Call 1-800-264-4274 to report an ATM/Debit Card lost or
stolen after banking hours.
Fraud Alert: Consumers Beware and
Watch Out for New Phishing Scams
There has been quite a bit of recent media
attention about data breaches and card security in general, we want
to remind you to be vigilant about protecting your credit and debit
card data and beware of phishing scams that can become more
prevalent after a widely-publicized incident. As always, it
is important to remember that MasterCard does not directly contact
cardholders to request personal credit or debit card account
You've probably heard the term "phishing" but you
may not be sure how to identify if you've been targeted and what to
do if you think you may have been affected. In order to help you
become savvier about phishing scams, here are some quick tips and
resources to help you avoid getting pulled into their
Many scammers use the Internet to promote fraud through
uninvited email, commonly known as "spam". These scams include
pyramid schemes, investment opportunities, "Risk Free"
opportunities, phishing (Identity theft) and many others. New scams
come out every day. Anyone who uses a computer and connects to the
Internet needs to be familiar with spam and other types of Internet
fraud and take measures to protect themselves and their computers
against these types of attack.
Phishing - According to Webster's is "the
practice of luring unsuspecting Internet users to a fake Web site
by using authentic-looking email with the real organization's logo,
in an attempt to steal passwords, financial or personal
information, or introduce a virus attack".
Vishing - In this scenario an attempt to
persuade consumers either by email, text message, or a telephone
call, purportedly from their credit card/debit card company or
bank, to divulge their Personally Identifiable Information,
claiming their account was suspended, deactivated, or
Smishing is a form of criminal activity using
social engineering techniques similar to phishing. The name is
derived from "SMs PhISHING". SMS (Short Message Service) is the
technology used for text messages on cell phones.
Lottery & Sweepstakes Scams - The potential
victim is sent an e-mail notification that they have won money.
However, to obtain the supposed winnings the winner is told that
he/she must pay taxes up front or some other fictitious fee.
Sometimes the scammer doesn't require money up front, but asks for
the winner's account number, supposedly to deposit the winnings,
but really to steal.
Nigerian Scams - This e-mail is supposedly from
a citizen of another country (often Nigeria). He writes that he
needs your help to gain access to his funds that he cannot touch
because of the country's regulations. He offers to greatly reward
you for your help. All he needs is your account number, supposedly
to transfer the funds, but really so that he can drain your
savings. There are many versions of this scam.
Online Auction Scams - In this scenario, the
victim is the seller. The buyer sends a cashier's check to the
seller for an amount larger than the purchase price. They buyer
asks that the difference is sent back to him/her and usually tells
the seller that he/she can keep a little extra for the trouble.
Even though it is a cashier's check, that doesn't mean that it's
safe. This check is later found to be counterfeit and the seller is
out the money that they sent back to the buyer.
JURY Duty Scam - A new type of fraud has
surfaced and is growing.
The caller claims to be a jury DUTY coordinator. If you protest
that you never received a summons for jury duty, the Scammer asks
you for your Social Security number and date of birth so he or she
can verify the information and cancel the arrest warrant. If you
give out any of this information your identity was just stolen.
The fraud has been reported so far in 11 states, including
Oklahoma , Illinois , and Colorado , AZ and more. This (swindle) is
particularly insidious because they use intimidation over the phone
to try to bully people into giving information by pretending they
are with the court system.
The FBI and the federal court system have issued nationwide
alerts on their web sites, warning consumers about the fraud. Check
it out here:
Scammers are working hard at trying to fraudulently get
consumers money. Please visit the Internet Crime webpage for
details of some of the most common scams and protect yourself!
The Federal Deposit Insurance Corporation (FDIC) has received
numerous reports from consumers who received an e-mail that has the
appearance of being sent from the FDIC. The e-mail informs the
recipient that "in cooperation with the Department of Homeland
Security, federal, state and local governments…" the FDIC has
withdrawn deposit insurance from the recipient's account "due to
account activity that violates the Patriot Act." It further states
deposit insurance will remain suspended until identity and account
information can be verified using a system called "IDVerify." If
consumers go to the link provided in the e-mail, it is suspected
they will be asked for personal or confidential information, or
malicious software may be loaded onto the recipient's computer.
This e-mail is fraudulent. It was not sent by the FDIC. It is an
attempt to obtain personal information from consumers. Financial
institutions and consumers should NOT access the link provided
within the body of the e-mail and should NOT under any
circumstances provide any personal information through this media.
The FDIC is attempting to identify the source of the e-mails and
disrupt the transmission. Until this is achieved, consumers are
asked to report any similar attempts to obtain this information to
the FDIC by sending information to firstname.lastname@example.org.
The FBI and Banks are warning small business owners and
consumers to use two computers. Utilize one computer to handle
online banking activities and yet another entirely to surf the web
and for email. This approach, while not as convenient, is the best
way to prevent malicious software from infecting the computer and
makes it much harder to manipulate electronic transfers.
There are many places on the Internet that provide free
information on how to protect yourself from Internet Scams. These
are some of the sites with helpful information:
U.S. Security and Exchange Commission - Complaint Site
Federal Bureau of Investigation- list of common fraudulent
http://www.ftc.gov/bcp/edu/microsites/idtheft/ - Federal Trade
Commission - ID Theft Home Page
- The Internet Crime Complaint Center (IC3) was established as a
partnership between the Federal Bureau of Investigation (FBI) and
the National White Collar Crime Center (NW3C) to serve as a means
to receive Internet related criminal complaints and to further
research, develop, and refer the criminal complaints to federal,
state, local, or international law enforcement and/or regulatory
agencies for any investigation they deem to be appropriate. Your
Local Internet Service Provider should be able to provide
additional web site references regarding scams, phishing and other
types of fraud.
It is strongly recommended that everyone with a home computer
that connects to the Internet have the following on their
Anti-Virus Software - Be sure to keep your
anti-virus software active and update it frequently. New anti-virus
database updates are usually out weekly.
Spam Blocking Software - Run this software at
least weekly and update it frequently. New updates are usually
released every few weeks.
Personal Firewall - This helps prevent others
from controlling your computer remotely while connected to the
Internet. If you think you are a victim of an Internet fraud, an
Internet scam or Identity Theft, here are some suggestions:
not leave your phone unattended. Treat your mobile device as if it
contained cash. Mobile devices can contain everything
from passwords to contact lists to calendar appointments - things
that you don't want to fall into the wrong hands.
· Password protect
your mobile device and lock your device when it's not in use. Most
devices have a security setting that makes it mandatory that you
insert a Password or Personal Identification Number (PIN) to access
· Utilize The
Security Features Available on Your Mobile Phone.
Enable encryption and remote wipe capabilities if available.
Research additional security software and antivirus solutions that
may be available for your type of device. (Contact your mobile
provider or review your user manual.)
· Keep the Operating
System on Your Phone Updated.
· Download only the
official APP from First National Bank. You can download the First
National Bank Mobile Banking App from the Apple or Android Market,
verify that the app publisher is First National Bank and or
· Exercise caution
for what Information You Store On Your Mobile Device.
Saving passwords to sites used for email, social networking,
shopping or where personal information is stored makes you
· Immediately Notify
The Bank and Your Mobile Service Provider If Your Device Is Lost or
Stolen. The mobile phone number can be removed from
your information at the bank required for accessing mobile banking.
The service provider can disable your device to reduce the risk of
the information being accessed.
· Exercise caution
when downloading items to your phone. Mobile devices
are specialized computers. This makes it possible for someone to
design an app that could try to access your information. Research
before downloading a game, widget or any app to make sure the app
developer has a good reputation. Download updates regularly as
these may include "fixes" to security flaws.
· Don't Follow
Links. Use typical online security precautions, the
same as you would follow when browsing the internet or accessing
email from your PC. Phishing is the practice of
tricking someone into revealing private information. This may be as
simple as sending out a text message or email in an effort to
obtain information. Spoofing involves the creation of
a fake Web site designed to mimic your bank's official site in an
effort to obtain personal information. Never follow a banking link
sent to you in a text message or email. These links could send you
to a "spoofed" site that will steal your login credentials or other
personal information. Always navigate to a site directly via your
own bookmarks or by entering the address yourself.
· Avoid Banking
While on Public Networks. Public connections aren't
secure. Most places that offer public WI-FI warn users not to share
sensitive information over the network, including logging into your
bank account or shopping online. A solution is to disable WI-FI
and switch to a cellular network for a more secure
· Use a Complex
Password. Do not use your name, birth date or other
easily identifiable personal information in your password. Use
capital letters and/or symbols in the password to make it more
· Change Your
· Do Not Send
Personal Information or Log-In Credentials Via email or SMS (Text
· Review Any Pop-Up
Notices or Alerts That Appear On Your Device. These
may be warnings that you are leaving a trusted site or of security
· Regularly Delete
Text Messages, Clear Browser History and Delete Files From Your
· Remove ALL
Information From Device Before Discarding or Selling the
· Only Enter
Personal Information On A Secure Site. Do not enter
personal information on a site unless there is an "s" after http
which indicates that the site is secure.
· Do Not Allow Any
Phone Settings to Auto-Fill User ID's or Password
· Always Log Off
Completely After Using Mobile Banking.
· Monitor your
accounts regularly Any suspicious activity should be
reported to the bank as soon as possible. With mobile
banking you can monitor your accounts quickly and easily.
If you check your account often, you'll be able to
spot any potential fraud sooner rather than later.
Click here for the Ohio
Attorney General Senior Fraud Prevention Toolkit