Security Education

PROTECT YOUR BUSINESS FROM FRAUD

Phishing:

You Get An Email That Looks Like It's From Someone You Know

It seems to be from one of your company’s vendors and asks that you click on a link to update your business account. Should you click? Maybe it looks like it’s from your boss and asks for your network password. Should you reply? In either case, probably not. These may be phishing attempts.
Click the link to learn how to protect your business! https://www.ftc.gov/business-guidance/small-businesses/cybersecurity/phishing

Business Email Imposter:

A Scammer Sets Up An Email Address That Looks Like It's From Your Company

Then the scammer sends out messages using that email address. This practice is called spoofing, and the scammer is what we call a business email imposter.

Scammers do this to get passwords and bank account numbers or to get someone to send them money. When this happens, your company has a lot to lose. Customers and partners might lose trust and take their business elsewhere — and your business could then lose money.

Click the link to learn how to protect your business! https://www.ftc.gov/business-guidance/small-businesses/cybersecurity/business

Check Fraud:

How To Spot, Avoid, And Report Fake Check Scams

Fake checks might look like business or personal checks, cashier’s checks, money orders, or a check delivered electronically. Here’s what to know about fake check scams.

Click the link to learn how to protect your business! https://consumer.ftc.gov/articles/how-spot-avoid-report-fake-check-scams

Ask a Business Banker today how to protect your Business using a check fraud protection product, Positive Pay. Available in Cash Management. https://www.citizenslc.com/services/cash-management

PROTECT YOURSELF FROM FRAUD

FRAUD IS ON THE RISE INDUSTRY WIDE:

Avoiding and Reporting Scams:

Click Federal Trade Commission-Scams to review the many types of Scams and find out what steps you can take if you were scammed
Top Scams this year:
- Scammers can hide harmful links in QR codes to steal your information
- Voice Cloning Technologies can trick you into revealing personal information
- Impersonators attempt to get information through a call, text or social media

Protect Yourself From Scams:

Every day, individuals fall victim to scams. Scammers use many different methods and tricks to try and get access to your funds and accounts. Learn more about how to spot them and avoid them.

Click Here For More Info

Understanding financial fraud:

Financial fraud can happen to anyone, from senior citizens to young adults. No matter the age of the victim, however, most financial scams follow the same general framework. Financial fraud scams are scripted actions designed to deceive the victim while providing the perpetrator with an illegitimate financial advantage.

Common money scams:
- Social engineering scams: Perpetrators of these scams may get access to your bank account or trick you into sending them money by posing as someone who is trustworthy to try to get you to share your personal information or money. They may try to convince you that they are an IRS agent, someone from your bank, or even a friend or family member.
- Ponzi schemes: A type of investment fraud, a Ponzi scheme requires investors to recruit new investors, whose funds pay returns to those with higher positions in the scheme. If the math doesn't add up, you're promised a positive return no matter how the market reacts, or you can't seem to cash out, you might have a Ponzi scheme on your hands.
- Charity fraud: This happens when people claim to be collecting funds for charitable causes, which never receive the donations. Fraudulent charities tend to appear after disasters, when they have the best chances of taking advantage of generosity.
- Sweepstakes scams: These schemes center on fake lotteries and sweepstakes. Which may require you to provide personal information or pay a fee to collect your winnings. If you learn that you won a sweepstakes you never entered or that you have to pay to get your prize, consider a likely money fraud attempt.

Understand the risks of online transaction processing:

Our website includes security alerts and information about preventing and reporting identity theft. The security tips and links to websites noted below provide important information and news to help you understand online transaction risk and options to help you control these risks. It is important to be informed and proactive. When it comes to internet fraud, account takeover and identity theft, an ounce of prevention is definitely worth a pound of cure.

Password Security Tips

Do not share your User ID’s or Passwords with another person or provide them to others. Safeguard your User ID and Password information—never leave the information “lying around” in an unsecured location.
Create a unique User ID and Password for each site. Do not use the same identifying information on multiple websites.
Create strong User ID’s and Passwords. In other words, use upper case letter(s), lower case letter(s), and numbers; if the site allows for them, use symbols as well.
Many websites force password changes (i.e. every 60 days). If a website does not do so, take the initiative and change your password on a regular basis.
Avoid posting personally identifiable information on social media sites such as on Facebook and Twitter. Information such as street address, pets’ names, home town and mother’s maiden name can be used to access more secure information.
- We will never call, email or otherwise contact you to request your access ID, password, or other log-in credentials for the online services we offer. If you receive such a request, do not provide any information. Contact a Universal Banker at 575-647-4100 or at efraud@citizenslc.com to report the incident. Please note that our efraud email is monitored during regular business hours; Monday-Friday 9:00am to 5:00pm (excluding bank holidays)

Website Security Tips

Monitor account activity. View account activity online on a regular basis and review periodic account statements (monthly and/or quarterly) and reconcile them to your personal records.
Log off from a website; do not just close the page or “X” out.
Secure websites have a web address that includes an “s” (https rather than http). If this feature is lacking, the site may not be genuine. Do not log in or conduct business on these sites.
When completing financial transactions, verify encryption and other security methods are in place, protecting your account and personal information.

Computer / Network /Mobile Device Security Tips

Use quality security monitoring software on your PC that includes anti-virus, anti-malware and firewall functions.
Use your PC’s security features such as individual Log-In accounts.
Keep PC operating system security up-to-date by applying patches and updates.
Password-protect your computer network (physical or wireless).
Back up important data to an external storage device or online cloud storage service
For more information on securing your data and devices, read this article from the FTC https://consumer.ftc.gov/consumer-alerts/2022/03/cybersecurity-advice-protect-your-connected-devices-and-accounts
For more information on protecting your personal information in a digital space, read this article from the FTC https://consumer.ftc.gov/articles/protect-your-personal-information-data

Check Fraud

A good rule of thumb to mitigate fraud is to never cash or deposit a check from an unknown source and then wire funds to that unknown source. Remember, checks may take weeks to clear fully even if funds are made available. However, once funds are wired out, there is no way to retrieve them. This article from the FTC discusses this common method for check fraud and ways to protect yourself against it. https://www.consumer.ftc.gov/blog/2018/05/scam-story-secret-shopping-and-fake-checks?utm_source=govdelivery

Wire Transfer Fraud

Scammers pressure you to wire transfer money to them because it's easy to take your money and disappear. Wiring money is like sending cash, once it's sent, you won't get it back. Never wire money to a stranger, no matter the reason given. Scammers will instruct you not to tell your bank the real reason funds are being wired. Always give your Banker the real purpose for the wire transfer. https://consumer.ftc.gov/articles/you-wire-money

REPORTING SUSPICIOUS ACTIVITY

If you see suspicious activity on your account(s) or have received a suspicious call, email, letter or other similar contact regarding your relationship with Citizens Bank, call 575-647-4100 and ask to speak to a Universal Banker or email us at efraud@citizenslc.com. Emails sent to efraud@citizenslc.com after normal business hours will not be handled until the next business day.

IDENTITY THEFT

What can you do to avoid becoming a victim of IDENTITY THEFT?

Protecting your identity:

Never respond to unsolicited requests for your social security number or financial data.
Before discarding, shred credit card, ATM receipts and any pre-approved credit offers you have received, but don't plan to use.
Check all credit card and bank statements for accuracy.
Avoid easy-to-figure out access and personal ID codes.
Obtain a copy of your credit report annually and check it for accuracy.
Use only secure sites when making online purchases. Secure pages begin with "https."
Pay for online purchases by credit card to assure you get what you paid for and to limit your liability.
Safeguard your SSN, and check earnings and benefit statements annually for fraudulent use.

If you have become a victim of Identity Theft, immediately take the following actions:

File a police report.
Contact your bank.
Notify all of those with whom you have a financial relationship.
Tag accounts closed due to fraud, "closed at consumer's request."
Notify credit bureau fraud units.
Establish a password for telephone inquiries on credit card accounts.
Place a fraud alert statement on your credit report.
Request bi-monthly copies of your credit report until your case is resolved (free to fraud victims).
Report theft of checks to check verification companies.
Check post office for unauthorized change of address requests.
Follow-up contacts with letters and keep copies of all correspondence.
For additional help:
Experian: www.experian.com
Report Fraud 888-397-3742
Order Credit Report 888-397-3742
Trans Union: www.transunion.com
Report Fraud 800-680-7289
Order Credit Report 800-888-4213
Equifax: www.equifax.com
Report Fraud 800-525-6285
Order Credit Report 877-322-8228

More information about Identity Theft and how to avoid it can be found at:
Federal Trade Commission: www.ftc.gov/idtheft

CONSUMER PROTECTION - REGULATION E

Regulation E provides rules for error resolution and unauthorized transactions for electronic fund transfers, which includes most transactions processed online. In addition, it establishes limits to your financial liability for unauthorized electronic fund transfers. These limits, however, are directly related to the timeliness of your detection and reporting of issues to Citizens Bank. It is for this reason that we encourage you to immediately review periodic account statements and to regularly monitor your account activity online.

The “Electronic Fund Transfers” disclosure provided to you at the time of account opening provides detailed information. We will provide to you, upon request, a free printed copy of this disclosure.

ADDITIONAL INFORMATION FOR BUSINESS USERS OF ONLINE SERVICES

The new FFIEC Guidance takes note that business transactions, because of their frequency and dollar value, are inherently more risky than consumer transactions. The Guidance also notes the steep rise of online account takeovers and unauthorized online fund transfers related to business accounts in the last five years.

Recently, small- to medium-sized businesses have been primary targets as cyber criminals have recognized that the security controls they have in place are not as robust as that of larger businesses. Analysis indicates enhanced controls over administrative access and functions related to business accounts and layered security using multiple and independent controls would help to reduce these types of crime.

The FFIEC Guidance suggests enhanced controls for businesses:

Business customers should be encouraged to perform a periodic risk assessment and an evaluation of the effectiveness of the controls they have in place to minimize the risks of online transaction processing.
The password, website, computer and network tips above provide a starting point for this process and the web resource links provide additional detailed information.
The FTC Business Center has a great deal of information for businesses at http://business.ftc.gov/privacy-and-security/data-security.
Business customers should understand the security features of the software and websites they utilize and take advantage of these features. Segregation of duties—the process of separating duties so no one person can perform all steps of a transaction—is an example of a very important security feature.
Layered security options that may be available to business customers doing online transactions include transaction thresholds, out-of-band verification (such as telephone or email verification), fraud detection and monitoring systems, and IP reputation–based services. The Guidance encourages establishing layered security processes.

Cash Management

Keep your business running smoothly with our cash management suite.

Learn about Cash Management

a young couple looking at a mobile phone at coffee shop

Personal Checking

Find the perfect checking solution to fit your financial needs.

Compare Accounts