Fraud Prevention and Safety Tips
April 14, 2014: Phishing Alert Update
Some clients have received an automated call claiming to be from Blackhawk Bank saying that their debit card has been blocked or deactivated.
Some have received a text message stating that their direct deposit didn’t go through, so their debit card has been limited. They are being prompted to provide personal card information. These messages are not from Blackhawk Bank, and should be deleted!
Our data has not been breached. This is a phishing attempt to get your information.
This scam targets random people by purchasing a list of phone numbers in our area and then claiming to be from a local bank. Fraudsters make random calls hoping that some of them reach bank clients who will follow the instructions. Doing so gives the fraudsters information they need to actually compromise clients’ cards. This attempt at fraud is happening to clients at several local banks.
Please know that we do not have an automated system that contacts clients –neither by phone or text.
If you have given your card number or PIN because you were prompted to do so by an automated caller or text message, please immediately contact Client Services at 608.364.8924 or Toll-free 866.771.8924.
Deter, Detect, Defend:
How to Avoid Becoming a Victim of Identity Theft
Blackhawk Bank never asks clients to enter their personal financial information into an automated system. We always identify ourselves when we call you, and we would not ask you to tell us your debit card or account numbers when we call.
NEVER click on the links in an email that is suspicious, or from someone you don't know.
NEVER provide your personal information in response to an unsolicited request, whether it's over the phone or over the Internet. Emails and Internet pages created by phishers may look exactly like the real thing. They may even have a fake padlock icon that ordinarily is used to denote a secure site. If you did not initiate the communication, you should not provide any information.
NEVER provide your password over the phone or in response to an unsolicited phone or Internet request. A financial institution would never ask you to verify your account information online. Thieves armed with this information and your account number can help themselves to your money. Also, never click on the link provided in an email you believe is fraudulent. It may contain a virus that can contaminate your computer.
Don't be intimidated by an email or caller who suggests dire consequences if you do not immediately provide or verify financial information.
If you believe the contact may be legitimate, contact us to verify by calling Blackhawk Bank's Client Service Department at 866.771.8924. The key is that YOU should be the one to initiate the contact, using contact information that you have verified yourself.
Review account statements regularly to ensure all charges are correct. Regularly review account activity online to catch suspicious activity. If your account statement is late arriving in the mail, call to find out why.
If you have been a victim of an Internet scam or have received an e-mail that you believe was an attempted scam, please file a complaint at www.IC3.gov.
What to do if it happens:
If you have given your debit card information, your card has been compromised and should be shut down and replaced. If you did not give your card information, please continue to use it, but monitor your account for any suspicious activity.
If you have given your account number, monitor your account and report any suspicious activity immediately.
1. If you fall victim to an attack, alert us immediately to protect yourself. Call 866.771.8924.
2. Place fraud alerts on your credit files, to help prevent thieves from opening an account in your name.
3. To place the alerts, call or log onto:
Equifax (800) 525-6285
Experian (888) 397-3742
TransUnion (800) 680-7289
4. Monitor your credit files and account statements closely.
5. Verify your account information by requesting your credit report annually. Blackhawk Bank will provide you with a FREE Credit Report and Score once per year from TransUnion. You can also request a copy by contacting one of the three major credit bureaus.
Also contact the Federal Trade Commission to report what happened. You can call the FTC's ID Theft Hotline: 1-877-IDTHEFT (438-4338) for up-to-date information about how to work with credit bureaus and law enforcement agencies to reclaim your identity. The FTC's website: www.ftc.gov is a one-stop national resource to learn about the crime of identity theft. It provides detailed information to help deter, detect, and defend against identity theft. Consumers can learn how to avoid identity theft – and learn what to do if their identity is stolen. Businesses can learn how to help their customers deal with identity theft, as well as how to prevent problems in the first place.
To Report a Lost or Stolen Debit MasterCard:
Call Client Services @ 866-771-8924 from 8:00 AM - 6:00 PM Monday - Friday; 8:30 -12:30 Saturdays. After hours, please call 866.546.8273
Safety Tips to Protect Your Mobile Device:
- When purchasing a smartphone, know the features of the device, including the default settings. Turn off features of the device not needed to minimize the attack surface of the device.
- Depending on the type of phone, the operating system may have encryption available. This can be used to protect the user’s personal data in the case of loss or theft.
- With the growth of the application market for mobile devices, users should look at the reviews of the developer/company who published the application.
- Review and understand the permissions you are giving when you download applications.
- Passcode protect your mobile device. This is the first layer of physical security to protect the contents of the device. In conjunction with the passcode, enable the screen lock feature after a few minutes of inactivity.
- Obtain malware protection for your mobile device. Look for applications that specialize in antivirus or file integrity that helps protect your device from rogue applications and malware.
- Be aware of applications that enable geo-location. The application will track the user’s location anywhere. This application can be used for marketing, but can also be used by malicious actors, raising concerns of assisting a possible stalker and/or burglaries.
- Jailbreak or rooting is used to remove certain restrictions imposed by the device manufacturer or cell phone carrier. This allows the user nearly unregulated control over what programs can be installed and how the device can be used. However, this procedure often involves exploiting significant security vulnerabilities and increases the attack surface of the device. Anytime an application or service runs in “unrestricted” or “system” level within an operation system, it allows any compromise to take full control of the device.
- Do not allow your device to connect to unknown wireless networks. These networks could be rogue access points that capture information passed between your device and a legitimate server.
- If you decide to sell your device or trade it in, make sure you wipe the device (reset it to factory default) to avoid leaving personal data on the device.
- Smartphones require updates to run applications and firmware. If users neglect this, it increases the risk of having their device hacked or compromised.
- Avoid clicking on or otherwise downloading software or links from unknown sources.
- Use the same precautions on your mobile phone as you would on your computer when using the Internet.
FDIC Consumer News frequently publishes articles about common frauds to avoid. Con artists are very good at tricking consumers into parting with money or divulging personal information that can be used to steal funds or run up thousands of dollars in fraudulent credit card charges. How good are YOU at telling a scam from a legitimate offer or advertisement? Don't be fooled! Stay up to date @ www.fdic.gov/consumers/consumer/news/index.html.
FBI Security Announcements - Here's an opportunity to stay current with documented fraudulent activities and schemes by viewing the FBI's Investigative Programs / Cyber Investigations E-Scams and Warnings page.