Security Alerts

12/19/13-ALERT:  Target Confirms Unauthorized Access to Payment Card Data in U.S. Stores

 

 

Approximately 40 million credit and debit card accounts may have been impacted between Nov. 27 and Dec. 15, 2013. Target alerted authorities and financial institutions immediately after it was made aware of the unauthorized access, and is putting all appropriate resources behind these efforts.  Among other actions, Target is partnering with a leading third-party forensics firm to conduct a thorough investigation of the incident.

To protect our customers, Evans Bank constantly monitors accounts to guard against unauthorized transactions and fraud.

 

A data compromise is an organized theft of ATM, debit, or credit card information, primarily through merchant data breaches.  When a data compromise affecting Evans Bank cards or accounts occurs, we receive information from multiple outside sources, such as Visa®, FraudWatch Plus® and law enforcement agencies. 

 

There is no need to close any accounts linked to this card.  To minimize the potential risk, however, we ask that youcarefully monitor transaction activity, as you are in the best position to identify any suspicious charges.  If you suspect any unauthorized charges, please notify Evans Bank immediately.

 

Evans Bank and its partners are working closely together to identify fraudulent behavior and protect your account.  And remember, your Visa debit card is backed by Visa’s Zero Liability policy, so even if your card or its number is ever lost or stolen, you will not be responsible for unauthorized charges.For additional protection, your debit card is also equipped with Verified by Visa, protecting you when shopping online at merchants participating in that program.

 

Evans Bank regrets any inconvenience this situation may cause.  If you would like to take extra precautions, such as ordering new cards or immediately cancelling your card, please stop by any branch or call our Customer Experience Center at 926-3313. 

 



 12/10/13- ALERT:  GRANDPARENT SCAM   
You get a call or an email unexpectedly from someone who claims to be a friend or relative.  This often happens to grandparents with the caller claiming to be their grandson or granddaughter.  The caller says there is an emergency and asks you to send money immediately.  But beware, there’s a good chance this is an imposter trying to steal your money!  Follow these tips to avoid becoming a victim of fraud.

Common scenarios include:

  • A grandparent receives a phone call (or sometimes an e-mail) from a “grandchild.”  If it is a phone call, it is often late at night or early in the morning when most people are not thinking that clearly. Usually, the person claims to be traveling in a foreign country and has gotten into a bad situation, like being arrested for drugs, getting in a car accident, or being mugged…and needs money wired ASAP. And the caller does not want his or her parents told.
  • Sometimes, instead of the “grandchild” making the phone call, the criminal pretends to be an arresting police officer, a lawyer, a doctor at a hospital, or some other person. And the FBI has received complaints about the phony grandchild talking first and then handing the phone over to an accomplice…to further spin the fake tale.
  • The FBI has also seen military families victimized: after perusing a soldier’s social networking site, a con artist will contact the soldier’s grandparents, sometimes claiming that a problem came up during military leave that requires money to address.
  • While it is commonly called the grandparent scam, criminals may also claim to be a family friend, a niece or nephew, or another family member.

How do these scammers know the names of your friends or relatives?  In some cases they do not.  For instance, the scammer may say “Hi grandma,” hoping that you actually have a grandson.  If you ask, “David, is that you?” the scammer will say “Yes!”  Often these crooks will call in the middle of the night and take advantage of the fact that you may not be awake enough to ask more questions and you may not want to disturb other people by calling them to confirm the information.  Sometimes the scammers do know the names of your friends or relatives.  They can get that information from a variety of sources.  Your relatives may be mentioned in an obituary or on a social networking site.  Your email contact list may contain the names of friends and relatives.

What to do if you have been scammed.We recommend contacting your local police department if you think you have been victimized.

Advice to avoid being victimized in the first place:

  • If you get a call or email from someone claiming to know you and asking for help, check to confirm that it is legitimate before you send any money.   
  • Ask some questions that would be hard for an imposter to answer correctly – the name of the person’s pet, for example, or the date of their mother’s birthday.
  • Contact the person who they claim to be directly. If you cannot reach the person, contact someone else – a friend or relative of the person.
  • Never wire money based on a request made over the phone or in an e-mail...especially overseas. Wiring money is like giving cash—once you send it, you cannot get it back.
     

************************************************************************************************************************************


09/13/13 – Fraud by Telephone has seen an Alarming Increase Recently:
Evans Bank has been advised that some of our customers have been contacted by unknown third parties in attempts to steal money from them.  Fraudsters are calling victims and telling them that their card or account has been compromised.  The victim is either requested to "press 1" or call their security department.

 Pressing 1: directs you straight to the fraudster who requests information from you about your account to "verify" who you are and you have fallen right in their trap.

 Hanging up and calling your security department: seems like the way to go - but the fraudster on the other end does not hang up.  On landlines, both parties must hang up for the call to be disconnected.  When you pick the phone back up and dial the number on the back of your card, the fraudster plays a recorded dial tone and ringing into the phone and then "answers" to help you.  To avoid their tactic, you can call Evans Bank customer service from your mobile phone.   

 Additionally, please be wary of offers of prize or unclaimed money in your name, wiring the difference in a check sent to you and the cost of an item and offers for free credit reports sent to you by mail or e-mail.  Unscrupulous attempts to extort money from victims are being made by persons who claim to be from well-known computer companies and are calling to assist you with an error report that was sent from your computer or similar problem. 

 Evans Bank wishes to assist you in safeguarding your information.  A few tips:

  •  Keep your anti-virus and anti-malware software up to date and run it as often as recommended by the software

 

  •  Contact our customer service or your local branch for help with questions of legitimacy of offers you may have received

 

  • Know that you DO NOT have to give out any information by phone or otherwise - you may contact Evans Bank or other institutions via means that you trust to handle any situation that someone may be calling you regarding.  

 

  • Keep a copy of the numbers on the back of your credit and debit cards so that you may call immediately if your card is lost or stolen

 ###

12/21/12:
Banks and bank customers are commonly exposed to higher rates of unauthorized purchase attempts during the holiday season.  As a proactive measure, for our customers' protection, there may be enhanced security measures for select debit card purchases.  If you have experienced a difficulty making a purchase, please know ATM withdrawals with your debit card will continue to function as usual.  If you have additional questions, please call our customer service line during normal business hours at 1-866-310-0763.

1/5/2012:

Customers Utilizing Direct Deposit and Direct Payment –
Fraudulent Emails Appearing to Come from NACHA are in circulation.

Be Aware That:

  • NACHA does not process nor otherwise touch the ACH transactions that flow via the ACH Network nor between financial institutions and their customers.
  • NACHA does not send communications of any type to persons or organizations about individual ACH transactions that they originate or receive. If you or your customer has received a communication of this nature that purports to come from NACHA, it is fraudulent.
  • NACHA is the industry trade association that manages the development, administration, and governance of the ACH Network, the backbone for the electronic movement of money and data.
  • The ACH Network serves as a safe, secure, reliable network for direct consumer, business, and government payments, and annually facilitates billions of payments such as Direct Deposit and Direct Payment.

These incidents are occurring with greater frequency and increased sophistication. Perpetrators are conducting similar phishing attacks in which they are sending fraudulent emails that claim to be from the Federal Reserve Bank, IRS, other federal agencies, as well as commercial financial institutions, other payment organizations, technology companies, and businesses.

For more information, please go to www.NACHA.organd forward fraudulent emails that claim to be from NACHA to abuse@nacha.org

###

SPECIAL ALERT-FRADULENT COORESPONDENCE CLAIMING TO BE FROM THE FDIC

The Federal Deposit Insurance Corporation (FDIC) is reminding financial institutions, businesses and consumers that fraudulent correspondence claiming to be from the FDIC continues to be mailed, faxed and e-mailed in the United States and other countries. The correspondence uses various techniques to gain the trust of recipients in hopes they will provide sensitive personal information, including bank account numbers, that can be used to steal money and other assets. Recipients should NOT, under any circumstances, respond to the fraudulent requests. Institutions also are encouraged to inform customers that fraud artists may use the names of the FDIC and other government agencies and to take appropriate precautions.

The criminals, knowing that people trust the FDIC name, have duplicated the official logo and seal in fraudulent letters, forms, certificates and other correspondence. Recent examples have included invoices, bills, transfer forms, guarantees, endorsements, and confirmations of stock and investment purchases. In some cases, recipients were asked to complete fraudulent forms and return them by fax or e-mail. In other cases, recipients were asked to remit funds via check or wire transfer service.

The FDIC rarely sends unsolicited bills or other similar documents to financial institutions, businesses and consumers. In particular, the FDIC does not send unsolicited correspondence asking for sensitive personal information, including bank account information. Anyone receiving such correspondence should contact the FDIC immediately by calling toll-free at 1-877-ASK-FDIC (1-877-275-3342) or by e-mailing to alert@fdic.gov. Do not use contact information listed for the FDIC in the correspondence because it is likely to be falsified.

Information about counterfeit items, cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC's Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-3054, Washington, D.C. 20429, or transmitted electronically to alert@fdic.gov. Questions related to fraudulent correspondence, deposit insurance or consumer issues should be submitted to the FDIC using an online form that can be accessed at http://www2.fdic.gov/starsmail/index.asp.

For your reference, FDIC Special Alerts may be accessed from the FDIC's website at www.fdic.gov/news/news/SpecialAlert/2009/index.html. To learn how to automatically receive FDIC Special Alerts through e-mail, please visit www.fdic.gov/about/subscriptions/index.html.

 

ALERT - FRAUDULENT MONEY ORDERS

The United States Postal Service (USPS) has faced the challenge of a growing number of fraudulent money orders being presented to financial institutions. In response, the USPS has launched a positive pay solution, which enables consumers, businesses or financial institutions to verify US Postal Service money orders.  To use the Interactive Voice Response (IVR) phone system, call 1-866-459-7822 and input the serial number (11 digits), dollar amount (6 digits), and the Post office ID (6 digits).   The money order has to be issued at least 48 hours prior to the inquiry and no older than 90 days.  You can only enter one money order at a time.  There are restrictions on the number of money orders verified per call.  If the money order does not match the USPS database, refuse to cash and, if possible, confiscate the money order from the customer and provide them a copy or receipt of the money order. If customer does not wish to relinquish the money order, suggest that they take the money order to the local Postmaster and let them know it could be fraudulent.

Fraudulent Wal-Mart Money orders and American Express Travelers Cheques are also making the rounds.  To verify Wal-Mart money orders call Traveler's Express at 1-800-542-3590.  To verify American Express Traveler's Cheques, call 1-800-525-7641.