Consumer Fraud Alerts
BMT has no responsibility for any external Web site. It neither endorses the information, content, presentation, or accuracy nor makes any warranty, express or implied, regarding any external site.
Tech Support Scams
In a recent twist, scam artists are using the phone to try to break into your computer. They call, claiming to be computer techs associated with well-known companies like Microsoft. They say that they’ve detected viruses or other malware on your computer to trick you into giving them remote access or paying for software you don’t need.
These scammers take advantage of your reasonable concerns about viruses and other threats. They know that computer users have heard time and again that it’s important to install security software. But the purpose behind their elaborate scheme isn’t to protect your computer; it’s to make money.
How Tech Support Scams Work
Scammers have been peddling bogus security software for years. They set up fake websites, offer free “security” scans, and send alarming messages to try to convince you that your computer is infected. Then, they try to sell you software to fix the problem. At best, the software is worthless or available elsewhere for free. At worst, it could be malware — software designed to give criminals access to your computer and your personal information.
The latest version of the scam begins with a phone call. Scammers can get your name and other basic information from public directories. They might even guess what computer software you’re using. Once they have you on the phone, they often try to gain your trust by pretending to be associated with well-known companies or confusing you with a barrage of technical terms. They may ask you to go to your computer and perform a series of complex tasks. Sometimes, they target legitimate computer files and claim that they are viruses. Their tactics are designed to scare you into believing they can help fix your “problem.”
Once they’ve gained your trust, they may:
– ask you to give them remote access to your computer and then make changes to your settings that could leave your computer vulnerable
– try to enroll you in a worthless computer maintenance or warranty program
– ask for credit card information so they can bill you for phony services — or services you could get elsewhere for free
– trick you into installing malware that could steal sensitive data, like user names and passwords
– direct you to websites and ask you to enter your credit card number and other personal information
Regardless of the tactics they use, they have one purpose: to make money.
If You Get a Call
If you get a call from someone who claims to be a tech support person, hang up and call the company yourself on a phone number you know to be genuine. A caller who creates a sense of urgency or uses high-pressure tactics is probably a scam artist.
Keep these other tips in mind:
– Don’t give control of your computer to a third party who calls you out of the blue.
– Do not rely on caller ID alone to authenticate a caller. Criminals spoof caller ID numbers. They may appear to be calling from a legitimate company or a local number, when they’re not even in the same country as you.
– Online search results might not be the best way to find technical support or get a company’s contact information.
– Scammers sometimes place online ads to convince you to call them. They pay to boost their ranking in search results so their websites and phone numbers appear above those of legitimate companies. If you want tech support, look for a company’s contact information on their software package or on your receipt.
– Never provide your credit card or financial information to someone who calls and claims to be from tech support.
– If a caller pressures you to buy a computer security product or says there is a subscription fee associated with the call, hang up. If you’re concerned about your computer, call your security software company directly and ask for help.
– Never give your password on the phone. No legitimate organization calls you and asks for your password.
– Put your phone number on the National Do Not Call Registry, and then report illegal sales calls.
If You’ve Responded to a Scam
If you think you might have downloaded malware from a scam site or allowed a cybercriminal to access your computer, don’t panic. Instead:
– Get rid of malware. Update or download legitimate security software and scan your computer. Delete anything it identifies as a problem.
– Change any passwords that you gave out. If you use these passwords for other accounts, change those accounts, too.
– If you paid for bogus services with a credit card, call your credit card provider and ask to reverse the charges. Check your statements for any other charges you didn’t make, and ask to reverse those, too.
– If you believe that someone may have accessed your personal or financial information, visit the FTC’s identity theft website. You can minimize your risk of further damage and repair any problems already in place.
– File a complaint with the FTC at ftc.gov/complaint.
How to Spot a Refund Scam
If you paid for tech support services, and you later get a call about a refund, don’t give out any personal information, like your credit card or bank account number. The call is almost certainly another trick to take your money.
The refund scam works like this: Several months after the purchase, someone might call to ask if you were happy with the service. When you say you weren’t, the scammer offers a refund. Or the caller may say that the company is going out of business and providing refunds for “warranties” and other services. In either case, the scammers eventually ask for a bank or credit card account number. Or they ask you to create a Western Union account. They might even ask for remote access to your computer to help you fill out the necessary forms. But instead of putting money in your account, the scammers withdraw money from your account. If you get a call like this, hang up, and report it at ftc.gov/complaint.
Staples Provides Update on Data Security Incident
Call Center Number: 1-866-274-4371
FRAMINGHAM, Mass., (Dec. 19, 2014) Staples, Inc. (Nasdaq: SPLS) today gave an update on the investigation into its previously announced data security incident involving a small percentage of its retail point-of-sale systems.
Staples’ data security experts detected that criminals deployed malware to some point-of-sale systems at 115 of its more than 1,400 U.S. retail stores. Upon detection, Staples immediately took action to eradicate the malware in mid-September and to further enhance its security. Staples also retained outside data security experts to investigate the incident and has worked closely with payment card companies and law enforcement on this matter.
Based on its investigation, Staples believes that malware may have allowed access to some transaction data at affected stores, including cardholder names, payment card numbers, expiration dates, and card verification codes. At 113 stores, the malware may have allowed access to this data for purchases made from August 10, 2014 through September 16, 2014. At two stores, the malware may have allowed access to data from purchases made from July 20, 2014 through September 16, 2014.
As a result, and in light of Staples’ commitment to protecting its customers, Staples is offering free identity protection services, including credit monitoring, identity theft insurance, and a free credit report, to customers who used a payment card at any of the affected stores during the relevant time periods. Additional information about the incident, including dates of potential access and how to sign up for free credit monitoring, can be found here.
During the investigation Staples also received reports of fraudulent payment card use related to four stores in Manhattan, New York at various times from April through September 2014. The investigation found no malware or suspicious activity related to the payment systems at those stores. However, out of an abundance of caution, Staples is offering free identity protection services, including credit monitoring, identity theft insurance, and a free credit report, to customers who used their payment cards at those stores during specific time periods. Overall, the company believes that approximately 1.16 million payment cards may have been affected. Specific stores and dates can be found here.
Typically, customers are not responsible for any fraudulent charges on their credit cards that are reported in a timely fashion. Staples customers who shopped at the affected stores during the relevant time periods should review their account statements and notify their card issuers of any suspicious activity.
Staples is committed to protecting customer data and regrets any inconvenience caused by this incident. Staples has taken steps to enhance the security of its point-of-sale systems, including the use of new encryption tools.
Important Information About the Investigation of Potential Data Breach at Chick-fil-A
Statement and FAQs.
Chick-fil-A recently received reports of potential unusual activity involving payment cards used at a few of our restaurants. We take our obligation to protect customer information seriously, and we are working with leading IT security firms, law enforcement and our payment industry contacts to determine all of the facts.
We want to assure our customers we are working hard to investigate these events and will share additional facts as we are able to do so. If the investigation reveals that a breach has occurred, customers will not be liable for any fraudulent charges to their accounts — any fraudulent charges will be the responsibility of either Chick-fil-A or the bank that issued the card. If our customers are impacted, we will arrange for free identity protection services, including credit monitoring.
If you are concerned about your payment card transactions at a Chick-fil-A restaurant, please review the following frequently asked questions (“FAQ’s”).
Customers may call 855-398-6439 for additional support or information. (Our call center will be closed for the New Year’s holiday and will reopen beginning Friday January 2.)
1. How did you first find out?
We were notified by our payment industry contacts of limited suspicious payment card activity appearing to originate from payment cards used at a few of our restaurants.
2. When did you first learn of the unusual activity?
We received the initial report late on Friday, December 19th. We launched an investigation and are working with leading IT security firms, law enforcement and our payment industry contacts to understand all of the facts.
3. What is the potential customer impact?
The initial report was of potential suspicious activity involving payment cards at a few restaurants. Our investigation is on-going and we will update as we are able to do so.
4. Are you working with law enforcement?
We have contacted federal law enforcement about this matter and will be actively cooperating with them.
5. Has there been a payment card data breach?
We are investigating reports of potential unusual activity involving payment cards used at a few of our restaurants. At this point, we are working diligently to understand all of the facts. It would be premature for us to comment further given the pending investigation, but we will share additional facts as we are able to do so.
6. Was other information compromised? Customer contact information? Employee records?
The initial reports that prompted our investigation related to payment cards. Our investigation regarding any other type of information is continuing.
7. Was my credit card information stolen?
We are working with leading IT security firms, law enforcement and our payment industry contacts to investigate and understand all of the facts. We are working diligently to investigate these events and will share additional facts as we are able to do so. In the meantime, it is always a good idea to regularly monitor card accounts and to quickly report suspicious activity to your bank or credit company.
8. If the investigation reveals a breach, will I be responsible for fraudulent charges if I use my payment card at your restaurant?
No. Customers will not be responsible for any fraudulent charges to their accounts – any fraudulent charges will be the responsibility of either Chick-fil-A or the bank that issued the card. We will arrange for free identity protection services, including credit monitoring, to any impacted customer.
9. What should customers do?
It is always a good idea to regularly monitor card accounts and to quickly report suspicious activity to your card issuers.
10. How do I know if I am an impacted customer?
We will provide further information regarding who, if anyone, is impacted as it becomes available.
“Heartbleed Bug” Vulnerability
Bryn Mawr Trust uses multiple layers of security to protect our client’s information. One of those layers involves finding andmitigating issues, known as vulnerabilities. Please keep in mind that vulnerabilities do not automatically indicate the loss or theft of information, just the possibility.
You may have heard about a new vulnerability the “Heartbleed Bug”. Once Bryn Mawr Trust became aware of the new vulnerability we conducted an in-depth review of our networks and contacted our third-party vendors to confirm that their systems were secure. This review process is ongoing and we are waiting on our vendors to complete their analysis and make available the results and any concerns. Bryn Mawr Trust will continue to monitor communications from our vendors and quickly address any future identified issues. In addition, Bryn Mawr Trust monitors both the network and bank accounts on a continuous basis forunusual behavior and has procedures in place to address any issues.
Please direct any questions or concerns to our call center: 610-525-1700
For more information about the Heartbleed Bug, please click on the link provided by the security Company, Codenomicon’s — www.heartbleed.com
Smishing Scam entitled “BMTC Alert” 484-639-3924.
Please be advised there is a Smishing (Short Message Service) or Text Message Scam affecting Bryn Mawr Trust Company clients. The message is entitled “BMTC Alert”. The message indicates
that a client’s card has been disabled and directs them to call a phone number that is NOT associated with the Bryn Mawr Trust Company. This message is not authentic and it is recommended that you delete the message and disregard the request to call the phone number. The Bryn Mawr Trust Company will never contact you via SMS or text messages to address problems with your credit, debit, or ATM card,or with any of your accounts with the Bank. Should you have any questions, please contact us immediately at 610-525-1700. — Fraud Prevention Team
New FBI Alert on Phishing Scam
With the holiday shopping season upon us, the FBI Denver Cyber Squad would like to advise citizens of a new spear phishing campaign involving personal and business bank accounts, financial
institutions, money mules, and jewelry stores. The campaign involves a variant of the “Zeus” malware called “Gameover.” The spam campaign is pretending to be legitimate e-mails from
the National Automated Clearing House Association (NACHA), advising the user there was a problem with the ACH transaction at their bank and it was not processed. Once they click on
the link they are infected with the Zeus or Gameover malware, which is able to key log as well as steal their online banking credentials, defeating several forms of two factor authentication.
After the accounts are compromised, the perpetrators conduct a Distributed Denial of Service (DDoS) attack on the financial institution. The belief is the DDoS is used to deflect attention from the wire transfers as well to make them unable to reverse the transactions (if found). A portion of the wire transfers (not all) are being transmitted directly to high-end jewelry stores, wherein the money mule comes to the actual store to pick up his $100K in jewels (or whatever dollar amount was wired).
Investigation has shown the perpetrators contact the high-end jeweler requesting to purchase previous stones and high-end watches. The perpetrators advise they will wire the money to the jeweler’s account and someone will come to pick up the merchandise. The next day, a money mule arrives at the store, the jeweler confirms the money has been transferred or is listed as “;ending” and releases the merchandise to the mule. Later on, the transaction is reversed or cancelled (if the financial institution caught the fraud in time) and the jeweler is out whatever jewels the money mule was able to obtain.
The FBI in Denver is asking all consumers to be cautious of opening communications from senders that would not normally send you e-mail or are not from the normal sender e-mail address.
FBI Advisory : An increasing level of unsolicited spam and malicious e-mails.
The Internet Crime Complaint Center (IC3) urges computer users to not open unsolicited (spam) e-mails, including clicking links contained within those messages. Even if the sender is familiar,
the public should exercise due diligence. Computer owners must ensure they have up-to-date firewall and anti-virus software running on their machines to detect and deflect malicious software.
The IC3 recommends the public do the following:
- Adjust the privacy settings on social networking sites you frequent to make it more difficult for people you know and do not know to post content to your page. Even a “friend” can unknowingly pass on multimedia that’s actually malicious software.
- Do not agree to download software to view videos. These applications can infect your computer. Read e-mails you receive carefully. Fraudulent messages often feature misspellings, poor grammar, and nonstandard English.
- Report e-mails you receive that purport to be from the FBI. Criminals often use the FBI’s name and seal to add legitimacy to their fraudulent schemes. In fact, the FBI does not send unsolicited
e-mails to the public. Should you receive unsolicited messages that feature the FBI’s name, seal, or that reference a division or unit within the FBI or an individual employee, report it to the
Internet Crime Complaint Center at www.ic3.gov.
The Clearing House Has Received Information Regarding a Phishing Alert From NACHA:
NACHA — The Electronic Payments Association has received reports that individuals and/or companies have received a fraudulent email that has the appearance of having been sent from NACHA and signed by a non-existent NACHA employee. Specifically, this email claims to be from the “Electronic Payments Association” and appears to be coming from the email address firstname.lastname@example.org.”
See a sample of the email below.
Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.
NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to individuals or organizations about individual ACH transactions that they originate or receive.
If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system.
Always use anti-virus software and ensure that the virus signatures are automatically updated.
Ensure that the computer operating systems and common software applications security patches are installed and current.
Be alert for different variations of fraudulent emails.
If you have any questions, please contact:
Senior Director, Communications & Marketing
Scott Lang, AAP
Senior Vice President, Association Services
THIS IS A SAMPLE OF THE FRAUDULENT EMAIL:
From: email@example.com [mailto:firstname.lastname@example.org]
Sent: Tuesday, February 22, 2011 7:32 AM
To: Doe, John
Subject: ACH transaction rejected
The ACH transaction, recently sent from your checking account (by you or any other person),
was cancelled by the Electronic Payments Association.
Please click here to view report
Security Alert from FDIC – Emails Fraudulently claiming to be from the FDIC
A variety of e-mails fraudulently claiming to be from FDIC have been reported.
Be on the lookout for either of these.
Phony “IDVerify” Link
These e-mails are attempting to get recipients to click on a link, which may ask them to provide sensitive personal information. They falsely indicate that FDIC deposit insurance is suspended
until the requested customer information is provided.
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports from consumers who received an e-mail that has the appearance of being sent from the FDIC. The e-mail informs the recipient that “in cooperation with the Department of Homeland Security, federal, state and local governments…” the FDIC has withdrawn deposit insurance from the recipient’s account “due to account activity that violates the Patriot Act.” It further states deposit insurance will remain suspended until identity and account information can be verified using a system called “IDVerify.” If consumers go to the link provided in the e-mail, it is suspected they will be asked for personal or confidential information, or malicious software may be loaded onto the recipient’s computer.
This e-mail is fraudulent. It was not sent by the FDIC. It is an attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media.
Phony “Attachment” with Malicious Software
These e-mails also appear to be from FDIC and contain an infected attachment. They have addresses such as “no.reply@FDIC.gov” or “notify84zma@FDIC.gov” on the “From” line. The message appears with spelling and grammatical errors, as follows:
Subject line: “FDIC Notification”
“Dear customer, Your account ACH and WIRE transaction have been temporarily suspended for security reasons due to the expiration of your security version. To download and install the newest installations read the document (pdf) attached below.
As soon as it is setup, you transaction abilities will be fully restored.
Online Security department, Federal Deposit Insurance Corporation.”
These e- mails may be modified over time with other subject lines, sender names, and narratives.
But the fact remains, the FDIC DOES NOT directly contact consumers, nor does the FDIC request bank customers to install software upgrades.
The e-mails contain an attachment “FDIC document.zip” that will likely release malicious software if opened. These e-mails and attachments are fraudulent and were not sent by the FDIC. Recipients should consider these e-mails as an attempt to collect personal or confidential information, or to upload malicious software onto end users’ computers. Do not open the attachment.
Additionally, information about similar fraudulent attempts can be forwarded to the FDIC’s Cyber-Fraud and Financial Crimes Section, CH-11034, 3501 North Fairfax Drive, Arlington, Virginia 22226, or transmitted electronically to “alert@FDIC.gov.
Important Notice: ABA Warns of Fraudulent Emails
The American Bankers Association has been alerted that someone or a group of individuals sending emails purporting to be from ABA are actually part of a scam commonly known as phishing.
These con artists are sending emails asking people to click on a link for more information — a popular technique to get financial information from the email recipient.
Phishing for financial information has been a long-standing practice. However, criminals are increasingly phishing for access to corporate, small business and government accounts and using that access to withdraw large sums of money from those accounts. Clicking on the link could enable fraudsters to download malicious software on to victims’ computers and steal bank passwords and other account information.
The emails inform recipients that an “unauthorized transaction” has been charged to their account using their “bank card.” The amount of the transactions is typically between $3,000 and $7,000.
ABA would never contact a consumer and ask for financial information.
ABA is working with law enforcement to identify the source of the emails and to disrupt them.
ABA offers the following advice to consumers, business and government organizations:
Never give out financial information in response to an unsolicited phone call, fax or email, no matter how official it may seem. If you are uncertain, call your financial institution or the organization that is purportedly contacting you using a phone number you know is safe.
If you have already responded to this type of call or email by providing financial information, contact your financial institution immediately to protect your account;
Be extremely cautious about clicking on links within unsolicited emails. When in doubt, contact the organization purportedly sending the email.
Inform the ABA about fraudulent phone calls and emails that use ABA’s name by sending an email to email@example.com.
The American Bankers Association brings together banks of all sizes and charters into one association. ABA works to enhance the competitiveness of the nation’s banking industry and strengthen America’s economy and communities. Its members – the majority of which are banks with less than $125 million in assets – represent over 95 percent of the industry’s $13.5 trillion in assets and employ over 2 million men and women.
FBI Fraud Advisory Information – Fraud Advisory for Consumers Involvement in Criminal Activity through Work from Home Scams
Consumers continue to lose money from work-from-home scams that assist cyber criminals move stolen funds. Worse yet, due to their deliberate or unknowing participation in the scams, these individuals may face criminal charges. Work-from-home scam victims are often recruited by organized cyber criminals through newspaper ads, online employment services, unsolicited emails or “spam”, and social networking sites advertising work-from-home opportunities. Once recruited, however, rather than becoming an employee of a legitimate business, the consumer is actually a “mule” for cyber criminals who use the consumer’s or other victim’s accounts to steal and launder money. In addition, the consumer’s own identity or account may be compromised by the cyber criminals.
Example of a Work-From-Home Scheme:
- An individual applies for a position as a rebate or payments processor through an online job site or through an unsolicited email.
- As a new employee, the individual is asked to provide his/her bank account information to his/her employer or to establish a new account using information provided by the employer.
- Funds are deposited into the account that the employee is instructed to wire to a third (often international) account. The employee is instructed to deduct a percentage of the wired amount as their commission.
- However, rather than processing rebates or processing payments, the individual is actually participating in a criminal activity by laundering stolen funds through his/her own account or a newly established account.
In February 2010, the U.S. Federal Trade Commission (FTC) coordinated with state law enforcement officials and other federal agencies to announce a sweeping crack down on job and work-from-home fraud schemes fueled by the economic downturn. Individuals who are knowing or unknowing participants in this type of scheme could be prosecuted.
- Be wary of work-from-home opportunities. Research the legitimacy of the company through the Better Business Bureau (for US-based companies) or WHOIS/Domain Tools (for international companies) before providing personal or account information and/or agreeing to work for them. In addition, TrustedSource.org can help you identify companies that may be maliciously sending spam based on the volume of email sent from their Internet Protocol (IP) addresses. See also the FTC’s recommendations.
- Be cautious about any opportunities offering the chance to work from home with very little work or prior experience. Remember: if it looks too good to be true, it usually is.
- Never pay for the privilege of working for an employer. Be suspicious of opportunities that require you to pay for things up front, such as supplies and other materials.
- Never give your bank account details to anyone unless you know and trust them.
- If you think you may be a victim of one of these scams, contact your financial institution immediately.
Report any suspicious work-from-home offers or activities to the Internet Crime Complaint Center (IC3)7 at http://www.ic3.gov/default.aspx.
For more information, visit:
- PhishBucket.org, a nonprofit organization dedicated to protecting job seekers from fraudulent job offers.
- OnGuardOnline.org. Sponsored by the FTC, this site provides practical tips from the federal government and the technology industry to help you be on guard against Internet fraud, secure your computer, and protect your personal information.
- Better Business Bureau, http://www.bbb.org/us/article/work-at-home-schemes-408.
Important Notice: New Phishing and Telephone Scams Being Perpetrated!
Please be aware that Bryn Mawr Trust will never ask you to verify confidential information by e-mail or by telephone. To ensure that you do not divulge confidential information to unauthorized individuals, we urge you not to respond to any e-mail or telephone request that asks you to provide your confidential personal information. To learn more about how you can prevent Identity Theft Click here or call our Customer Service Center at 610-525-1700, Monday through Friday from 7:30 a.m. to 6:00 p.m. or e-mail us at firstname.lastname@example.org if you have any questions concerning your account(s) and/or the Internet Banking system.
A Fedwire Phishing Scheme is also being perpetrated which involves fraudulent emails claiming to be from the Federal Reserve Bank that warn of a phishing attack on the Fedwire system.
Reporting Fraud or Suspicious Activity
If you think you have received a fraudulent email, notice suspicious account activity or have concerns about other questionable activity contact us immediately at email@example.com.
For inquires or service requests call us at 610-525-1700.