With the heightened attention regarding the theft of personal data, we remind our clients to be aware of fraudulent correspondence. Do not provide any sensitive personal information requested through email, text or phone call. Here are some tips we recommend to protect your identity:

• Be alert to any unexpected email, call, instant message, voicemail, or text that claims to be from a bank, credit card, or online company with whom you have an account. In the event that you do receive such a message, it is a good idea to first call the client services number on your bank, credit card, or online statement (but not any number listed in the message) and verify whether the message is legitimate.
• Do not respond to any email, phone, text, or fax instructions that prompt you to divulge your personal information.
• Do not click on links in a suspicious email or text.

 

1. Change your User ID and Password. Don’t use your email address for your User ID, and select a unique Password for online banking use only.
2. Review the following and immediately report any unexpected findings to Client Services, your banker, or a banking center.
• Your profile contact information (fraudsters may add theirs so they can receive Verification Codes or so you won’t receive Alerts).
• Your profile Payees (Bill Payment), Zelle Recipients, and External Transfer Accounts (fraudsters add these and send funds to themselves).
• Your account transactions and pending online transactions (i.e., upcoming and scheduled bill payments or transfers).
3. Designate your mobile number to receive Alerts via text to help with faster awareness of online activity; your primary email will also receive Alerts. Go to Alert Settings.
4. Designate your mobile number to receive Verification Codes for faster awareness (email is less secure). Go to Edit Contact Info and check “Use for Verification” by your mobile number.

Millions of Americans have fallen victim to text message scams in the past year. Text scams (also known as “smishing”) are among the most common tactics scammers use to steal personal information. Last year alone, scammers sent out 87.8 billion spam text messages and defrauded victims of over $10 billion.

How do text message scams work?

Fraudsters implement numerous types of text message scams. But they all follow a similar pattern:

• You receive a text message from an unknown or “spoofed” number. Scammers use technology to make it look like they’re messaging you from a business or person you know (such as the IRS, Apple, or Amazon).
• The message creates a sense of urgency to get you to act quickly. For example, it may claim that your bank account has been closed or that you’ve won a free gift.
• Next, the scammer will try to get you to either respond, click on a link, or call a number.

In recent years, text scammers have become masters of human psychology. They know exactly what to say to get you to act without thinking.

Typically, text scammers have three goals:

1. Getting you to click on a link that downloads malware onto your device. Once your device is infected, hackers can spy on you, steal your passwords and sensitive information, or lock you out and demand a ransom.
2. Sending you to phishing sites that steal your personal information. Links could also take you to fake websites designed to steal your passwords, credentials, or credit card numbers.
3. Prompting you to call them. Once you’re on the phone, scammers can ask you to “verify” personal information (like your Social Security number or banking information) or target you with other social engineering attacks.

Any of these actions can result in immediate and long-term financial losses or even identity theft.

How to protect yourself from text message scams

Here’s what you can do to protect yourself from text message scams:

• Never click on links in unsolicited text messages. Scammers use links to infect your phone with malware or send you to fake websites that steal your information. Never click on a link in a text message unless you’re absolutely sure who sent it.
• When in doubt, contact the company, agency, or individual directly. Fraudsters can impersonate everyone from your bank to your boss. If you get a text message that you think you need to act on, contact the person or organization directly first to make sure it’s legitimate.
• Regularly check your credit report and bank statements. Text message scams are almost always after access to your financial accounts. Be on the lookout for the warning signs of identity theft – such as strange charges on your bank statement or accounts you don’t recognize.
• Remove your contact information from data broker lists. Scammers can buy your contact details from data brokers. Unfortunately, there are hundreds of data brokers in the US alone.
• Consider signing up for identity theft protection.

Beware of calls and texts claiming to be from First Horizon Bank

First Horizon Bank clients may be the target of fraud schemes in which a client is contacted through a phone call, email, or text by fraudsters requesting the client verify personal bank information. A recent scheme involves individuals contacting First Horizon Bank clients using a telephone number spoofed to appear on a caller ID as First Horizon Bank’s legitimate Client Services department phone number. This scheme is an attempt to convince the client to provide account information, passwords, and in some cases, one-time passcodes that enable takeover of the client’s account relationship.

It is essential to remember that First Horizon Bank never will contact you directly and ask for your personal or account information that we already have on file. Additionally, we never will ask you to verify your identity by texting codes or passwords to you to confirm who you are. If First Horizon Bank initiates the call, we already will have at hand the information we need.

If you have received a phone call claiming to be from First Horizon Bank and believe you are a victim of fraud or notice potentially suspicious activity on your account, contact Client Services at 800-382-5465.

Fraudulent text messages have also been sent to select First Horizon clients.

What you need to know:

• The text asks the recipient to call a spoofed number and provide sensitive account information.
• This scheme has targeted clients from many different financial institutions in addition to First Horizon.
• First Horizon Bank will never initiate contact with you directly and ask for personal or account information, including requests to verify your identity by texting codes or passwords.

What you can do:

• If you receive a text message or phone call related to this scheme, do not call the number displayed in the text, click on any links or provide your account information.
• If you are concerned that you’ve been a victim of fraud, please call us at 800-382-5465.

Banking trojan – a malware designed to collect banking information from victims

A phishing campaign has been observed targeting organizations mostly in the US. The malware being deployed as part of the attack is classified as a banking trojan. The malware is equipped with a variety of sophisticated evasion and information-stealing capabilities, as well as propagation functionality and a strong persistence mechanism.

How can I prevent it?

• Refrain from opening attachments or clicking links within emails or texts from senders that seem out of place, or context, or from senders that you do not recognize.
• Consider disabling macro functionality in spreadsheet and documents by default.
• Maintain anti-virus software updates/patches on personal computers.
• Route internet requests through an internet proxy to avoid accessing known malicious websites.
• Use DNS services that block access to known malicious sites.

The “secret shopper” scam

Please be suspicious if you receive checks in the mail from any organization asking you to be a secret shopper on its behalf. Often these offers are simply fraudsters attempting to find new ways to get their hands on your money.

How secret shopping scams work:

• You receive checks in the mail (unsolicited) with an offer to be a “secret shopper.”
• You’re asked to deposit the check and use the funds to do your shopping.
• Assignment one is often testing money transfer services, like Western Union, or buying gift cards.
• With the gift cards, you may be asked to send pictures of the cards or send the card numbers with your “shopping” report.
• By the time you’ve sent in gift card information or transferred money, the bank will have discovered that the original check you deposited was fake.
• The end result? You will be on the hook for any withdrawals, and likely the fraudsters will have emptied the gift cards using the information you sent them.

Bottom line: Do not proceed with any scheme that asks you to deposit checks and then transfer money or purchase gift cards and send card information. These are scams that can cost you hundreds of dollars of your hard earned money.

Avoid credit card skimmers at gas pumps

Being able to use your debit card at the gas pump is convenient; however, be cautious of skimming devices embedded onto the card readers. These skimming devices are used to copy account data as well as PINs if used during the transaction. Once the information is captured, your card information can be used to make counterfeit cards to withdraw cash from your account at ATMs or make card purchases.

To minimize your chance of being compromised by debit and credit card skimmers at gas pumps, use the following tips:

• If you see anything suspicious on the pump (e.g., damage to the card reader or a potential skimming device) do not use your card at the pump. Make your purchase inside the gas station and inform the clerk of the damage or your suspicions.
• If you use a debit card, a way to protect your PIN is to select the “credit” option for the payment.
• Monitor your bank and credit card accounts regularly. If you notice unauthorized charges or cash withdrawals, report them immediately.

If you need to report fraud on your credit or debit card, you can do so by contacting us at 800-382-5465. We are available to assist with card fraud 24 hours a day, 7 days a week.

Protecting seniors from financial exploitation

Elder fraud and financial exploitation is forecasted to become the fastest growing crime in the next 10 years. Sadly, the people exploiting older adults are often family members, caregivers, or other trusted individuals who are handling the financial affairs of a parent, relative, caretaker, or friend.

You can help protect seniors from fraud and exploitation by preventing the abuse and intervening early when the threat is from trusted persons handling financial affairs, fraudsters and theft by staff or intruders.

A variety of things you observe or detect may signal that a senior is a victim of fraud or financial exploitation. Here are a few of the many red flags you may see:

• Senior, regardless of cognitive impairment, complains or reports that someone is misusing or stealing his/her money or property
• Senior is unaware of transactions or missing funds
• Senior is being encouraged to withdraw a large sum of money
• Sudden transfer of assets or changes in a will
• Unexplained names on a senior’s accounts
• Senior lacks basics (e.g., underwear, deodorant), but personal needs account is depleted
• Observing/hearing a senior being threatened by a family member, caregiver, or other trusted individual
• Checks or other documents signed/dated when the senior is no longer able to write
• Senior becomes secretive and suddenly starts hiding possessions or hoarding papers
• Senior is agitated or distraught prior to or after a family member, caregiver, or other trusted individual visits
• Senior is refused needed care and medical services in order to keep the senior’s assets available for the abuser
• Senior who appears to lack decision-making capacity signs new power of attorney document

Your top priority should be early recognition, documentation, and reporting. If you feel a senior is being financially abused, report the situation to your nearest branch. All branches have an Elder Fraud and Financial Exploitation brochure available for additional resources and information.

You can also visit https://ncea.acl.gov (opens in a new tab)/ or http://www.consumerfinance.gov (opens in a new tab)/ for additional information regarding prevention, documentation, reporting and “scam alerts.”

Fraudulent salary review scheme

Please be aware of a scheme involving fraudulent emails sent to a company’s tax reporting associate(s) purporting to be from the company’s CEO requesting that a “salary review” be conducted on W-2s.

These email requests have been determined to be fraudulent and should be deleted. Some companies have already provided Social Security numbers of their associates, allowing identity theft to occur.

Beware of social engineering schemes

Recently there has been an increase in fraud schemes where clients are being contacted by phone or email to obtain personal information, such as account information (account numbers) and/or identifying information (e.g., Social Security number, date of birth). Some tactics used include advising you that there is a problem or missing information related to your account and additional information is needed to correct the issue. In some cases, threatening tactics may be used (e.g., criminal pursuit, collection agency referral) to obtain this information.

To avoid becoming a victim, follow these tips:

• Do not provide any personal information to an unsolicited caller.
• Never respond to a phone call or voicemail asking you to verify account information or reactivate a service.
• Never provide personal or account information over the phone or via email/text, even if it appears legitimate. Contact the organization directly using information listed on their website or other trusted source.

We have the necessary information to conduct business with you, and we would not ask you to supply your full account number or card number during a phone call.

If you have received a phone call purporting to be from us and believe you are a victim of fraud or notice suspicious activity on your account, contact Client Services at 800-382-5465.

Card cracking scams

Card cracking is a form of fraud where consumers respond to an online solicitation for "easy money" and provide a debit card for withdrawal of fake check deposits.

Learn More (opens in a new tab)

Social media fraud scheme

In a recent social media scheme (primarily Facebook), users are being enticed into opening new accounts or using their existing accounts in exchange for merchandise or “fast cash.” The proposal is typically made via a post with pictures of cash or other items encouraging anyone interested to comment for more information. The accounts are ultimately used to conduct transactions involving the deposit of fraudulent checks and subsequent fraudulent card purchases/ATM withdrawals.

Consumers should be aware that participation in this type of scheme is illegal and that you may be held responsible for purchases or cash withdrawals made from the proceeds of a fraudulent check deposit. Such activity could result in account closure and possible criminal prosecution.

If you have any questions or see any posts like this on Facebook or other social media sites, please contact Corporate Security at 901-523-5336.

Beware of unsolicited offers

If you receive an unsolicited offer that promises you something in exchange for money or account information, you should not respond unless you are sure the offer is legitimate. Common scenarios include offers that require an upfront fee, requests to wire funds, a notice that you won a lottery/contest, or a person on a social website who asks for money (e.g., travel money to meet you, emergency cash, medical bills, etc.).

If you receive an offer or request and are unsure if it is legitimate, contact Client Services at 800-382-5465. Remember, if it sounds too good to be true, it probably is.

Beware of communication purporting to be from First Horizon Bank

A phishing scheme targeting First Horizon Bank is being sent through text messages. This scheme is an attempt to get the user to reset their security answers. This information is intercepted and used to take over the account.

If you receive a text message regarding this scheme, do not click on the link. If you have clicked on the link and provided sensitive information, we strongly encourage you to change your password and security questions immediately, using the actual First Horizon Bank website or to call Client Services at 800-382-5465.

If your business accepts wires, take precautions.

If your business accepts wires and/or sends outgoing wires to or on behalf of clients, beware of a scheme in which hackers can take over a legitimate email address and initiate fraudulent wire requests.

• Business Email Compromise (opens in a new tab) (BEC) (FBI Alert # I-082715a-PSA)
• Email Account Compromise (opens in a new tab) (EAC) (FBI Alert # I-082715b-PSA)

Ensure that your business has procedures in place to verify any wire that is received via email or fax. For example, calling your client directly using a phone number on file before proceeding with a wire can determine if the client actually sent the request.

If you become aware that your client's email has been compromised, advise the client to contact their email and virus software providers, as their password/account information could have been compromised by a third party.

New wire fraud scam reroutes payroll direct deposits

A recent article by CNBC.com (opens in a new tab) details a current fraud scheme where fraudsters are targeting businesses’ Human Resources departments through email. The fraudsters impersonate senior executives and attempt to convince human resources personnel to change associates' bank account and routing information in order to route associates' paychecks to offshore accounts owned by the criminals.

Additionally, the fraudulent emails often go undetected because they defy many existing red flags for malicious communications. The emails are well written and cordial, and lack the misspellings and grammatical errors that would typically trigger email filters.

Focus your company’s efforts, which may include adjusting email filters to pick up common traits of this type of request and training associates in security best practices. Ask your company’s executives to avoid using their personal emails when sending messages. Companies that have been sent versions of this fraud scheme can report it the FBI’s IC3 tip line (opens in a new tab).

Payday loan schemes

Be aware of a recent payday loan scheme that involves operators fraudulently soliciting money from consumers. The operators of this payday loan fraud scheme are using threatening tactics (e.g., lawsuits, asset seizure, arrest) to force consumers into immediately paying debt on loans they never authorized or paid off several years ago. Those perpetrating this scam have obtained identifying information about consumers (e.g., Social Security numbers, addresses, banking information) and will use this in order to appear as a legitimate collection agency.

Numerous consumers also reported their place of employment has been contacted in an attempt to collect “past due” funds.

To avoid becoming a victim or if you believe you are a victim of this scheme, follow these tips:

• If you are unsure whether you are delinquent on a payday loan, contact your lender directly using your loan paperwork to find a legitimate contact number.
• If your place of employment has been contacted and you know you have a loan that you paid in full, inform them you believe you are a victim of a fraud scheme.
• Never provide personal information to a third party unless you initiated the contact.
• If you receive a phone call regarding this scam, or have fallen victim, contact local law enforcement and file a complaint with the Federal Trade Commission at ftc.gov or the Consumer Financial Protection Bureau at consumerfinance.gov.
• If you believe someone stole your personal information and used it to obtain a fraudulent loan, contact Client Services at 800-382-5465, contact the credit bureau and visit identitytheft.gov for tips on what you can do to protect your identity.

ACH fraud

ACH (Automated Clearing House) is used to process direct deposits, checks, bill payments and cash transfers between businesses and individuals. It can also be a popular way for fraudsters to steal money from unsuspecting consumers. ACH fraud is a scheme that is expected to continue to trend upward.

To avoid becoming a victim, follow these tips:

• Never give out any personal information to a third party unless you initiated the contact
• Monitor your accounts and statements thoroughly, ensuring that all account activity is yours and correct
• Always log off from online banking sessions
• Never click on links or open attachments sent from an untrusted email
• Store new and cancelled checks in a safe place
• Use a secure connection when paying online – look for “https” and a green security lock in the address bar of your browser

If you believe you are a victim of ACH fraud, contact Client Services at 800-382-5465.

Protect your business: Business email compromise fraud targeting construction companies

A recent fraud scheme targeting construction companies and their vendors involves fraudsters using commercial databases to obtain business-identifying information to conduct business email compromise (BEC) fraud.

Fraudsters have been using subscription-based commercial databases to acquire information on commercial construction projects across North America. The acquired database information includes specifics about tens of thousands of construction projects, including key contact information, project costs, bidder lists, plan holder lists, project specifications, and agendas.

BEC fraudsters use this information to register domains similar to legitimate construction company domains that have won job bids and are engaged in ongoing projects. The fraudsters then send an email to the victim company, which includes an attached direct deposit form and instructions to change previously submitted banking information. The new banking information is linked to an account controlled by the fraudster. The victim company then processes the banking information change, and any future invoice payments are made to the altered account.

The following recommendations are to help prevent BEC fraudulent activity from occurring:

• Confirm requests for transfers of funds by using phone verification as part of a two-factor authentication, and verify/use previously known phone numbers.
• Carefully scrutinize all email requests for transfer of funds.
• Verify changes in vendor payment locations by adding additional two-factor authentication, such as having secondary sign-off by company personnel.
• Color code correspondence emails from associates/internal accounts and non-associate/external accounts using distinct colors, or adjust settings on the email client to attach warning labels to emails originating from outside the organization.
• Create an email rule to flag email communications where the “reply” email address is different from the “from” email address shown.
• Create intrusion detection system (IDS) rules that flag emails containing extensions similar to the victim company (e.g., if the legitimate email is abc_company.com, the IDS rules would flag fraudulent emails for abc-company.com).

If you identify any suspicious or fraudulent transactions that involve your First Horizon Bank account, immediately call First Horizon Bank’s Client Services at 800-382-5465.

Protect your business: Fraud targeting the retail industry with claims of FBI involvement

A recent fraud scheme targeting major US retailers involves fraudsters calling store associates demanding they withdraw the day’s cash sales for transfer to the fraudsters. Associates were instructed to violate defined company security protocols, particularly procedures applying to handling money.

The fraudsters claimed to be a senior representative from the retailer’s distribution center and associates were able to verify the caller’s name as a current associate through their internal company system or by searching the internet. The callers stated there was an FBI investigation into counterfeit money involving the particular store and associates were to withdraw all of the cash deposits from the store safe and purchase Visa® gift cards and Green Dot® cards to get rid of the alleged counterfeit cash. The card information was provided to the fraudsters, and the purchase receipts were placed into the store safes. In one variation of this scheme, the caller claimed to be from the company and was partnering with the FBI or another law enforcement agency on the investigation. The caller in another variation claimed to be an FBI agent involved in an investigation against the company. The agent threatened the associate with obstruction of justice charges and arrest if they did not comply. In two of the incidents, the fraudsters sent confirmation emails to the store associates’ personal email addresses.

The victims all claimed the fraudsters had American accents. Additionally, spoofed email addresses and phone numbers were used, and the requests were made just as stores were closing, which contributed to the fraud scheme’s success.

The following indicators suggest activity indicative of criminal intent:

• Threatening criminal prosecution
• Requesting funds via Visa gift cards and Green Dot cards
• Instructing to violate company security protocols
• Instructing to commit criminal activity or actions against standard business operating procedures
• Requesting the use of personal email addresses, phones, and communications instead of company devices for business purposes
• Requesting associates come into the business alone just as the stores were closing for the day

Direct any requests and questions to your FBI Private Sector Coordinator at your local FBI Field Office: fbi.gov/contact-us/field-offices (opens in a new tab).