Consumer Fraud Protection
The safety and security of your financial information is of primary importance to us. This page includes important information about current fraud schemes as well as links to several resources where you can learn more about the assistance available to you to help minimize your risk.
Consumer Fraud Alerts
Recently, Equifax, one of the three national consumer credit reporting agencies, announced a major data breach. This breach affects approximately 143 million Americans. This is what we know according to Equifax: the data breach occurred May – July 2017, and the information stolen includes consumers’ personally identifiable information, including names, Social Security numbers, dates of birth, addresses and, in some cases, driver’s license numbers. Approximately 209,000 credit card numbers and dispute documents with personally identifiable information for approximately 182,000 consumers were also stolen. There is no evidence of unauthorized access to consumers’ credit reporting databases.
Resolute Bank takes the security of our client information very seriously, and we are providing you with the information we know about this massive breach and the steps you can take to protect your personally identifiable information if you so desire. Following this unprecedented breach, we are also asking our customers to be extra vigilant and report any suspicious activity in your Resolute Bank accounts by calling 419-868-1750.
Equifax has established a website that informs consumers if they may be affected by the breach, provides additional information on the breach, and offers complimentary identity theft protection and credit file monitoring. This information is available at www.equifaxsecurity2017.com. To protect your identity and personal information, Resolute Bank strongly encourages our customers to take the actions noted below.
- Review your account statements to spot any suspicious transactions. You can also monitor your account activity online at any time at www.resolutefsb.com and your credit card activity at https://tib.fdecs.com/eCustService/
- If you spot any suspicious transactions, please contact us immediately at 419-868-1750.
- Consider if you should place an initial fraud alert on your credit report (see https://www.consumer.ftc.gov/articles/0275-place-fraud-alert).
- Consider if you should freeze your credit file (see https://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs).
- Review your credit reports for accuracy. Call any one of the three credit reporting agencies to receive your free annual credit report or visit www.annualcreditreport.com.
- Experian ® | P.O. Box 9554 | Allen, TX 75013 | 888-397-3742 | www.experian.com
- TransUnion® | P.O. Box 2000 | Chester, PA 19016 | 800-680-7289 | www.transunion.com
- Equifax® | P.O. Box 740241 | Atlanta, GA 30374 | 800-349-5191 | www.equifax.com
- You should also contact the credit reporting agencies to notify them of any suspected fraud or identity theft.
If you believe you are the victim of identity theft, contact your local law enforcement office and/or your state attorney general. Finally, you may also want to consider reviewing information about recovering from identity theft, which is available from the Federal Trade Commission (FTC) at https://www.identitytheft.gov/ or by calling 1-877-IDTHEFT (1-877-438-4338). The FTC also offers general information to protect your online presence at https://www.consumer.ftc.gov/topics/privacy-identity-online-security.
Equifax has established a dedicated toll-free number to answer questions you may have about the Equifax data breach and its effect on your personally identifiable information. You may call them at 866-447-7559.
As always, our dedicated Client Experience Team is here to assist you to answer questions you have regarding your banking relationship. You can contact a member of our team at 419-867-1750.
Resolute Bank wants to assist you by offering tips to help identify fraud and avoid becoming a victim. If you have answered “yes” to any of these questions, please contact your Private Banker today:
- Are you cashing or depositing a check for items sold on the Internet or a work-at-home program?
- Were you informed you were the winner of a lottery you never entered?
- Have you been asked to return or wire some of the proceeds of a check?
- Were you offered a check for an amount that is higher than the selling price of an item?
- Have you clicked on an attachment in an email that you did not know where it came from?
- Has a web site asked for your user id, password, or other personal information to verify your identity?
- Have you had issues trying to access your internet banking accounts, or seen a message to try again later because the sight is under maintenance?
One way thieves can steal your identity is through "phishing." It is pronounced "fishing," and that is exactly what these thieves are doing: "fishing" for your personal financial information. What they want are account numbers, passwords, Social Security numbers, and other confidential information that they can use to loot your checking account or run up bills on your credit cards.
With the sensitive information obtained from a successful phishing scam, these thieves can take out loans or obtain credit cards and even driver's licenses in your name. They can do damage to your financial history and personal reputation that can take years to unravel. But if you understand how phishing works and how to protect yourself, you can help stop this crime.
- Never provide your personal information in response to an unsolicited request.
- If you believe a contact may be legitimate, contact the financial institution yourself after you have verified the contact information.
- Never provide your password over the phone or in response to an unsolicited Internet request.
- Never click on the links provided in an e-mail.
- Protect your Social Security Number (SSN), credit card and debit card numbers, PINs (personal identification numbers), passwords and other personal information.
- Protect your incoming and outgoing mail.
- Keep your financial trash "clean” by shredding sensitive information.
- Keep a close watch on your bank account statements and credit card bills.
- Keep copies of credit cards (front and back) in a safe place so you will be able to call and cancel them if they are stolen.
- Review your credit history at least once a year using www.annualcreditreport.com or by calling 877-322-8228. If you notice suspicious activity, contact the appropriate credit bureau immediately.
- Never access bank, brokerage or other financial services information at Internet cafes, public libraries, etc. Unauthorized software may be installed to trap an account number and login information, leaving you vulnerable to possible fraud.
- When doing business online, make sure the site is secure and your anti-virus, firewall, and other personal computer security applications are up-to-date.
Contact a bank representative immediately.
If you have disclosed sensitive information in a phishing attack, you should also contact one of the three major credit bureaus and discuss whether you need to place a fraud alert on your file, which will help prevent thieves from opening a new account in your name. Here is the contact information for each bureau’s fraud division:
P.O. Box 740250
Atlanta, GA 30374
P.O. Box 1017
Allen, TX 75013
P.O. Box 6790
Fullerton, CA 92634
Report all suspicious contacts to the Federal Trade Commission through the Internet at www.consumer.ftc.gov/features/feature-0014-identity-theft or by calling 1-877-IDTHEFT.
- Contact local law enforcement and file a police report.
- If you notice any accounts in your name that have been compromised or opened without your consent, close them immediately. Call each bank or company and then follow up in writing.
- Immediately place a fraud alert on your credit report(s) by contacting the three major credit reporting companies: Equifax, Experian, and TransUnion.
- File a complaint with the Federal Trade Commission by calling 877-ID-THEFT.
- If you have other questions, you can contact the Ohio Attorney General, Mike DeWine's Office at 800-282-0515 or www.OhioAttorneyGeneral.gov
Scammers use a variety of tactics to make their offers seem legitimate. The Ohio Attorney General has identified some common consumer scams and how to identify them:
Advance Fee Loans
Scam artists can trick you into paying money to qualify for a loan or credit card. Despite their guarantees, you do not receive a loan, credit card, or any money. Never pay money to qualify for a loan, credit card or grant.
Credit Repair Scams
Companies charge hundreds of dollars by promising to restore your credit and quickly erase debt, but do little or nothing to improve your credit. If you need to repair your credit or consolidate debt, you can arrange payment plans and improve your credit score yourself for little or no cost with a nonprofit counseling agency.
Fake Check Scams
Someone sends you a check or money order, which you are asked to deposit in your account and wire-transfer the sender a portion of the money, minus a nice bonus for you as a "thank-you" for helping out. Regardless of the pitch, the result is the same: The check or money order you receive is counterfeit. It will be returned to your bank unpaid, and the full amount will be deducted from your account. Never wire-transfer money to a stranger!
Foreclosure Rescue Scams
In exchange for an upfront fee, scam artists might promise to save your home from foreclosure by obtaining loan modifications or lower interest rates. They instruct you not to contact your lender directly. You may risk losing your money and your home.
Contact Save the Dream Ohio at 888-404-4674 or www.savethedream.ohio.gov to be connected to a certified housing counselor or legal assistance.
If you are contacted by a friend or family member, usually by e-mail, asking you to send money immediately, beware that it may be an impostor or hacker. Before sending money, contact your friend or family member directly, using a different method of communication, and ask a question only your friend or family member would know how to answer.
Home Improvement Fraud
This occurs when contractors or companies don't complete the work they were paid to do. They offer false promises and often disappear without doing any work or after doing a poor job. Always obtain at least three estimates, get everything in writing, and check references. Contractors who knock on your door are required by law to provide you with a three-day right-to-cancel prior to beginning any work.
Job Opportunity Scams
Some scammers ask job seekers to pay high fees for information, training sessions, or promotional materials that turn out to be useless. The jobs are either nonexistent or very low paying. If a job opportunity sounds too good to be true, it probably is.
Online Shopping Scams
Whether you are shopping or networking online, watch out for scams designed to steal your identity and your money. If you are selling something online and someone sends a check for more than the asking price, it usually is a scam. Don't send money for the item you are selling before you are sure it's not a scam. Don't wire-transfer money to a stranger. Help protect yourself by using a secure website to purchase items online. Their addresses begin with "https" rather than "http."
Don't trust your caller ID. Scammers use technology called Voice over Internet Protocol or "spoofing" to disguise the number that appears on your caller ID. The caller ID may show your bank or a local area code, when the call is actually coming from a scammer in another country. If you receive a call asking for your personal or financial information, hang up. Resolute Bank or any government agency will never request your Social Security number or account information over the phone.
You receive a call or letter asking you to make a charitable donation from someone who is only pretending to represent a charity. Before you donate, research a charity with the Ohio Attorney General's Office by calling 800-282-0515 or visiting www.OhioAttorneyGeneral.gov/CharitableSearch.
Sweepstake and Prize Scams
Someone may fictitiously claim you have won the lottery, a contest, or other prize. In order to collect your winnings, however, you'll be asked to pay an advance fee, often via wire-transfer or money order. This is a scam. Legitimate sweepstakes are free and require no purchase.
For more information or to report a scam contact Ohio Attorney General Mike DeWine's office at www.OhioAttorneyGeneral.gov or 800-282-0515
For TTY, please call Relay Ohio at 800-750-0750
- Retrieve your mail promptly after delivery.
- Always deposit your mail in a mail slot at your local post office or hand it to your letter carrier.
Sign up for Online Services:
- Online Bill Pay – eliminates the need to send your checks through the mail.
- Online Bill Presentment – your bills are sent electronically and not through the mail.
- eStatements – eliminates paper statements that travel through the mail.
Also called "fake antivirus" and "rogue antivirus," scareware is an attempt by cyber thieves to sell computer users useless, and potentially dangerous, antivirus software, registry cleaner or other software which allegedly repairs problems or enhances a computer’s performance.
Scareware is normally recognized by pop-up messages, which resemble Windows system messages, indicating that a large number of problems have been found on the computer. The messages prompt users to purchase software to fix the alleged computer problems and either takes users to the attacker's website or initiates a malware download if the user clicks "Cancel" or the "X" to close the window. Malware installed on computers allows thieves to view users’ passwords and other personal information.
Some of the most aggressive scareware products make critical changes to victims' computers, thus preventing them from restoring their computers to an earlier, secure status. You can protect yourself by understanding this form of cyber crime and avoiding clicking on suspicious pop-up windows.
Identity Protection: Prevention, Detection and Victim Assistance
Consumer Information on Identity Theft
Internet Crime Complaint Center
The IC3 is a partnership between the Federal Bureau of Investigation (FBI), the National White Collar Crime Center (NW3C), and the Bureau of Justice Assistance (BJA) designed to serve as a vehicle to receive, develop, and refer criminal complaints regarding cyber crime.
Financial Fraud Enforcement Task Force
Hosts a wide list of resources and information dedicated to helping find and report suspected cases of financial fraud.
Provides practical tips from the federal government and the technology industry to help you be on guard against Internet fraud, secure your computer, and protect your personal information
FBI's site on common fraud schemes and helpful information to avoid becoming a victim.
Better Business Bureau
Research a Business or find local contact information
Do Not Call Registry
You can also call 888-382-1222
Free Annual Credit Report
Phone: 877-322-8228 Provides a free annual credit report.
Motor Vehicle Title Information
Protect yourself against purchasing stolen vehicles.
National Foundation for Credit Counseling
Credit Counseling Services 800-388-2227
Ohio Department of Commerce
Investor Protection Hotline 877-N VEST 411 (877-683-7841)
Ohio Department of Insurance
Consumer Hotline 800-686-1526
Ohio Department of Veterans Services
Ohio Legal Services
Legal Aid Provider 866-529-6446
Save the Dream Ohio
Foreclosure prevention help 888-404-4674
Ohio Attorney General
Mike DeWine's Office: 800-282-0515 TTY - Relay Ohio at 800-750-0750
Corporate Fraud Protection
Helping you protect your business is important to us too and we are here to work with you. We offer ways for you to monitor your account daily for suspicious activity and can talk to you about proper separation of duties for your back office. We have also included some additional information that may assist you in beginning this conversation at your place of business.
Corporate account takeover is a method by which cyber-thieves gain control of a business’ bank account by stealing the business’s valid online banking credentials. Although there are several methods being employed to steal credentials, the most prevalent involves malware that infects a business’ computer workstations and laptops.
A business can become infected with malware via infected documents attached to an email or a link contained within an email that connects to an infected website. In addition, malware can be downloaded to users’ workstations and laptops when the users visit legitimate websites - especially social networking sites - and click on the documents, videos or photos posted there. This malware can also spread across a business’s internal network.
In common attacks, cyber-thieves send emails purporting to come from reputable, national organizations. This is a common tactic to gain credibility and lure unsuspecting individuals into taking some action. A recipient who clicks on the links within the email may be taken to a fake website, which prompts the recipient to unknowingly download malware to the computer.
The malware installs keylogging software on the computer, which allows the perpetrator to capture a user’s credentials as they are entered at the financial institution’s website. Sophisticated versions of this malware can even capture token-generated passwords, alter the display of the financial institution’s website to the user and/or display a fake web page indicating that the financial institution’s website is down. In this last case, the perpetrator can access the business’ account online without the possibility that the real user will log in to the website.
The cyber-thieves use the sessions to initiate funds transfers, by ACH or wire transfer, to the bank accounts of associates within the U.S. These accounts may be newly opened by accomplices or unwitting “money mules” for the express purpose of receiving and laundering these funds. The accomplices or mules withdraw the entire balances shortly after receiving the money, and then send the funds overseas via over-the-counter wire transfer or other common money transfer services.
- Ask us about multi-factor authentication, for example: something the person knows (user ID, PIN, password); something the person has (password-generating token).
- Ask us about dual control features for initiation of payments via Online Banking, with distinct responsibility for transaction origination and authorization.
- Ask us about establishing reasonable exposure limits that are related to transaction origination.
- Do not respond to or open attachments or click on links in unsolicited emails.
- If you receive an email from an apparent legitimate source requesting account information or action, contact the sender directly by other means: We will not send customers emails asking for passwords, credit card numbers or other sensitive information.
- Contact us immediately if you encounter a message stating that the system is unavailable while trying to log in to your account.
- Conduct Online Banking and payments activity from a dedicated computer that is not used for other online activity, such as general Web browsing and social networking and/or is not connected to an internal network.
- Ensure that all anti-virus and security software for all computer workstations and laptops is robust and up-to-date.
- Log/turn off and lock up computers when not in use.
- Change the default passwords on all network devices.
- Educate your employees about this type of fraud scheme.
- Monitor and reconcile accounts daily; many small business clients do not reconcile their bank accounts on a daily basis, and therefore may not recognize fraudulent activity until it is too late to take action.
- Note changes in the performance of your computer such as: loss of speed, changes in appearance, computer locking up, unexpected rebooting or restarting of your computer, unusual pop-up messages, new toolbars and icons or an inability to shutdown or restart.
- Look out for rogue emails; if someone says they received an email from you that you did not send, you may have malware on your computer.
- Run regular virus and malware scans of your computer’s hard drive.
- If you detect suspicious activity, immediately cease all online activity and remove any computer systems that may be compromised from the network.
- Immediately contact us so that the following actions may be taken: disable online access to accounts, change online banking passwords, open new accounts as appropriate, request a review all recent transactions and electronic authorizations on the account and ensure that no one has added any new payees or made any other critical changes to account information.
- File a police report; having a police report on file will often help facilitate the filing of claims with insurance companies, financial institutions and other establishments that may be the recipient of fraudulent activity.
- In addition, you may choose to file a complaint online at www.ic3.gov. For substantial losses, contact your local FBI field office. (http://www.fbi.gov/)
- Have a contingency plan to recover systems suspected of compromise.
- Consider whether other company or personal data may have been compromised.
The cyber-thieves appear to be targeting small- to medium-sized businesses, as well as smaller government agencies and non-profits, for several reasons:
- Many small businesses and organizations have the capability to initiate funds transfers via ACH or wire. This funds transfer capability is often related to a small business’ origination of payroll payments.
- Many businesses maintain a type of organization chart online, making spear phishing (targeting a specific employee) for an employee with online banking authorities easier.
- Small businesses often do not have the same level of resources as larger companies to defend their information technology systems.
- Many small businesses do not utilize additional banking services, such as password-generating tokens, and do not monitor and reconcile their accounts on a frequent or daily basis.
The Federal Trade Commission’s (FTC) Bureau of Fraud Protection Business Center contains information about how to protect your business from fraud.