Fraud Prevention & Alerts
Can you spot a phishing scam?
What's your score? Take five minutes to become a pro by taking the #BanksNeverAskThat quiz at BanksNeverAskThat.com.
Every day, thousands of people fall victim to fraudulent e-mails, texts and calls from scammers pretending to be their bank. In this time of expanded use of online banking, the problem is only getting worse.
The Federal Trade Comission's report on fraud estimates that American consumers lost a staggering $1.9 billion to phishing schemes and other fraud in 2019 - and the ongoing pandemic has only increased that threat.
Online scams are easier to point out when you know what to look for. At West Shore Bank, we're committed to helping you spot them and protect your accounts. We've teamed up with the American Bankers Association to fight phishing this Cybersecurity Awareness Month.
Watch out for the top 3 phishing scams:
- Text Message: If you receive a text message from someone claiming to be your bank and asking you to sign in or offer up personal information, it's a scam. Banks never ask that.
- E-mail: Your bank won't send you e-mails that ask you to click a suspicious link or provide personal information. The sender may claim to be someone from your bank, but it's a scam. Banks never ask that.
- Phone Calls: Your bank would never call you to verify your account number. Banks never ask that. If you're ever in doubt that a caller is legitimate, just hang up and call the bank directly at a number you trust.
You've probably seen some of these scams before. But that doesn't stop a scammer from trying. For more tips on how to avoid phishing schemes, visit BanksNeverAskThat.com
Take the #BanksNeverAskThat quiz here .
According to the Federal Trade Commission, identity theft is the fastest-growing crime in the country. Our ability to feel safe is becoming more difficult. But there is hope. The USA Patriot Act has paved the way for financial institutions to help prevent fraud, identity theft, and the spread of terrorism. It requires financial institutions to obtain more information from an individual or legal entity to help establish identity.
Your cooperation is needed when you open a new account or request a loan. You may be asked more questions to establish and confirm your identity and will be required to provide one or more of the following types of identification:
- Driver’s license
- Passport and country of issuance
- US taxpayer identification (ID) number
- Alien ID card
- Any other government-issued document evidencing nationality or residence
The federal Fair Credit Reporting Act (FCRA) requires each of the nationwide consumer reporting companies to provide you with a free copy of your credit report , at your request, once every 12 months, from Annual Credit Report . The Federal Trade Commission (FTC), the nation’s consumer protection agency, has prepared a brochure, Your Access to Free Credit Reports, explaining your rights and how to order a free annual credit report
At West Shore Bank we believe that one of the best ways to arm yourself against fraud is with information. In this section we will provide you with links to articles that will alert you to any schemes you should know about, and inform you of the resources that are available to help you protect your account information. Some of these links are to West Shore Bank articles, others will take you to articles on other informational web sites.
If you think your accounts have been compromised, let us know immediately by calling (231) 845-3500 or (888) 295-4373.
The USA Patriot Act has paved the way for financial institutions to help prevent fraud, identify theft, and the spread of terrorism. It requires financial institutions to obtain more information from an individual or legal entity to help establish identity.
Your cooperation is needed when you open a new account or request a loan. You may be asked more questions to establish and confirm your identity. It may also be required for you to provide one or more of the following types of identification:
- Driver's license
- Passport and country of issuance
- S. taxpayer identification (ID) number
- Alien ID card
- Any other government-issued document evidencing nationally or residence
How to Prevent Fraud
Guard your Social Security number
- Never carry your Social Security card and know your surroundings when disclosing your Social Security number.
- Never provide your Social Security number unless you initiated contact and have confirmed the person or business' identity.
- Do not record your Social Security number on a check, traveler check, gift certificate, etc., unless required by law.
- Do not use any part of your Social Security number as a Personal Identification Number (PIN) or password.
- If you must provide your Social Security number in an email or website, ensure that it is encrypted and know how the recipient will protect it.
Secure your computer
- Web browser updates are provided with your security in mind so keep them current.
- Operating system and software patches or service packs should be installed as soon as possible.
- Anti-spyware and anti-virus software helps detect and remove 'bad' software that can steal vital information.
- A firewall prevents unauthorized users from gaining access to the computer or monitoring transfers of information to and from the computer.
- Always use the highest level of security possible when setting up and connecting to wireless networks.
- Never transmit sensitive information over an unencrypted wireless network.
- Sign up for direct deposit and have funds put into your account electronically without paper checks.
- Sign up for e-statements and stop receiving statements and canceled checks in the mail. View them online instead.
- Reduce the amount of mail and paper with your personal information printed on it to minimize the chance of criminals stealing it.
Types of Online Fraud
Malware, short for "malicious software," includes viruses, spyware and trojans that are designed to infect or damage a computer system. Malware is often used to steal personal information and commit fraud. There are several easy ways to minimize the risk of malware:
- Updated security and system software can protect your computer from malware threats.
- Attachments or free software from unknown sources should not be opened or installed.
- Downloads from file sharing and social networking sites can be sources of malware.
- Pop-up ads asking for personal or financial information are likely fraudulent, so close them.
Phishing or Spoofing
Thieves may send you an email that looks like it comes from West Shore Bank. These emails ask you to go to a website that looks like West Shore Bank's website and provide your personal account information. They may even ask you to call a phone number and provide account information but the website is fake. Look for the following information to determine if the email is really from West Shore Bank:
- West Shore Bank emails will never ask you to reply in an email with your personal information and any email that does should raise your concern.
- The message may contain claims that your account will be closed if you fail to confirm, verify or authenticate your personal information. West Shore Bank will not ask you to verify your information in this way.
- Messages about system and security updates claim the Bank needs to confirm important information due to upgrades and states that you must update your information online. West Shore Bank will not ask you to verify information in this way.
- Typos and other errors are often the mark of fraudulent emails or websites. Watch out for typos or grammatical errors, awkward writing, and poor visual design.
- Offers that sound too good to be true often are. You may be asked to fill out a short customer service survey in exchange for money being credited to your account, and you are then asked to provide your account number for proper routing of the supposed credit. West Shore Bank will not request your information in this way.
Money mules are unsuspecting victims who become middlemen for criminals trying to launder stolen funds. Victims are lured by the promise of love or a new career opportunity making large sums of money for minimal work. Criminals recruit money mules, send them stolen money and then ask the money mules to wire or transfer the money unwittingly to the criminals. Using the money mule masks the criminal's identity.
The money mule may keep a commission for performing the transfer or wire. The victims of these scams may not only have their bank accounts closed and financial reputation ruined, but are often left financially responsible for returning the stolen funds.
Common signs of a money mule scam are:
- Accepting large sums of money into your account for a new job.
- Transferring or wiring funds out of your account to people you do not know.
- Opening a new account to receive money from someone you do not know.
- Overseas companies requesting money transfer agents.
Vishing uses Voice over Internet Protocol (VoIP) to call, leaving an automated recording. It alerts the consumer that their account has experienced unusual activity. The message instructs the consumer to call the same phone number shown in the spoofed caller ID with the same name as the bank they are pretending to represent. Sometimes criminals who try to get consumers to turn over personal data send emails and text messages containing fraudulent phone numbers.
Rather than provide any information, you should contact West Shore Bank at the customer service number you normally use to verify the validity of the message.
Types of Mobile Fraud
Fake Mobile Banking Apps
Criminals may develop and publish fake mobile banking applications to steal your online banking credentials. Always look for these signs before installing a mobile banking application:
- The developer or publisher of the application is West Shore Bank.
- Only download the application from the official 'store' for your device.
- Mobile applications for West Shore Bank are currently free. If there is a charge for the application, it's not legitimate.
SMShing is phishing via SMS text messaging. A criminal will send a text message to trick you into replying with financial or personal information or clicking links that will install viruses onto your mobile device.
- Do not respond to a text message that requests personal or financial information; West Shore Bank will never ask you for this.
- Verify the phone number(s) that appear in the text message. Store West Shore Bank in your device contacts for a quick cross-check.
- Password protect your device.
- Turn on the screen lock.
- Use a remote wipe application.
- Keep records of the make, model, serial number and IMEI number of your device.
- If your device is stolen, log into Online Banking and remove that device from Mobile Banking.
The best detector of fraud or identity theft is you. The sooner fraud is detected, the lower the financial impact. By monitoring your accounts you can look for strange activity and act fast to minimize the financial impact.
Recognize Fraud or Identity Theft
It is important to recognize suspicious activities that may indicate fraud or identity theft.
Fraud is when someone uses your accounts to make unauthorized purchases, usually when the card or account number has been stolen. Possible signs of fraudulent activity are:
- You do not receive an expected bill or statement by mail.
- You see unexpected charges on your account.
- Your credit report contains accounts not yours or has inaccurate information.
- You receive notice that you have been denied credit, but you did not apply for credit.
Identity theft happens when a thief steals information such as your name, birth date or Social Security number to open credit cards, mortgages and other accounts without your knowledge. Identity theft may be indicated by:
- There are new accounts on your credit report that are not yours.
- You receive credit cards you did not apply for.
- You receive calls from debt collectors for something you did not buy.
Monitor your Accounts Regularly
Check your account activity frequently looking for anything unusual. View your online account statements to detect fraud earlier and contact your financial institution immediately if you see anything suspicious. If you suspect that any of your accounts with West Shore Bank have been compromised, please notify us immediately.
- Over 50 percent of identity fraud is discovered by the victim.
- Customers with electronic access to their accounts detect fraud or identity theft earlier than those who rely on paper statements.
- Customers enrolled in Online Banking that use our email alert functions receive timely notification about activity in their accounts, which can help identify fraud quickly.
- Receiving e-statements instead of paper statements helps reduce the risk of mail fraud.
Check your Credit Report Annually
By monitoring your credit report you can verify that no new accounts or loans have been approved in your name using stolen information. National credit reporting agencies are required to provide you with free copy of your credit report once every 12 months. You can make this request by visiting www.annualcreditreport.com or calling (877) 322-8228. Your legal rights are explained on the Federal Trade Commission's website at www.ftc.gov .
Report fraudulent activity on your West Shore Bank accounts or Online Banking:
- Call (231) 845-3500 or (888) 295-4373
- Or contact your nearest branch
If possible, provide the check number for the last check that was written, or the name of the person or business to whom it was written. Digital copies of your checks are available through Online Banking.
Lost, Stolen, Missing or Found ATM or Debit Card
During regular business hours:
- Call (231) 845-3500 or (888) 295-4373
- Or contact your nearest branch
Outside regular business hours:
- Contact (888) 297-3416
To report a suspicious email using West Shore Bank's name, please immediately forward the email to [email protected] .
What to do if you think someone has stolen your identity:
- Contact West Shore Bank immediately to close any accounts you believe have been compromised.
- Contact the three major credit bureaus to place a fraud alert on your credit file.
- Equifax – (888) 766-0008
- Experian – (888) 397-3742
- Trans Union – (800) 680-7289
- Close other accounts you know or believe have been opened fraudulently or tampered with.
- File a police report. Get copies to submit to any creditor that may require proof of a crime.
- File your complaint with the FTC.
For more information about fighting ID theft and reporting fraud, go to www.FTC.gov .
Dealing with a Data Compromise
Data compromise is usually an organized theft of ATM, debit, or credit card information through third party processors, computer theft, stolen storage tapes, company insiders working for a merchant or merchant contractor, or merchant data breaches.
If a data breach affecting your accounts occurs, West Shore Bank receives information from many outside sources such as Visa, MasterCard or law enforcement agencies. Because this information is sensitive, specific details are not released to the Bank. We are unable to provide you with the name of the merchant or where the data breach occurred.
We understand that learning your account information may have been compromised can be alarming. In the event your card data account has been compromised:
- West Shore Bank may proactively close your card and issue a new one to help protect your account.
- It does not mean fraud will occur on your account.
- It does not mean you will become a victim of identity theft.
- If you notice any fraudulent charges to your account, contact us immediately by calling (231) 845-3500 or (888) 295-4373.
Protect Your Information
- Always know where your card is. If you misplace it, contact us immediately so we can block the card from use.
- Regularly monitoring your account activity is the best way to help detect if you have been a victim of fraud. West Shore Bank's Online Banking allows you to access your account at your convenience.
- For added protection, you can set up Online Banking Alerts that notify you about important activity in your accounts, which can help identify fraud quickly.
- Signing up for electronic statements may also help reduce your risk of mail fraud.
- If you receive your statements in the mail, review your statement as soon as possible after it is delivered and immediately report any fraudulent transactions.
- Federal Trade Commission | ftc.gov
- Federal Deposit Insurance Corporation | fdic.gov
- Resources from the Government | idtheft.gov
- Internet Fraud Information | usa.gov
- Federal Bureau of Investigation | fbi.gov
- Financial Fraud Enforcement Task Force | stopfraud.gov
Current & Ongoing Frauds
Exploiting the Coronavirus: Massive Excel Phishing Attack
Microsoft has reported a massive phishing campaign that uses an Excel attachment as bait. The phishing email looks like it is from the Coronavirus Research Center of John Hopkins University–a well known medical organization in the US. The email includes an Excel attachment that is disguised as an updated list of Coronavirus-related deaths, but the file actually contains a hidden piece of malware.
If you open the infected Excel file and click “Enable Content” when prompted, a program called NetSupport Manager will be automatically installed on to your computer. This program is a tool that allows someone to access your computer remotely. Cybercriminals are using NetSupport Manager to gain complete control over a victim’s system; allowing them to steal sensitive data, install more malicious software, and even use the machine for criminal activities. Don’t be a victim!
Here are some ways to protect yourself from this scam:
- Think before you click! The bad guys know that you want to stay up-to-date on the latest COVID-19 data so they use this as bait. They’re trying to trick you into impulsively clicking and downloading their malware.
- Never download an attachment from an email that you weren’t expecting. Remember, even if the sender appears to be a legitimate organization, the email address could be spoofed.
- Always go to the source. Any time you receive an email that claims to have updated COVID-19 data, use your browser to visit the official website instead of opening an attachment or clicking a link.