Money

What is Check Fraud?

Check fraud occurs when a criminal writes a check using a fake account or checks stolen from another person. In most cases, the criminal also forges or steals identification to match the name on the account. A consumer usually realizes they have been defrauded when they discover their checking account is overdrawn or they encounter someone who has received one of the fake checks.

Businesses and banks often discover the fraud when they try to collect on the check. They then find out the account is either overdrawn or non-existent.

How do I defend against Check Fraud?

• Always analyze your bank statement soon after it arrives and immediately report any suspicious transactions. If you wait too long, banks will balk at reimbursing you.
• If a stranger tries to pay for a large purchase with a check, ask for a cashier’s check or a traveler’s check instead.
• Keep your blank checks in a secure place such as a locked drawer or a safe. Never keep it in an easily accessed place.
• When shopping or paying bills in person, only take as many checks as you expect to use.
• When you have your checks made, include as little personal information as possible on the check. Usually your name and address is sufficient. Never include a social security or driver’s license number on your checks.

What is Identity Theft?

Identity theft is, according to the Federal Trade Commission (FTC), currently the most common fraud complaint in the United States. Thieves get your personal and financial information through theft (often from trash or mailboxes), trickery (misleading phone calls, emails and web sites), and public information sources (such as personal, financial and government web sites).

Once they have your information, the identity thief will obtain or create copies of your birth certificate, social security card, driver’s license, passport and other identification. Once they have this identification, they obtain credit cards, loans, checks and anything else they can use to spend money in your name.

Identify thieves often manage to spend for months before the real person realizes something is wrong. They generally use fraudulent addresses so that you do not see the bills. Until the delinquent bills find their way to you, through collections efforts or damage to your credit rating, you will not know what is going on. Once it does happen, you may find yourself denied credit, a loan, an apartment or even a job. Repairing your credit can be difficult, and even several years later, you may find yourself answering for something this identity their does using your identity.

How to Defend Against Identity Theft

Beware of unsolicited offers that seem too good to be true. Often, these offers are fraudulent attempts to get your financial information.

If you discover your credit cards or identification is missing, immediately notify the issuers and if you suspect someone stole them, notify the police.

Keep a close watch on credit card and bank statements. Always report suspected fraudulent activity immediately.

Monitor your credit reports. Look for signs of identity theft. Typical signs are credit cards or loans you do not have that appear under your name and unknown addresses listed under your report.

Protect your vital information such as credit card numbers, Social Security numbers, account passwords or other personal information. Keep them safely stored. Shred mail containing vital information before throwing it out. This goes for credit card offers too.

A new email phishing scam is beginning to circulate the Internet. This one does not even require you to click on a link. Merely opening the e-mail can release a virus that records and sends out your passwords financial information the next time you log into your bank or credit card or merchant web sites. This new attack is far more dangerous than traditional phishing scams that operate by trying to fool the user into visiting a fake financial web site.

The primary defense against this new phishing attack is to disable your Windows Script Host. This script host is what allows outside systems to rewrite data on your computer. To learn how to disable the Windows Script Host visit Sophos: How to disable Windows Scripting Host. In addition, follow the standard rules for combating phishing scams.

Do Not Click on the Links
If you get a message that claims it needs your information, do not be fooled. Legitimate organizations do not solicit personal information in this manner. If you suspect the message is from a real organization you use, go directly to their web site or call them on the phone, but do not use the links or phone numbers in the message.

Never Email Personal or Financial Information
Email is one of the least secure methods of sending information on the Internet. Even if you are not responding to a fraudulent message, when you e-mail vital information you are always taking a risk that it will be read by an unintended recipient.

Examine Websites Closely
Always check to see that the url matches the web site/ Look for indicators that your connection is secure (secure site urls start with https:// rather than http://). Even this information may not be enough to spot a fraud. Some phishers are very skilled at their scams.

Check your Accounts
Always review your credit card statements, bank statements and phone bills as soon as you receive them. Make sure there are no unauthorized charges. If you do find something suspicious, call the organization immediately. Tle longer you wait, the less likely you are to get your money back.

Be Careful with your Email
Use anti-virus software and firewalls to keep your computer safe. Some fishing emails contain viruses as well as scams. Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.

Forward suspicious e-mail to uce@ftc.gov, and complaints should be filed with the state attorney general’s office or through the FTC at www.ftc.gov.

How the Scam Works
Now that states are creating Do-Not-Call lists, (lists of phone numbers that solicitors are banned from calling) many people want to get on the list. This has spawned a new scam in which the caller pretends to represent the Do-Not-Call list and asks to either put you on the list or to verify your information. The scammers then proceeds to ask for personal information, such as Social Security, credit card and/or bank account numbers. They say they need the information to confirm that the caller is talking with the correct person. The scammer may even tell you that you need to pay them to put you on the list. Once they have your information, they use it to steal money and make unauthorized purchases.

How to Avoid the Scam

• Never give out vital personal information over the phone, especially to a telemarketer.
• If you want to get on a Do-Not-Call list, you must contact your state Do-Not-Call registry. They do not contact you first and they do not ask for personal information.
• Once you enroll in a state Do-Not-Call registry, there is no reason for them to call you to verify your identity. If the ever do need to call, they will not ask for personal or financial information.

Phone scammers are using people’s voicemail systems to make collect calls.

How the Scam Works
The thief calls your voicemail and keeps trying obvious passwords such as 1234 until they get into your account. They then record a messages they can use to accept toll calls. The messages will repeat the word yes several times, followed by a statements such as, “I will accept the charges.” This message takes advantage of automated collect call systems that are programmed to listen for the word yes. The hacker uses this connection to pay for collect (generally international) calls. This scam occurs most frequently during holiday period, when the scammers expect people to be away from their home or office.

How to Fight the Scam

• Change the default password on your voicemail. Always opt for longer passwords such as a phone number that you know but most others do not.
• Change your password frequently.
• Regularly check your outgoing message to be sure it has not been tampered with.
• Block international calls and collect calls from your phone. You can do this by contacting your local phone service.
• If you do not use them, disable voicemail features such as remote notification, auto-attendant, call-forwarding and out-paging.
• If you believe your voicemail has been misused, call the phone company, the police and the FCC.

What is Phishing?
Phishing is an Internet-based scam that uses spam emails or pop-up messages to trick people into disclosing sensitive information such as credit card numbers, bank account information, Social Security number or passwords. In many cases, people are sent to web sites that look like authentic, resembling well-known merchants, utilities and financial organizations. In some cases, the message asks you to call a phone number; often these are toll numbers that charge unsuspecting victims for the call.

Phishers rely on email and pop-up message that claims to be from a business or organization that you deal with. These messages claim to be a bank, an online payment center, a government agency or your Internet Service provider (ISP).

In most cases, the message requests that you “update” or “validate” your account information. It may indicate that your account is overdue, that your balance is overdrawn, or that there is suspicious activity. They will say anything to make you think you absolutely must click on the message or link.

If you do click, your browser will bring up a web site that looks like a legitimate organization’s site. Some sites are poorly duplicated, but others look exactly like the real organization they pretend to be. Once you arrive at that site, it will ask for account or other personal information that can then be used to take your money and your identity.

How to Avoid Phishing Scams

Do Not Click on the Links
If you get a message that claims it needs your information, do not be fooled. Legitimate organizations do not solicit personal information in this manner. If you suspect the message is from a real organization you use, go directly to their web site or call them on the phone, but do not use the links or phone numbers in the message.

Never Email Personal or Financial Information
Email is one of the least secure methods of sending information on the Internet. Even if you are not responding to a fraudulent message, when you e-mail vital information you are always taking a risk that it will be read by an unintended recipient.

Examine Websites Closely
Always check to see that the url matches the web site/ Look for indicators that your connection is secure (secure site urls start with https:// rather than http://). Even this information may not be enough to spot a fraud. Some phishers are very skilled at their scams.

Check your Accounts
Always review your credit card statements, bank statements and phone bills as soon as you receive them. Make sure there are no unauthorized charges. If you do find something suspicious, call the organization immediately. Tle longer you wait, the less likely you are to get your money back.

Be Careful with your Email
Use anti-virus software and firewalls to keep your computer safe. Some fishing emails contain viruses as well as scams. Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.

Forward suspicious e-mail to uce@ftc.gov, and complaints should be filed with the state attorney general’s office or through the FTC at www.ftc.gov.

Phishing
Identity thieves create fake web sites and e-mail designed to mimic legitimate companies in order to trick people into divulging personal and financial information.

Skimming
Identity thieves get credit and debit numbers by using electronic devices to monitor ATMs and credit card processing. They can also monitor the keystrokes on a computer.

Garbage
Identity thieves will often rummage through the garbage of both organizations and individuals in search of credit card receipts, old checks or any other personal or financial information.

Businesses and Other Employers
Identity thieves generally get information from organizations by stealing records. They also get information by bribing employees or illegally accessing an organization’s computers.

Impersonation
Identity thieves often get information, especially credit reports, by posing as a landlord, employer, financial institution or government official.

Theft
Identity thieves steal wallets, credit cards, bankcards and mail such as credit card or bank statements and tax information.

Change of Address Forms
Identity thieves will submit change of address forms to divert mail to another location.