Scam Alert-phishing.indd

What to do if you fall victim to an attack:
Act immediately to protect yourself!
• Alert your financial institution at once so
that they can close the accounts and cards.
Access to your account could occur within
minutes of your providing the information, so it
is important to take action as soon as possible.
• If you disclosed sensitive information, you
should also contact one of the three major
credit bureaus and discuss whether you need
to place fraud alerts on your credit files,
which will help prevent thieves from opening
new accounts in your name.
YOU CAN FIGHT IDENTITY THEFT
NEVER PROVIDE PERSONAL FINANCIAL
INFORMATION (Debit/credit card numbers,
Social Security numbers, account numbers,
password, PINs, 3 or 4 digit security codes on
reverse side of debit/credit cards) IF YOU
DIDN’T INITIATE CONTACT.
NEVER CLICK ON A LINK PROVIDED IN AN
EMAIL you are not completely sure about. Some
very authentic-looking ‘FAKES’ are out there.
It’s best to access the site directly by typing the
website address.
EQUIFAX
DO NOT RESPOND TO AN EMAIL OR CALLER
800.525.6285
P O Box 740250
Atlanta GA 30374
who suggests monetary incentives or dire
consequences if you do not immediately provide
or verify financial information to them.
EXPERIAN
ACT QUICKLY IF YOU FALL VICTIM TO AN
ATTACK to protect yourself. Alert your financial
888.397.3742
P O Box 1017
Allen TX 75013
TRANSUNION
800.680.7289
P O Box 6790
Fullerton, CA 92634
SCAM ALERT
Protect
Your
Identity
institution. Place fraud alerts on your credit files.
Monitor your credit files and account statements
closely.
REPORT SUSPICIOUS EMAILS OR CALLS to the
Federal Trade Commission at www.ftc.gov/IDtheft or
by calling 1.877.IDTHEFT
Don’t become a victim of
phishing or vishing attacks
• Monitor your credit files and account
statements closely.
Report all suspicious contacts to the Federal Trade
Commission at
www.ftc.gov/idtheft or
call 1.877.IDTHEFT
740.633.0445 • 888.275.5566
R
ecent scams have targeted the local area
via unsolicited phone calls, emails and
fake website links asking for personal
information. These scams are called “phishing”
and “vishing”. Both are forms of piracy whereby
thieves make unsolicited contacts, ‘fishing’ for
personal financial information from unsuspecting
victims.
Phishing is the process of using SPAM email
and fraudulently-designed copies of “trusted”
web sites to lure people into revealing their
personal and sensitive information. The latest
version, called “vishing” is similar, but instead of
using the Internet and email, the thieves primarily
use the telephone to carry out their scams. Their
goal is to trick bank customers into revealing
confidential information that will give the thieves
access to their identity and money.
They are usually searching for account
numbers, passwords, PIN numbers, social security
numbers, credit and debit card numbers, as well
as the three- or four-digit security codes (CVV
or CVC) on the reverse side of credit and debit
cards.
These attacks are on the rise all across the
United States and the techniques are becoming
very sophisticated, making legitimate calls from
a bank and attempts at theft more difficult to
differentiate. They can even manipulate how
their name or caller ID appears, adding to the
appearance that the call is actually legitimate.
If you understand how phishing works and
how to protect yourself from becoming a victim,
you can help stop this crime.
Here’s How Phishing Works:
• You may receive an email indicating
there has been a problem with your
account and directing you to call a phone
number. When that number is called, a
prerecorded message takes you through
a series of prompts and leads you to
reveal critical information by recording the
information after a tone.
• You may receive a prerecorded phone
call where you are again taken through
a series of prompts and asked to enter
important numbers via your phone. These
calls can occur any time of the day or night
and may be repeated several times.
• A live person may call explaining that
your account has been compromised or
indicating that you need to update your
information. They will attempt to solicit
information from you.
• You may be offered a financial incentive
for taking part in a survey. They will then
ask for your account number so they can
put the money directly into your account,
which of course, will not be done but is just
a way of getting your account number.
If you provide the requested information, you
may find yourself the victim of identify theft.
How to Protect Yourself:
NEVER GIVE OUT YOUR PERSONAL
FINANCIAL INFORMATION if you have not
initiated the contact. Your bank will never call you
asking for any private financial information. In most
cases, since you are already a customer of the bank,
they already have that information on file, so there
would be no need for the bank to ask you for it.
Some additional precautions you can take to
protect yourself:
• If you receive a suspicious phone call,
email or text message requesting personal
information, DO NOT RESPOND. Hang up
immediately or delete the message. Do not
click on links in emails. Do not provide ANY
information. It’s best just to ignore the call or
message and then report it.
• If a caller already has some bit of your
personal information, don’t assume the call is
well-intentioned. Sometimes thieves will already
have your credit card account number and are
asking for your PIN or security code or other
piece of crucial information to complete what
they have.
• Look for misspellings, typos and bad
grammar in the printed message.
• Be skeptical…especially of automated calls.
• Caller ID does not make the number a
legitimate one.
• When in doubt, hang up the phone and
contact the company or bank yourself. It’s
always better to be safe than sorry.
• Whenever calling your financial institution
or credit card company, always use the
phone number found on a previous account
statement, in the phone book or through another
trustworthy source. Do not call numbers found
in unsolicited emails or on web sites that were
sent as a link in an unsolicited email. When
accessing a website, type the address in directly
rather than clicking on a link. While the linked
websites may look perfectly legitimate, they
are not always the “real thing” and you may be
putting your identity at risk.