| • Skimming
• Suspicious Texts
• Suspicious Emails
|For Your Protection, Be Aware of Potential Scams and Fraud
City National Bank is committed to protecting our customers. Click here to review our rules for customer contact, and note the customer information that our representatives will never ask for. Do not respond to any phone calls, text messages, e-mails, or direct mails that you suspect is not from City National Bank. Report all suspicious contact immediately. To make a report:
1. Visit your nearest City National Bank branch
2. Call customer service at 1-866-385-3444
3. Send an e-mail to firstname.lastname@example.org
CONSUMER ALERT - April 8, 2016
Fraud is on the rise. The best protection is education. City National Bank is committed to protecting our customers. Please review the latest information regarding:
Business Email Compromises (BEC) – THE FBI is warning of a dramatic increase in these scams targeting businesses. They obtain information by spoofing company Email addresses and through social engineering, often pretending to be the CEO, CFO, or attorney. The seek out employees with financial responsibility, requesting large wire transfers. Is your company, large or small, at risk? Please visit the link below for more information about the BEC scam:
FBI Business Email Compromise Warning
Wire Transfer Scams – These is a very common scam. Please ask yourself these questions before sending anyone money:
• Is a stranger or someone you’ve never met in person asking you to hold their funds for them?
• Are they having a crisis and need you to send them money?
• Have you won a lottery or sweepstakes that requires a processing fee?
• Have they asked you to wire them funds?
• Have they asked for your online banking login credentials?
• Are they in the military and stranded overseas, because their funds have been frozen so they
can’t pay their bills?
• Has a relative been arrested and they were mugged or lost their wallet and need funds immediately?
• Are you selling something online?
• Have they sent you a check for more than the asking price, asking you to deposit or cash it and wire
the difference to them to cover shipping costs, etc.?
• Have you been offered a Secret Shopper or Work-at-home job?
If you answered yes to any of these questions, stop! Do not send that wire! When in doubt, contact your financial institution or local law enforcement. Please visit the links below for more information on common wire transfer scams:
CONSUMER ALERT: Attorney General Warns Oklahomans of Rampant IRS Scam
OKLAHOMA CITY – Oklahoma Attorney General Scott Pruitt is warning to keep watch of a phone scam making its way across the state. The Attorney General’s Office has received a number of complaints from citizens who received phone calls from someone claiming to be a representative of the IRS. The callers use various scare tactics to deceive individuals into providing personal information, or threatening arrest. The scam targets the most vulnerable Oklahomans who may not readily be aware of the IRS’s procedures.
“Unfortunately, these scams don’t seem to be slowing down any, instead they are becoming more and more rampant. In fact, I’ve heard from a number of our staff who have received these calls or know someone who has,” Attorney General Pruitt said. “It is vital for Oklahomans to understand the importance of protecting their personal information from the crooks taking part in these scams. One thing to remember is that the IRS will never contact you by phone first, but will send you correspondence in writing.”
Here are some tips to protect you from these types of scams:
• The IRS will never contact you first by telephone, but through official correspondence sent via mail.
• You will never be required to use a specific payment method.
• Never give your credit or debit card numbers over the phone.
• The IRS never requests immediate payment over the phone.
• You will not be threatened with being arrested by local law enforcement for not paying.
• If you receive a voicemail claiming to be the IRS, do not return the call using the number provided, instead use an official contact number listed on the IRS website.
If you have been a victim of a scam, report the incident to local law enforcement and to the AG’s Office immediately. For more tips from the IRS you can visit their website at www.irs.gov.
If you have a question about a possible scam, contact the AG’s Consumer Protection Unit at (405) 521-2029, (918) 581-2885, by e-mail at email@example.com or file a complaint online at www.ok.gov/oag.
TAX RETURN FRAUD
Criminals are proficient in stealing the personally identifiable information (PII) of individuals to facilitate various fraud activities, including using stolen identity information to file fraudulent tax returns. Once the fraudsters obtain victim PII, they electronically file tax returns and set up pre-paid debit cards or bank accounts to route fraudulent returns. The balances on the pre-paid cards and bank accounts are depleted shortly after the tax refund is issued.
The fraudsters utilize multiple methods to obtain the information needed to file a tax return. The most popular methods include: computer intrusion, the online purchase of stolen PII, the recruitment of insiders who have legitimate access to sensitive information, the physical theft of computers that contain PII, the impersonation of Internal Revenue Service personnel, and the aggregation of information that is obtained through multiple publicly available Web sites.
Recent open source reporting indicates that cyber criminals also target and compromise legitimate online tax software accounts of individuals. Cyber criminals conducting this scheme modify victims’ bank accounts to divert transfers to bank accounts or pre-paid cards under their control.
Tips to protect yourself:
• Monitor your credit statements for any fraudulent activity.
• Report unauthorized transactions to your bank or credit card company as soon as possible.
• Review a copy of your credit report at least once a year.
• Be cautious of scams requiring you to provide your personal information.
• Do not open email or attachments from unknown individuals.
• Never provide credentials of any sort via email. This includes clicking on links sent via email. Always go to an official website.
• If you use online tax services, double check to ensure your bank account is accurately listed before and after you file your tax return.
• Ensure accounts that are no longer being utilized are properly deleted or scrubbed of sensitive information. Allowing online accounts to become dormant can be risky and make you more susceptible to tax fraud schemes.
For more information about tax return fraud, City National Bank encourages the public to visit the following article:
Public Service Announcement: Tax Return Fraud
RELUCTANT TO BE RUDE?
Respectfulness and politeness — they’re valued in many close-knit communities. But when you’re dealing with a scammer, those values can backfire, as we’ve heard during our ongoing effort to fight fraud in every community. Scammers try to take advantage of your politeness to get you to hand over money or personal information.
Here are some situations when it would be just fine to interrupt, hang up, and not give a caller the time of day:
• They want personal information.
• They want you to send money right away.
• They keep talking.
• They’re threatening you.
For more information, City National Bank encourages the public to visit the following article:
Consumer Information: Reluctant to be Rude?
ALERT - HEARTBLEED BUG
City National Bank is aware of the Heartbleed Bug, a software flaw in the programming on secure websites that could allow attackers to collect information from some encrypted Web and email servers, and is believed to impact as many as 500 million Web sites worldwide.
City National Bank continuously tests and monitors its systems, and is also working with critical business partners to ensure that their systems are secure. Currently, there is no indication of compromise.
City National Bank encourages its customers and the public to adopt the following password security best practices:
• Change your password frequently
• Use a password that contains at least 10 characters
• Mix letters, numbers and special characters in your password
• Try to be unpredictable- don’t use your name, birthdate, or common words
• Don’t use the same password for all of your accounts
• Keep your passwords in a secure place out of plain sight, and never share them with anyone
For more information about the Heartbleed Bug, City National Bank encourages the public to visit the following articles: http://www.cnn.com/2014/04/09/opinion/wisniewski-heartbleed-bug-endangers-all/ and http://www.nytimes.com/2014/04/10/technology/flaw-calls-for-altering-passwords-experts-say.html?_r=1
ALERT - Callback Scheme Used In International Revenue Share Fraud
Telephone companies in the United States are seeing missed calls used to enable International Revenue Share Fraud (IRSF). Fraudsters are using call generators with automated spoofing capabilities to place calls to a large volume of US cell phone numbers. The calls typically ring once. The number displayed on the recipient’s caller ID is a high cost international number, usually located in the Caribbean. The recipient calls the number back and is greeted with a message designed to keep them on the line, such as “Hello, you have reached the operator, please hold.” The longer the caller stays on the line, the more revenue fraudsters generate.
Recipients do not realize they are calling an international number and that they will be billed for an international call. Businesses are also victims because recipients often use their work telephone to make the return call.
Telephone companies in the United States are charged when a return call is made because they are required to pay a fee to transfer calls to foreign countries. The payment is then shared with the fraudster who spoofed the calls. This is referred to as IRSF.
Area codes used in the spoofed numbers are from Anguilla, Antigua, Barbados, British Virgin Islands, the Commonwealth of Dominica, Grenada, Montserrat, and the Turks and Caicos Islands. These countries’ numbers are part of the North American Numbering Plan and do not require 011 to be dialed as with other international calls.
Recipients should not answer calls from numbers they do not recognize or initiate a return call. Recipients will not be charged for receiving the calls, however.
Companies that do not conduct business with companies in the above-mentioned countries may want to consider blocking these area codes to avoid this type of charge.
For more information regarding online scams visit our Press Room page for the most current Public Service Announcements. http://www.ic3.gov/media/default.aspx
|Thieves sometimes install small electronic devices called skimmers on ATM machines and gas pumps. The skimmers may read the data from the magnetic strip of the cards. Other electronic devices may include tiny cameras meant to record the entered PIN number. The information is then gathered to later create counterfeit cards to access funds in the account.
Skimming devices can often be hard to detect. It’s important to pay attention to the card reader and keypad. If it is loose, fits poorly, or seems as though it’s covering the original, do not use the machine. If there appears to be a box covering any part of the device, do not use the machine.
City National Bank regularly checks our ATMS for these types of devices. If you suspect a skimming device, please immediately contact Customer Service at (866) 385-3444 or visit your local branch.
Please visit the FBI website for images and more information on detecting skimming devices: https://www.fbi.gov/
|Be aware of text messaging scams that may be circulating within your community.
This photo provides an example of a suspicious text message in which the customer is alerted that their card has been deactivated, and they need to call a specified telephone number. At this time, City National Bank would not inform you that your card has been deactivated through a text message.
If you receive this text message or a similar message, do not respond. To verify or report any suspicious text messages, contact us with the contact information provided above immediately.
|Be aware of e-mail scams that may also be circulating within your community. The example provided below is an illustration of what a potential fraudulent e-mail might look like.
If you receive any suspicious e-mails, please do not open or reply to them and do not click any links. To verify or report any suspicious e-mails, contact us with the contact information provided above immediately.
|Phishing is an electronic scam that attempts to gain access to personal and financial information, such as usernames and passwords, social security numbers, and credit card numbers, by masquerading as a trustworthy sender through electronic communication for the purpose of financial gain.
It is important to not open suspicious emails, click on unverified links, or reply to emails, text messages, or other forms of electronic communication. If you believe you’ve received a suspicious form of communication or have interacted with a suspicious form of communication, please contact City National Bank with the contact information provided above immediately.
How to spot a phishing e-mail or text:
• Request for personal information City National Bank is committed to protecting our customers. Our representatives will never ask for your complete social security number, date of birth, online banking
password, or answers to your online security questions over the phone, via email, or text message. Do not
respond to communications asking for this or other non-public personal information. Report all
suspicious or unusual messages or phone calls to City National Bank immediately.
• Sender's e-mail address To give you a false sense of security, the "From" line may include an
official-looking e-mail address. E-mail addresses can easily be spoofed, so just because the sender looks trustworthy, doesn’t mean the e-mail is safe.
• Generic greeting A fraudulent e-mail may have a generic greeting, such as "Dear Account Holder."
• False sense of urgency Most fraudulent messages threaten to close your account or assess a penalty if you do not respond right away. A message that urgently requests you to supply sensitive personal information is typically fraudulent. City National Bank will never ask for your non-public personal information.
• Typos and grammatical mistakes Mistakes are commonly found in fake e-mails and text messages.
• Fake links Many fraudulent e-mails have a link that looks valid, but sends you to a fake site that may or may
not have a URL different from the link. Always check where a link is going before you click. Move your mouse
over the URL in the e-mail and look at the URL in the browser. As always, if it looks suspicious, don't click it.
• Attachments Similar to fake links, attachments can be used in fraudulent e-mails. For increased security,
never open unexpected attachments from anyone. City National Bank will never e-mail you a software update to
install on your computer. Downloading an attachment or software update to your computer could cause you to
download spyware, malware, or a virus.
|Vishing (also called “voice phishing” or “VoIP phishing”) is the voice counterpart to phishing via the telephone to gain access to private, personal, and financial information from an individual for the purpose of financial gain.
Vishing scams can be conducted over the phone with a recording that asks the user to phone an 800 number or through e-mail by asking the recipient to make a telephone call to a specified phone number. The call triggers a voice response system that asks for the user's credit card number.
City National Bank has become aware that a vishing attempt is being made on its customers in which customers are receiving a phone call with a recording that states that the “City National Bank’s Security Department has discovered that their debit cards have been compromised and that they need to contact a 418 number for more information.” If you receive this call, please do not call the number provided.
If you receive any suspicious communication attempts, or if you have called the number provided in a vishing call, please contact City National Bank with the above provided contact information immediately.