The latest FTC Data Spotlight explores how text scams try to get you to act NOW. Whether it's the thrill of getting a free item or the panic about a large unauthorized charge, scammers know that these texts are hard to ignore. The most-reported text scam looks like a fraud alert from your bank, but it's fake. It might say there's suspicious activity on your account and tell you to call a number. Or to reply "yes or no" to confirm a big purchase (that you didn't really make). But don't do it. There is no real problem. They just want your money or personal information.
Learn More
Learn how you can access a free security freeze to restrict access to your credit card file, making it harder for identity thieves to open new accounts in your name
https://www.consumer.ftc.gov/blog/2018/09/free-credit-freezes-are-here
Click here to visit the Federal Trade Commission's ID Theft homepage if you would like more information concerning identity theft and how to protect yourself.
Please note: Premier Bank is not responsible for the website content available at third party sites. Premier Bank Privacy Policy does not apply to third party sites. Please consult the Privacy disclosures on the sites that you are visiting for further information.
Be especially vigilant about:
Phishing- fraudulent e-mails, mail, or phone calls that appear to be from a well-known source asking you to verify private information such as name, account information, credit information, and passwords.
Spoofing- an attacker produces a shadow copy of a legitimate website to gain access to personal information.
General Tips to Prevent Abuse:
- Be wary of any unsolicited e-mails, especially those concealing true identity
- Don’t judge a website by appearances – shadow copies are often equally impressive and professional
- Regularly review account activity at your bank, quickly report questionable activity
- Review Credit Card Account Statements regularly--report discrepancies immediately
- Refrain from giving out personal data online or by phone
- Run anti-virus software and update frequently
- Install a personal firewall
- Change passwords often and make sure they are not easily obtainable or easy to guess
- Be wary of parties demanding advance fees
- Suspect all “checks to be deposited” especially from overseas or related to sweepstakes
- Shred all private information before discarding
- Treat all business checks as cash and keep account information under lock and key
- Obtain a copy of your credit report on a yearly basis and review carefully
If you should fall victim to fraud or identity theft, see the above FTC brochure and act immediately.
Free Trial Can Be Risky Business
“Grandma: I’m in the hospital, sick, please wire money right away.” “Grandpa: I’m stuck overseas, please send money.” Grandparent scams can take a new twist – and a new sense of urgency – in these days of Coronavirus. Here’s what to keep in mind: Read More
Please access the following link from The Federal Trade Commission concerning a current scam.
Checks from the government
Please access the following link from The Federal Trade Commission concerning additional scams.
Tips from the FTC
Videos from the Federal Trade Commission may not feature a cast of celebrity actors, but they’re still entertaining. Produced by the nation’s consumer protection agency, these videos offer practical, useful, and memorable messages that can save you money, time, and aggravation. And they’re free.
Check them out here
Dear Clients:
Premier Banks cares about your security. According to the FBI’s Internet Crime Complaint Center, since the beginning of 2015 there has been a 270 percent increase in identified Business Email Compromise (“BEC”) victims. Premier Banks is writing to alert you of this fraudulent wire transfer and ACH trend and to educate you as to how you can prevent your business from becoming a victim.
What is a Business Email Compromise?
BEC is the theft of employee/executive email addresses that are then used to generate fraudulent funds transfer requests.
More specifically, perpetrators target internal employees with access to financial or sensitive employee data by impersonating executives, trusted individuals or vendors via bogus emails.
-
BEC is carried out by compromising legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers.
-
Fraudulent emails provide instructions to wire/ACH a large sum of money to a specific account that the fraudster controls. The accounts are connected to foreign banks where the funds can be quickly transferred out of.
-
Unlike traditional phishing scams, spoofed emails used in BEC fraud schemes rarely set off spam traps because these are targeted phishing scams that are not mass emailed.
-
Perpetrators take the time to understand the target organization’s relationships, activities, interests and travel and/or purchasing plans.
How to protect your business?
-
The most important thing you can do is obtain verbal confirmation from the person “emailing” the request. Use previously known phone numbers, not the numbers provided in the email request. In addition, do not reply to the requestor’s email, but create a new email using the email address you have on file for the requestor.
-
Immediately report any breaches to the bank.
-
Have a dual control process for approvals of all wire transfer requests.
-
Don’t publish vacation or travel schedules on social media sites.
-
Take your time and review the situation. Ask if this request is “urgent” as is oftentimes stated in the request.
-
Does the request make sense? Is it a recurring transaction or something new or out of the ordinary?
-
Create intrusion detection system rules that flag emails with extensions that are similar to company email. For example, legitimate email of abc_company.com would flag fraudulent email of abc-company.com.
-
Register all company domains that are slightly different than the actual company domain.
-
Verify changes in vendor payment location by adding dual control procedure such as having a secondary sign- off by company personnel.
-
Know the habits of your customers, including the details of, reasons behind, and amount of payments.
Variations of BEC:
-
Bogus Invoice: A business, which often has a long standing relationship with a supplier, is asked to wire/ACH funds to pay an invoice to an alternate, fraudulent account via email. The email request appears very similar to a legitimate account and would take very close scrutiny to determine if it was fraudulent.
-
Purchase Order: The email of an employee is hacked. The fraudsters then review the recent email activity and send a request to vendors for invoice payments to a fraudulently controlled bank account.
-
Mortgage Industry: Fraudsters target the emails of realtors, title/closing/settlement agents, buyers, and builders to divert money such as down payments and closing funds. The fraudster hacks into an email account and searches for specific information (amount of deposit, names of parties involved, deposit holder) regarding upcoming closings. The fraudster creates a new email to appear legitimate and directs the buyer/deposit holder to wire transfer/ACH the money to a fraudulent account.
Reporting a security breach:
Please contact your local branch or banking officer.
Thank you for your time and attention to this serious matter.
Sincerely,
Mark E. Novitzki, Premier Bank President & CEO
Corey R. Heimer, Premier Bank Rochester President & CEO
Casey O. Regan, Premier Bank Minnesota President & CEO
November 2013
Beware of a new banking scam that's on the rise:
Be suspicious if you receive an automated call with a recording claiming to represent a local bank, indicating your debit card has been frozen and personal information is needed before the card can be used again. This appears to be a variation on the scam known as "phishing," in which swindlers send e-mail claiming to be from a reputable company, hoping consumers will respond with personal financial information. In the latest twist on this scam, fraudsters have been perpetuating these automated calls late in the night, perhaps believing that a tired consumer is less vigilant.
The American Bankers Association Education Foundation recommends never giving out your personal financial information is response to an unsolicited phone call, fax, or email, no matter how official it may seem. Your best response is simply no response. If you should receive one of these calls or any variation of this scam from an individual or entity claiming to represent Premier Bank, or if you have already become a victim, please contact us.
A recurring concern we hear about at the BBB involves customers signing up online for 'risk free' trials of various health products, including Acai Berry weight loss and teeth-whitening products. In fact, offers like these made the BBB's Top Ten list of scams and rip-offs that took advantage of consumers and small business owners in 2009. What we're hearing is that customers are sometimes being charged for these 'free trials' if they fail to cancel within the trial period. We're also hearing that some customers are being billed for the products they don't receive and then have trouble getting billing issues straightened out. If you're looking for health products online, here are some things you need to know:
- Before taking any weight-loss supplement or trying a new health product, you'll want to be sure to consult a health care professional. Some websites offering products like these make unrealistic claims or give advice which could be damaging to your health. Make sure you know what you're buying and that the claims marketers are making have basis in fact and won't jeopardize your health.
- Before purchasing health products online, check out the seller first. You can do so at www.bbb.org. When you're researching companies, don't just enter their name. You can also do advanced searches using phone numbers and web addresses. Remember, the more fantastic the health claim, the greater the odds customers somewhere have been disappointed by the product.
-
Make sure you understand all the terms of any offer you receive. Many times important information (such as future billings, which will commence if you fail to cancel within a given timeframe) is buried deep in the fine print. Or else you have to click through multiple links to gather all the information you need to evaluate the offer. If you have concerns about and offer you receive, trust your instincts. If something doesn't feel right, take a step back and do some more investigating.
-
Finally, consumers shopping online should look for the BBB seal on websites and click on the seal to confirm its legitimacy. And of course, consumers can always contact the BBB directly with questions, concerns, and complaints.
Getting healthy is always an admirable goal, just be sure you're keeping an eye on your financial health as well - investigate before you invest!
June 11, 2014
Our online banking provider has confirmed that our online banking services do not use OpenSSL and were completely unaffected by the recent vulnerability. If you should have any questions, feel free to contact us at (651)777-7700 and ask for Product Support.
Security Threat Alert | iPhone iOS 7
Date: 2/24/2014
Overall Threat Level: HIGH
Required Attention Timeline: IMMEDIATE
Overview
Apple has released an update for iOS 6 and 7 to address a substantial security vulnerability where unpatched devices are susceptible to attacks which can intercept, read and modify: encrypted mail, web browsing, app traffic, and other sensitive data. You can learn more from the Apple website or KrebsonSecurity. The general consensus is that in order to exploit this flaw, the hackers must have privileged control over WiFi or cellular networks used by vulnerable devices. Because of this mitigating factor, the overall risk is lowered somewhat. However, because of the potential severity, and the relative ease to fix, it is advisable to give this matter immediate attention.
At this time, it is believed that this bug was introduced in iOS 6.0, so devices running iOS 5.x and previous are not impacted. To test your device, visit https://gotofail.com from any Apple products which could be compromised. The website will display a pass or fail message, depending on whether the device accessing it is susceptible. To update your Apple device, visit
Settings > General > Software Update
December 2013
We have been made aware of a security breach involving a major US retailer's card processing system. We encourage consumers to closely monitor their account(s) for fraudulent activity. If you discover unauthorized charges, please contact the bank immediately.
In the meantime, Premier Bank is taking precautionary measures to mitigate losses by ordering replacement cards for all cards identified on the compromised card lists. Your new card should arrive in 10-14 days at which time the suspect card will be closed.
If you have additional questions, please contact your branch location.