018.
The individual also obtained the following data:
- About 140,000 Social Security numbers of Capital One credit card customers and
- About 80,000 linked bank account numbers of Capital One secured credit card customers.
These customers will be directly notified by Capital One via the mail. Please note, it is Capital One’s practice to tokenize select data fields, most notably Social Security numbers and account numbers. Tokenized data remained protected.
What should customers do that receive a letter from Capital One?
Capital One will be providing free credit monitoring and identity protection to everyone affected.
Capital One is encouraging customers to enroll in account alerts to help them keep track of activity on their accounts. Customers can sign in to online banking and set up text or email alerts, based on their preferences.
Monitor your credit card accounts for unusual or suspicious activity that they do not recognize and call the phone number on the back of their Capital One card or on their statement as soon as possible.
Be alert to increase risk of phishing attempts
Events such as this may trigger an increase in phishing attempts which is an attempt to acquire personal information via electronic communication. Capital One customers should know that Capital One does not call customers asking for personal information. If you believe you have received a fraudulent email that claims to be from Capital One:
- Do not reply to the email.
- Do not click on any of the links embedded in the email.
- Forward the email to [email protected], then delete the email.
- Be sure to monitor your credit card account and call Capital One right away if you notice any unusual activity.
Capital One is not calling or texting customers to ask for credit card or account information, or Social Security numbers over the phone or via email.
Request a free copy of your credit report once every 12 months from each of the three national credit reporting agencies: Equifax, Experian and TransUnion. To obtain free credit reports, simply visit www.annualcreditreport.com, call 1-877-322-8228, or complete the Annual Credit Report Request Form, which can be found here, and mail it to: Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281.
Additionally, you can call the toll-free fraud number of any one of the three nationwide credit bureaus and place an initial or extended fraud alert on your credit report.
- Equifax: 1-800-525-6285; Equifax Information Services LLC, P.O. Box 105069, Atlanta, GA 30348-5069
- Experian: 1-888-EXPERIAN (397-3742); P.O. Box 9532, Allen, TX 75013
- TransUnion: 1-800-680-7289; Fraud Victim Assistance Department, P.O. Box 2000, Chester, PA 19016
An initial fraud alert stays on your credit report for 90 days and acts as an alert to potential lenders. An extended fraud alert is intended for victims of identity theft and stays on your credit report for seven years.
Contacting Capital One
Their website includes updated information on the breach at https://www.capitalone.com/facts2019; however, if you’d like to speak with an agent, call 1-800-227-4825.
Microsoft Windows 7 Coming to an End
Microsoft will end Windows 7 Support on January 14, 2020. This means that Security Updates will no longer be available for Windows 7 users, and continuing to run Windows 7 is a security risk. Those who continue to run Windows 7 will have an elevated fraud risk. Click here to read more.
Tips to Avoid Fraud
- Safe Online Banking — Online Banking, Data Security & You
- Account Hijacking & Identity Theft
- OnGuard Online
- Don't Become an Online Victim
- FTC Credit Reports
- National Do Not Call Registry
- Federal Trade Commission (FTC) Identity Theft Hotline Toll-free 877-IDTHEFT (438-4338)
- Internet Crime Complaint Center (IC3)
- First Gov (Your First Click to the U.S. Government) Toll-free 1-800-333-4636
- Social Security Administration Report Fraud 800-269-0271
- Identity Theft Resource Center 858-693-7935
- U.S. Postal Inspectors 800-372-8347
Financial Abuse Resources for Seniors
- 5 Ways to Spot a Lottery Scam
- Don't Fall Victim to the Grandparent Scam
- 14 Red Flags for Elder Financial Abuse
- 7 Tips to Help Older Adults Choose the Right Caregiver
- Report Fraud: 800-525-6285
- Order a Credit Report: 800-685-1111
- Report Fraud: 888-397-3742
- Order a Credit Report: 888-397-3742
- Report Fraud: 800-680-7289
- Order a Credit Report: 800-916-8800.
- SBA.gov - report fraud, waste, and abuse
- Identifying Small Business Fraud
- Report a scam to the Better Business Bureau
- Cyber Infrastructure Resources for Business
- Business Cybersecurity Guide
Debit Card Security
FRAUD - it's everywhere.
This extra level of security protects your identity by ensuring you are the person behind the purchase!
While making purchases online, you may be prompted for a special and unique one-time password to complete your purchase. This instant password will be sent to you via text message. Simply enter the password on your screen and continue with your purchase.
What if you don’t have a cell phone? Well, then the system will ask you knowledge-based questions to verify your identity. For example, you could be asked to provide your address, zip code or birthdate.
We are confident this extra layer of security will help keep our valued customers safe when they choose to make purchases online with their debit card. As always, if you ever have questions about your debit card transactions or this new security measure, please stop by any First Citizens branch, or give us a call at (800) 326-9486.