Fraudsters are relentless in their development of scams to outsmart the existing authentication controls put in place to protect account information. Here some of the recent scams:
FTC Consumer Complaint Notification Scam (5/20/2015)
The scam email appears to be from the FTC informing you there's a complaint against your business, and wants you to click on a link. Here's what one of the scam emails said:
"This notification has been automatically sent to you because we have received a consumer complaint, claiming that your company is violating the CCPA (Consumer Credit Protection Act). According to our policy, we have initiated a formal investigation before taking legal action. You can download the document containing the complaint and the plaintiff contact information, from…" followed by a link.
At first glance, it might look legitimate. It has the FTC seal, the email appears to come from an FTC email address, and the web address looks like it goes to an FTC site. But if you hover over the web address, you'll see the link actually sends you somewhere else. If you get an email like this, don't open it. And most important: don't click on the links. Don't open any attachments, either. If you do, you could install malware on your computer, causing your device to crash, or allowing a scammer to monitor and control your online activity, steal your personal information, send spam, and commit fraud. You can forward the phony email to firstname.lastname@example.org — but then delete it. Government imposters aren't just impersonating the FTC. If you get an unexpected email that says it's from the government and asks you to click on links, open attachments, or share personal information, don't do it. Even if you think it's legitimate, it's best to look up the number and contact the agency directly to check it out.
Robo-Call Debit Card Scam (4/03/2015)
Recently, customers of a Michigan bank have received hundreds of robo-calls stating that their debit cards have been compromised and are then asked to share private debit card information. Although this is not Isabella Bank, please remember that Isabella Bank or other financial institutions will NOT call you and ask for personal information. Do not respond to requests for personal information or card numbers if you did not initiate the contact.
Tips to Protect Your Computer from Intrusion (8/26/2014)
- Keep Your Firewall Turned On: Whenever your computer is on be sure your firewall is on. A firewall helps protect your computer from hackers. Software firewalls are widely recommended for single computers. The software is prepackaged on some operating systems or can be purchased for individual computers. For multiple networked computers, hardware routers typically provide firewall protection.
- Install and Update Your Antivirus Software: Antivirus software is designed to prevent malicious software programs from embedding on your computer. If malicious code, a virus or a worm is detected, the software works to disarm or remove it. These infections can infect computers without your knowledge. If your software offers it, set it to update automatically.
- Install and Update Your Antispyware Technology: Spyware is just what it sounds like-software that is secretly installed on your computer to let others watch your activities on the computer. Some spyware collects information about you without your consent or produces unwanted pop-up ads on your web browser. Some operating systems offer free spyware protection, and inexpensive software is readily available for download on the Internet or at your local computer store. Be wary of ads on the Internet offering downloadable antispyware. In some cases these products may be fake and actually contain spyware or other malicious code.
- Keep Your Operating System Up to Date: Computer operating systems are periodically updated to stay in tune with technology requirements and to fix security holes. Be sure to install the updates to ensure your computer has the latest protection.
- Be Careful What You Download: Carelessly downloading e-mail attachments can circumvent even the most vigilant anti-virus software. Never open an e-mail attachment from someone you don't know, and be wary of attachments from people you do know. They may have unwittingly advanced malicious code. Also be wary of links embedded in emails. They may lead you to rogue websites that download malicious code to your computer.
- Turn Off Your Computer: With the growth of high-speed Internet connections it is easy to leave your computers on and ready to go. But it always on it is more susceptible to unwanted attacks. Turning the computer off stops an attacker's connection to send it spyware or use it as a botnet that employs your computer's resources to reach out to other unwitting users.
IRS Updates Phone Scams Warning (8/26/2014)
The IRS is again warning the public about phone scams that continue to claim victims all across the country. In these scams, thieves make unsolicited phone calls to their intended victims. Callers fraudulently claim to be from the IRS and demand immediate payment of taxes by a prepaid debit card or wire transfer. The callers are often hostile and abusive.
The Treasury Inspector General for Tax Administration (TIGTA) has received 90,000 complaints about these scams. TIGTA estimates that thieves have stolen an estimated $5 million from about 1,100 victims. To avoid becoming a victim of these scams, you should kno
- The IRS will first contact you by mail if you owe taxes, not by phone.
- The IRS never asks for credit, debit or prepaid card information over the phone.
- The IRS never insists that you use a specific payment method to pay your tax.
- The IRS never requests immediate payment over the telephone.
- The IRS will always treat you professionally and courteously.
Scammers may tell would-be victims that they owe money and that they must pay what they owe immediately. They may also tell them that they are entitled to a large refund. Other characteristics of these scams include:
- Scammers use fake names and IRS badge numbers to identify themselves.
- Scammers may know the last four digits of your Social Security number.
- Scammers spoof caller ID to make the phone number appear as if the IRS is calling.
- Scammers may send bogus IRS emails to victims to support their bogus calls.
- Victims hear background noise of other calls to mimic a call site.
- After threatening victims with jail time or driver's license revocation, scammers hang up. Others soon call back pretending to be from the local police or DMV, and caller ID again supports their claim.
If you get a phone call from someone claiming to be from the IRS, here's what you should do:
- If you know you owe taxes or you think you might owe taxes, call the IRS at 800-829-1040. IRS employees can help you with a payment issue if you owe taxes.
- If you know you don't owe taxes or don't think that you owe any taxes, then call and report the incident to TIGTA at 800-366-4484.
- If scammers have tried this scam on you, you should also contact the Federal Trade Commission and use their "FTC Complaint Assistant" at FTC.gov. Please add "IRS Telephone Scam" to the comments of your complaint.
The IRS encourages you to be vigilant against phone and email scams that use the IRS as a lure. Visit the genuine IRS website, IRS.gov, to learn how to report tax fraud and for more information on what you can do to avoid becoming a victim.
Fraudulent Credit Card Charges (2/5/2014)
If you see a $9.84 charge on your credit card statement, you should give it a hard look, the Better Business Bureau (BBB) is warning. The BBB says scammers are charging stolen credit card numbers for a small amount of money. Many recent victims were charged $9.84. The scammers believe many cardholders won't notice the relatively small charge, and the credit card companies won't aggressively investigate such a minor sum.
The BBB says that for the $9.84 scam, the source listed on the credit card bill is an unfamiliar website that turns out to be a generic landing page that claims to offer "Customer Support." Victims have reported calling the "customer support" site and receiving a verbal confirmation that the charge would be canceled. You should contact your credit card issuer to report the charges and request a new credit card.
Fraudsters are relentless in their pursuit of finding sophisticated, malicious techniques to outsmart the existing authentication controls put in place to protect account information. Key logging, virus attacks and phishing scams are some of the techniques used by fraudsters. While the risk of fraud exists on all account types, many of these schemes target small and medium sized business customers. Your first line of defense is knowledge about what you, the end-user, can do to protect yourself from becoming a victim of fraud.
Keystroke Logging / Virus Attacks
Keylogging is a method by which fraudsters record your actual keystrokes and mouse clicks. Keyloggers are "Trojan" software programs that target your computer's operating system (Windows, Mac OS, etc.) and are "installed" via a virus. These can be particularly dangerous because the fraudster has captured your user ID and password and anything else you have typed while online. If you are like most other users and have the same ID and PIN/Password for many different online accounts, you have essentially granted the fraudster access to any company with whom you conduct business. After all, they have your login credentials so they appear to be a valid user.
Phishing is a scam where fraudsters request personal information from users. While requests are most commonly in the form of an email from an organization you may or may not do business with, they could also be from a phone call, text message or letter. The request is made to look exactly like it came from the organization, complete with company logos and other convincing information. The request usually states that the company needs you to update your personal information or that your account is about to become inactive or frozen, all in an effort to get you to supply your information. Please remember no reputable business will ever contact you in these ways requesting that you update your personal information, including account numbers, system passwords or Social Security Numbers. While nothing is foolproof, following these guidelines as a well as having a general awareness of the potential threats will greatly reduce your risk of being a victim of fraud. Commercial account holders should perform a periodic assessment of their internet banking procedures and evaluate the controls they have in place to reduce the risks they identify.
While nothing is foolproof, following these guidelines as well as having a general awareness of the potential threats will greatly reduce your risk of being a victim of fraud. Commercial account holders should perform a periodic assessment of their internet banking procedures and evaluate the controls they have in place to reduce the risks they identify.
Use Anti-Virus Software
This is one of the most important things you can do to protect your computer from viruses. There are many on the market today. Be sure you only purchase or use Anti-Virus protections from a reputable company.
Keep Your Operating System Up-To-Date with the Latest Security Patches
Check the website of your operating system for updates and security patches. Some systems allow you to set automatic updates.
Never Click on a Link From a Business Requesting That You Provide Them with Personal Information
Keep in mind that no reputable business will ever email you requesting that you update your personal information, including account numbers, system passwords or Social Security Numbers via a link to their site.
Change Your Passwords Often
We recommend changing your password every 30 or 60 days.
Do Not Use the Same ID and PIN or Password for Other Online Accounts
Never store your ID and Password information where others could gain access to it, and do not disclose your login credentials to other people or companies.
A Dedicated Computer Used Specifically for Online Banking Activity Is Highly Recommended
The dedicated computer should never be used to "surf" the internet, access websites or read email. The only internet access allowed should be signing on your internet banking account.
Avoid Accessing Your Online Banking Accounts Via a Wireless Network, Unless You Are Certain It Is Secure
If you have a wireless router at home, ensure it is locked. You should avoid using public computers but if you do, do not store your user name or password for future visits. Be sure to log off and, if possible, shut down the computer before you leave it.
Businesses Should Take Advantage of Tokens
Isabella Bank offers hard tokens, which provide a unique one-time use password each time you access your cash management account online.
Isabella Bank's Contact Policy
Isabella Bank may contact you in order to provide general account or banking information but we will never contact you and ask for personal information.
Never respond to an email, telephone call, text message or letter that appears to be from us and requests non-public personal information. (Non-public information includes account number, social security number, and internet banking credentials.) Please contact us directly before you provide banking information to anyone who contacts you on an unsolicited basis. Call our Bookkeeping Department at (989) 772-9471 or (800) 651-9111.
Never use links or phone numbers from a suspicious email. Use the contact information you have on file.