access ID
personal   business
  Enroll Now
identity theft
Email Fraud
 
You receive an email in your Inbox which appears to have been sent by your bank or an enterprise with which you frequently do business. It may include the company's name, logo and even wording from the company's website. It also includes an urgent message explaining why you need to log in immediately and verify your account information.
 
Don’t believe it.
This email as described is a textbook example of email fraud, otherwise known as phishing. The email is a fraud, meant to lure you to a website that does not belong to that business at all. Cyber thieves use these emails as vehicles to obtain confidential information about you. This information can include anything that can be used to identify you, including your user name, password, debit and credit card numbers and bank account number.

If you fall for this scam and submit your login name and password to this fake website, you have given cyber thieves everything they will need to use your login information and make transactions on your account. But if you know beforehand how to identify a phishing email, you won't fall for the scam and your money will stay with you. Cyber thieves are not capable of obtaining your identifying information through a phishing email unless you give it to them.

Telltale signs of email fraud include the following:
Requests for personal information. Fraudulent emails will often begin with a generic greeting and a claim that your personal information has been compromised, your bank account has been frozen, or a request to confirm the authenticity of a transaction. They will ask you to visit a website to “update” or “verify” your information. Be wary of any email that ever asks you to provide personal information, no matter what reason is given.
Upsetting or exciting claims. To increase response, many fraudulent emails will contain sensationalized statements. This is done to entice an immediate reaction, which will often lead to a response with the desired information before the victim has had time to research the claims made in the email. Before responding to any email requesting sensitive information, be certain to thoroughly research its authenticity by contacting the company separately and directly.
Appearances of legitimacy. While some emails are very easily identified as being fakes, others may appear to be from a legitimate address and trusted online business. Professional cyber thieves are very good at designing emails to look as close to being authentic as possible. Never rely on the name or address in the “From” field, as this information can be easily altered.
Prizes or gift certificate offers. Many fake emails will contain promises of prizes or gift certificates as payment for filling out a survey or answering a few simple questions. In order to collect the offered prize, you will be asked to provide personal information. Be absolutely certain to confirm that the prize or gift certificate is being offered by a known and trusted place of business.
 
Internet Security
In order to better protect yourself online, always practice the following guidelines:
   
Never send personal or payment information via email. Regular email has few protections and can easily be intercepted and hacked into.
Never click on any links within an email asking you to access your account or to verify PIN numbers, passwords or other sensitive information.
If you get an email that appears to be from your bank asking you to log in or for other information, immediately contact your financial institution and report the incident. Be prepared to forward a copy of the message to them for review if requested to do so.
If you or someone in your family mistakenly follows a link and provides sensitive information, immediately call your bank so that they can monitor your account or change your account number.
When using public computers, exercise extreme caution. Computers in public locations such as hotels, libraries or Internet cafes may have had spyware installed in them by cyber thieves. Any information entered into these computers is then at extreme risk for being stolen.
Only provide personal information online if the webpage is secure and if you are the one initiating contact. Check the website for a lock icon (usually located in the bottom, right-hand corner of your browser) or check the website’s certificate of authenticity.
Keep all passwords secret. Change them regularly, using a mixture of numbers and characters that would not easily be guessed.
Keep your personal computer operating system and Internet browser current. This will help to protect your computer from spyware, adware and other types of potentially dangerous software. Use a secure browser that encrypts or scrambles information you send over the Internet to guard your online activity. When submitting information, always look for the "lock" icon on the browser's status bar and that the website’s URL begins with https:// to be certain that your information is secure during transmission.
Do not open files, click on hyperlinks or download programs sent to you by email from people you don’t know. Be wary using file-sharing programs. Opening unknown files can expose your system to a computer virus or spyware, which can capture your passwords or any other information as you type it on your keyboard.
Anti-virus software should be kept up-to-date. Any anti-virus software needs frequent updates in order to detect newer forms of viruses. Whenever notified of new updates to your software, update as soon as possible. Some software programs will offer automatic updates. Perform regular scans for spyware, adware and other types of potentially dangerous software.
Install a firewall, especially if you use high-speed Internet such as cable, DSL or T-1 which leaves your computer connected to the Internet 24 hours a day. Firewalls will keep your network secure from unwanted connections.
   
Identity Theft
Identity theft is a more insidious form of online fraud wherein a person steals your personal and/or financial information, including your name, social security number or bank account number, and then uses this information to:
   
Open credit accounts in your name, or run existing accounts.
Obtain loans in your name, which will not be repaid.
Open bank accounts in your name in order to write bad checks.
Commit crimes, which results in arrest warrants being issued in your name.
 
In most cases, identity theft is more extensive than fraud, which usually involves a singular attempt to steal money from an existing account. Identity theft is much more extensive, and can have a much more lasting effect. Identity theft can cause severe financial loss or damage your credit, and possibly lead to a lengthy resolution process.
 
Identity theft is often portrayed as only affecting those who shop, communicate or do their business online. However, though thieves can obtain your information via online methods, the majority of identity theft takes place offline. Stealing wallets and purses, intercepting mail and rummaging through garbage are common tactics used by thieves to obtain confidential information.
 
In order to best protect yourself,
Never give out personal information, such as checking account numbers, credit card numbers and especially your Social Security number. Never give out any of this information over the phone or on the Internet unless you can be certain who you are dealing with, you are the one initiating contact or know that your connection is secure.
Never carry any of your personal information with you, including Social Security cards or bank account cards.
Do not preprint your Social Security number, driver’s license number or phone numbers on your checks.
Only purchase checks and deposit slips from an approved check vendor.
Do not throw away any mail that contains personal information unless you tear or shred it first.
Contact major credit reporting companies periodically. Check all credit card statements and inspect them for any improprieties.
Cancel all unused credit cards, and cut them up before disposing of them.
Be wary at ATMs. Someone looking over your shoulder can obtain your PIN number and gain access to your account.
If any financial information is stored on a laptop, be sure to protect it with a password system, with a password that could not easily be guessed.
Be cautious of any promotions you choose to participate in on the phone or in the mail. Always be on guard and never take any unnecessary risks with your private and personal information.
Don’t leave outgoing mail in your mailbox. Drop it off at the Post Office or in a secured official Postal Service collection box.
   
If you believe that you are a victim of online fraud or identity theft, the Federal Trade Commission recommends that you take the following four steps immediately.
   
1. Place a fraud alert on your credit report by contacting the fraud departments of any one of the three consumer reporting bureaus listed:
     
    Equifax: 1-800-685-1111, 1-888-766-0008
P.O. Box 740241, Atlanta, GA 30374
    Experian: 1-888-EXPERIEN (397-3742), 1-888-397-3742
P.O. Box 9532, Allen, TX 75013
    TransUnion: 1-800-916-8800, 1-800-680-7289
P.O. Box 6790, Fullerton, CA 92834
   
  A fraud alert directs all creditors to contact you before any new accounts are opened or any changes are made to your existing accounts. By contacting any of the three companies, the company you speak with will be required to contact the other two, who will place an alert on their versions of your credit report. Once you place the fraud alert into your file, you are entitled to order free copies of your credit reports and to request that the bureaus display only the last four digits of your Social Security number on your credit reports. This alert means that any company that checks your credit will know that your information has been stolen, and they will be required to contact you by phone before authorizing any new credit.
2. Close the accounts that you know or believe have been broken into as soon as possible.
3. File a report with your local police department or with the police in the community where the identity theft took place. Request a copy of the report or the number of the report to submit to your creditors and anyone else that would require proof of the crime’s occurrence.
4. File a complaint with the Federal Trade Commission. The FTC maintains a database of all identity theft cases which is used by law enforcement agencies for all investigations. Filing a complaint will also help the FTC learn more about the nature of identity theft and the problems the victims of identity theft are experiencing, in order to better assist you and other victims.

www.ftc.gov
Federal Trade Commission Hotline 877-438-4338
   
For more information, visit the FDIC website.