Current Fraud Alerts
Below is a list of the most active and dangerous fraud attacks discovered around the world. Staying informed is the best way to avoid falling victim to one of these scams.
Business Email Compromise (BEC) is a scam that targets businesses and individuals who can send checks, wire transfers, and ACH transfers. BEC fraudsters impersonate vendors and ask for payment outside the normal course of business. In a typical BEC scheme, the victim receives a message supposedly from a company the victim normally conducts business with. The message requests that standard payment practices be altered in some way, such as by sending money to a new account.
Scammers often create fake profiles on dating apps or social media sites and start conversations with their targets to build trust. Once they have gained the victim's confidence through an online relationship, they claim to have knowledge of cryptocurrency investment or trading opportunities that will result in profit. Other times, they make up a story and ask for money.
"Phishing" is when a fraudster sends emails to a user that appear to be from a reputable company, organization, or even a friend to entice them to reveal personal information, such as passwords and credit card numbers. When victims receive these emails, and believe they are legitimate, it leads them to open a malicious attachment that will cause malware to infect their system or prompts the victim to enter their login credentials and expose personal and confidential information. This type of fraud can lead to financial crimes such as business email compromise, personal information theft, ransomware, and account takeovers.
“Vishing” is when a fraudster uses the telephone to scam a user into providing private or confidential information such as online banking credentials. Users report that they are receiving a phone call from an imposter “Security Officer of a Bank” asking them to confirm suspicious transactions on their account. Once they confirm the transactions are not valid, the imposter proceeds to “verify” the end user by asking them to provide their Online Banking credentials including Out of Band Authentication codes. The fraudster then gains access to the user's accounts and can complete fraudulent transactions. American Bank will never ask you for your login credentials.
Tech Support Fraud involves a criminal claiming to provide customer, security, or technical support to defraud unwitting individuals.
Criminals may pose as a security, customer, or technical support representative offering to resolve such issues as a compromised e-mail or bank account, a virus on a computer, or to assist with a software license renewal. Examples include criminals posing as technical support representatives for computer or printer companies, cable companies, or government agents, even offering to recover supposed losses related to tech support fraud schemes or to request financial assistance with “apprehending” criminals.
Tech support fraud can occur through the telephone, search engine advertising, pop-up messages, locked device screens and phishing emails.
Email phishing campaigns where malicious actors are impersonating the Small Business Administration (SBA) to collect personally identifiable information (PII) for fraudulent purposes have surfaced. The SBA is particularly concerned about scam emails targeting applicants of the SBA’s Economic Injury Disaster Loan Program asking them to verify their accounts using a third-party online platform to collect PII.
It should be noted that any email communication from the SBA will only come from email accounts ending in sba.gov. Applicants are advised to help protect their identity and privacy by never providing PII in public-facing comments or responses to third-party emails.
The SBA will not use a third-party platform to:
- Actively seek PII
- Search a third-party platform for or by PII
- “Follow” public users proactively without a waiver
Additionally, federal agencies that provide disaster recovery assistance will never ask for a fee or payment to apply for financial assistance. Loan applicants and borrowers should be vigilant in protecting their personal information and data assets. Visit sba.gov/COVIDfraudalert to learn more about scams and fraud schemes.
Scammers often use SMS text links and phone calls to pose as American Bank bankers. These scams are meant to persuade clients to share personal identification information and account information.
American Bank will never call or text you to ask for sensitive information. You should only provide this information if you have reached out to our bankers or client services team for support.
Many websites and apps increase security by using the Multi-Factor Authentication (MFA) method that prompts you to enter a One Time Passcode (OTP) sent to you by text message or email. Fraudsters will call you and pretend to be a legitimate organization to ask you for the OTP that was just delivered to your phone or email.
Remember to never share a OTP with anyone over the phone, text or email.
Promotional content related to product page
What to do if you become a victim: Contact us and your local police to report any fraudulent attempts with your online banking credentials, account information, lost or stolen checks, credit, debit, or ATM cards IMMEDIATELY.
Tips to Protect Yourself
- Use strong passwords and change them frequently. Passwords should be at least 12 characters in length and include a mix of upper and lower case letters, numbers and special characters.
- Use different passwords for your financial online services from more casual online accounts such as social network sites – and never share them with anyone or write them down.
- Be extra cautious with last-minute changes in wire or payment instructions or recipient account information. Call your payee directly using a known number to verbally validate the request and all details of the payment instructions.
- Don’t use public computers or public Wi-Fi connections for online banking unless absolutely necessary.
- Watch for unsolicited emails claiming to be from the Centers for Disease Control and Prevention, Internal Revenue Service, or other government agencies. Government agencies will not call, text or email you. Never open this type of email or click on attachments.
- Do not reveal personal or financial information in email. Always consider why someone is asking for your information.
- Don’t click on links from sources you don’t recognize. It could download a virus onto your computer or device.
- Do your homework when it comes to donations, whether through charities or crowdfunding sites. If someone wants donations in cash, by gift card, or by wiring money, avoid doing so.
- Use government websites directly rather than using a link. If you do see a link to a government website, hover over the web address to ensure the domain of the linked website ends in ".gov". Always inspect the URL of websites and verify the actual destination before visiting sites.
- Never send funds to someone you do not know or have not met in person. There is no plausible reason why someone would need to ask for money from someone they have not met in person.
- Never send, trade, or invest your money per the advice of someone you met online.
- Be cautious of online investment opportunities that promote large profits and individuals who claim to have exclusive opportunities.
- Install anti-virus software on your devices and be sure to keep it current.
- Be cautious at ATM’s and ensure the area is well lit and safe. Conduct transactions quickly and protect your PIN.
- Look for areas where a scammer could place a camera, such as a brochure rack or a pinhole near the keypad.
- Before inserting your card, give the card reader a small tug. If there is any movement or the device comes off, don't use that ATM.
- Keep your information private. Never share banking information, Social Security Numbers, your identification, or passport with anyone online.
- Do not rush or feel under pressure. Scammers use emergencies to get people to make decisions quickly. Always take time to think about a request for your personal information, and whether the request is appropriate.
- Check your credit report annually. You may obtain a free credit report each year.
- Purchase identity theft protection from a reputable vendor.
- If you suspect identity theft, contact the three major credit bureaus.
FDIC Money Smart materials are provided as a downloadable PDF. To read PDF files, download Adobe Reader.
If you think you are a victim of identity theft, contact the Federal Trade Commission IMMEDIATELY.