Category Archives: Important Alerts & Scams

How Scammers Use Social Engineering to Steal Money & How to Spot Them

Posted on by
Reply

As scams become more prevalent, they are also more sophisticated – making them harder to detect. Scammers often employ what is known as “social engineering” to manipulate people into revealing sensitive information.

It’s all about the psychology of persuasion. These scammers take advantage of human nature, aiming to lower your defenses so you’ll act on impulse rather than reason.

Let’s look at some examples of how social engineering uses the powers of persuasion to steal personal information and money:

Pretexting

Building a solid pretext or a fabricated scenario is an important aspect of social engineering. Hackers often research their victims in advance to get a sense of the victim’s personal and professional life to help establish the right pretext with which to approach a victim. This information can easily be found by a simple internet search or reviewing social media activities.

Pretexting is typically the first step in a broader scheme to steal from you. The scammer then pretends to be someone you trust, possibly a representative from your financial institution or a government worker offering loan forgiveness. It often starts with a friendly “hello” and a convincing story that leads the victim to hand over sensitive information that can be used to steal money or commit identify theft.

Baiting

Baiting uses the false promise of an enticing item, such as a monetary reward or free movie download, to trick the unsuspecting consumer into opening a file or providing sensitive information – like their login credentials. Instead of the attached file being the movie or other reward, it is actually infected with malware that will encrypt or take control of the individual’s data, allowing the attacker access to their personal information.

Phishing

Phishing is one of the most common types of social engineering attacks, typically in the form of emails or text messages that look like they are from a reputable source, like your financial institution – informing you of an urgent matter that needs your immediate attention. The message may include a link to a fake website that looks legitimate and suggests that you must provide personal information in order to remedy the urgent issue. This can result in the scammers gaining access to your accounts or learning important details about your identity.

How to Combat this Psychological Manipulation

Knowledge is key. Now that you know what to look for, follow these tips to help protect yourself:

  • Delete requests for personal information or passwords. No one should contact you for your personal information. Not even your financial institution.
  • Disregard offers for help or requests of help from those you don’t know. Especially if unsolicited.
  • Avoid tempting offers. Though it may be difficult to pass on what appears to be a great offer, don’t just dive in. If it seems too good to be true, it probably is. If you’re really interested, take a step back and do some research. Confirm that the company is legitimate by researching reviews. If they are reputable, call the company allegedly offering the deal to ensure the offer came from them and not a scammer pretending to be them.
  • Verify contacts. Scammers usually imitate legitimate companies by mimicking their names in emails or using caller ID spoofing. You can check their authenticity by looking at the domain name of an email address or hanging up on an unsolicited caller, verifying the legitimate phone number, and calling back.

At First Financial, our goal is to help protect our members from scams and identity theft. If you have any concerns or questions about any of your First Financial accounts, please call member services at 732.312.1500 or visit one of our branches.

To learn more about scams and ways to protect yourself, visit zellepay.com/pay-it-safe.

Zelle and the Zelle related marks are wholly owned by Early Warning Services, LLC and are used herein under license

 

 

 

Stay Safe with These ATM Security Tips

Posted on by
Reply

ATMs may be one of the easiest ways to access the money in your bank account, but they are also a target for theft. Criminals have been known to try taking cash right out of your hands upon leaving the ATM, or even stealing your personal identification number (PIN) at the ATM. This risk can be higher depending on the machine’s location or the time of day. Don’t let this scare you from ever using an ATM again though – you can take plenty of safety precautions to protect yourself and your money.

Here are our top ATM security tips for the next time you plan to withdraw money.

Keep your PIN private

If someone can steal your PIN, they can likely pretend to be you and use your account. That’s why it’s essential to be aware of your surroundings when using your card at an ATM. Someone waiting in line behind you can peer over your shoulder to see your PIN, or even withdraw more money if you forgot to end your transaction before walking away.

A more stealthy way criminals can try to take your money is by installing card skimmers on ATMs to capture people’s debit cards. Skimmers are hard to identify, making it challenging to even know your information has been compromised. Without taking proper precautions, your information can be sold online or used by criminals to make purchases.

Here are some tips for protecting your ATM/Debit card:

  • Inspect the ATM for possible skimming devices. Some red flags include sticky residue from an adhesive, damaged pieces, loose or extra attachments on the card slot, or noticeable resistance with pressing the keypad. Check out our ATM card skimming and fraud prevention guide for more information and images.
  • Cover your hand over the ATM keypad as you enter your PIN so no one around you can see.
  • Never write down your PIN or tell anyone your number. Keep it as private as possible.
  • Never give information about your ATM card or PIN over the phone. If your bank calls asking for you to verify your PIN, it is likely a scam.
  • Consistently check your accounts for suspicious activity.
  • Keep your card in a safe place and don’t ever leave it lying around – even at home.

Be alert at the ATM

No matter where you’re using an ATM, you’ll need to scan your surroundings for suspicious activity. If you notice someone waiting in a nearby car or hanging around while keeping an eye on you, try coming back later or using a different ATM. You’ll want to use your judgment – if something doesn’t feel safe, you’re probably right.

After withdrawing cash, stay alert. Some criminals may try to follow you. If you think that’s the case, find a heavily populated area and call the police. We recommend following these precautions every time you visit the ATM:

  • Bring someone with you when you go to the ATM.
  • Lock your doors at drive-thru ATMs.
  • Avoid using ATM machines at night.
  • Have your card ready as you get to the ATM, and do not linger and count your cash once it’s withdrawn from the machine.
  • Don’t leave your transaction receipt at the ATM.
  • If someone approaches you at the ATM and demands money, give it to them. No amount of money is worth risking your life. Call the authorities as soon as you’re somewhere safe if this happens.

View additional ATM skimming safety tips in our YouTube video.

At First Financial, we are here to help protect our members from fraud, scams, and identity theft. If you have any concerns or questions about any of your First Financial accounts, please call member services at 732.312.1500 or visit one of our branches.

Want to see more articles like this? Subscribe to First Financial’s monthly newsletter for financial resources and advice.

How to Outsmart Sophisticated Phishing Scams

Posted on by
Reply

You’ve probably heard of phishing. But do you really know what it is – and more importantly, how to protect yourself from falling victim to it? Phishing scams have become very sophisticated, but there are some simple things you can do to protect yourself and keep your personal information safe.

What is Phishing?

Let’s start with a basic description: Phishing is a type of scam where an attacker sends a fraudulent message to trick you into revealing sensitive information – often to access your accounts or commit identity theft.

Phishing attempts usually occur through email, over the phone, or via text message. They can be very well-designed to look or sound like legitimate messages from those you know and trust, such as your financial institution, and may contain a link that directs you to a fake website that looks legitimate.

Tip #1: Do not expect phishing emails to be filtered into your Junk mail. Because they are often individually crafted based on information gathered on your social media sites, they can avoid detection from advanced email filters.

How to Detect Phishing Scams

There are ways to avoid phishing scams if you know what to look and listen for. Be on the lookout for these identifying factors:

  • Inconsistencies in email addresses. Phishing emails will typically come from an unfamiliar, unusual email address. The easiest way to detect this is to hover your cursor over the email address to reveal the true “from” address. This will usually reveal the email as a fraud and can be done without actually clicking into the email itself. For example, if an email allegedly originates from your financial institution, but the domain name reads something else, it’s likely a phishing email. Delete it immediately.
  • Unfamiliar greeting or salutation. Sometimes the informality or other irregularity of a salutation can and should provoke suspicion. Be on the lookout for this type of irregularity in emails and text messages, and perhaps even phone calls. For example, if your financial institution greets you with a nickname you don’t use with your accounts, it’s an indication of phishing.
  • Bad grammar, spelling mistakes or unusual language. Legitimate emails and text messages will not have these mistakes. However, they are often found in phishing scams.
  • Demand for urgent action. This is key! Emails, text messages and phone calls threatening some type of negative consequence, loss of money, or missed opportunity are key factors in phishing scams. The urgency prompts you to act without thinking and is what ultimately gets intelligent consumers to fall for these well-designed phishing scams. The scams have flaws, but the panic they create can cause consumers to take swift action before errors can be spotted.
  • Requests for passwords. Do not respond to a text alert, email, or phone call asking for a password, PIN, or any other security information. Never give this information to anyone, even if you think it’s your bank or credit union. They will never ask you for this information. Ever.

Tip #2: Be wary of long text numbers. If you receive a text message from an unidentified number longer than 10 digits, the odds are high it’s a scam.

More Do’s and Don’ts to Protect Yourself

  • Don’t click on links in an unsolicited email or text message.
  • Don’t use the phone number a potential scammer provided in an email or text message. Look up the company’s phone number on your own and call to verify the authenticity of the message or request.
  • Don’t give out personal information such as passwords, credit card numbers, bank account numbers, dates of birth, or Social Security Numbers.
  • Don’t respond to suspected phishing emails, text messages or phone calls, even if you think it would be fun to tease or trick them. It’s best to avoid responding in any way.
  • Do be suspicious of anyone pressing you to act immediately.

Tip #3: Phone numbers and caller identities can be faked to look like the caller ID is from a business you know and trust, like your financial institution. Never trust that the caller ID is accurate. It is best to look up the company’s phone number on your own and call them.

If you detect suspicious activity, contact the alleged company directly. In the case of your financial institution, call at the number listed on the back of your bank-issued debit card, in your banking app, or the bank’s official website.

To learn about other scams and ways to protect yourself, visit zellepay.com/pay-it-safe.

At First Financial, our goal is to help protect our members from scams and identity theft. If you have any concerns or questions about any of your First Financial accounts, please call member services at 732.312.1500 or visit one of our branches.

 Zelle and the Zelle related marks are wholly owned by Early Warning Services, LLC and are used herein under license

Send Yourself Money? That’s a Big Red Flag

Posted on by
Reply

Scammers are always creating new ways to steal your money. One of the recent scams utilizing peer-to-peer payment services is what’s known as the “Pay Yourself Scam.”

The gist of the scam is that someone pretending to be a representative from your bank or credit union tells you that there has been a fraudulent transaction and in order to stop it, you need to send yourself money with Zelle®. That sense of urgency really works in their favor and gets unsuspecting consumers to act immediately.

The best way to avoid this scam is to know what to look for. Here’s how it unfolds:

  • It starts with a text message from a scammer that looks like a fraud alert from your bank or credit union. It looks real and urgent!
  • If you respond to the text message and engage the scammer, you’ll receive a call from a number that may appear to be your bank or credit union.
  • The scammer pretends to be calling from your bank or credit union and offers to stop the alleged fraud by directing you to send yourself money with Zelle®.
  • In reality, the scammer is tricking you into sending money to their bank account.

How the Scam Works

So how are the scammers diverting money to their account?

When you enroll with Zelle® initially or if you switch your enrolled U.S. mobile number or email address to a different account, your bank sends you a security code to verify your identity. In this scam, the fraudster pretends to be calling from your bank or credit union saying that they need this passcode to authorize your payment to yourself. That should be a big red flag to you. Your bank will NEVER ask you for this security code, nor will they ask you to send money to yourself.

If the scammer gets the one-time passcode, they can link their bank account to your U.S. mobile number or email address. Now the money you thought you were sending to yourself is sent directly to their bank account.

Check out this YouTube video on how the scam works.

Staying Safe in a World of Scammers

How can you avoid being tricked? Always keep these tips front of mind:

  • Never discuss account numbers, PINs, or other personal information with anyone who contacts you, even if they say they are from your bank or credit union.
  • If the person claiming a problem with your account needs your account information, hang up and call the bank yourself.
  • Don’t call the number in a text, email, or voicemail. It will connect you directly with the scammers. Always look up the number online or review the number listed on your debit or credit card.
  • Don’t click on text message links from people you don’t know, even if it looks like it’s your bank or credit union. These links can be deceiving and direct you to a fraudulent site or expose your device to malware.
  • Your bank or credit union will never ask you to send money to yourself (or anyone else)! If you detect suspicious activity regarding Zelle®, hang up and contact your bank or credit union directly at the number listed on the back of your bank-issued debit card, in your mobile banking app, or on their official website.

To learn about other scams and ways to protect yourself, visit zellepay.com/pay-it-safe.

At First Financial, our goal is to help protect our members from scams and identity theft. If you have any concerns or questions about any of your First Financial accounts, please call member services at 732.312.1500 or visit one of our branches.

*U.S. checking or savings account required to use Zelle®. Transactions between enrolled users typically occur in minutes.

 Zelle and the Zelle related marks are wholly owned by Early Warning Services, LLC and are used herein under license.

Don’t Get Scammed While Back to School Shopping

Posted on by
Reply

It’s that time when all you parents out there are probably shopping online, trying to get the best deals on school supplies and clothing for the upcoming academic year. While you’re busy shopping and trying your best to save money, be on the lookout for scams. Continue reading about some of the most common ones that are out there.

Do your research. Are you clicking and adding to cart on a new website you’ve never used? Before you actually make a purchase, do a quick online search for the merchant’s name. See if anything comes up that mentions a multitude of complaints or lists any scams associated with the company name. You can also check the company’s social media sites to see reviews and comments, as well as look on the Better Business Bureau’s website. If you are browsing around a website and see misspelled words or unclear sentences, this is another indicator that it may be a fraudulent website.

Take precautions with online ads. Don’t think that scammers can’t purchase ads on social media sites. If you see something too good to be true, or that follows the website criteria we just mentioned – it’s best to shop elsewhere.

Review the price and availability. Are you looking for something in particular that you can’t seem to find anywhere else, but seeing it available at a great price on an unknown website or ad? Be leery of this. It could be a trap to lure you to the fraudulent website, and pay for merchandise you’ll never receive – or be able to get your money back.

When checking out, make sure the web browser is secure. How to know a website is legitimate and secure? The web address and payment page URL will begin with https:// and you should see a lock icon at the top. Also, if paying via PayPal through the merchant’s website is an option – take it. This protects your card information and also would help with reimbursement to you should there be any issues with your purchase.

Shop with a credit card. When you can, it’s always better to shop online with a credit card. This protects you if there is a dispute for charges you didn’t approve. If you use a debit card, the funds actually get deducted from your bank account and while you can still file a dispute and get your money back – it may take awhile. Credit cards typically also offer higher daily purchase limits. Read more about our advice on this topic in our credit vs. debit guidebook.

Check the fine print. Before purchasing, be sure to review the merchant’s return policy to make sure you can return items you purchase, if there are any restocking fees, or if you’ll need to pay for return shipping. You’ll also want to read any additional fine print details and see how long shipping might take, as well as where your order is shipping from. Will tracking information be provided and notifications, once your items have shipped?

What do you do if you were scammed? Hopefully you either paid with a credit card or through PayPal. If so, you’ll want to call your credit card company right away, and with PayPal you can open a case online. You should also report the fraudulent website to the Better Business Bureau and FTC websites.

This back to school season, stay safe online and prevent fraud from happening to you! Questions about a scam involving any of your First Financial accounts? Contact us right away.

Article Source: News12.com

What You Need to Know About Gift Card Scams

Posted on by
Reply

Picture this – you get an email from your boss asking you to purchase gift cards for a client. While it seems out of the norm for your boss to ask this, you’re willing to help out with whatever is needed. Right before making the purchase, you notice the email is from an address you don’t recognize and is not actually from your boss.

Does this sound familiar to you? This is what we call a gift card scam, which is more common than you may think. One in three adults have been targeted by these types of scams, but there are plenty of ways to spot and prevent them from happening to you.

What is a gift card scam?

Think about it this way – gift cards are meant for gifts, not to make payments. However, scammers tend to use gift cards because they’re easy for people to buy and are similar to cash – since the money is gone once the gift card is purchased.

Gift card scams can look different depending on the situation, but usually follows a similar pattern. You’ll receive a call or email asking that you pay with gift cards, and once they have your gift card number and PIN – they have your money. Scammers can be convincing by making it seem like they need the card urgently, which is how so many people fall into these unfortunate types of scams.

How do you know if it’s a scam?

If you’re being asked to pay someone through a gift card, it’s safe to say it’s a scam. That may sound simple, but scammers can be convincing by pretending to be someone you can trust. This is how they trick so many people.

Here are some common situations for gift card scams:

  • The caller says they’re from your power company and threatens to cut off your service until you pay them (with a gift card).
  • An employer says they are ready to hire you but need you to pay for your computer or other equipment through a gift card before you start.
  • Someone says you’ve won a contest, but you’ll have to pay fees with a gift card before you can claim your prize.
  • The scammer pretends to be a friend or family member saying they need money immediately for an emergency to be put on a gift card, but tells you not to tell anyone.
  • You receive a call from the IRS or Social Security Administration saying you need to pay taxes or a fine immediately, via gift card only.
  • You meet someone on a dating app who needs money and asks you for help.
  • The person asking for you to make a payment through a gift card asks for you to purchase it through specific retailers like Amazon, Target, or Walmart. They may also ask you to purchase a certain gift card such as eBay, Google Play or iTunes.

These are just a few of the many ways scammers can try to convince you to give them your money. If anything seems out of the blue or suspicious, it’s probably a scam!

What to do if you’re being scammed

Do not respond to anything you think could be a scam, even if you’re unsure. If you already paid a scammer with a gift card, tell the merchant that issued you the card right away. Check the retailer’s website for resources on reporting scams as well. If the card issuer is hard to reach or is unable to help, report it to the FTC. Even if you didn’t actually pay the scammer, it’s a good idea to report it anyway to prevent this type of scam from happening to anyone else.

At First Financial, we are here to help protect our members from scams and identity theft. If you have any concerns or questions about any of your First Financial accounts, please call member services at 732.312.1500 or visit one of our branches.