Identity Theft

You Have the Power to Stop Identity Theft

Stop identity theft

There is a type of identity theft using the Internet called “phishing.” Pronounced “fishing,” that’s exactly what thieves are doing, fishing for your personal financial information. They want your account numbers, passwords, Social Security numbers, and other confidential information so they can use your financial accounts or run up bills on your credit cards.

In the worst case, you could find yourself a victim of identity theft. With the sensitive information obtained from a successful phishing scam, these thieves can take out loans or obtain credit cards and even a driver’s license in your name. They can do damage to your financial history and personal reputation that can take years to unravel. But if you understand how phishing works and how to protect yourself, you can help stop this crime.

How phishing works

Typically, you’ll receive an e-mail that appears to come from a reputable company that you recognize and may do business with, such as your financial institution. In some cases, the e- mail may appear to come from a government agency, perhaps a federal financial institution regulatory agency.

The e-mail will probably warn you of a serious problem that requires your immediate attention. It may use phrases such as “Immediate attention required,” or “Please contact us immediately about your account.” The e-mail may also state that unless you provide certain confidential information your account will be deactivated or closed. The e-mail will encourage you to click a link to go to the institution’s Website.

In a phishing scam, you could be redirected to a phony Website that may look exactly like the real thing. Sometimes, in fact, it may be the company’s actual Website. In those cases, a pop-up window will quickly appear for the purpose of collecting your financial information.

You may be asked to update your account information or to provide information for verification purposes: your Social Security number, your account number, your password, or the information you use to verify your identity when speaking to your financial institution, such as your mother’s maiden name or your place of birth.

If you provide the requested information, you may find yourself a victim of identity theft. 

How to protect yourself

  1. Never provide your personal information in response to an unsolicited request, whether it is over the phone or on the E-mails and Internet pages created by phishers may look exactly like the real thing. They may even have a fake padlock icon that ordinarily is used to denote a secure site. If you did not initiate the communication, do not provide any information including your Social Security number, account numbers or passwords.
  2. If you are unsure whether a contact is legitimate, contact the financial You can find phone numbers and Websites on the monthly statements you receive from your financial institution, or you can look up the company in a phone book or on the Internet. The key is that you should be the one to initiate the contact, using information that you have verified yourself.
  3. Never click on the link provided in an e-mail you think is In addition to stealing your personal information, the link may contain a virus that can contaminate your computer.
  4. Do not be intimidated by an e-mail or caller who suggests dire consequences if you do not immediately provide or verify financial
  5. Never provide your account information and/or password over the phone or in response to an unsolicited Internet A financial institution would never ask you to verify your account information or confirm a password online. Thieves armed with this information and your account number can help themselves to your money.
  6. Review account statements regularly to ensure all charges are If your account statement is late in arriving or does not arrive, call your financial institution to find out why. If your financial institution offers electronic account access, check your account activity online regularly to catch suspicious activity.

What to do if you fall victim

  • Contact your financial institution immediately and alert it to the
  • Close accounts you think have been tampered with or opened Call the security or fraud department of each associated company or financial institution. Follow-up in writing and supply copies of supporting documents.
  • It is important to notify credit card companies and financial institutions in Send your letters by certified mail, return receipt requested, so you can document when and what the company received. Keep copies of your correspondence and enclosures.
  • Report all suspicious contacts to the Federal Trade Commission through the Internet at http://www.ftc.gov/bcp/edu/microsites/idtheft/, or by calling 1-877-IDTHEFT (1-877-438-4338).
  • Check with your state Attorney General’s office to find out if state law requires the police to take reports for identity Check the Blue Pages of your telephone directory for the phone number, or check http://www.naag.org/ for a list of state Attorneys General.
  • If possible, file a report with local police or police in the community where the identity theft took Obtain a copy of the police report or the report number. It can help you deal with creditors who need proof of the crime. If the police are reluctant to take your report, ask to file a “Miscellaneous Incidents” report.
  • If you disclose sensitive information in a phishing attack, contact one of the three major credit bureaus listed below and discuss whether to place a fraud alert on your A fraud alert will help prevent thieves from opening a new account in your name.

Equifax                                                                 Experian                                             TransUnion

800-525-6285                                                          888-397-3742                                         800-680-7289

P.O. Box 740250                                                      P.O. Box 1017                                          P.O. Box 6790

Atlanta, GA 30374                                                   Allen, TX 75013                                      Fullerton, CA 92634

http://www.equifax.com/                                     http://www.experian.com/                  http://www.transunion.com/

To learn more about keeping your money safe, visit the http://www.mymoney.gov/scams.shtml website

Sources: Board of Governors of the FRS, the FDIC, the NCUA, the OCC, and the OTS.

Debit/Credit Card Skimming

Debit/Credit Card Skimming

WHAT IS IT

Skimming refers to one of the ways in which thieves are causing billions of dollars in losses to consumers in the recent years by illegally obtaining cardholders’ data. A small device is utilized to collect (skim) debit/credit card information while a person performs a routine transaction at an ATM, gas pump or other vendors such as restaurants and convenient stores.

HOW DOES IT WORK

The small device is installed on an ATM or other card device such as gas pump, when a person performs a transaction, all the information contained on the magnetic strip of the card are collected and stored within the device. At a later time the criminal will collect the device and access the card numbers stored within. Some devices also include a keyboard overlay to steal the PIN as its being keyed in by the cardholder; or a small camera pointed at the keyboard is utilized to record the PIN.

Skimming can also at times involve a “bad” store clerk or attendant; when the cardholder hands his/her card to the employee and he/she walks away with the card to process the payment, the employee could swipe the card through a small reader they carry and retain the card data for later extraction.

HOW TO PROTECT YOURSELF

  • Choose the terminal location wisely: when possible, select a terminal that is in a trafficked and well lit area, for example, when at the pump, use one closer to the cashier’s window or front entrance of the store as it will be less likely to be chosen by a criminal. ATMs inside a store are usually safer than those on an outer wall of a building.
  • Check the terminal : check the terminal for any potential tampering activities, such as a broken seals, scratches, etc. If multiple terminals are available, such as in the case of a gas pump, compare the terminal you selected with the others. Check for items that seem loose or aren’t aligning correctly.
  • Give it a tug: wiggle and/or tug the card reader section of the terminal. Terminals are built to be sturdy and will not move when a wiggle or tug is applied. Also, when using the terminal, if the keypad doesn’t feel right, hard to press or “too thick”, this may be a sign that an overlay has been applied to the keypad to capture your PIN.
  • When in doubt: report the terminal to a store clerk or financial instution representative (in case of an ATM) or if no one is available, inform the police. If a skimming device is recovered by the police, it can help determine the owner of the device and catch the criminals associated.
  • Look over your shoulder: when performing a transaction be constantly aware of your surroundings, see if anyone is over your shoulder (even if at some distance) and check for cameras. It is best to cover the keypad with your hand as you enter your PIN.
  • Stay with your card: Make sure your card stays in sight at all times. Do not let anyone leave your presence while they have your card; ask the employee permission to meet him/her at the cashier’s station or other location in which the payment will be taken and witness the transaction as it is performed. This will minimize the chance of a bad employee skimming your card data; if this is not allowed, consider utilizing cash.
  • ATM machines are at higher risk during the weekend and holidays: criminals will install skimmers after working hours on Friday and recover them early Monday before the financial institution personnel reports to work.
  • Provide your financial institution and credit card provider with your cell#: most financial institution and credit card providers have a 24/7 fraud protection team at work. Due to the time sensitivity and security issues associated with these calls, the cardholder must answer to the call from the fraud department. A return call # is often not provided as there is no way for the fraud department to confirm the caller identity with certainty. If the call is not answered, as a preventive fraud measure, the card will likely be blocked until the cardholder can make contact with a representative during normal business hours.
  • Keep a close watch on your account activities and credit card statement: timing is essential when discovering fraud on your account. The sooner you can report fraud on your card, the sooner the dispute process can began and the least amount of fraudulent transactions will take place.

WHAT TO DO IF YOUR CARD INFORMATION IS STOLEN

If you don’t recognize a charge, report it immediately to the institution that issued the card in question. The card issuer will immediately close that card and issue a new one to prevent any additional fraud. You will likely be asked to sign paperwork and/or report the instance to the police as this constitutes a case of identity theft; ask your financial institution to provide you an affidavit of fraud, the police usually requires this statement to open a case for you.

Return to top of page