FBI Issues Warning about Email Scams
The FBI last week issued a notification to warn companies of the ongoing threat of business email compromise (BEC) scams that caused losses of nearly $76 million between December 2015 and March 2016. The notice outlines common types of BEC scams, steps businesses can take to mitigate their risk and what to do if they fall victims to this type of cybercrime.
The FBI noted that in most BEC scams, fraudsters typically target businesses that work with foreign suppliers or regularly transmit payments through wire transfers. Once the victim company is selected and compromised -- often through social engineering or computer intrusion techniques -- the fraudster conducts surveillance to understand the company’s processes and protocols and identify those with the authorization to perform or authorize these transactions. The fraudsters then compromise and assume control of the victim’s legitimate email account and, posing as the employee, instruct others to transact on their behalf.
The Stephenson National Bank & Trust feels that it is important to alert the community to scams and fraudulent activity. Awareness is the key to avoiding being victimized by these types of crimes.
Any legitimate financial institution will NEVER ask you to verify your personal account information. Remember, keep any your personal information such as PIN, C redit or Debit Card number, and Social Security number in a safe location.
How SNBT Protects You:
SNBT uses a combination of safeguards to protect your information:
- Federal Regulations - Are required of banks, but there are no similar requirements for retail stores
- In-depth Incident Response Program - We've planned ahead and created a roadmap on how to respond to various situations that may arise
- Employee Training - Occurs regularly so every employee understands the importance of keeping your information secure
- Strict Privacy Policies - We give you a copy and post online, they explain what information we can and cannot share
- Rigorous Security Standards - Regarding how we operate online and within every bank office
- Software Encryption Systems - Regularly monitored, tested, and upgraded
We offer other protections to our customers including:
Fraud Detective - We have an automated system that monitors your ATM and Debit Card transactions for potentially fraudulent activity. If a threat is discovered, you should receive an automated phone call that will verify whether recent transactions are fraudulent.
Green Bar Protection - Enacted last year, it offers security you can see when using Bank Online or shopping on the Internet.
Pick Your Own ATM & Debit Card PIN - You control your card's security and can change your own PIN by calling 1-800-567-3451
How You can Keep Personal Information Safe
Monitor Accounts Frequently. Waiting for your monthly statements to arrive may be too late. Instead, routinely monitor your bank and credit accounts by enrolling for online banking or mobile banking . Use these services to watch for suspicious activity, stop unauthorized transactions before they get out of control, and report problems to SNBT immediately.
Check Your Credit Report for Free. You're entitled to one report from each of the three credit bureau reports (Equifax, Experian and TransUnion) every twelve months through www.AnnualCreditReport.com . Stagger the reports by requesting one every four months to consistently monitor all year at no cost.
Never Give your Personal Information to Anyone! No legitimate entity, neither the police nor bank personnel, will ever ask you for your Account or Personal Identification Number (PIN) number. This is true in person, on the phone, and by email. If you are ever suspicious, contact your SNBT for verification.
Keep a Record of all of your ATM, Debit, and Credit Cards. Maintain a file of your account numbers, card numbers, expiration dates, and issuing bank's 800 numbers. If your card or wallet is ever stolen, you will be able contact them and provide the necessary information.
Take Action. If you discover unauthorized use of your Credit or Debit Card, and are able to report the loss before your card is used, you are not responsible for any charges you did not authorize. If your Credit Card number is stolen, but not the card itself, you are not liable for unauthorized use. Debit Card protection is tied to how quickly you act. Reporting before the card is used provides zero liability, two days to two weeks losses could be $50 - $500. After 60 days your liability is unlimited.
Personal information that you should never release in a conversation that you did not initiate includes…
1. Bank Account Numbers
2. Credit or Debit Card Numbers
3. Personal Identification Number (PIN)
4. Social Security Numbers
5. Bank Online Access ID or Password
If you receive a call asking for you to provide this information - DO NOT give it out!
Advice about Changing Passwords After a Breach: If you have been notified that your information has been compromised, the first step you should take is securing your email account by changing that password. Your email is typically where all password resets for other accounts are sent. If a hacker has compromised those other accounts, it's possible they may have gained access to your email as well. So the best advice is to secure the most critical account first, then all your other accounts.
Keylogging software allows cybercrooks the ability to see what you type, for instance your access ID or password. According to the Center for Strategic and International Studies, cybercrime creates a $100 billion annual loss to the U.S. economy. More...
- That contain unfamiliar links or attachments
- Are unsolicited and from an unknown sender
- Are sent multiple times from different senders
- Contain poor grammar or incorrectly spelled words
- Are from one of your contacts but only contain a mysterious link
Fraud & Identity Theft:
Five Steps to Take if Your Identity is Stolen - While prevention is the best solution, you need to know what to do if you become a victim of identity theft. Here are five steps to take immediately if you think your identity has been stolen. More...
Identity Theft is a generic term that covers a number of possible loss situations including purse/wallet snatch, mail theft, insider sources, imposters, spyware, phishing scams, account takeover (using account information to commit a fraud), full-blown identity theft (an imposter obtains personal information about the victim and “takes over” their identity in another location, normally another state), and data compromise.
Check Fraud is where consumers are tricked into depositing counterfeit cashier’s checks and money orders with instructions to send funds back to someone, either the remitter or another person involved with the scam. When the check is returned to the bank as counterfeit, the consumer is legally responsible for restitution.
Education is the best way to protect you from these types of thefts. Arm yourself with as much information and knowledge about what avenues these thieves are taking to get your money or your identity. Many government agencies websites provide information on various frauds and identity theft; they also provide instructions on what to do if you’ve been victimized.
Articles & Tips:
Taking Charge - What To Do If Your Identity Is Stolen a 68-page comprehensive resource guide from the Federal Trade Commission
www.us-cert.gov US Department of Homeland Security
www.idtheft.gov Resources from the government
www.staysafeonline.org Powered by the National Cyber Security Alliance
www.annualcreditreport.com Obtain your free credit report
www.creditkarma.com Access to all of your financial information in one location - FREE!
www.lookstoogoodtobetrue.com FBI & US Postal Inspection Service
www.debitsavvy.org Resource for responsible debit card use
www.fdic.gov/consumers Federal Deposit Insurance Corp (FDIC)
www.ftc.gov/consumer Federal Trade Commission (FTC)
http://www.privacy.wi.gov/ WI Office of Privacy Protection
http://www.ic3.gov/ Internet Crime Complaint Center
www.onguardonline.gov/ Federal Trade Commission, Homeland Security, Office of Justice Programs, US Postal Inspection, Dept of Commerce, Securities & Exchange Commission