Fraud Prevention Tips

When someone poses as a legitimate company to obtain personal data and fraudulently conducts transactions on your existing accounts is ONLINE FRAUD. This is often called “phishing” or “pharming”. “Phishing” is the act of attempting to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business with a real need for such information in a seemingly official electronic notification or message (most often an email, or an instant message). “Pharming” is an attack in which a user can be misled into entering sensitive data such as a password or credit card number into a malicious web site that impersonates a legitimate web site. It is different than phishing in that the attacker does not have to rely on having the user click a link in an email to deceive the user-- even if the user correctly enters a URL (web address) into a browser’s address bar, the attacker can still redirect the user to a malicious web site.

How to Prevent being a Victim of Pharming

The address bar of Internet browser won’t tell anything useful. The address (URL) looks just the same. If the criminals are good, the spoofed site may look just like the real web site. At present only a certificate (such as those issued by Verisign) will ensure that you are on the right website. When you visit a website that uses a certificate, you will see a box asking you if you want to trust the certificate. If you do online banking, you’ve probably already seen these. Compare the names: if the name on the certificate doesn’t match the site you’re trying to reach, you know that something is wrong! Close the window and contact the company by telephone. If the certificate is OK, save the certificate so that on your next return, your browser will know it’s reached the right address. You would then log in to the site safely.

Suspicious emails

Suspicious emails. Be cautious of suspicious emails and review any email requesting your account information and/or password, particularly if the email states that the information is needed to “award a prize” or “verify a statement.” Avoid opening any suspicious emails. If you have opened any suspicious email, do not open any attachments or links it may contain, and delete it.

Business Email Compromise (BEC) Fraud Awareness Guide

What is Business Email Compromise (BEC)?

A business email compromise attack - also known as a BEC attack - is a type of phishing attack in which a cybercriminal impersonates a high-level executive or other trusted contact and uses social engineering techniques to trick an email recipient into transferring funds into a fraudulent account.

Who is Targeted in a BEC Attack?

Cybercriminals seek out situation in which fund transfers happen on a regular basis, and they have been known to attack organizations of all sizes across all sectors, as well as individuals. Anyone who is authorized to complete financial transactions as part of a normal course of business could be a target. Frequent victims include company controllers, accountants, and parties involved with real estate transactions (including agents, buyers, and sellers).

How Does a BEC Attack Happen?

How to Prevent and Protect from BEC Attack?

Ask you for personal information

Ask you for personal information. Fraudulent emails often claim that your information or account has been compromised and ask you to confirm the authenticity of your transactions. Never provide your Social Security Number (SSN) unless you determine it is necessary. If you asked to provide your SSN for any service, confirm that it is really needed or ask if you can provide another piece of identifying information. Never respond to e-mails, open attachments, or click on links from suspicious or unknown senders. Below identity theft prevention tips are provided by Los Angeles Police Department.

Credit Reporting Bureaus

Contact credit reporting bureaus for names and telephone numbers of credit grantors with whom fraudulent accounts have been opened in your name. Ask the credit reporting bureaus to remove inquiries that have been generated due to the fraudulent access. You may also ask the credit reporting bureaus to notify those who have received your credit report in the last six months in order to alert them to the disputed and erroneous information (two years for employers). The nearest office of the Consumer Credit Counselling Service of Los Angeles might be able to give you advice on removing fraudulent claims from your credit report. Call 800-750-2227. In addition, immediately call the fraud unit of one of the three credit reporting bureaus, i.e., Equifax, Experian (formerly TRW) and Trans Union. These organizations currently share fraud information eliminating the need to contact all three. Report the theft of your credit cards or numbers. Ask that your accounts be flagged. Also, add a victim’s statement to your report, up to 100 words. (“My Identification has been used to apply for credit fraudulently. Contact me at (telephone number) to verify all applications.”) Be sure to ask how long the fraud alert is posted on your account, and how you can extend it if necessary. Be aware that these measures may not entirely stop new fraudulent accounts from being opened by an imposter. Ask the credit bureaus in writing to provide you with free copies every few months so you can monitor your credit report.

EQUIFAX

To report fraud call 800-525-6285 or 800-685-1111
To order a copy of credit report write P.O. Box 740241 Atlanta, GA 30374-0241
To dispute information in credit report write P.O. Box 740256 Atlanta, GA 30374-0256
To opt out of pre-approved offers of credit write P.O. Box 740123 Atlanta, GA 30374-0123

EXPERIAN (formerly TRW)

To report fraud call 888-397-3742 or fax 800-301-7196
To contact Experian Consumer Fraud Assistance write P.O. Box 1017 Allen, TX 75013
To order a copy of credit report write P.O. Box 2104 Allen, TX 75013-2104
or call 888-EXPERIAN (888-397-3742)
To dispute information in credit report contact Experian at the address and telephone number provided on your credit report
To opt out of pre-approved offers of credit and marketing list call 800-353-0809

TRANS UNION

To report fraud call 800-680-7289
To report fraud write Fraud Victim Assistance Division
P.O. Box 6790 Fullerton, CA 92634
To order a copy of credit report write P.O. Box 390 Springfield, PA 19064
or call 800-916-8800

To dispute information in credit report call: 800-888-4213 or call the telephone number provided on your credit report or use “investigation request form” provided by Trans Union when you order your report. To opt out of pre-approved offers of credit and marketing lists call: 888-5OPTOUT (888-567-8688) Remember, if you have been denied credit you are entitled to a free credit report. If you are the victim of fraud, be sure to ask the credit reporting bureau for a free copy of your credit report. In 1997, a law became effective requiring credit reporting bureaus to provide credit reports free of charge to victims of Identity Theft.

Social Security Administration

If your Social Security number has been used fraudulently, report the problem to the Social Security Administration (SSA) at 800-269-0271. You may also order your Earnings and Benefits Statement by calling the SSA at 800-772-1213. For extreme cases of Identity Theft, they may be willing to change your Social Security number.

Reporting Theft or Fraudulent Use of Checks

To report theft or fraudulent use of your checks call your branch:

Equifax 800-437-5120
Telecheck 800-710-9898
ChexSystems (Regarding closed checking accounts only) 800-328-5121 or 800-428-9623
SCAN 800-262-7771