Is it a Scam? Yes, #BanksNeverAskThat!
Become a scamspotter pro by playing the American Bankers Association's #BanksNeverAskThat interactive game "Scam City." Share your score with your friends and family and encourage them to test their scam savviness, too. The more scamspotters out there, the harder it is for phishing criminals to catch their next victim! Plus, find tips and videos to be in the know about scams and how to avoid them.
LEARN MORE
Learn how to keep yourself protected:
COMMON SCAMS
BE WARY OF COMMON SCAMS
If you think you may have been scammed, or one of the situations below sound familiar to you, contact us immediately. Tell us about your situation and any information that might be compromised and request to block or close your accounts to help protect you from financial loss.
Common scams to be aware of:
Romance scams are one of the most common types of scams, with the Federal Trade Commission (FTC) receiving record reports of romance scams. In 2022, reported losses has increased to $1.3 billion (Source: FTC Website). Scammers create fake profiles on dating sites and apps, or contact individuals through social media sites like Instagram and Facebook. They start a relationship with their victim online and build trust using phone calls, email, text message, and sometimes even video chat. Then they make up a story, and ask for money, or ask you to give them your banking information. Some common stories are listed below to help you identify if you are a victim of this kind of scam:
- Living or working overseas and is “stuck” (oil rigger, military, doctor) without access to a US bank account
- Needs funds to come home, pay for a plane ticket or other travel expenses
- Is in the hospital, or someone close to him/her is in the hospital and needs help
- Has the money but can’t access it currently and will “pay you back” soon
- Needs to pay customs fees to retrieve something
- Needs to pay for a visa, or other official travel documents
Here is a helpful infographic on online dating scams from the Federal Trade Commission.
Money mule scams involve a scammer sending you money which you are then asked to send on to someone else. Sometimes you are told you will get to keep a portion of the money. But the money they sent is stolen, and the story they are telling you is fake. These types of scams can take many forms. Below are a few examples:
- Receiving a letter, email, or text saying that you have won the lottery (i.e. - Publisher's Clearing House) and need to send money to pay taxes on it before the winnings are released to you.
- Asked to be a mystery shopper or do some other kind of job, where you will be paid, but the payment you receive is for more than the amount you are owed. You are asked to send the extra funds back to the fraudster or to someone else.
- Selling an item on Craigslist or some other website, and the purchaser sends you more than the cost of the item. You are asked to send the extra funds back to the scammer, or to someone else.
- Sent money and asked to purchase gift cards (i.e. - Amazon, Wal-Mart, Longs, iTunes, etc.) and either send the gift cards or a picture of the card information back to the fraudster or to someone else.
Here is a helpful infographic on Money Mule scams from the Federal Trade Commission.
These types of scams happen when someone claiming to be some sort of “official” contacts you and claims that you owe money. These scammers often say they are affiliated with the government or some other sort of official in a position of power to scare you into giving them money or your banking information. They may claim to be an attorney, Certified Public Accountant (CPA), or part of the Federal Bureau of Investigation (FBI), Honolulu Police Department (HPD), or Internal Revenue Service (IRS). These scams are sometimes done via email, phone calls or text messages.
IDENTITY THEFT
TIPS TO PROTECT YOUR PERSONAL IDENTITY
Account fraud or identity theft occurs when a person gains access to your personal information, (your bank account number or Social Security number, for example) and then uses this information for illegal purposes – or to withdraw money from your account.
Here are some tips to protect your personal identity:
The best way to know if your identity was stolen is to monitor your accounts and bank statements each month, and to check your credit report on a regular basis. If you see unusual transactions at merchants that you did not visit, that may be a sign that your identity was compromised. If you check your credit report regularly, you may be able to limit the damage caused by identity theft.
If you detect any fraudulent or possibly fraudulent transactions on any of your accounts, contact your bank or credit card company immediately. If you identify fraudulent activity on your American Savings Bank account(s), call our Customer Banking Center immediately at (808) 627-6900 or toll-free (800) 272-2566. You should also:
- File a police report. Even if the police can't catch the identity thief, having a police report can help you in clearing up any problems on your credit report(s).
- File a complaint with the Federal Trade Commission (FTC) at www.identitytheft.gov.
You should routinely obtain and review your free annual credit reports. You can request them from one or all of the national credit reporting agencies at the phone numbers below or at AnnualCreditReport.com.
- Equifax - (800) 685-1111
- Experian - (888) 397-3742
- TransUnion - (800) 916-8800
If there are fraudulent transactions on any of these reports, have the agencies delete any information relating to those transactions, and place a fraud alert on your credit report to alert creditors that you may be the victim of fraud. If you'd like to learn more about protecting your identity, here are some additional resources:
PROTECTING INFORMATION
KEEP YOUR PERSONAL INFORMATION PRIVATE
Do not share passwords or login credentials with others. You should also be cautious when sharing personal information, such as your Social Security Number (SSN) and Debit Card PIN. American Savings Bank will never initiate an email, cell phone text message or phone call and ask you to reveal any private information, including your account information. For best practice, memorize ATM card PIN and Online Banking login credentials. Do not write down your PIN and/or passwords. For best practice, use a password manager to store credentials and sensitive information.
How to keep your personal information private:
- Always use unique user names and passwords for each site you visit.
- Shred financial documents you no longer need.
- Store new and cancelled checks in a secure place.
- Keep records of your financial transactions.
- Do not write your account number on items that may be thrown away later.
- Send mail from a post office or secured mailbox, rather than from your home mailbox.
- Collect incoming mail promptly.
- Shred all unwanted pre-approved offers for financial products and services, like credit cards or loans.
Verify that your Online Banking session is secure by a closed, or locked, padlock, usually located in the lower right corner of your browser window, indicates a secure connection.
Tips to keep your accounts secure:
- Avoid easily identifiable words.
- Use a combination of numbers, letters, and special characters.
- Change your password every 90 days.
- Change your passwords to passphrases - such as " Ilovecoffee", even better when you replace the characters with symbols or letters, " !lovec0ffee."
- Don't recycle passphrases. For best practice, use a password manager so that you only need to remember one passphrase and to keep your credentials secure.
- Enable multi-factor authentication whenever possible, this will add a layer of security on your accounts because the hacker will not only need to have something you know (PIN/Password), but they will also need something you have (device/token) and/or something you are (biometric).
- Don’t pair secret questions with answers that can be found online.
- Keep your devices up to date with the latest software. Developers continuously push out software updates to fix bugs and vulnerabilities that hackers could exploit.
"Sign Off" when you are done using Online Banking or lock your device when walking away. Close your browser to prevent others from using your session. Click here to learn more about Online Banking Security.
- Be aware of email scams, such as phishing, and phony websites. Use a critical eye and feel free to contact us if you have a question about something that appears to be from the bank.
- Learn as much as possible about anything you are downloading to your computer, including email attachments. Programs from unknown sources can compromise the security of your computer.
- Hover your mouse over a link in an email/webpage before clicking, to review the URL - make sure that the link matches the sender.
- Things to look out for when you receive an email, remember context is key:
- Do you know the person who emailed you?
- Are you expecting the email?
- Are you expect to receive an attachment from this person? If so, does the link/attachment match the sender / context?
- Do not send personal and financial information over the Internet via email, as the email could be intercepted.
American Savings Bank utilizes industry recommended technology and security features to safeguard your Online and Mobile Banking information. Click here to learn more about Online Banking Security.
Your Online Banking is protected by:
- We offer biometric verification (ex: Fingerprints or facial recognition) for secure authentication into the ASB Hawaii Mobile App.
- For added security, we have a 2 step authentication process that uses a one-time secure access code when a new device is used to access your account.
- We use secure data encryption techniques in both our app and Online Banking to help secure your account information is protected.
- We offer account, history, transaction and security alerts to keep you informed of your account activity.
For Online Banking for Business users, your financial information is protected with these additional features:
- Transaction Encryption - Secure Sockets Layer (SSL) technology and 128-bit encryption technology scrambles the communications between your computer and the server, generating messages unreadable to anyone outside of the secure environment who should not have access to them
- Firewall Protection - Unauthorized entry to ASB’s internal network of computer systems is shielded by our firewalls, which protects the computer network systems that interact with the Internet
- Surveillance - Our security teams use up-to-the-minute security procedures, security analyses and behavioral tracking applications to ensure information privacy and identification of suspicious transactions
Additional Online Banking for Business additional protection features:
- Multiple user/level entitlements with secure access via Company IDs and passwords
- Additional authentication with security tokens for ACH origination and wire transfers
- Customized access in which you determine the accounts and reports your employees can view
- "IP Lockdown" to restrict processing of stop payments, wire or ACH transfers by location or limit to registered workstations
- Add-on services such as Positive Pay* and Debit Block* available for added monitoring and security
AVOIDING FRAUD
KNOW THE BAD STUFF
In today's world, providing personal information online is a commonplace activity. However, one of the risks of doing so is being affected by a data breach - the release of personally identifiable, confidential information.
Here are some ways you can protect yourself and your information:
If there are unusual transactions on your accounts, that may be a sign that your identity or account has been compromised. Check your accounts regularly and report any unauthorized activity to prevent loss. American Savings Bank also offers text alerts for Online and Mobile Banking, which notify you of suspicious activity on your account. You can also monitor you account by enrolling in Online Banking or by checking your monthly statements. You can report any unauthorized activity on your ASB account by calling us at (808) 627-6900 or toll-free (800) 272-2566, or visit any branch.
Once criminals have your information, they can act on it at any time. Therefore it’s important to order your credit report and review it periodically. You are entitled to a free credit report annually and can get yours at www.annualcreditreport.com.
While a credit freeze locks down your credit, a fraud alert will allow creditors to get a copy of your credit report, but only after they take steps to verify your identity.
- Credit Freeze: Initiating a credit freeze makes it difficult for identity thieves to access your accounts and allows you to restrict access on your credit report. Be sure to consider your personal situtation before placing a credit freeze.
- Fraud Alerts: If you are applying for credit or think you might need quick credit in an emergency, it might be better to simply place a fraud alert on your files with the three major credit bureaus.
Another helpful action is to change your bank account PIN and passwords regularly. Be sure to use strong passwords that include uppercase and lowercase letters along with symbols and numbers. Avoid using the same passwords across multiple accounts.
Ishing is a social engineering attack used by criminals that exploits human psychology, manipulating our behavior to disclose sensitive information, such as account details and personal information through specific actions.
The goal of an ishing attack is to entice individuals into either clicking on a link that exposes their sensitive information on a fake website or downloading an attachment disguised as a harmless file, like a ‘cute puppy video’. In the past, hackers preferred using phishing as their method to deliver scams. Naturally, as technology advances, their techniques evolve.
The ishing family consist of:
- Phishing: scams via email
- Smishing: scams via text message
- Vishing: scams via phone calls
- QR Codes: scams via scanning a public QR code on your device
How does the ishing scheme work and how can you avoid being a victim? Click here to watch a video on how does the ishing scheme work and how to avoid it.
Use the resources below to report fraud:
The FDIC offers these guides for your protection:
Cybersecurity Guide for Financial Institution Customers:
Offers tips on protecting and maintaining computer systems, mobile devices, and connections to the Internet.
Cybersecurity Guide for Businesses :
Focuses on the cybersecurity needs of commercial customers and includes information on safeguarding systems and data, and things to consider in a networked environment.
Additional Resources:
Federal Bureau of Investigations:
Accepts online Internet crime complaints from either the actual victim or from a third party to the complainant.
Federal Trade Commission:
Helps to report and recover from identity theft.
Consumer Financial Protection Buerau - Fraud and Scams:
Resources can help you prevent, recognize, and report scams and fraud.
Cyber Readiness Institute:
Focuses on the development of practical and free resources to help small and medium-sized enterprises build resilient cyber programs.
For Businesses - Cybersecurity and Fraud Seminar:
Learn from our cybersecuity and fraud experts of common methods of cyber attacks, scams, frauds and how to safeguard you and your business against them.