Safeguard Your Information

How to protect yourself:

• Do not provide any personal information to an unsolicited caller.
• Never respond to a phone call or voicemail asking you to verify account information or reactivate a service.
• Never provide personal or account information over the phone or via email/text, even if it appears legitimate. Contact the organization directly using information listed on their website or other trusted source.

How to protect yourself:

• Be wary of posts with pictures of cash or other items encouraging anyone interested to comment for more information.
• Only communicate with social media users you know and trust.
• If you are taking action because of a social media post, check the poster’s account and ask them to share their contact information so you can verify their validity.

 

How to protect yourself:

• Never click on links in unsolicited text messages. Scammers use links to infect your phone with malware or send you to fake websites that steal your information. Never click on a link in a text message unless you’re absolutely sure who sent it.
• When in doubt, contact the company, agency or individual directly. Fraudsters can impersonate everyone from your bank to your boss. If you get a text message that you think you need to act on, contact the person or organization directly first to make sure it’s legitimate.
• Regularly check your credit report and bank statements. Text message scams are almost always after access to your financial accounts. Be on the lookout for the warning signs of identity theft – such as strange charges on your bank statement or accounts you don’t recognize.
• Remove your contact information from data broker lists. Scammers can buy your contact details from data brokers. Unfortunately, there are hundreds of data brokers in the U.S. alone.
• Consider signing up for identity theft protection.

How to protect yourself:

• Avoid online posts and advertisements promoting fast cash or easy money.
• Never provide your debit card information to an unknown individual or organization.
• Always check the legitimacy of any unknown individual or organization by contacting them directly via phone.

How to protect yourself: 

• If you see anything suspicious on the pump (e.g., damage to the card reader or a potential skimming device) do not use your card at the pump. Make your purchase inside the gas station and inform the clerk of the damage or your suspicions.
• If you use a debit card, a way to protect your PIN is to select the “credit” option for the payment.
• Monitor your bank and credit card accounts regularly. If you notice unauthorized charges or cash withdrawals, report them immediately.

How to protect yourself: 

• If you are unsure whether you are delinquent on a payday loan or other debt, contact your lender directly using your loan paperwork to find a legitimate contact number.
• If your place of employment has been contacted and you know you have a loan that you paid in full, inform them you believe you are a victim of a fraud scheme.
• Never provide personal information to a third party unless you initiated the contact. 
• If you receive a phone call regarding this scam, or have fallen victim, contact local law enforcement and file a complaint with the Federal Trade Commission at www.ftc.gov or the Consumer Financial Protection Bureau at www.consumerfinance.gov.
• If you believe someone stole your personal information and used it to obtain a fraudulent loan, contact the credit bureau and visit www.identitytheft.gov for tips on what you can do to protect your identity.

How to protect yourself:

• When buying a gift card, look for signs of package tampering (this may include damaged, ripped or torn packaging), missing labels or stickers, the card PIN being exposed, etc.
• If possible, purchase gift cards that are behind a counter where they are monitored.

How to protect yourself:

Do not proceed with any scheme that asks you to deposit checks and then transfer money or purchase gift cards and send card information.

How to protect yourself:

• Beware of anything asking for your StudentAid.gov account information, like your FSA ID (account username and password).
• Watch for emails that contain unusual capitalization, improper grammar or incomplete sentences. These sorts of errors indicate a potential scam in action.
• Some scammers may use official-looking names, seals and logos, but that doesn’t make them trustworthy. Know what official communications from us and our partners look like and always double check the sender’s email address.
• Be cautious of any calls you receive about your student loans. If you receive an email, double check that the URLs and email addresses match exactly.
• Emails from us will only come from these addresses: noreply@studentaid.gov noreply@debtrelief.studentaid.gov ed.gov@public.govdelivery.com.
• Text messages from us will only come from 227722 or 51592. Legitimate Student Loan servicers can be found here.

Banking trojan – a malware designed to collect banking information from victims

The malware is equipped with a variety of sophisticated evasion and information-stealing capabilities, as well as propagation functionality and a strong persistence mechanism. These attacks target consumers as well as businesses.

How can I guard against it?

• Refrain from opening attachments or clicking links within emails or texts from senders that seem out of place, or context, or from senders that you do not recognize.
• Consider disabling macro functionality in spreadsheet and documents by default.
• Maintain anti-virus software updates/patches on personal computers.
• Route internet requests through an internet proxy to avoid accessing known malicious websites.
• Use DNS services that block access to known malicious sites.

If you receive a text message regarding this scheme, do not click on the link. If you have clicked on the link and provided sensitive information, we strongly encourage you to change your password and security questions immediately, using the actual First Horizon Bank website or to call Client Services at 800-382-5465.

Ensure that your business has procedures in place to verify any wire that is received via email or fax. For example, calling your client directly using a phone number on file before proceeding with a wire can determine if the client actually sent the request.

If you become aware that your client's email has been compromised, advise the client to contact their email and virus software providers, as their password/account information could have been compromised by a third party.

When mailing checks, it is recommended that the mail be brought inside a U.S. Post Office facility. If using a mailbox or blue box, be sure to do so before the collection time.

Given the prevalence of counterfeit check activity, all business clients should review accounts on a daily basis to identify fraudulent activity and report it immediately. Our Treasury Management group offers a Check Positive Pay service for commercial clients, which can help detect fraudulent checks and return the items timely.

Source: fincen.gov

Focus your company’s efforts, which may include adjusting email filters to pick up common traits of this type of request and training associates in security best practices. Ask your company’s executives to avoid using their personal emails when sending messages. Companies that have been seen versions of this fraud scheme can report it the FBI’s IC3 tip line.