Insite National Bank

Your financial security is important to us.

Fraud Prevention

Cybersecurity: The Top Scams Affecting Senior Citizens

Older adults are attractive targets for financial exploitation because they tend to possess more wealth than other potential targets – wealth that in many instances has been accumulated over their lifetime through hard work and conscientious saving. A decline in mental faculties for some seniors also makes them more vulnerable to fraud. Residents of assisted living and nursing facilities may be targets of predators who take advantage of victims’ memory loss or their fear of a failing memory.

Seniors are often targeted through the internet, mail, phone, in-home visits, and free offers specifically tailored to large groups of seniors. Though they are always changing, we’ll discuss the most common elder scams happening now. As bankers, you can help your older customers be on the alert.

Medicare & Health Insurance Scams

It is difficult to imagine that someone could prey on those who need medical assistance, but unfortunately, Medicare fraud is all too common. Perpetrators may pose as a Medicare representative to get personal information, or they will provide bogus services at makeshift mobile clinics, then use the information to bill Medicare and pocket the money. Some even make false offers for free medical supplies or checkups that require the victim to provide their Medicare information and credit card number for supposed “shipping and handling” fees.

Consumers also report phony “Free” back, neck or knee brace offers. Scammer claims to be a Medicare or medical supply representative or health insurance company. If interest is shown, they will ask for sensitive information such as Medicare Numbers or Social Security Numbers.

Another of the latest Medicare scams to pop up is where scammers are emailing, calling, and even knocking on doors, claiming to be from Medicare and offering all sorts of pandemic-related services if you “verify” your Medicare ID number. Among the offers is to send new cards they claim contain microchips. Some posers have been asking for payment to move beneficiaries up in line for the COVID-19 vaccine.

COVID-19 Scams

Speaking of COVID-19, many who have already received their vaccine posted selfies on social media showing off their vaccination card. Scammers immediately pounced. Often appearing in the pics was the information on the card showing full name, birth date and information about where the shot was received. That gives scammers valuable data for identity theft, breaking into bank accounts, applying for credit cards, and more.

Another COVID-19 related scam centers around a FEMA program that will pay up to $9,000 for funeral expenses if a loved one was lost to the disease. While this is a legitimate program, and citizens can reach out to FEMA to apply for these benefits, unfortunately, FEMA reports that scammers are contacting people and pretending to offer to register them for assistance. To avoid those scams, here are some tips:

  • FEMA will not contact anyone until they call or apply for assistance.
  • The government won't ask for payment to get this benefit.
  • Nobody should give out deceased loved one's personal or financial information to anyone who has contacted them out of the blue.

Zoom Phishing Emails

According to the Better Business Bureau, thousands of fake Zoom-related internet domains were registered for in the early months of the pandemic, just so con-artists could send out emails that look like they're from the popular videoconferencing website. How this con works is that folks receive an email, text, or social media message with the Zoom logo, telling them to click on a link because their account is suspended, or they missed a meeting. Clicking can expose you to the risk of an upload of malware (malicious software) onto their computer, where personal information could become available to use for identity theft, or search for passwords to hack into other accounts.

Telemarketing/Phone Scams

Seniors were raised in an era that valued politeness and good manners, but this makes them more vulnerable to fraud. Often, they are less likely to hang up the phone or simply say “no” to criminals pretending to be telemarketers or representatives of a company. There are many different types of telemarketing scams. Three examples include:

  1. The pigeon drop - The con artist tells the individual that he/she has found a large sum of money and is willing to split it if the person will make a "good faith" payment by withdrawing funds from his/her bank account.
  2. The fake accident ploy - The con artist gets the victim to wire or send money on the pretext that the person's child or another relative is in the hospital and needs the money.
  3. Charity scams - Money is solicited for fake charities. People should avoid answering calls from unknown numbers and be aware of Caller ID Spoofing technology to mask their true phone number from showing.

Internet Fraud

If you’ve ever seen a pop-up window telling you that your computer has a virus, then you’ve come close to this type of fraud. Pop-up browser windows simulating virus-scanning software will fool victims into either downloading a fake anti-virus program (at a substantial cost) or an actual virus that will open up personal information to scammers. Scammers are also sending fake text messages alleging there is big trouble with your internet account, a credit card, bank account or shopping order on Amazon or other popular retailers. The urgent-sounding text message may even have a real-looking logo. They want people to click on links and provide personal info.

Similar issues are popping up via ads on social media. Phony retail sites are using photos lifted from real online stores to make their fake store look legitimate. They run ads where a click directs to their fake site, where if an order is place with payment info, the goods are never received, or are a sub-par, cheaper knock-off version, often shipped direct from overseas.

(The above article is shared with permission from the author, Aimee Leeper, Director of Marketing, CRA Partners / SHCPF.)
Posted October 2021




Cybersecurity: Class is back in session.

Lesson 1: How to protect college students from scams.

Learning life lessons at an early age is good, except when your bank account gets drained by a scammer, and you learn the hard way. Many students are starting their college career not knowing they are especially vulnerable to fraud.

One way fraudsters target students is through scholarship and financial aid scams. Many students jump at the opportunity to receive tuition financial aid, which is what scammers count on to take advantage of the situation.

Here are some common scholarship-related scams. Share this information so you can help college-bound students avoid them.

Fake scholarship sweepstakes

In this scam, fraudsters create an official-looking scholarship sweepstakes requiring money up- front to participate. Legitimate scholarship providers don’t want – or need – your money. They want to help students attend school, not earn a profit. If a scholarship is asking any sort of fee to apply, it’s likely not a legitimate opportunity. In the end, victims usually write off the expense, thinking they simply didn’t win the scholarship. Learn more: https://www.fastweb.com/college-scholarships/articles/beware-student-scams

Application fee scholarships

Fake scholarships are a fraud where the scammer promises to provide guaranteed college scholarships, even going as far as creating an official-looking scholarship program. Most seek to get students and their families to pay money to the scammer upfront as part of an application fee, but some scams also involve identity theft. During a typical scam, 5,000 to 10,000 applications and fees of $5 to $35 are received, a lucrative profit for the bad guys. What makes this scam doubly bad is the student has also provided their personally identifiable information (PII) on the fake application, opening themselves up to identity fraud — in addition to money theft once the fraudsters have the PII. Check out the FTC’s website to learn more about scholarship award scams: https://www.consumer.ftc.gov/articles/how-avoid-scholarship-and-financial-aid-scams

Student tax scams

Student tax scams generally involve a scammer reaching out via phone, text or email in an attempt to get students to click on a link and provide PII or pay money for a “university student fee.” Scammers often spoof phone numbers from Washington, D.C. to impersonate the IRS. It’s important to note the IRS will never contact students or their families via email, text, social media, or phone. Official contact is through the mail. Phishing emails are commonly used with subject lines like “tax refund payment” or “recalculation of your tax refund payment.” Scammers hope that students will click on these emails and enter personal information. You can read more about student tax scams on the FTC website: https://www.consumer.ftc.gov/blog/2021/04/new-irs-imposter-scam-targets-college-students-and-staff and read more about phishing emails https://www.shazam.net/news/shazam-blog/social-engineering-is-used-to-commit-fraud/.

Victim recourse when caught up in a scholarship award or student tax scam

Falling for any scam is incredibly stressful, especially for young college students. However, there are steps victims can take to recover lost funds and protect themselves in the future. Students who fall victim should start by reporting the incident to the FTC on their website. https://reportfraud.ftc.gov/#/ Additionally, they should contact their financial institution’s fraud department to work on getting their funds back and charges reversed. If their Social Security number has been compromised, go to IdentityTheft.gov https://www.identitytheft.gov/#/ to see what steps to take, including how to monitor their credit.

A good rule of thumb is to be skeptical about any scholarship that requires money upfront. Just one phone call to the university can help prevent the student from falling victim to a scholarship award scam. Use common sense throughout the process. If something ever seems sketchy, stop giving information and start asking questions.

Lesson 2: Dangers of social media scams

Every student heading back to school has a smartphone in their pocket, using it to communicate, socialize and kick back and relax. However, an increasing number of scammers are out there right now targeting unsuspecting students.

According to Pew Research Center 71% of young adults aged 18–29 use Instagram, Snapchat and other social media sites. Scammers target college students using popular social media networks because they're vulnerable. It’s easy for college students to let their guard down and fall victim to schemes stealing their identity or draining their bank account. Sometimes the bad guys even trick students into becoming accomplices to their fraud with the lure of easy money.

Scam artists see a big opportunity with a college student’s personally identifiable information (PII). Let’s look at way’s cybercriminals use social media to target college students:

Save or earn money by downloading this app scams

Many scams on social media post false advertisements claiming the reader can win money or save money by downloading an app — albeit with a sketchy link. If students tap on the link or try to download the app, they will instead install malware to their device — exactly what the scammers were hoping for. These links are usually shortened to bit.ly, making it difficult to see outright that it’s a malicious link.

Once scammers trick someone into installing malware on their phone, they work diligently to steal password information and PII. If successful, this leads to a social media takeover, giving the trickster the ability to post ads, message the victim’s friends and create spam posts.

Card cracking scams make victims an accomplice to fraud

College students and other young adults are the primary targets of a scam called card cracking, which is a type of account fraud. Targeted mainly through social media, the goal is for the scammer to acquire the accountholders checking account information or debit card and PIN in a money-making partnership. There are different variations of card cracking, let’s look at two.

In one scenario, a scammer reaches out via social media with an online job offer or promise of financial aid that involves a money exchange. The bad guys ask for bank account information to deposit money and then make a deposit with fake, stolen or counterfeit checks. Next, they have the victim send them money or they make an immediate withdrawal from the victim’s account. By the time the fake check or bogus deposit gets flagged, the money is already gone, and the accountholder is broke.

In a different version of the scam, with the lure or easy money for the student, fraudsters convince their victims to share their debit card and PIN, telling them to report the card stolen to recover the money. The fraudster cleans out the bank account, not sharing the promised portion of the money with the accomplice.

Worse yet, most victims who fall for this scam don’t realize they are committing a crime. Being charged as an accomplice to a crime is a very serious offense. Learn more about card cracking: https://www.canr.msu.edu/news/card_cracking_and_college_students.

The car wrap scam, get paid to drive

Another current hot scam on social media — get paid to drive, what could be easier than that?

The shyster offers a large sum of money to a student just to drive around with their car wrapped in an advertisement. Sounds cool and easy. When the intended target responds, the scammer sends them a counterfeit check to deposit into their account with instructions to immediately send payment to a pre-selected decal agent who will put the ads on their car. The student is told to keep a portion of the deposit check to pay themselves.

In the end, the bogus deposit check will bounce, leaving the student to foot the bill for the money they’ve already sent to the decal agent who is really the scammer.

You can read more about car wrap scams on the FTC's website: https://www.consumer.ftc.gov/blog/2020/12/wrapping-2020-more-car-wrap-scams

Victim recourse

Students who fall prey should take the following steps:

  • Stop all contact with the con artist and keep copies of all communications
  • Report the matter to local police department
  • Report the incident to the FBI Internet Crime Complaint Center https://www.ic3.gov/ and the Federal Trade Commission https://reportfraud.ftc.gov/#/

While social media is a great way to stay in touch with friends, it’s also a way for fraudsters to take advantage of college students. Through the stress of being in a whole new world, it is easy for college students to let their guard down. A good rule of thumb is to beware of easy money offers as they are rarely legal.

As the saying goes, if it sounds too good to be true, it probably is. We hope you’ve found this informative. Feel free to share with others!

This article was originally posted in SHAZAM Blog:
Lesson 1: Wednesday, August 5, 2021 https://www.shazam.net/news/shazam-blog/class-is-back-in-session-lesson-1-how-to-protect-college-students-from-scams-/
Lesson 2: August 11, 2021 https://www.shazam.net/news/shazam-blog/class-is-back-in-session-lesson-2-dangers-of-social-media-scams-/.

It is reprinted with permission:

SHAZAM, Inc. and ITS, Inc. provide this blog for general informational purposes only. Our blog may be shared by a direct link wherein the content remains as originally presented and has not been altered. SHAZAM, Inc. and ITS, Inc. assume no responsibility for errors or omissions in the contents on the blog. By using this blog, reader agrees that the information published does not constitute nor is a substitute for legal advice which should only be sought from a qualified, licensed attorney.
Posted October 2021




Scam of the Week: Thank You for Calling-Here's Some Malware

A recent social engineering scam uses real people in a call center to trick you into downloading malware onto your computer. Here’s how the scam works:

You receive an email claiming that your trial subscription to a publishing company will expire soon. The email states that you will be charged if the subscription is not canceled, and it directs you to call a phone number for assistance. If you call this number a representative happily walks you through how to unsubscribe. The representative directs you to a generic-sounding web address, asks you to enter the account number provided in the original email, and tells you to click a button labeled “Unsubscribe”. If you click, an excel file is downloaded onto your computer. The representative tells you to open that file and enable macros so you can read a confirmation number to them. If you enable macros, a malicious file is installed that allows cybercriminals backdoor access to your system. The bad guys can use this access to install more dangerous malware, such as ransomware.

Follow these tips to stay safe from this social engineering attack:

  • This attack tries to spark feelings of alarm and frustration by claiming that you will be charged for something you didn't sign up for. Don't let the bad guys toy with your emotions.
  • Remember that cyber-attacks come from real people and real people can lie over the phone, just as they do in phishing emails.
  • If you're concerned that a warning could be legitimate, look up the company and try contacting them another way--not by using the phone number that they provided in an email.

Stop, Look, and Think. Don't be fooled.
The KnowBe4 Security Team
KnowBe4.com




Identity Theft

Enjoy peace-of-mind with ID TheftSmart™.
Identity Theft occurs when someone invades your life, taking pieces of your personal information to use as their own. Generally, they are looking to obtain credit in your name to buy merchandise or obtain cash without being identified. There can be non-credit components too, such as fraudulent addresses, criminal data, DMV records and more. Our ID TheftSmart™ gives you peace-of-mind with protection, detection and restoration services. Talk with a Banker about purchasing this added protection.

Protect yourself from Identity Theft.
From physical safeguards to digital safeguards, we strive to protect your information. There are steps that you can take, too! Check out these great tips from the FTC: https://www.consumer.ftc.gov/topics/privacy-identity-online-security

Prefer videos?
The FTC has created 2 informational videos regarding Identity Theft that may interest you. Check them out:

Federal Trade Commission (FTC) Identity Theft Hotline: 1-877-438-4338




Online Security

What can you do to protect yourself from online fraud?

  • Change your passwords often.
  • Don't use the same ID and PIN/Password for every online account you have.
  • Never disclose your login credentials to other people or companies.
  • Do not store your ID and Password information where others could gain access to it. It is best not to write the information down at all.
  • If accessing information via a wireless network, ensure that the network is secure. Accessing sensitive information (or any website) over a non-secure network simply leaves the door open for criminals. Even if you aren’t visiting a site where you enter an ID and password, you are still leaving your computer exposed to possible threats.

While nothing is foolproof, and new viruses and scams are being developed every day, following these guidelines as well as having a general awareness of the threats that are out there enables you to bank online with more peace of mind and less risk of being a victim of fraud.

Other Helpful Tips to Stay Secure Online

  • Install a consumer firewall/router to protect your home network and never connect your computer directly to your cable modem. There are many qualified vendors who provide choices so check with your computer specialist for one that’s right for you.
  • Do not use the default password or default settings for your firewall. If unsure how to configure and secure the firewall correctly, use the services of a professional.
  • Make sure you have an anti-virus solution installed on each computer. Ideally, use a software package that includes anti-virus, software-based firewall, anti-spyware, anti-malware and anti-phishing.
  • Always keep your desktop security services software up to date including the latest releases of the software itself as well as updated virus definition files.
  • Be wary when opening email from people that you do not know.
  • Do not click on random pop-ups when browsing the Internet.
  • Change your passwords on a regular basis and do not use the same user id and password for every account.
  • Choose “strong” passwords that include mixed-case letters, numbers, and valid symbols (e.g. underscore or dash).
  • Run update processes on a regular basis to keep up with the latest security fixes and patches.

Be wary of any offer that seems too good to be true or one that asks you to provide any personal information. Most companies will not ask for personal information (e.g. credit card numbers, Social Security numbers, account numbers, etc.) through email.




Data Breaches: How You Can Protect Your Information and Money

Banks are national leaders in preserving the security of customer data. The industry dedicates hundreds of millions of dollars annually to data security and adheres to strict regulatory and network requirements. The banking industry’s first priority is to protect consumers.

In the event of a data breach:

  • Report any suspected fraud to your bank immediately.
  • Use online banking to protect yourself. Monitor your financial accounts regularly for fraudulent transactions.
  • Beware of phishing scams. Never give out personal financial information in an email or over the phone unless you have initiated the contact.
  • Monitor your credit report. Order a free copy of your credit report every four months from one of the three credit reporting agencies at annualcreditreport.com. Learn more about credit monitoring here.

If you suspect you might be a victim of identity theft, contact the three major credit bureaus listed below to learn about placing a Fraud Alert on your credit file:

Equifax:
Report fraud: Call (888) 766-0008
www.equifax.com

Experian:
Report fraud: Call (888) 397-3742
www.experian.com/fraud

TransUnion:
Report fraud: Call (800) 680-7289
www.transunion.com




Unusual Checks, ‘Winner’ Notifications and Suspicious Items

If you receive an unusual rebate check or notification about winning a lottery or contest, you can attempt to verify the validity of the notification and/or funds availability of a check item by calling 763-559-2225. (Please Note: You are contacting a business named "Solutran". Please ask for a Customer Service Representative for assistance.)