Fraud Prevention and Safety Tips
Anthem Blue Cross has been the victim of a security breach that may impact as many as 80 million current and past clients. The data breach included customer names, addresses, phone numbers, social security numbers, dates of birth, email addresses and potentially personal medical information.
Anthem will be mailing a letter to the home of each individual whose information has been compromised in the coming weeks. Please note this means you will get multiple letters if both you and your spouse had their information compromised. This letter will recommend next steps and will contain an offer for free credit monitoring services.
Anthem has released two communications that are of interest as this time.
- Please read the FAQ at http://www.anthemfacts.com/faq for more information
- Scam Alert: Individuals who may have been impacted by the cyber-attack against Anthem should be aware of scam email campaigns targeting current and former Anthem members. These scams, designed to capture personal information (known as “phishing”) are designed to appear as if they are from Anthem and the emails include a “click here” link for credit monitoring. These emails are NOT from Anthem.
• DO NOT click on any links in email.
• DO NOT reply to the email or reach out to the senders in any way.
• DO NOT supply any information on the website that may open, if you have clicked on a link in email.
• DO NOT open any attachments that arrive with email.
Anthem is not calling members regarding the cyber-attack and is not asking for credit card information or social security numbers over the phone. This outreach is from scam artists who are trying to trick consumers into sharing personal data. There is no indication that the scam email campaigns are being conducted by those that committed the cyber- attack, or that the information accessed in the attack is being used by the scammers.
Anthem will contact current and former members via mail delivered by the U.S. Postal Service about the cyber-attack with specific information on how to enroll in credit monitoring. Affected members will receive free credit monitoring and ID protection services.
For more guidance on recognizing scam email, please visit the FTC Website: http://www.consumer.ftc.gov/articles/0003-phishing.
Deter, Detect, Defend:
How to Avoid Becoming a Victim of Identity Theft
Blackhawk Bank never asks clients to enter their personal financial information into an automated system. We always identify ourselves when we call you, and we would not ask you to tell us your debit card or account numbers when we call.
NEVER click on the links in an email that is suspicious, or from someone you don't know.
NEVER provide your personal information in response to an unsolicited request, whether it's over the phone or over the Internet. Emails and Internet pages created by phishers may look exactly like the real thing. They may even have a fake padlock icon that ordinarily is used to denote a secure site. If you did not initiate the communication, you should not provide any information.
NEVER provide your password over the phone or in response to an unsolicited phone or Internet request. A financial institution would never ask you to verify your account information online. Thieves armed with this information and your account number can help themselves to your money. Also, never click on the link provided in an email you believe is fraudulent. It may contain a virus that can contaminate your computer.
Don't be intimidated by an email or caller who suggests dire consequences if you do not immediately provide or verify financial information.
If you believe the contact may be legitimate, contact us to verify by calling Blackhawk Bank's Client Service Department at 866.771.8924. The key is that YOU should be the one to initiate the contact, using contact information that you have verified yourself.
Review account statements regularly to ensure all charges are correct. Regularly review account activity online to catch suspicious activity. If your account statement is late arriving in the mail, call to find out why.
If you have been a victim of an Internet scam or have received an email that you believe was an attempted scam, please file a complaint at www.IC3.gov.
What to do if it happens:
If you have given your debit card information, your card has been compromised and should be shut down and replaced. If you did not give your card information, please continue to use it, but monitor your account for any suspicious activity.
If you have given your account number, monitor your account and report any suspicious activity immediately.
1. If you fall victim to an attack, alert us immediately to protect yourself. Call 866.771.8924.
2. Place fraud alerts on your credit files, to help prevent thieves from opening an account in your name.
3. To place the alerts, call or log onto:
Equifax (800) 525-6285
Experian (888) 397-3742
TransUnion (800) 680-7289
4. Monitor your credit files and account statements closely.
5. Verify your account information by requesting your credit report annually. Blackhawk Bank will provide you with a FREE Credit Report and Score once per year from TransUnion. You can also request a copy by contacting one of the three major credit bureaus.
Also contact the Federal Trade Commission to report what happened. You can call the FTC's ID Theft Hotline: 1-877-IDTHEFT (438-4338) for up-to-date information about how to work with credit bureaus and law enforcement agencies to reclaim your identity. The FTC's website: www.ftc.gov is a one-stop national resource to learn about the crime of identity theft. It provides detailed information to help deter, detect, and defend against identity theft. Consumers can learn how to avoid identity theft – and learn what to do if their identity is stolen. Businesses can learn how to help their customers deal with identity theft, as well as how to prevent problems in the first place.
To Report a Lost or Stolen Debit MasterCard:
Call Client Services @ 866-771-8924 from 8:00 AM - 6:00 PM Monday - Friday; 8:30 -12:30 Saturdays. After hours, please call 866.546.8273
Safety Tips to Protect Your Mobile Device:
- When purchasing a smartphone, know the features of the device, including the default settings. Turn off features of the device not needed to minimize the attack surface of the device.
- Depending on the type of phone, the operating system may have encryption available. This can be used to protect the user’s personal data in the case of loss or theft.
- With the growth of the application market for mobile devices, users should look at the reviews of the developer/company who published the application.
- Review and understand the permissions you are giving when you download applications.
- Passcode protect your mobile device. This is the first layer of physical security to protect the contents of the device. In conjunction with the passcode, enable the screen lock feature after a few minutes of inactivity.
- Obtain malware protection for your mobile device. Look for applications that specialize in antivirus or file integrity that helps protect your device from rogue applications and malware.
- Be aware of applications that enable geo-location. The application will track the user’s location anywhere. This application can be used for marketing, but can also be used by malicious actors, raising concerns of assisting a possible stalker and/or burglaries.
- Jailbreak or rooting is used to remove certain restrictions imposed by the device manufacturer or cell phone carrier. This allows the user nearly unregulated control over what programs can be installed and how the device can be used. However, this procedure often involves exploiting significant security vulnerabilities and increases the attack surface of the device. Anytime an application or service runs in “unrestricted” or “system” level within an operation system, it allows any compromise to take full control of the device.
- Do not allow your device to connect to unknown wireless networks. These networks could be rogue access points that capture information passed between your device and a legitimate server.
- If you decide to sell your device or trade it in, make sure you wipe the device (reset it to factory default) to avoid leaving personal data on the device.
- Smartphones require updates to run applications and firmware. If users neglect this, it increases the risk of having their device hacked or compromised.
- Avoid clicking on or otherwise downloading software or links from unknown sources.
- Use the same precautions on your mobile phone as you would on your computer when using the Internet.
FDIC Consumer News frequently publishes articles about common frauds to avoid. Con artists are very good at tricking consumers into parting with money or divulging personal information that can be used to steal funds or run up thousands of dollars in fraudulent credit card charges. How good are YOU at telling a scam from a legitimate offer or advertisement? Don't be fooled! Stay up to date @ www.fdic.gov/consumers/consumer/news/index.html.
FBI Security Announcements - Here's an opportunity to stay current with documented fraudulent activities and schemes by viewing the FBI's Investigative Programs / Cyber Investigations E-Scams and Warnings page.