Tech Support Scams

Monday, April 17 at 09:35 AM
Category: Personal Finance

In a recent twist, scam artists are using the phone to try to break into your computer. They call claiming to be computer techs associated with well-known companies like Microsoft. They say that they’ve detected viruses or other malware on your computer to trick you into giving them remote access or paying for software you don’t need. But the purpose behind their elaborate scheme isn’t to protect your computer – it’s to steal your identity or/and to make money.

How Tech Support Scams Work
Scammers have been peddling bogus security software for years. They set up fake websites, offer free “security” scans*, and send alarming messages to try to convince you your computer is infected. Then, they try to sell you software to fix the problem. At best, the software is worthless or available elsewhere for free. At worst, it could be malware — software designed to give criminals access to your computer and your personal information.
 
The latest version of the scam begins with a phone call. Scammers can get your name and other basic information from public directories. They often try to gain your trust by pretending to be associated with well-known companies or confusing you with a barrage of technical terms. They may ask you to go to your computer and perform a series of complex tasks. Sometimes, they target legitimate computer files and claim they are viruses. Their tactics are designed to scare you into believing they can help fix your “problem.”
 
Once they’ve gained your trust, they may:
  • Ask you to give them remote access to your computer and then make changes to your settings that could leave your computer vulnerable.
  • Try to enroll you in a worthless computer maintenance or warranty program.
  • Ask for credit card information so they can bill you for phony services — or services you could get elsewhere for free.
  • Trick you into installing malware that could steal sensitive data, like user names and passwords.
  • Direct you to websites and ask you to enter your credit card number and other personal information.
Regardless of the tactics they use, their purpose is to steal your identity or/and to make money.

If You Get a Call
If you get a call from someone who claims to be a tech support person, hang up and call the company yourself on a phone number you know to be genuine. A caller who creates a sense of urgency or uses high-pressure tactics is probably a scam artist.
 
Keep these other tips in mind:
  • Don’t give control of your computer to a third party who calls you out of the blue.
  • Do not rely on caller ID alone to authenticate a caller. Criminals spoof caller ID numbers. 
  • If you want tech support, look for a company’s contact information on their software package or on your receipt.
  • Never provide your credit card or financial information to someone who calls and claims to be from tech support.
  • If a caller pressures you to buy a computer security product or says there is a subscription fee associated with the call, hang up. If you’re concerned about your computer, call your security software company directly and ask for help.
  • Never give your password on the phone. No legitimate organization calls you and asks for your password.
  • Put your phone number on the National Do Not Call Registry*, and then report illegal sales calls*.
If You’ve Responded to a Scam
If you think you might have downloaded malware from a scam site or allowed a cybercriminal to access your computer, don’t panic. Instead:
  • Get rid of malware*. Update or download legitimate security software and scan your computer. Delete anything it identifies as a problem. 
  • Change any passwords you gave out. If you use these passwords for other accounts, change those accounts, too.
  • If you paid for bogus services with a credit card, call your credit card provider and ask if they can reverse the charges. Check your statements for any other charges you didn’t make, and ask to reverse those, too.
  • If you believe someone may have accessed your personal or financial information, visit the FTC’s identity theft website*. You can minimize your risk of further damage and repair any problems already in place.
  • File a complaint with the FTC at ftc.gov/complaint*.
How to Spot a Refund Scam
If you paid for tech support services, and you later get a call about a refund, don’t give out any personal information. The call is almost certainly another trick to take your money.
 
The refund scam* works like this: Several months after the purchase, someone might call to ask if you were happy with the service. When you say you weren’t, the scammer offers a refund. Or, the caller may say the company is going out of business and providing refunds for “warranties” and other services.
 
In either case, the scammers eventually ask for a bank or credit card account number. Or they ask you to create a Western Union account. They might even ask for remote access to your computer to help you fill out the necessary forms. But instead of putting money in your account, the scammers withdraw money from your account. If you get a call like this, hang up, and report it at ftc.gov/complaint*.

Conclusion
You don’t need to be a victim of a tech support scam. Learn how these scams work, so you can detect them for what they are and protect yourself.

Information courtesy of Federal Trade Commission Consumer Information.

Links marked with * go to a third-party site not operated or endorsed by Arvest Bank, an FDIC-insured institution.  

Tags: Consumer Protection, Financial Education, Fraud Alert, Privacy and Security, Technology
 

Fraud Targets Small Businesses: Don't Be a Victim

Wednesday, February 08 at 05:25 AM
Category: Business Banking

While large firms may have sophisticated technology and staff dedicated to thwarting crime, many small businesses don't — and scammers know this. Here are ways to protect yourself:

Be on guard against inside jobs. This includes employee theft or misuse of cash, merchandise or equipment as well as fraud. "Minimize risks through steps such as pre-employment background checks, automated inventory tracking systems, audits, and clearly outlined policies for personal use of computers and other business equipment," said Luke W. Reynolds, chief of the FDIC's Outreach and Program Development Section. "Also, carefully select who handles revenue from customers, pays the bills and reviews account statements. And, ensure that there are procedures in place to detect and deter fraud."

Watch out for fraudulent transactions and bills. Scams can range from consumer payments with a worthless check or a fake credit or debit card to fraudulent returns of merchandise. Be sure you have insurance to protect against risks. Also ignore offers to buy lists of federal grant programs. To learn more about protecting your business, consult your local Small Business Administration District Office*. 
 
Electronic fraud by third parties can be very costly to businesses, so take them seriously. The FDIC has seen an increase in reports of unauthorized electronic transfers made from bank accounts held by small businesses. 
 
"The most common and dangerous scam for small businesses is account takeover," said Michael Benardo, chief of the FDIC's Cyber-Fraud and Financial Crimes Section. "By sending fake emails and using fake websites to deliver malicious software, such as keystroke loggers, fraudsters may be able to obtain the IDs and passwords for online bank accounts and then make withdrawals from accounts."
 
According to federal law enforcement, businesses are increasingly targeted by business email compromise (“BEC”) fraud where perpetrators, posing as business executives or vendor partners, use compromised or spoofed email accounts to request fraudulent wire transfers or make changes in payment instructions for invoices. Federal agencies recommend separately confirming such communications and not relying solely on email to conduct financial transactions.
 
Because businesses are generally not covered by federal consumer protections against unauthorized electronic fund transfers, a bank likely will not be responsible for reimbursing losses associated with the theft from the account if it says that negligence on the part of the business, such as falling for a common scam, was a factor.
 
Also equip your computers with up-to-date anti-virus software and firewalls (to block unwanted access). Make backup copies of critical business data on every computer. Also monitor account balances regularly, perhaps daily, to look for suspicious or unauthorized activity.
 
And, don't click on links in or attachments to an unsolicited email that asks for confidential information, even if it appears to be from a company you do business with or the government. Legitimate organizations won't request that kind of information in an email. When in doubt, go to another source to find the organization's contact information so you can independently confirm the validity of the request.
 
Be proactive about protecting your small business from ill-intentioned people by learning what scams they use and how to not fall victim to those tactics. 

Links marked with * go to a third-party site not operated or endorsed by Arvest Bank, an FDIC-insured institution. 

Tags: Arvest Biz, Business Banking, Fraud Alert, Privacy and Security
 

Beware of Tax Scams

Friday, January 13 at 09:00 AM
Category: Personal Finance
If it sounds too good to be true, it probably is! In recent years, thousands of people have lost millions of dollars and their personal information to tax scams and fake IRS communication. Here’s a look at some of these tax scams and what to do if you spot them.
 
Remember: The IRS doesn't initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. In addition, the IRS does not threaten taxpayers with lawsuits, imprisonment or other enforcement action by email, text messages or social media channels. Being able to recognize these tell-tale signs of a phishing or tax scam could save you from becoming a victim.

IRS-Impersonation Telephone Scams
An aggressive and sophisticated phone scam targeting taxpayers has been making the rounds throughout the country. Callers claim to be employees of the IRS but are not. These con artists can sound convincing when they call. They use fake names and bogus IRS identification badge numbers. They may know a lot about their targets, and they usually alter the caller ID to make it look like the IRS is calling. 
 
Victims are told they owe money to the IRS, and it must be paid promptly through a pre-loaded debit card or wire transfer. If the victim refuses to cooperate, they are threatened with arrest, deportation, or suspension of a business or driver’s license. Or, victims may be told they have a refund due to try to trick them into sharing private information. If the phone isn't answered, the scammers often leave an “urgent” callback request.
 
Note the IRS will never:
  • Call to demand immediate payment using a specific payment method such as a prepaid debit card, gift card or wire transfer. Generally, the IRS will first mail you a bill if you owe any taxes.
  • Threaten to immediately bring in local police or other law-enforcement groups to have you arrested for not paying.
  • Demand you pay taxes without giving you the opportunity to question or appeal the amount they say you owe.
  • Ask for credit or debit card numbers over the phone.
Surge in Email, Phishing and Malware Schemes
The IRS saw an approximate 400 percent surge in phishing and malware incidents in the 2016 tax season. Scam emails are designed to trick taxpayers into thinking these are official communications from the IRS or others in the tax industry, including tax software companies. Emails can seek information related to refunds, filing status, confirming personal information, ordering transcripts and verifying PIN information. Variations of these scams can be seen via text messages.

When people click on these email links, they are taken to sites designed to imitate an official-looking website, such as IRS.gov*. The sites ask for Social Security numbers and other personal information, which the scammers could use to help file false tax returns. The sites also may carry malware, which can infect people's computers and allow criminals to access your files or track your keystrokes to gain information from your personal computer.
 
Email Phishing Scam: "Update your IRS e-file"
The IRS is aware of email phishing scams that appear to be from the IRS and include a link to a bogus website intended to mirror the official IRS website. These emails contain the direction “you are to update your IRS e-file immediately.” The emails mention USA.gov and IRSgov (without a dot between "IRS" and "gov"), though notably, not IRS.gov* (with a dot). Don’t get scammed. These emails are not from the IRS.

What do you do if you get these messages?
  • Do not respond to the email or click on the links.
  • Instead, forward the scam emails to the IRS at phishing@irs.gov.
For more information, visit the IRS's Report Phishing* web page.
 
Tax Refund Scam Artists Posing as Taxpayer Advocacy Panel
According to the Taxpayer Advocacy Panel (TAP), taxpayers are receiving emails that appear to be from TAP about a tax refund. These emails are a phishing scam, where unsolicited emails which seem to come from legitimate organizations — but are really from scammers — try to trick unsuspecting victims into providing personal and financial information. Do not respond or click the links in them. If you receive an email that appears to be from TAP regarding your personal tax information, please forward it to phishing@irs.gov and note that it seems to be a scam email phishing for your information.

TAP is a volunteer board that advises the IRS on systemic issues affecting taxpayers. It never requests, and does not have access to, any taxpayer’s personal and financial information such as Social Security numbers, PINs or passwords and similar information for credit cards, banks or other financial institutions.

Don’t Fall Victim and Help Others Not to Fall Victim
Educate yourself on tax telephone scams and various tax email phishing scams including malware schemes to avoid falling victim to a scammer’s tactics. Learn more* about specific tax-related scams.

Check out* the various types of tax-related illegal activities and how to report these activities. You may also report instances of IRS-related phishing attempts and fraud to the Treasury Inspector General for Tax Administration at (800) 366-4484.

Information courtesy of IRS.

Links marked with * go to a third-party site not operated or endorsed by Arvest Bank, an FDIC-insured institution. 

Tags: Consumer Protection, Financial Education, Fraud Alert, Tax
 

Customer Question: “What is a merchant card data breach?”

Thursday, December 29 at 01:30 PM
Category: Personal Finance
Customer Question: “What is a merchant card data breach? Is it safe to use my debit card?”

A merchant data breach is when an unauthorized party accesses a merchant computer network and steals cardholder data. In these types of breaches, the impacted cardholders are those who used their cards at the breached merchant. They typically impact cardholders at multiple banks.

Unfortunately, merchant data breaches are becoming more common with 974 publicly disclosed data breaches in the first half of 2016 alone, according to the Breach Level Index*. 

Arvest, along with other banks in the region, is seeing some fraudulent transactions on less than one-half of one percent of our debit cards as a result of a merchant data breach at one or more merchants. This is NOT an Arvest security breach and includes cards from other banks. 
 
Please know our teams regularly monitor our debit card activity watching for fraudulent transactions. If unusual activity is observed, we will contact you immediately.
 
As a reminder, you should also regularly monitor your accounts for any unauthorized transactions or suspicious activity and report it immediately. If you see suspicious activity on your Arvest account, please contact Customer Service at (866) 952-9523 or visit your local branch.
 
It is important for U.S. Visa consumer debit and credit cardholders to know they are protected against fraudulent purchases with Visa’s Zero Liability Policy*.  
 
Remember to practice good financial security by monitoring your accounts and reporting suspicious activity to your card issuer immediately.
 
Thank you for this question.
 
If you have a question you would like answered, please submit it using the Ask Us Anything tool on the right side of the blog page.  

Links marked with * go to a third-party site not operated or endorsed by Arvest Bank, an FDIC-insured institution. 

Tags: Credit Cards, Customer Question, Debit Cards, Financial Education, Fraud Alert
 

Fraud Alert: Phishing Phone Calls

Friday, November 18 at 02:20 PM
Category: Arvest News

Arvest Bank has become aware of a phone phishing scam, which some customers have experienced. In the scam the customer receives an automated phone call from a number with an 844 area code saying the customer’s card has been blocked. The message prompts the customer to enter their credit/debit card number. These calls are fraudulent and are not generated by Arvest Bank.

If you received a phone call like this and entered your personal information, please contact us immediately at (866) 952-9523, so we can protect your account. 

If you received a phone call like this but did not divulge confidential information, please notify us via email at reportfraud@arvest.com. If possible, please include the phone number the call came from and the type of information asked for (e.g., card number, account number).

Phishing scams come in a variety of forms. While some are similar to this one, others come in the form of emails, customer service surveys or text messages. While it can be difficult to identify spoofed text messages, email messages, websites and automated phone systems, it is not difficult to know if any of these may be related to a fraudulent phishing scam. The key is knowing that legitimate businesses do not send messages or make automated calls to customers prompting them to divulge confidential information. If you receive such a message, or automated phone call, no matter how genuine it may appear, assume it to be fraudulent and please notify the legitimate business immediately.

For more information on phishing scams, identity theft and other helpful information, please visit our consumer protection resource center.
 
Tags: Consumer Protection, Fraud Alert, Privacy and Security

Choose one or more categories to subscribe to:




Cancel