Fraud Protection

Fight fraud

Staying informed is the best way to avoid falling victim to fraud.

Follow the tips on our 'Stay Protected' page and be aware of any suspicious activity on your bank or credit card statements or on your credit report. It is important that you report these activities quickly in order to put a stop to the fraud and minimize the impact these activities have on your credit score and finances.

Report any suspected fraud or identity theft activity concerning your American Bank accounts or services immediately to Client Services from 7 am to 6 pm weekdays. You should also contact the Federal Trade Commission (FTC):

Credit Bureau Fraud Hotlines

Equifax: (800) 525-6285
Experian: (888) 397-3742
TransUnion: (800) 680-7289

Credit Card Companies

Contact your credit card companies if you suspect your credit card numbers have been compromised. Their numbers can be found on the back of your credit cards.

Current Fraud Alerts

Below is a list of the most active and dangerous fraud attacks discovered around the world. Staying informed is the best way to avoid falling victim to one of these scams.

|

Fraudsters benefit during uncertain times and during times when they know people are busy and unfocused. They are certain to take advantage of the 2020 holiday season using various tactics. Your best defense is knowledge and vigilance.

Here are some quick tips on keeping your finances and identity protected anytime – but especially through the upcoming holiday season.

  • Know who you are buying from. Be sure you are shopping with familiar online retailers and apps you already know and trust. Secure websites typically begin with “https:” rather than “http:”. You can also look for the familiar padlock icon in the URL to help verify a site’s authenticity.
  • Stay alert. Special holiday deals, alerts about package deliveries and even holiday eCards can include tempting opportunities to click on links in both email and text messages. Avoid doing so. If you’re curious about a special offer, contact the sender directly to learn more. Never provide sensitive information by way of email or text.
  • Did you expect this? Be wary of unsolicited messages. Many fraud attempts begin with a message indicating you have a gift headed your way, but more information is requested. These phishing attempts will even be masked to appear to be from a entity you regularly deal with (i.e. Amazon, Google, USPS, etc.). If you weren't expecting this gift, avoid interacting with the message.
  • Benefit from technology. Using a digital wallet protects your card information by replacing your real card number with a single-use, tokenized number. Use debit card controls to set up alerts and restrictions on when and how your card can be used. Always review your bank and card statements to catch any charges you were not expecting.
  • Practice good #CyberHygiene. Use strong passwords that include different types of characters. Avoid public Wi-Fi networks. While it’s tempting to access Wi-Fi in airports, coffee shops and hotels, consider the potential security risks before you allow a hacker access to your data by way of an unsecured network. 

Email phishing campaigns where malicious actors are impersonating the Small Business Administration (SBA) to collect personally identifiable information (PII) for fraudulent purposes have surfaced. The SBA is particularly concerned about scam emails targeting applicants of the SBA’s Economic Injury Disaster Loan Program asking them to verify their accounts using a third-party online platform to collect personally identifiable information.

It should be noted that any email communication from the SBA will only come from email accounts ending in sba.gov. Applicants are advised to help protect their identity and privacy by never providing PII in public-facing comments or responses to third-party emails.

The SBA will not use a third-party platform to:

  • Actively seek PII
  • Search a third-party platform for or by PII
  • “Follow” public users proactively without a waiver

Additionally, federal agencies that provide disaster recovery assistance will never ask for a fee or payment to apply for financial assistance. Loan applicants and borrowers should be vigilant in protecting their personal information and data assets. Visit sba.gov/COVIDfraudalert to learn more about scams and fraud schemes. 

Business Email Compromise (BEC) is a scam that targets both businesses and the associated individuals who have the ability to send checks, wire transfers, and ACH transfers. Capitalizing on shifting business practices during the COVID-19 pandemic, BEC fraudsters impersonate vendors and ask for payment outside the normal course of business. In a typical BEC scheme, the victim receives a message supposedly from a company the victim normally conducts business with. The message requests that standard payment practices be altered in some way, such as by sending money to a new account. Be on the lookout for the following:

  • A sense of urgency and last-minute changes in wire instructions or recipient account information
  • Last-minute changes in established communication platforms or email account addresses
  • Communications only by email and refusal to communicate via telephone
  • Requests for advance payment of services when not previously required
  • Requests from employees to change direct deposit information

For more information, visit fbi.gov.

Cybercriminals are using the uncertainty surrounding the Coronavirus (COVID-19) to sell bogus products or use fake emails, texts, and social media posts to take your money and get your personal information.

We have recently seen an increase in fraudulently obtained unemployment benefits where the fraudster has filed an unemployment claim on behalf of a person who is actually still working. Then, by way of a separate event involving a romance-type scam, the criminal convinces the victim to provide their bank account information so that the criminal can access the unemployment funds deposit unbeknownst to the victim and then send those fraudulently obtained funds elsewhere.

Follow these tips to help avoid COVID-19 scammers:

  • Don’t click on links from sources you don’t know. It could download a virus onto your computer or device.
  • Watch for unsolicited emails claiming to be from the Centers for Disease Control and Prevention, Internal Revenue Service, or other government agencies. Government agencies will not call, text or email you about virus breakthroughs or economic impact payments. Never open this type of email or click on attachments.
  • Ignore online offers for vaccinations. If there is a true medical breakthrough in the prevention, treatment, or cure for COVID-19, it will be unlikely that you'll hear about it for the first time through an ad or sales pitch.
  • Do your homework when it comes to donations, whether through charities or crowdfunding sites. If someone wants donations in cash, by gift card, or by wiring money, avoid doing so.
  • Be alert to “investment opportunities.” The U.S. Securities and Exchange Commission (SEC) is warning people about online promotions claiming that the products or services of publicly-traded companies can prevent, detect, or cure COVID-19 and that the stock of these companies will dramatically increase in value as a result.
  • Do not reveal personal or financial information in email. Always consider why someone wants your information and if it is an appropriate request.
  • Do not rush or feel under pressure. Scammers use emergencies to get people to make decisions quickly. Always take time to think about a request for your personal information, and whether the request is appropriate.
  • Use government websites directly rather than using a link. If you do see a link to a government website, hover over the web address to ensure the domain of the linked website ends in ".gov". Always inspect the URL of websites and verify the actual destination before visiting sites.
  • Never send funds to someone you do not know or have not met in person. There is no plausible reason why someone would need to ask for money from someone they have not met in person. 

For more information, see ftc.gov.

"Phishing" is when a fraudster sends emails to a user that appears to be from a reputable company, organization or even a friend to entice them to reveal personal information, such as passwords and credit card numbers. When victims receive these emails, and believe they are legitimate, it leads them to open a malicious attachment that will cause malware to infect their system or prompts the victim to enter their login credentials and expose personal and confidential information. This type of fraud can lead to financial crimes such as business email compromise, personal information theft, ransomware and account takeovers.  

It's critical to be wary of suspicious e-mails even if they appear to be from a friend. Never open attachments or click on links, until you've confirmed their legitimacy. Make sure you stay protected and know how to limit your risk of fraud and what steps to take if you become a victim.

“Vishing” is when a fraudster uses the telephone to scam a user into providing private or confidential information such as online banking credentials. We have been alerted to an increase in vishing scams occurring. Users report that they are receiving a phone call from an imposter “Security Officer of a Bank” asking them to confirm suspicious transactions on their account. Once they confirm the transactions are not valid, the imposter proceeds to “verify” the end user by asking them to provide their Online Banking credentials including Out of Band Authentication codes. The fraudster then gains access to the user's accounts and can complete fraudulent transactions.

Remember that American Bank will never ask you for your login credentials. If you receive a phone call that appears to be fraudulent, please call us directly to report the incident. Make sure you Stay Protected and know how to limit your risk of fraud and what steps to take if you become a victim.  

Tech Support Fraud involves a criminal claiming to provide customer, security, or technical support in an effort to defraud unwitting individuals. This type of fraud continues to be a problematic and widespread scam.

Criminals may pose as a security, customer, or technical support representative offering to resolve such issues as a compromised e-mail or bank account, a virus on a computer, or to assist with a software license renewal. Some recent complaints involve criminals posing as technical support representatives for computer or printer companies, cable companies, or government agents, even offering to recover supposed losses related to tech support fraud schemes or to request financial assistance with “apprehending” criminals.

Initial contact with the victim typically occurs through the following methods:

  • Telephone: A victim receives an unsolicited telephone call from an individual claiming the victim’s device or computer is infected with a virus or is sending error messages to the caller. Callers are generally reported to have strong, foreign accents.
  • Search Engine Advertising: Individuals in need of tech support may use online search engines to find technical support companies. Criminals pay to have their fraudulent tech support company’s link show higher in search results hoping victims will choose one of the top links in search results.
  • Pop-up message: The victim receives an on-screen pop-up message claiming a virus has been found on their computer. In order to receive assistance, the message requests the victim call a phone number associated with the fraudulent tech support company.
  • Locked screen on a device: The victim’s device displays a frozen, locked screen with a phone number and instructions to contact a fraudulent tech support company. Some victims have reported being redirected to alternate web sites before the locked screen occurs. 
  • Phishing e-mail warning: The victim receives a phishing e-mail warning of a possible intrusion to their computer or an e-mail warning of a fraudulent account charge to their bank accounts or credit cards. The e-mail provides a phone number for the recipient to contact the fraudulent tech support.

Tech support fraud was originally an attempt by criminals to gain access to devices to extort payment for fraudulent services. However, criminals are creating new techniques and versions of schemes to advance and perpetuate fraud. Never give unknown, unverified persons remote access to devices or accounts and remember that legitimate customer, security, or tech support companies will not initiate unsolicited contact with individuals.  You should also ensure all computer anti-virus, security, and malware protection is up to date. Some victims report their anti-virus software provided warnings prior to attempt.  Read our Identity Theft Safety Tips for more information on how to fight fraud and what to do if you become a victim.  

Resources