Security

Internet Fraud – fbi.gov

Internet fraud is the use of Internet services or software with Internet access to defraud victims or to otherwise take advantage of them. Internet crime schemes steal millions of dollars each year from victims and continue to plague the Internet through various methods. Several high-profile methods include the following:

  • Business E-Mail Compromise (BEC): A sophisticated scam targeting businesses working with foreign suppliers and companies that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.
  • Data Breach: A leak or spill of data which is released from a secure location to an untrusted environment. Data breaches can occur at the personal and corporate levels and involve sensitive, protected, or confidential information that is copied, transmitted, viewed, stolen, or used by an individual unauthorized to do so.
  • Denial of Service: An interruption of an authorized user’s access to any system or network, typically one caused with malicious intent.
  • E-Mail Account Compromise (EAC): Similar to BEC, this scam targets the general public and professionals associated with, but not limited to, financial and lending institutions, real estate companies, and law firms. Perpetrators of EAC use compromised e-mails to request payments to fraudulent locations.
  • Malware/Scareware: Malicious software that is intended to damage or disable computers and computer systems. Sometimes scare tactics are used by the perpetrators to solicit funds from victims.
  • Phishing/Spoofing: Both terms deal with forged or faked electronic documents. Spoofing generally refers to the dissemination of e-mail which is forged to appear as though it was sent by someone other than the actual source. Phishing, also referred to as vishing, smishing, or pharming, is often used in conjunction with a spoofed e-mail. It is the act of sending an e-mail falsely claiming to be an established legitimate business in an attempt to deceive the unsuspecting recipient into divulging personal, sensitive information such as passwords, credit card numbers, and bank account information after directing the user to visit a specified website. The website, however, is not genuine and was set up only as an attempt to steal the user’s information.
  • Ransomware: A form of malware targeting both human and technical weaknesses in organizations and individual networks in an effort to deny the availability of critical data and/or systems. Ransomware is frequently delivered through spear phishing emails to end users, resulting in the rapid encryption of sensitive files on a corporate network. When the victim organization determines they are no longer able to access their data, the cyber perpetrator demands the payment of a ransom, typically in virtual currency such as Bitcoin, at which time the actor will purportedly provide an avenue to the victim to regain access to their data.

Frequent instances of Internet fraud include business fraudcredit card fraudinternet auction fraudinvestment schemesNigerian letter fraud, and non-delivery of merchandise. For information on the most common complaints and scams, see the annual reports of the Internet Crime Complaint Center (IC3), a partnership of the FBI and the National White Collar Crime Center. Also see its information on Internet Crime Schemes and its Internet Crime Prevention Tips.


 10 Things You Can Do To Prevent Account Fraud – ftc.gov

Spot imposters. Scammers often pretend to be someone you trust, like a government officiala family membera charity, or a company you do business with. Don’t send money or give out personal information in response to an unexpected request — whether it comes as a text, a phone call, or an email.

Do online searches. Type a company or product name into your favorite search engine with words like “review,” “complaint” or “scam.” Or search for a phrase that describes your situation, like “IRS call.” You can even search for phone numbers to see if other people have reported them as scams.

Don’t believe your caller ID. Technology makes it easy for scammers to fake caller ID information, so the name and number you see aren’t always real. If someone calls asking for money or personal information, hang up. If you think the caller might be telling the truth, call back to a number you know is genuine.

Don’t pay upfront for a promise. Someone might ask you to pay in advance for things like debt relief, credit and loan offers, mortgage assistance, or a job. They might even say you’ve won a prize, but first you have to pay taxes or fees. If you do, they will probably take the money and disappear.

Consider how you pay. Credit cards have significant fraud protection built in, but some payment methods don’t. Wiring money through services like Western Union or MoneyGram is risky because it’s nearly impossible to get your money back. That’s also true for reloadable cards like MoneyPak, Reloadit or Vanilla. Government offices and honest companies won’t require you to use these payment methods.

Talk to someone. Before you give up your money or personal information, talk to someone you trust. Con artists want you to make decisions in a hurry. They might even threaten you. Slow down, check out the story, do an online search, consult an expert — or just tell a friend.

Hang up on robocalls. If you answer the phone and hear a recorded sales pitch, hang up and report it to the FTC. These calls are illegal, and often the products are bogus. Don’t press 1 to speak to a person or to be taken off the list. That could lead to more calls.

Be skeptical about free trial offers. Some companies use free trials to sign you up for products and bill you every month until you cancel. Before you agree to a free trial, research the company and read the cancellation policy. And always review your monthly statements for charges you don’t recognize.

Don’t deposit a check and wire money back. By law, banks must make funds from deposited checks available within days, but uncovering a fake check can take weeks. If a check you deposit turns out to be a fake, you’re responsible for repaying the bank.

  1. Sign up for free scam alerts from the FTC at gov/scamsGet the latest tips and advice about scams sent right to your inbox.

If you spot a scam, report it at ftc.gov/complaint. Your reports help the FTC and other law enforcement investigate scams and bring crooks to justice.


Regulation E – Electronic Fund Transfers


Scam Alerts – Read about the Latest Scams; Report & Prevent Fraud with the FTC


General Tips to Help Protect Yourself

Remember to monitor your credit reports to help determine any unauthorized creditors. You are entitled to one free credit report annually from each major credit bureau, visit annualcreditreport.com for more information.

There is an option through the credit bureaus to lock, sometimes referred to as a freeze, your credit report. This should prevent loans being taken out in your name, without your direct involvement. Please keep in mind there could be a fee to unlock your report. Please check with the credit bureaus for more information.

There is also an option to add a fraud alert through the credit bureaus. These are generally good for 90 days. Please check with the credit bureaus to ensure there is no cost to add the alert, or remove it.

Be extra cautious with all emails. It could appear to be a valid email, from a valid source. If there is any doubt, protect yourself and throw it out!

If you haven’t already, setup a code word on your PrimeSource CU membership, please contact us to do so, as we are always taking extra verification measures to protect you. And consider making that call to any other financial institutions you may have a relationship with.