Safety & Fraud Prevention
Plan for COVID-19 scams to continue throughout the pandemic
As of June 25th, 2020, the Federal Trade Commission (FTC), had logged nearly 111,000 consumer complaints related to COVID-19 and stimulus payments, two-thirds of them involving fraud or identity theft.
Victims have reported losing $72.2 million, with a median loss of $281.
Here are some types of coronavirus scams to continue to watch out for while the pandemic continues:
In-demand products and/or bogus cures
To date, no vaccines or drugs have been approved specifically to treat or prevent COVID-19, the disease caused by the novel coronavirus. Beware of messages stating otherwise.
Also beware of those selling or offering in-demand supplies such as surgical masks, test kits and household cleaners, often in robocalls, texts or social media ads.
Beware of calls or emails, purportedly from government agencies, that use the term “stimulus” (the official term is “economic-impact payment”) and ask you to sign over a check or provide personal information like your Social Security number.
If you own a small business, beware of promises of quick capital. With unemployment and economic anxiety rising, crooks have been seen impersonating banks and lenders to offer fake help with bills, credit card debt.
Beware of fraudsters touting investments in companies with products that supposedly can prevent, detect or cure COVID-19. Do your research. This type of fraud involves con artists that have already bought the stocks in order to inflate the price. Then, they dump the stock, saddling legitimate investors with big losses.
Beware of emails or texts supposedly from contact tracers warning you that you’ve been exposed to someone with COVID-19. These messages include a link that, if clicked, downloads malware to your device. (Messages from actual contact tracers working for public health agencies will not include a link, or ask you for money or personal data.)
Make sure you visit genuine health authorities’ websites. Scammers have been found running fake CDC and WHO websites. A good place to start is your State or County Health Department. https://www.usa.gov/state-health ; https://www.usa.gov/local-governments
The official CDC Website: https://www.cdc.gov/
The official WHO website: https://www.who.int/
EMPOWERING THE LATINO COMMUNITY TO AVOID AND REPORT SCAMS
by Alvaro Puig
Consumer Education Specialist, FTC
Every year, Hispanic Heritage Month gives us a chance to reflect on the great contributions Latinos have made to society. To keep those contributions coming, it’s important to continue to do everything possible to protect Latinos from fraud.
So let us take this opportunity to tell you about the resources we have for you — and tell you how to get them for free.
FBI ALERT: Be On The Lookout for Mobile App Fraud
(Source: FBI, https://www.fbi.gov/scams-and-safety )
The FBI anticipates an increase in mobile app fraud, as Americans are increasingly using their mobile devices to conduct banking activities such as cashing checks and transferring funds.
Studies of US financial data indicate a 50 percent surge in mobile banking since the beginning of 2020. With city, state, and local governments urging or mandating social distancing, Americans have become more willing to use mobile banking as an alternative to physically visiting branch locations. The FBI expects cyber actors to attempt to exploit new mobile banking customers using a variety of techniques, including app-based banking trojans and fake banking apps.
App-Based Banking ‘Trojans’
The FBI recommends caution when downloading apps on smartphones and tablets, as some could be concealing malicious intent. Scammers target banking information using banking ‘trojans’, which are malicious programs that disguise themselves as other apps, such as games or tools. Once the user enters their credentials into the false login page, the trojan passes the user to the real banking app login page so they do not realize they have been compromised.
Fake Banking Apps
Scammers also create fraudulent apps designed to impersonate the real apps of major financial institutions, with the intent of tricking users into entering their login credentials. These apps provide an error message after the attempted login and will use smartphone permission requests to obtain and bypass security codes texted to users. In 2018, nearly 65,000 fake apps were detected on major app stores, making this one of the fastest growing sectors of smartphone-based fraud.
TIPS TO AVOID MOBILE APP FRAUD
Obtain Apps from Trusted Sources
The FBI recommends only obtaining smartphone apps from trusted sources like official app stores or directly from bank websites.
Use Two-Factor Authentication
Since 2016, surveys of application and website users have identified that a majority of users do not enable two-factor authentication — a second layer of security — when prompted. Security experts identify two-factor authentication as a highly effective tool to secure accounts against compromise, and enabling any form of two-factor authentication will be to the user’s advantage
- Do enable two-factor or multi-factor authentication — via biometrics, hardware tokens, or authentication apps — on devices and accounts to protect them from malicious compromise, whenever possible.
- Do monitor where your Personal Identifiable Information (PII) is stored and only share the most necessary information with financial institutions.
- Don’t click links in e-mails or text messages; ensure these messages come from the financial institution by checking email credentials and calling the bank. Many criminals use legitimate-looking messages to trick users into giving up login details.
- Don’t give two-factor passcodes to anyone over the phone, email or via text. Financial institutions will not ask you for these codes over the phone.
Use Strong Passwords and Good Password Security
Cyber actors regularly exploit users who reuse passwords or use common or insecure passwords. The National Institute of Standards and Technology’s most recent guidance encourages users to make passwords or passphrases that are 15 characters or longer.
- Do use passwords that contain upper case letters, lower case letters, and symbols and a minimum of eight characters.
- Do create unique passwords for banking apps.
- Do consider using a password manager or password management service.
- Don’t use common passwords or phrases (EX: “Password1!” or “123456”) or reuse the same passwords for multiple accounts.
- Don’t store passwords in written form or in an insecure phone app like a notepad.
- Don’t give your password to anyone. Financial institutions will not ask you for this information over the phone or text message.
If a Banking App Appears Suspicious, Call the Bank
If you encounter an app that appears suspicious, exercise caution and contact that financial institution. Major financial institutions will never ask for your login username and password over the phone. If the phone call seems suspicious, hang up and call the bank back at the customer service number posted on their website.
IDENTITY THEFT happens when someone uses your personal information (name, Social Security number, credit card number, etc.) without your permission to commit fraud or other crimes. This is a serious crime that can have devastating consequences as some victims must spend hundreds of dollars and many hours repairing their good name and credit record.
Bank of Labor will do whatever it takes to keep your online identity safe. The following are some helpful tips that will assist you in preventing identity theft.
Beware of Phishing
Phishing is a scam where online criminals try to lure personal information such as credit card numbers or bank account information from unsuspecting victims. Be aware of spoofed email or websites that look like they come from your bank or another trusted source in an attempt to deceive you.
Bank of Labor will NEVER request personal information by email or text message including account numbers, passwords, personal identification information or any other confidential customer information. Fraudulent emails may be designed to appear as though they are originated by Bank of Labor. Do not respond to any email request asking for personal or confidential information and do not click any links listed on that e-mail. These communications are not from Bank of Labor! Never give out any information that the Bank already has if you are contacted by phone, text message, or email.
If you contact us we may verify your information to confirm your identity but we will never contact you and ask for your debit/credit card number. If we need to contact you, it will always be done in a manner that protects your personal, confidential information and we will clearly identify ourselves. If you are unsure, contact us directly using our contact information on your card, statement or our website.
Protect Yourself Online
- Install anti-malware software including virus and spyware protection and be sure to keep it up to date.
- Ensure your mobile device and computer are updated with the latest software patches for your installed programs and Operating System.
- Be sure and use a firewall when browsing. Firewalls help prevent unauthorized internet users from accessing private networks.
- Never click on links in unsolicited emails.
- Don’t surf to pages you are unsure of.
- For additional information on what you can do to protect yourself online, go to www.onguardonline.gov.
Check Your Credit Report
Make a habit of checking your credit report. You can get a free copy of your credit report from the big three reporting agencies each year. Visit www.annualcreditreport.com to learn more.
Practice ATM Safety
As with all financial transactions, please exercise discretion when using an automated teller machine (ATM) or night deposit facility. For your own safety, be careful. The following suggestions may be helpful.
- Prepare for your transactions in advance (for instance, by filling out a deposit slip) to minimize your time at the ATM or night deposit facility.
- Mark each transaction in your account record, but not while at the ATM or night deposit facility. Always save your ATM receipts. Don’t leave them at the ATM or night deposit facility because they may contain important account information.
- Compare your records with the account statements you receive.
- Don’t lend your ATM card to anyone.
- Remember; do not leave your card at the ATM. Do not leave any documents at a night deposit facility.
- Protect the secrecy of your Personal Identification Number (PIN). Protect your ATM card as though it were cash. Don’t tell anyone your PIN. Don’t give anyone information regarding your ATM card or PIN over the telephone. Never enter your PIN in any ATM that does not look genuine, has been modified, has a suspicious device attached, or is operating in a suspicious manner. Don’t write your PIN where it can be discovered. For example, don’t keep a note of your PIN in your wallet or purse.
- Prevent others from seeing you enter your PIN by using your body to shield their view.
- If you lose your ATM card or if it is stolen, promptly notify us. You should consult the other disclosures you have received about electronic fund transfers for additional information about what to do if your card is lost or stolen.
- When you make a transaction, be aware of your surroundings. Look out for suspicious activity near the ATM or night deposit facility, particularly if it is after sunset. At night, be sure to use a facility (including the parking area and walkways) that is well lit. Consider having someone accompany you when you use the facility, especially after sunset. If you observe any problem, go to another ATM or night deposit facility.
- Don’t accept assistance from anyone you don’t know when using an ATM or night deposit facility.
- If you notice anything suspicious or if any other problem arises after you have begun an ATM transaction, you may want to cancel the transaction, pocket your card and leave. You might consider using another ATM or coming back later.
- Don’t display your cash; pocket it as soon as the ATM transaction is completed and count the cash later when you are in the safety of your own car, home or other secure surrounding.
- At a drive-up facility, make sure all the car doors are locked and all of the windows are rolled up, except the driver’s window. Keep the engine running and remain alert to your surroundings.
- We want the ATM and night deposit facility to be safe and convenient for you. Therefore, please tell us if you know of any problem with a facility. For instance, let us know if a light is not working or there is any damage to a facility. Please report any suspicious activity or crimes to both the operator of the facility and the local law enforcement officials immediately.
Call (913) 321-4242 if you notice suspicious account activity or experience customer information security-related events.
Need to reach us? Please contact us at the number below and our team will gladly assist you. If you would like to open an account or speak to a personal banker visit us at any of our locations located in the Greater Kansas City Metro Area.