560 likes | 762 Views
TRIAD Seniors Presentation Frauds and Scams. Presented by Lynn Gordon AVP/Branch Manager Union First Market Bank March 26, 2013. Prepared by Scott Nininger , CRCM, CFSSP, SVP, Director of Risk Management. Today’s Agenda. Why are we vulnerable? Why has white collar crime increased?
E N D
TRIAD Seniors PresentationFrauds and Scams Presented by Lynn Gordon AVP/Branch Manager Union First Market Bank March 26, 2013 Prepared by Scott Nininger, CRCM, CFSSP, SVP, Director of Risk Management
Today’s Agenda • Why are we vulnerable? • Why has white collar crime increased? • Overview of various frauds, scams and security risks. • How to protect yourself • Overview of other vulnerabilities and considerations in protecting your valuables • Questions and answers
Types of Frauds, Scams, and Security Risks • Check Fraud • Alteration • Counterfeiting • Forgery • Returned Deposited Items • Credit Card Fraud • Skimming • Do’s and Don’ts • Pretext Phone Calls • Internet • What is it? • Navigation Best Practices • Computer Security Settings • Phishing • Viruses, Spyware, Spam • Protecting your Email Account • Facebook Security • Sweepstakes/Lottery fraud • Cashiers Check Fraud • Secret Shopper Scam • Repairman Scam • Mobile Phone Security • ATM Security • Skimming • Counterfeit Currency • Physical Security at Home
Why are we vulnerable? • Fraud – Misrepresentation of a material fact. • Scam artists prey on two forms of human bias: • Confirmation (provides just enough information to pique our interest) • Optimism (this is my lucky day, or I am due) • People tend to feel overconfident in their ability of knowing more than they actually do. • Many people feel that they are protected against fraud by law and the government. • Best advice? If someone comes to you with a deal too good to be true, trust your instinct and walk away or be suspicious and perform due diligence.
Causes for Increase in White Collar Crime • Safer, easier, less chance of getting caught • Less stringent punishment through the courts • Leniency of the courts bears on willingness of prosecutors • Diminishing Role of Federal Law Enforcement Officials • Must meet certain dollar thresholds • Changing Morality • Many people believe it is right to “rip off the establishment” • Expanding International Technology • Recent advances in computer hardware, software, and communications technology have increased the complexity and severity in types of fraud
Check Fraud Alterations • If a change is authorized by the maker and it does not affect the obligation then there is no fraud. A date that does not exist (i.e. June 31st). • Unauthorized change to words or numbers are alterations. • Take care in writing checks (i.e. use ink, fill in all blank areas, watch your statement)
Check Fraud Counterfeiting • Fastest growing segment of check fraud with the greatest loss exposure • How? Desktop publishing, inexpensive high-quality computer and printing equipment, and check paper stock (at office supply stores) enables the fraudster to produce checks that may exactly match the original check(s). • I have some examples to show.
Check Fraud Types of Forgery • Forged endorsement – someone signs your name on the back of the check made payable to you to obtain payment. • Bank liable to its customer unless customer’s negligence substantially contributes to the forgery (i.e. stolen checks is typical scenario) • Forged maker’s signature – someone steals your check(s) and sign’s your name as an authorized signature • The drawee bank is liable for forged maker’s signature, unless customer’s negligence substantially contributed to forgery (i.e. you leave checks readily available for someone to steal)
Check Fraud Returned Deposited Items • Most bank account agreements indicate that you are liable for any account shortage resulting from charges or overdrafts, whether caused by you or another with access to your account. • Beware that unexpected checks that you deposit can come back to haunt you…
Check Fraud US Patriot Act – requires banks to identify their customers. The better a bank knows you, the less likely you will be subjected to fraud. Funds Availability Regulation – Allows banks to place holds on your account. Not only helps banks but protects you. PrivacyRules– Seek to understand a bank/company’s handling of your personal information.
Credit Card Fraud Card Readers • In merchant locations a criminal can gain access to certain credit card readers and tap into them, capturing the data sent through them to the bankcard collection point.
Credit Card Fraud - Skimmers • Sometimes identity thieves can defeat even your best efforts to protect your credit card information by a hi-tech method called skimming, using a tiny data-collection device (known as a "skimmer"). These skimmers are easy to carry, easy to hide and easy to buy over the Internet. • A typical skimming device is about the size of a pager, connected in the phone-line between the phone-jack and credit card machine. A typical "skimmer" costs about $200, compared to the cost in equipment needed to make a counterfeit credit card.
Protect your Credit Card: Do’s • Sign your cards as soon as they arrive or write “See ID” on signature line. • Keep a record of your account numbers, their expiration dates, and the phone number and address of each company in a secure place. • Keep an eye on your card during the transaction, and get it back as quickly as possible. • Save receipts to compare with billing statements. • Open bills promptly and reconcile accounts monthly, just as you would your checking account. • Report any questionable charges promptly and in writing to card issuer. • Notify card companies when you change your address. • May consider a RFID shield for your cards. • Source: Federal Trade Commission
Protect your Credit Card: Don’t • Lend your card(s) to anyone. If you do and the person conducts a transaction, they will be considered authorized. • Leave cards or receipts lying around. • Sign a blank receipt. When you sign a receipt, draw a line through any blank spaces above the total. • Write your account number on a postcard or the outside of an envelope. • Give out your account number over the phone unless you're making the call to a company you know is reputable. If you have questions about a company, check it out with the Better Business Bureau. Source: Federal Trade Commission
Pretext Phone Calls • There is tremendous demand for information about individual’s bank accounts. This rising demand has led to the establishment of “account information brokers”. Brokers gather financial information and sell this to anyone wiling to pay for it. • Typical scenario: A broker may pose as a representative of a company suggesting something is wrong with your account. He/she may ask you to provide missing account information or update their database so your account will become active again.
What is the Internet? • Collection of computers connected to an underlying communication network. Each PC has an ID number and communicates with each other by means of protocols. • Application layer protocols are the standard sets of rules that determine how computers communicate across the Internet. One of the most familiar is HTTP (Hyper Text Transfer Protocol), facilitates the movement of text and messages. • Each government, company, and organization is responsible for maintaining its own network. • No gov’t regulation and no one censors information made available. • It is not secure. It lacks organization. No one owns or controls the Internet. No one is responsible for its reliability. • What is one to do? Maintain system protection, safeguard access and records, proceed cautiously.
Navigating best practices • Do not use public computers when conducting financial transactions or having to provide personal information. • Watch what you download. While there are many free games, utilities, or other software on the Internet, many are laden with viruses and spyware. • Don’t assume that a site that is certified is safe. A secure connection is typically achieved when you have “https” before the web address and a padlock or other icon on your browser, however please understand that it is no guarantee the website is reputable. • Best advice: read the fine print and researching a site by reading online reviews, talk with friends to see if they have used the site before revealing your credit card or personal information. • Avoid hyperlinks in email. Hyperlinks can show one address but unknowingly take you to another. Before clicking on links within web pages, hover your cursor over the URL and confirm whether the address that appears at the bottom of your browser appears to a page you expect to visit. .
Computer Security Settings Periodically review and adjust your settings as necessary Where do I find the settings? Click Start - Control Panel – Security Center • Firewalls – Turn to “On”. If you have a router this may serve as another firewall. • Automatic Updates – Turn to “Automatic” during the overnight hours to obtain security patches and Windows updates. • Virus Protection – Turn to “On”. Make sure it is updated using a free or paid subscription program. • Internet Options – Browsing history should be deleted periodically. Under security select the default. Under Privacy use at least the medium setting.
Phishing • As in “fishing” for confidential information. • Consumers are deceived normally via deceptive e-mails, fake (spoofed) websites, or both. • Encompasses fraudulently obtaining and using an individual’s personal and/or financial information. • If you receive any phishing emails you can forward the email to the Anti-Phishing Working Group reportphishing@apwg.org. • Let’s look at an example…
Viruses • A computer virus is a parasitic, self-duplicating, Trojan horse program (embedded inside another program that is never exposed to any threats) containing a logic bomb (delays the onset of “symptoms”). • When an infected program is run, the virus attaches a copy of itself to yet another unaffected program. Subsequently, whenever either program is run, the virus will be duplicated, thus spreading quickly. • Use antivirus programs to quarantine and prevent the spread of virus-laden files.
Spyware • Information necessary to hijack accounts is obtained by inserting malicious software, often referred to as spyware, on a consumer’s home or public computer. • Spyware can be loaded when a user opens a seemingly innocuous e-mail attachment or clicks on a pop-up advertisement. The spyware collects selected information (i.e. user ID, passwords, account numbers) and forwards it to the fraudster. • A common type is a keystroke logger, a program that records what the user types on the keyboard and sends that information to the person who installed the program. • Use an antispyware program to block spyware. free.avg.com is a user friendly option that also protects against malware and viruses. It scans and updates your computer daily.
Spyware Note: Union First Market Bank does not endorse this or any other security protection program it is mentioned for illustrative purposes.
Spam • Marketers are increasingly using email messages to pitch their products and services. • The flooding of unsolicited commercial email messages is called SPAM. • FTC CAN SPAM Rule: Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003. Marketing headers may not be misleading, “from” line must accurately identify the sender, must not disguise its origin. Must provide opt-out. Sender has 10 business days to process. • Forward SPAM that is phishing for information to spam@uce.gov and any company impersonated in phishing email. • Your email host provides spam filters. Use “disposable” emails such as Google or Yahoo which provide a free email service.
Protect your E-mail Account To maintain the highest level of account ID and password protection, consider the following: • Password Complexity– Utilize special password character requirements and limits to ensure a greater degree of password security. For example: A minimum of: one uppercase or lowercase letter, one numeric, and/or one special character such as: !,@,#,$,%,^,&,*,(),_,+,-,=, and ?. A minimum length of 8 characters would provide a reasonably strong password. • Password Expiration - To further increase the level of security, periodically change your passwords. Consider changing it at least every 180 days. What if someone has hacked into your email account? • Get your computer scanned and cleaned by a reputable 3rd party such as Geek Squad at Best Buy for spyware/malware. • Change the password to email – Immediately. • Consider the vulnerability of the information accessed.
Consider Online Banking • This service allows customers to conduct financial transactions (such as view account balances, transfer funds, or pay bills) on a secure website operated by their retail bank. • The customer typically enters a user identification log-in such as a name or combination of letters and numbers along with a password. • Enhanced Multifactor Authentication: Once you have logged-in, you be prompted to enter a phone number where you will receive either a text message, automated voice message, or email at initial log-in or when you use a computer that is not recognized by the bank’s system. (IP address to log-in info)
Online Banking Continued • Online banking aids the user in fraud detection as he/she is able to view their account activity on a real time basis and securely pay bills without using the postal service.
Review of Facebook Privacy Settings • To review your Privacy Settings on Facebook: Select Home then Privacy Settings under the dropdown box. • Please remember as you establish or review your settings, how much do you really want someone to know about you and/or of your whereabouts? The more transparent you are, the greater the possibility that you may be at risk. • Control your default privacy: Selecting Friends will limit what is shared.
Review of Facebook Privacy Settings How you connect: Options include friends, friends of friends, and everyone. How tags work: Select from an “On or enable” or “Off or disable” setting. Limit the audience for past posts: Be careful because if you use this tool, the content on your profile you've shared with more than your friends (ex: Public posts) on your Wall will change to Friends. Blocked People and Apps: Limits selected individuals access to your information. Always Remember to Log Out!
Sweepstakes/Counterfeit Cashier’s Check/Advance Fee Fraud • See handout for examples of letter and counterfeit cashier’s check. • Recent Scams: #1 All State Financial #2 Reader’s Digest
Lottery/Counterfeit Cashier’s Check/Advance Fee Fraud • See handout for example of letter and counterfeit cashier’s check. • Recent Scam: #3 Atlantic Lottery Corporation
Secret Shopper Scam/Survey • See handout for example of letter and counterfeit cashier’s check. • Recent Scam: #4 Consumer Media Agency
Repair Scam’s • When you are approached by a so called repair person for a repair of your home, car, or appliance you need to be aware of these con artists. • Never agree to a solicitor’s offer unless you check them out first. Are they licensed/bonded? Do they have a business card – call the number? What does their job/repair vehicle look like -- professional or dirty and worn out? Does the tech have credentials? Have you checked BBB? Is the offer in writing? Is there a warranty? • Always get another couple of bids to compare. If it is an emergency, you initiate the call. Seek names in advance.
Mobile Smartphone's Lock down your mobile phone • Use a Password or PIN to protect data that you have stored. Used by only 20%! • On an iPhone, set a password • Look for the “Location & Security Option” • Some smart phone makers offer free security services • Remote Phone locating and/or locking • Over-the –air back-up • Erasing of data
ATM Security Best Practices • Be aware that someone could rob you at or near an ATM. • Have your ATM card ready and fill our forms before arriving at the machine • During hours of darkness, have someone come with you to the ATM. Park your car in a well lit area near the ATM. • Keep car doors locked and perform transactions quickly when using a drive-up ATM. • If you notice suspicious activity, cancel your transaction, take your card, and leave the area. • Report suspicious activity and crimes immediately to the police and the bank.
ATM Security Best Practices • If followed after a transaction, go to the nearest public area. • Commit your PIN to memory and do not write the PIN on your card. • Keep your ATM card in a secure place. • Report a lost or stolen card immediately. • If you leave your car to walk to the ATM, lock the car. • Quickly put your money and ATM card away. Count your money later.
ATM Skimming • The equipment used to capture your ATM card number and PIN is cleverly disguised to look like normal ATM equipment. A “skimmer” is mounted to the front of the normal ATM card slot that reads the ATM card number and transmits it to the criminals sitting in a nearby car.
ATM Skimming • Once installed the device appears normal. Upon closer inspection however one can see the device has been placed there.
ATM Skimming • At the same time, a wireless camera is disguised to look like a leaflet holder and is mounted in a position to view ATM PIN entries.
ATM Skimming • The thieves copy the cards and use the PIN numbers to withdraw thousands from many accounts in a very short time directly from the bank ATM.
ATM Skimming "Shoulder surfers" aren't limited to checkout stands and lines. Near ATMs, some sophisticated thieves will watch the victim use the card (perhaps using high-powered binoculars, or even hidden cameras) and learn the victim's personal identification number (PIN) and even the card number. Later, they'll steal the card or make their own and use ATMs to withdraw cash from your account. Watch for one or more persons loitering around an ATM. Keep a close lookout around you for people who might be interested in what you are doing.
Counterfeit Currency The Secret Service suggests that you examine: Portrait. The genuine portrait appears lifelike and stands out distinctly from the background. The counterfeit portrait is usually lifeless and flat. Details merge into the background which is often too dark or mottled. Federal Reserve and Treasury Seals. On a genuine bill, the saw-tooth points of the Federal Reserve and Treasury seals are clear, distinct, and sharp. The counterfeit seals may have uneven, blunt, or broken saw-tooth points. Border. The fine lines in the border of a genuine bill are clear and unbroken. On the counterfeit, the lines in the outer margin and scrollwork may be blurred and indistinct. Learn more at: www.secretservice.gov