CAN YOU SPOT A SCAM?
Become a scamspotter pro by playing the American Bankers Association's #BanksNeverAskThat interactive game "Scam City." Share your score with your friends and family and encourage them to test their scam savviness, too. The more scamspotters out there, the harder it is for phishing criminals to catch their next victim! Plus, find tips and videos to be in the know about scams and how to avoid them.
Learn how to keep yourself protected:
BE WARY OF COMMON SCAMS
If you think you may have been scammed, or one of the situations below sound familiar to you, contact us immediately. Tell us about your situation and any information that might be compromised and request to block or close your accounts to help protect you from financial loss.
Common scams to be aware of:
Romance scams are one of the most common types of scams, with the Federal Trade Commission (FTC) receiving record reports of romance scams – 50% more than 2019, totalling $304 million in losses. Scammers create fake profiles on dating sites and apps, or contact individuals through social media sites like Instagram and Facebook. They start a relationship with their victim online and build trust using phone calls, email, text message, and sometimes even video chat. Then they make up a story, and ask for money, or ask you to give them your banking information. Some common stories are listed below to help you identify if you are a victim of this kind of scam:
- Living or working overseas and is “stuck” (oil rigger, military, doctor) without access to a US bank account
- Needs funds to come home, pay for a plane ticket or other travel expenses
- Is in the hospital, or someone close to him/her is in the hospital and needs help
- Has the money but can’t access it currently and will “pay you back” soon
- Needs to pay customs fees to retrieve something
- Needs to pay for a visa, or other official travel documents
Here is a helpful infographic on online dating scams from the Federal Trade Commission.
Money mule scams involve a scammer sending you money which you are then asked to send on to someone else. Sometimes you are told you will get to keep a portion of the money. But the money they sent is stolen, and the story they are telling you is fake. These types of scams can take many forms. Below are a few examples:
- Receiving a letter, email, or text saying that you have won the lottery (i.e. - Publisher's Clearing House) and need to send money to pay taxes on it before the winnings are released to you.
- Asked to be a mystery shopper or do some other kind of job, where you will be paid, but the payment you receive is for more than the amount you are owed. You are asked to send the extra funds back to the fraudster or to someone else.
- Selling an item on Craigslist or some other website, and the purchaser sends you more than the cost of the item. You are asked to send the extra funds back to the scammer, or to someone else.
- Sent money and asked to purchase gift cards (i.e. - Amazon, Wal-Mart, Longs, iTunes, etc.) and either send the gift cards or a picture of the card information back to the fraudster or to someone else.
Here is a helpful infographic on Money Mule scams from the Federal Trade Commission.
These types of scams happen when someone claiming to be some sort of “official” contacts you and claims that you owe money. These scammers often say they are affiliated with the government or some other sort of official in a position of power to scare you into giving them money or your banking information. They may claim to be an attorney, Certified Public Accountant (CPA), or part of the Federal Bureau of Investigation (FBI), Honolulu Police Department (HPD), or Internal Revenue Service (IRS). These scams are sometimes done via phishing email, phone calls or text messages.
TIPS TO PROTECT YOUR PERSONAL IDENTITY
Account fraud or identity theft occurs when a person gains access to your personal information, (your bank account number or Social Security number, for example) and then uses this information for illegal purposes – or to withdraw money from your account.
Here are some tips to protect your personal identity:
The best way to know if your identity was stolen is to monitor your accounts and bank statements each month, and to check your credit report on a regular basis. If you see unusual transactions at merchants that you did not visit, that may be a sign that your identity was compromised. If you check your credit report regularly, you may be able to limit the damage caused by identity theft.
If you detect any fraudulent or possibly fraudulent transactions on any of your accounts, contact your bank or credit card company immediately. If you identify fraudulent activity on your American Savings Bank account(s), call our Customer Banking Center immediately at (808) 627-6900 or toll-free (800) 272-2566. You should also:
- File a police report. Even if the police can't catch the identity thief, having a police report can help you in clearing up any problems on your credit report(s).
- File a complaint with the Federal Trade Commission (FTC) at www.identitytheft.gov.
You should routinely obtain and review your free annual credit reports. You can request them from one or all of the national credit reporting agencies at the phone numbers below or at AnnualCreditReport.com.
- Equifax - (800) 685-1111
- Experian - (888) 397-3742
- TransUnion - (800) 916-8800
If there are fraudulent transactions on any of these reports, have the agencies delete any information relating to those transactions, and place a fraud alert on your credit report to alert creditors that you may be the victim of fraud. If you'd like to learn more about protecting your identity, here are some additional resources:
KEEP YOUR PERSONAL INFORMATION PRIVATE
Do not share passwords or login credentials with others. You should also be cautious when sharing personal information, such as your Social Security Number (SSN) and Debit Card PIN. American Savings Bank will never initiate an email, cell phone text message or phone call and ask you to reveal any private information, including your account information. For best practice, memorize ATM card PIN and Online Banking login credentials. Do not write or keep your PIN in an easily found place.
How to keep your personal information private:
- Always use unique user names and passwords for each site you visit.
- Shred financial documents you no longer need.
- Store new and cancelled checks in a secure place.
- Keep records of your financial transactions.
- Do not write your account number on items that may be thrown away later.
- Send mail from a post office or secured mailbox, rather than from your home mailbox.
- Collect incoming mail promptly.
- Shred all unwanted pre-approved offers for financial products and services, like credit cards or loans.
Verify that your Online Banking session is secure:
- A closed, or locked, padlock, usually located in the lower right corner of your browser window, indicates a secure connection.
- Look for "https://" at the beginning of the Web site address or URL in your Web browser. The "s" means secure.
Create strong passwords for online accounts:
- Avoid easily identifiable words.
- Use a combination of numbers, letters, and special characters.
- Pick a longer password, rather than a shorter one.
- Change your password every 90 days.
Use the "Sign Off" feature when you are done using Online Banking or will be away from your computer for an extended period of time. Close your browser to prevent others from using your session. Click here to learn more about Online Banking Security.
- Be aware of email scams, such as phishing, and phony websites. Use a critical eye and feel free to contact us if you have a question about something that appears to be from the bank.
- Learn as much as possible about anything you are downloading to your computer, including email attachments. Programs from unknown sources can compromise the security of your computer.
- Follow these guidelines to decide whether or not to open and read an email message:
- Do you know the person who emailed you?
- Has this person emailed you before?
- Does the subject line make sense?
- Did you expect to receive an attachment from this person?
- Does the message harbor a virus? Use an anti-virus program to verify that it does not.
- Do not send personal and financial information over the Internet via email, as it is typically not secure and could be intercepted
American Savings Bank utilizes industry recommended technology and security features to safeguard your Online and Mobile Banking information. Click here to learn more about Online Banking Security.
Your Online Banking is protected by:
- We offer biometric verification (ex: Fingerprints or facial recognition) for secure authentication into the ASB Hawaii Mobile App.
- For added security, we have a 2 step authentication process that uses a one-time secure access code when a new device is used to access your account.
- We use secure data encryption techniques in both our app and Online Banking to help secure your account information is protected.
- We offer account, history, transaction and security alerts to keep you informed of your account activity.
For Online Banking for Business users, your financial information is protected with these additional features:
- Transaction Encryption - Secure Sockets Layer (SSL) technology and 128-bit encryption technology scrambles the communications between your computer and the server, generating messages unreadable to anyone outside of the secure environment who should not have access to them
- Firewall Protection - Unauthorized entry to ASB’s internal network of computer systems is shielded by our firewalls, which protects the computer network systems that interact with the Internet
- Surveillance - Our security teams use up-to-the-minute security procedures, security analyses and behavioral tracking applications to ensure information privacy and identification of suspicious transactions
Additional Online Banking for Business additional protection features:
- Multiple user/level entitlements with secure access via Company IDs and passwords
- Additional authentication with security tokens for ACH origination and wire transfers
- Customized access in which you determine the accounts and reports your employees can view
- "IP Lockdown" to restrict processing of stop payments, wire or ACH transfers by location or limit to registered workstations
- Add-on services such as Positive Pay* and Debit Block* available for added monitoring and security
KNOW THE BAD STUFF
In today's world, providing personal information online is a commonplace activity. However, one of the risks of doing so is being affected by a data breach - the release of personally identifiable, confidential information.
Here are some ways you can protect yourself and your information:
If there are unusual transactions on your accounts, that may be a sign that your identity or account has been compromised. Check your accounts regularly and report any unauthorized activity to prevent loss. American Savings Bank also offers text alerts for Online and Mobile Banking, which notify you of suspicious activity on your account. You can also monitor you account by enrolling in Online Banking or by checking your monthly statements. You can report any unauthorized activity on your ASB account by calling us at (808) 627-6900 or toll-free (800) 272-2566, or visit any branch.
Once criminals have your information, they can act on it at any time. Therefore it’s important to order your credit report and review it periodically. You are entitled to a free credit report annually and can get yours at www.annualcreditreport.com.
While a credit freeze locks down your credit, a fraud alert will allow creditors to get a copy of your credit report, but only after they take steps to verify your identity.
- Credit Freeze: Initiating a credit freeze makes it difficult for identity thieves to access your accounts and allows you to restrict access on your credit report. Be sure to consider your personal situtation before placing a credit freeze.
- Fraud Alerts: If you are applying for credit or think you might need quick credit in an emergency, it might be better to simply place a fraud alert on your files with the three major credit bureaus.
Another helpful action is to change your bank account PIN and passwords regularly. Be sure to use strong passwords that include uppercase and lowercase letters along with symbols and numbers. Avoid using the same passwords across multiple accounts.
Phishing is a technique that criminals use to get you to reveal confidential information about your accounts, your debit or credit cards, and yourself. Most often, criminals will send an official-looking electronic communication like an email, to "fish" for users' financial information and passwords. If you respond to the communication, the information you reveal is used to steal money from your accounts or impersonate you to get fraudulent loans and other financial products without your knowledge, or to commit other illegal acts. The damage done by revealing your information may include loss of funds from your account, damage to your credit rating, hours of frustration and effort to restore your good name.
How Does a Phishing Scheme Work?
- You receive an official-looking email that appears to be sent by a company you already do business with, such as your bank. It uses their logo, similar page appearance, and familiar colors.
- To convince you that the communication is legitimate, the email uses formal business phrasing and tone. You are informed that, as a security measure, you will need to verify or reconfirm confidential information to update your records or reactivate a suspended account.
- The email provides a convenient link that appears to take you directly to your bank’s website or it may contain an embedded form for you to complete.
- If you click on the link, you access a web page that strongly resembles your bank’s website (again, with the logo, similar appearance, and familiar colors) and includes an online form for you to complete. The form in the email or on the webpage may ask for your personal information, such as your Social Security Number, mother’s maiden name, account number, debit or credit card number, and personal identification number (PIN). Expert thieves often use familiar standard security measures such as a padlock graphic in the lower corner to present authenticity — a padlock graphic informs you that the website is secure, but it does not verify that the recipient is whom you believe them to be.
- After completing the form, you click the submit button, believing your bank will receive the sensitive information that you provided. Unfortunately, the recipients of this information are criminals who have successfully impersonated your bank.
How Can You Avoid Being a Victim of Phishing Scams?
- Never respond to emails that request personal information. Delete them immediately.
- Always enter the full URL or domain name of your bank or credit card company into your browser address bar. If you are unsure of their web address, contact them for the information.
- Do not click on any link to log on to bank websites or open attachments in emails purportedly sent to you by your bank, credit card company or service provider.
- Regularly monitor your accounts for suspicious or unauthorized transactions.
- Visit websites that are known to you and verify these sites are using proper encryption protocol to protect your personal data.
The FDIC offers these guides for your protection:
Cybersecurity Guide for Financial Institution Customers:
Offers tips on protecting and maintaining computer systems, mobile devices, and connections to the Internet.
Cybersecurity Guide for Businesses :
Focuses on the cybersecurity needs of commercial customers and includes information on safeguarding systems and data, and things to consider in a networked environment.
Federal Bureau of Investigations:
Accepts online Internet crime complaints from either the actual victim or from a third party to the complainant.
Federal Trade Commission:
Helps to report and recover from identity theft.
Consumer Financial Protection Buerau - Fraud and Scams:
Resources can help you prevent, recognize, and report scams and fraud.
Cyber Readiness Institute:
Focuses on the development of practical and free resources to help small and medium-sized enterprises build resilient cyber programs.