Fraud Prevention and Safety Tips
Target Breach Article: Posted on CNN Money | January 10, 2014. Click here to read.
Update: December 27, 2013: Warning of Increase in Phishing & Scams
Blackhawk Bank’s data processor has received reports of an increase in phishing and scams since the Target breach. On its FAQ page, Target specifically addresses risks associated with socially engineered scams feigning to be related to the breach recovery.
"Your Social Security number was not compromised," the retailer states on its site. "Be wary of scams that may appear to offer protection but are really trying to get personal information from you. If you have any suspicions about the authenticity of an e-mail or text, do not click the links in it. Please go directly to the sites you need to access. Visit Target.com/paymentcardresponse as a resource for official communications that Target has sent to our guests."
Target Compromise: Information Released December 20, 2013
A financial institution has reported that ACH fraud has occurred on one of their member’s account who participated in the Target Red Card program. Target Red Cards are linked to member’s accounts and work like a check by drawing funds from a customer’s checking account via ACH. While there is no guarantee that this fraud is directly associated with the Target compromise, it is highly suspicious.
Recommended Precautions: If you have a Target Red Card you need to watch your accounts closely for unauthorized ACH transactions.
For questions about your Red Card, contact Target. In U.S. call: 1.888.755.5856 | From outside the U.S. call Collect 1.612.307.8622
Important Notice Regarding Target Security Breach: Information Released 12/18/2013
Target announced a security breach that may have compromised debit and credit card information of shoppers who patronized Target stores (not online) between Black Friday and December 15.
On December 19th, Blackhawk Bank received a file of compromised cards associated with this breach. The impacted cards are in the process of being produced and reissued; letters to impacted clients were mailed on December 20th.
If your card has been impacted by this breach, you will have 3 weeks from December 19th to receive and activate your new card prior to the compromised card being closed. We encourage you to activate the new cards as soon as possible to reduce the risk of fraud.
Clients have had questions about Target Red Cards, which is the debit card that Target offers. These cards are not tied to Blackhawk Bank issued debit cards, and the Blackhawk debit card does not need to be closed simply because a client has the Red Card. The number to call regarding Target Red Cards is 866.852.8680.
If you have immediate concerns, please contact our Client Services Team at 608.364.8924, or Toll-free 866.771.8924 during regular business hours. Be sure to monitor your card activity regularly - both online and by reviewing your account statements.
Click here for information released by Target:
Deter, Detect, Defend:
How to Avoid Becoming a Victim of Identity Theft
Blackhawk Bank never asks clients to enter their personal financial information into an automated system. We always identify ourselves when we call you, and we would not ask you to tell us your debit card or account numbers when we call.
NEVER click on the links in an email that is suspicious, or from someone you don't know.
NEVER provide your personal information in response to an unsolicited request, whether it's over the phone or over the Internet. Emails and Internet pages created by phishers may look exactly like the real thing. They may even have a fake padlock icon that ordinarily is used to denote a secure site. If you did not initiate the communication, you should not provide any information.
NEVER provide your password over the phone or in response to an unsolicited phone or Internet request. A financial institution would never ask you to verify your account information online. Thieves armed with this information and your account number can help themselves to your money. Also, never click on the link provided in an email you believe is fraudulent. It may contain a virus that can contaminate your computer.
Don't be intimidated by an email or caller who suggests dire consequences if you do not immediately provide or verify financial information.
If you believe the contact may be legitimate, contact us to verify by calling Blackhawk Bank's Client Service Department at 866.771.8924. The key is that YOU should be the one to initiate the contact, using contact information that you have verified yourself.
Review account statements regularly to ensure all charges are correct. Regularly review account activity online to catch suspicious activity. If your account statement is late arriving in the mail, call to find out why.
If you have been a victim of an Internet scam or have received an e-mail that you believe was an attempted scam, please file a complaint at www.IC3.gov.
What to do if it happens:
If you have given your debit card information, your card has been compromised and should be shut down and replaced. If you did not give your card information, please continue to use it, but monitor your account for any suspicious activity.
If you have given your account number, monitor your account and report any suspicious activity immediately.
1. If you fall victim to an attack, alert us immediately to protect yourself. Call 866.771.8924.
2. Place fraud alerts on your credit files, to help prevent thieves from opening an account in your name.
3. To place the alerts, call or log onto:
Equifax (800) 525-6285
Experian (888) 397-3742
TransUnion (800) 680-7289
4. Monitor your credit files and account statements closely.
5. Verify your account information by requesting your credit report annually. Blackhawk Bank will provide you with a FREE Credit Report and Score once per year from TransUnion. You can also request a copy by contacting one of the three major credit bureaus.
Also contact the Federal Trade Commission to report what happened. You can call the FTC's ID Theft Hotline: 1-877-IDTHEFT (438-4338) for up-to-date information about how to work with credit bureaus and law enforcement agencies to reclaim your identity. The FTC's website: www.ftc.gov is a one-stop national resource to learn about the crime of identity theft. It provides detailed information to help deter, detect, and defend against identity theft. Consumers can learn how to avoid identity theft – and learn what to do if their identity is stolen. Businesses can learn how to help their customers deal with identity theft, as well as how to prevent problems in the first place.
To Report a Lost or Stolen Debit MasterCard:
Call Client Services @ 866-771-8924 from 8:00 AM - 6:00 PM Monday - Friday; 8:30 -12:30 Saturdays. After hours, please call 866.546.8273
Safety Tips to Protect Your Mobile Device:
- When purchasing a smartphone, know the features of the device, including the default settings. Turn off features of the device not needed to minimize the attack surface of the device.
- Depending on the type of phone, the operating system may have encryption available. This can be used to protect the user’s personal data in the case of loss or theft.
- With the growth of the application market for mobile devices, users should look at the reviews of the developer/company who published the application.
- Review and understand the permissions you are giving when you download applications.
- Passcode protect your mobile device. This is the first layer of physical security to protect the contents of the device. In conjunction with the passcode, enable the screen lock feature after a few minutes of inactivity.
- Obtain malware protection for your mobile device. Look for applications that specialize in antivirus or file integrity that helps protect your device from rogue applications and malware.
- Be aware of applications that enable geo-location. The application will track the user’s location anywhere. This application can be used for marketing, but can also be used by malicious actors, raising concerns of assisting a possible stalker and/or burglaries.
- Jailbreak or rooting is used to remove certain restrictions imposed by the device manufacturer or cell phone carrier. This allows the user nearly unregulated control over what programs can be installed and how the device can be used. However, this procedure often involves exploiting significant security vulnerabilities and increases the attack surface of the device. Anytime an application or service runs in “unrestricted” or “system” level within an operation system, it allows any compromise to take full control of the device.
- Do not allow your device to connect to unknown wireless networks. These networks could be rogue access points that capture information passed between your device and a legitimate server.
- If you decide to sell your device or trade it in, make sure you wipe the device (reset it to factory default) to avoid leaving personal data on the device.
- Smartphones require updates to run applications and firmware. If users neglect this, it increases the risk of having their device hacked or compromised.
- Avoid clicking on or otherwise downloading software or links from unknown sources.
- Use the same precautions on your mobile phone as you would on your computer when using the Internet.
FDIC Consumer News frequently publishes articles about common frauds to avoid. Con artists are very good at tricking consumers into parting with money or divulging personal information that can be used to steal funds or run up thousands of dollars in fraudulent credit card charges. How good are YOU at telling a scam from a legitimate offer or advertisement? Don't be fooled! Stay up to date @ www.fdic.gov/consumers/consumer/news/index.html.
FBI Security Announcements - Here's an opportunity to stay current with documented fraudulent activities and schemes by viewing the FBI's Investigative Programs / Cyber Investigations E-Scams and Warnings page.