Understanding Fraud and Scams
Knowledge is the best defense. Learn more about these tools and techniques favored by fraud and scam artists.
Home Depot Card Breach
Home Depot confirmed earlier this week that its payment data systems were breached, potentially affecting customers at its U.S. and Canadian stores since March 31, 2014.
Customers should monitor account activity for any unauthorized transactions, alerting the bank immediately of anything suspicious.
Customers may continue to use existing cards as normal. They have all the security features that BBVA Compass provides, including:
- Visa Zero Liability* – The bank protects its customers against unauthorized purchases if cards are lost or stolen.
- BBVA Compass 24/7 Fraud Monitoring Services – We constantly review Check Card transactions for suspicious activity.
- Online Banking and Compass Mobile – Customers can easily monitor transactions posted to their account and should notify us immediately of any suspicious activity.
Home Depot is offering free identity protection services, including credit monitoring, to any customer who used a payment card at a Home Depot store since March 31, 2014. Customers who wish to take advantage of these services can learn more at www.homedepot.com or by calling 1-800-HOMEDEPOT (800-466-3337).
*Visa Zero Liability covers U.S.-issued cards only and does not apply to ATM transactions, PIN transactions not processed by Visa, or certain commercial card transactions. Cardholder must notify BBVA Compass promptly of any unauthorized use. Consult BBVA Compass for additional details or visit visa.com/security. See your Visa Cardholder Agreement for further details.
When internet fraudsters impersonate a business to trick you into giving out your personal information, it’s called phishing. Fraudulent emails (phish) and websites can be very sophisticated, and may look identical to BBVA Compass Bank emails and websites. Fraudsters can tamper with the sender information in an email to make their phish look even more legitimate. If you suspect that an email is phishing:
- Do not reply to email, text, or pop-up messages that ask for your personal or financial information.
- Do not click on links within them either – even if the message seems to be from an organization you trust. It isn’t. Legitimate businesses do not ask you to send sensitive information through insecure channels.
Learn to Recognize Fraudulent Emails
Although fraudsters use various tactics in their phishing efforts, there are some common elements you should familiarize yourself with.
- Awkward Greeting - A phish may address the customer with a nonsensical greeting or may not refer to the customer by name.
- Typos - This isn’t because fraudsters don’t know how to spell – it’s so the phish won’t be blocked by email filters. You may even see a misspelled company name.
- Strange or unfamiliar links - Notice if the sender gives a personal email as the contact address instead of the company’s address.
- Compelling or urgent language - An urgent need to communicate with you for your own security, or a request to update your information immediately.
- Attachments – suspicious files attached to email can cause you to download malware such as virus or spyware.
Emails and letters can take various forms in order to gain access to your information. Below are some examples:
- Spelling – "programme"
- Language – "account was Flagged and has an upshot"
- BBVA Compass will not ask you to click on a link provided in an email body.
PHISHING EMAIL SAMPLE # 3 - CLAIMING TO BE FROM the IRS
- From address shows @irc.gov
- Subject: Also shows IRC.gov
- The IRS does not initiate contact communication through email.
Malware is short for “malicious software." It includes viruses, keyloggers - programs that run in the background and record your every keystroke - and spyware that get installed on your computer, phone, or mobile device without your consent. These programs can cause your device to crash and can be used to monitor and control your online activity. Criminals use malware to steal personal information, send spam, and commit fraud.
Monitor your computer for unusual behavior. Your computer may be infected with malware if it:
- slows down, crashes, or displays repeated error messages,
- won't shut down or restart,
- serves up a barrage of pop-ups,
- displays web pages you didn't intend to visit, or sends emails you didn't write
Other warning signs include:
- new and unexpected toolbars,
- new and unexpected icons in your shortcuts or on your desktop,
- a sudden or repeated change in your computer's internet home page, or
- a laptop battery that drains more quickly than it should
To Reduce Your Risk of Downloading Malware
Scam artists try to trick people into clicking on links that will download malware and spyware to their computers, especially computers that don't use adequate security software. To reduce your risk of downloading unwanted malware and spyware, review the following tips.
- Protection software. Install Trusteer’s Rapport software for added protection against malware, keyloggers and viruses. Learn more about Trusteer’s Rapport software.
- Security software updates. Keep your security software updated. At a minimum, your computer should have anti-virus and anti-spyware software, and a firewall. Set your security software, internet browser, and operating system (like Windows or Mac OS) to update automatically.
- Know the sender. Don't click on any links or open any attachments in emails unless you know who sent it and what it is. Clicking on links and opening attachments – even in emails that seem to be from friends or family – can install malware on your computer.
- Limit your downloads. Download and install software only from websites you know and trust. Downloading free games, file-sharing programs, and customized toolbars may sound appealing, but free software can come with malware.
- Software purchases. Resist buying software in response to unexpected pop-up messages or emails, especially ads that claim to have scanned your computer and detected malware. That's a tactic scammers use to spread malware.
- Check your browser’s security setting. Minimize "drive-by" downloads. Make sure your browser security setting is high enough to detect unauthorized downloads. For Internet Explorer, for example, use the "medium" setting at a minimum.
- Use pop-up blockers and don’t click on any links within pop-ups. If you do, you may install malware on your computer. Close pop-up windows by clicking on the "X" in the title bar.
- Talk about safe computing to your kids. Be certain they understand some online actions can put the computer at risk: clicking on pop-ups, downloading "free" games or programs, opening chain emails, or posting personal information.
- Do regular backups. Whether it is text files or photos that are important to you, back up any data that you would want to keep should your computer crashes.
Getting Rid of Malware and Limiting Future Exposure
If you suspect there is malware on your computer, take these steps:
- STOP. Stop shopping, banking, and doing other online activities that involve user names, passwords, or other sensitive information.
- UPDATE. Update your security software, and then run it to scan your computer for viruses and spyware. Delete anything it identifies as a problem. You may have to restart your computer for the changes to take effect.
- CONTACT. If your computer is covered by a warranty that offers free tech support, contact the manufacturer. Before you call, write down the model and serial number of your computer, the name of any software you've installed, and a short description of the problem.
- SEEK TECH SUPPORT. Many companies – including some affiliated with retail stores – offer tech support on the phone, online, at their store, and in your home. Telephone and online assistance are generally the least expensive, but may require you to do some of the work yourself. Taking your computer to a store is usually less expensive than a home service call.
- REPORT. Once malware is detected and removed from your system, try to determine how the malware was obtained in order to prevent future attacks. You can also report malware to FBI Website for Internet crimes at www.ic3.gov .
Online Dating Scams
Millions of Americans use dating sites, social networking sites, and chat rooms to meet people. Many forge successful relationships. But scammers also use these sites to meet potential victims. They create fake profiles to build online relationships, and eventually convince people to send money in the name of love. Some may make wedding plans before disappearing with the money. An online love interest who asks for money or card or account information is almost certainly a scam artist.
Money Transfer Scams
Wiring money through companies like MoneyGram and Western Union is like sending cash. Once it’s gone, you can’t get it back. That’s one reason scammers often insist that people wire money, especially to overseas addresses. It’s nearly impossible to reverse the transfer, trace the money, or track the recipients.
Money transfers can be useful if you want to send money to someone you know and trust. At the same time, they are risky when you send money to someone you don’t know.
How to Avoid Money Transfer Scams
Don’t wire money to a stranger or someone you haven’t met in person. That includes:
- anyone who insists on wire transfers for payment,
- an online love interest who asks for money,
- someone advertising an apartment or vacation rental online,
- a potential employer or someone who is hiring you to be a mystery shopper, or
- someone who claims to be a relative or friend in need.
A scammer may ask you to deposit their check, and then wire money back to them. The scam is that the check is a fake that will bounce. You will owe your bank the money you withdrew.
By law, banks must make the funds from deposited checks available within a few days, but it can take weeks to discover that the check is fake. The money may appear to be in your account, but if a check turns out to be a fake, you will owe the bank any money you withdrew.
Report Money Transfer Scams
If you think you’ve wired money to a scam artist, call the money transfer company immediately to report the fraud and file a complaint. Ask for the money transfer to be reversed. It’s unlikely to happen, but it’s important to ask. Then, file a complaint with the Federal Trade Commission at ftc.gov/complaint.
Debt Relief Scams
Be skeptical about broad claims to wipe out your debt. Debt negotiation can be risky, and it can have a serious, long-term effect on your ability to get credit.
The ads are commonplace; they tout a way to consolidate your bills into one monthly payment without borrowing further. Or they offer to stop credit harassment, foreclosures, repossessions, tax levies and garnishments, or to wipe out your debts.
These offers often require you to declare bankruptcy, but they rarely say so. While bankruptcy is one way to deal with serious financial problems, it's generally considered the option of last resort as it has a long-term negative impact on your creditworthiness. A bankruptcy can stay on your credit report for up to 10 years, and can hurt your ability to get credit, a job, insurance, or even a place to live. In addition, there are hurdles that you must clear before filing for bankruptcy, and it’s likely that you’ll be responsible for attorneys' fees. Get more information about debt relief and bankruptcy from the Federal Trade Commission.
What You Can Do
If you’re having trouble paying your bills:
- Talk with your creditors. They may be willing to work out a modified payment plan.
- Contact a credit counseling service. These organizations work with you and your creditors to develop debt repayment plans. These plans require you to deposit money each month with the counseling service. The service then pays your creditors. Some nonprofit organizations do this for no charge; others charge a nominal fee for their service.
- Limit borrowing. Carefully consider all your options before you borrow more money. While a second mortgage or home equity line of credit may allow you to consolidate your debt, they also require your home as collateral.
- For more information, visit www.OnguardOnline.gov.
- File a complaint with the Federal Trade Commission if you feel you are a victim of any type of online fraud at ftc.gov/complaint and IC3.gov.
- Never give out personal information over the telephone if you did not initiate the call. Always verify any call-back number given through a trusted source (yellow pages, the internet, or contact numbers you have on hand).
Always use legitimate sources to verify BBVA Compass Bank contact information, including:
- 1-800-266-7277 (1-800-Compass)
- Official contact information on your bank statements
- Phone numbers listed on your ATM, debit or credit card
Remember, if it sounds too good to be true, it probably is.