Alerts & Notices

Scam/Fraud Alert

In recent months we have seen and increasing number of customers who've fallen victim to a scam. There are number of different scams, including over the telephone, through the Internet, and many more.  Here are some things to remember:

  • Never give out information to anyone who calls you on the phone. Scammers will try to scare or pressure you into doing what they want while you're on the phone with them. The best thing to do is hang up the phone, find the phone number for the company in your own records and call them back to verify that the call isn’t a scam. For example, if someone claims to be from the phone company, hang up and call the customer service number on your phone bill to verify the call.
  • Never allow access to your computer. If someone calls and wants you to let them remote in to your computer, hang up and turn off your computer.
  • Never send money out to someone after you’ve deposited a check you received from them. This can include sending the funds through Western Union or Money Gram, purchasing gift cards or even writing out your own personal checks.


Please visit FTC Consumer Information  Federal Trade Commission  for more information.

There is a “Scams” section in the menu that has lots of useful information to help you.


Coronavirus relief check Scams

The government is sending out relief checks, scammers are aware of this and are trying to cash in on this. Here are some ways you can protect your money:

  • You don’t need to do anything. As long as you filed taxes for 2018 and/or 2019, the federal government likely has the information it needs to send you your money.
  • If you haven’t filed taxes recently, you’ll need to submit a simple tax return to get your check.
  • Do not give anyone your personal information to “sign-up” for your relief check. 
  • There is nothing to sign up for. Anyone calling to ask for your personal information, like your Social Security number, PayPal account, or bank information is a scammer, plain and simple. 
  • To set up direct deposit of your check, communicate only with the IRS-please visit the Coronavirus Tax Relief website
  • No one has early access to this money. Anyone that claims to is a scammer. 

CoronaVirus Common Scams

It seems like every day a new scam comes out, we are trying our best to alert our customers as soon as possible.

  • Phishing and supply scams. Scammers impersonate health organizations and businesses to gather personal and financial information or sell fake test kits, supplies, vaccines or cures for COVID-19.
  • Stimulus check or economic relief scams. There are reports that the government will help to ease the economic impact of the virus by sending money by check or direct deposit. However, the government will NOT ask for a fee to receive the funds, nor will they ask for your personal or account information.
  • Charity scams. Fraudsters seek donations for illegitimate or non-existent organizations.
  • Delivery of malware through “virus-tracking apps” or sensationalized news reports.
  • Provider scams. Scammers impersonate doctors and hospital staff and contact victim claiming to have treated a relative or friend for COVID-19 and demand payment for treatment.
  • Bank/FDIC scams: Scammers impersonate FDIC or bank employees and falsely claim that banks are limiting access to deposits or that there are security issues with bank deposits.
  • Investment scams often styled as “research reports,” claiming that products or services of publicly traded companies can prevent, detect, or cure COVID-19.

Here are some other scams: 
  1. Emails that appear to be from organizations such as the CDC (Centers for Disease Control), or the WHO (World Health Organization). The scammers have crafted emails that appear to come from these sources, but they actually contain malicious phishing links or dangerous attachments.
  2. Emails that ask for charity donations for studies, doctors, or victims that have been affected by the COVD-19 Coronavirus. Scammers often create fake charity emails after global phenomenons occur, like natural disasters, or health scares like the COVID-19.
  3. Emails that claim to have a “new” or “updated” list of cases of Coronavirus in your area. These emails could contain dangerous links and information designed to scare you into clicking on the link.

Always Remember the Following:
  • Never click on links or download attachments from an email that you weren’t expecting.
  • If you receive a suspicious email that appears to come from an official organization such as the WHO or CDC, report the email to the official organization through their website.
  • If you want to make a charity donation, go to the charity website of your choice to submit your payment. Type the charity’s web address in your browser instead of clicking on any links in emails, or other messages.
Stop, Look, and Think.

Mobile payment apps

Using Mobile payments apps such as Venmo, Zelle, Paypal etc. is the new quick and convenient way to get and send cash. Scammers are aware of how popular they have become and are trying to trick you and your contacts. Make sure you know who is on the receiving end before using these services.

Here are some tips to protect yourself:
  • Never send money to anyone you don't know
  • When you use and app for the first time, it will usually ask permission to access information on your device (contacts) to make these payments easier. If you are not comfortable with that, deny access or uninstall the app.
  • Keep and eye on your account through your statement or online banking.  

Tax Identity Theft Awareness Week February 3-7

Tax Identity Theft is at its highest, people are using your Social Security Number to file a "fake" tax return and could even collect your refund.
 
To start fighting tax identity theft right away, please remember:
  • File your tax return as early in the tax season as you can.
  • Use a secure internet connection if you file electronically.
  • Mail your tax return directly from the post office.
  • Check  your Credit Report at least once a year for free at annualcreditreport.com
  • Make sure no one has opened a new account in your name 
  • Be careful when giving out your Social Security Number.

For more information and how to participate in Tax Awareness week please use this link:Tax Awareness  

Keeping yourself secure:

Some tips to help you shop wisely and protect your personal information. 

  • Use Caution when browsing the internet, shopping online, and using email. Don't click on ads or popups, go directly to the merchant site by typing in the URL.
  • Do not use public Wi-fi connections for any financial apps or online accounts.
  • Setup alerts on your card and bank accounts, for transaction activity and thresholds. 
  • Enable locations and device required settings for debit cards, that way your card can't be used unless your phone/device is with the card.
  • Don't fall victim to phishing scams, think before you click!
  • Make purchases from known sellers.
  • An email that appears to be from a legitimate retailer might be difficult to resist. If the deal looks to good to be true, or the link in the email seem suspicious, do not click on it.
  • Contact your financial institution immediately if you feel your account and personal information may have been compromised. 

As always Think Before You Click.

Social Security Scam:

Don't Worry your Social Security Number (SSN) has NOT been suspended. This is one of the latest scams going around. Scammers are trying to trick people into giving them their personal information.

Social Security Numbers do not get suspended. This is just a scam that's after your SSN, bank account number or other personal information. In this particular scam the caller pretends to be protecting you from a scam while he's trying to lure you into one.

Tips to protect yourselves:


  • Never give our or confirm personal information over the phone, via email or on a website unless you are sure of the person asking you.
  • Do not trust a name, phone number, or email address just because it seems to be connected with the government.
  • Contact government agencies directly, using telephone numbers and website addresses you know to be legitimate.
  • If someone has tried to steal your personal information by pretending to be from the government, report it to the FTC.

 

Home Network Security:

The US-CERT advises home users to update their software regularly, remove unnecessary services and software, install a network firewall, and create strong, unique network passwords to decrease their risk to cyberattacks.

Summer Travel-Know the Risk:

When shopping, banking, or sharing personal information online, take the same precautions with your smart phone or other device that you do with your personal computer.

Do not use public Wi-Fi networks

Avoid using open Wi-Fi Networks to conduct personal business, bank or shop online. Open Wi-Fi networks at places such as airports, coffee shops, and other public locations present an opportunity for attackers to intercept sensitive information that you would provide to complete an online transaction. 

If you simply must check your bank balance or make an online purchase while you are traveling, turn off your device's Wi-Fi connection and use your mobile device's cellular data internet connection instead of making the transaction over an unsecured Wi-Fi network.

Turn off Bluetooth when not in use

Cyber criminals have the capability to pair with your phone's open Bluetooth connection when you are not using it and steal personal information.

Be Cautious when charging

Avoid connecting your mobile device to any computer or charging station that you do not control, such as charging station at an airport terminal or a shared computer at a library. Connection a mobile device to a computer to interact with the phone in ways that a user may not anticipate. As a result, a malicious computer could gain access to your sensitive data or install new software.


IRS Warns Tax Professionals of Phishing Scams:

The Internal Revenue Service (IRS) has issued a news release to beware of a new phishing email scam. Cyber criminals posing as state accounting and professional associations have been sending emails to entice their targets to reveal login credentials. 

Tax practitioners should be wary of unsolicited emails and forward email phishing attempts related to this scam to phishing@irs.gov.

 

Tax Guidance

As this year's April 17 Tax deadline approaches, NCCIC/US-CERT is offering taxpayers guidance to help protect your personal, financial, and tax information. Hackers can take advantage of taxpayers by using social engineering scams to attempt to steal personally identifiable information. 

Tax Scams:

  • Emails that appear to come from your tax professional, requesting information for an IRS form
  • Emails containing links to a supposed IRS website
  • Questionnaire emails claiming to be from the IRS or law enforcement agencies
  • Calls where scammers leave urgent callback requests

Tips on protecting yourself:

  • Use strong passwords 
  • Keep software updated 
  • Safeguard personal data

 

Tax Fraud Alert 2019

Tax Season is in full force and with that comes phishing scams. Phishing emails are going around that can secretly download malicious software that can help cyber criminals steal client data. The IRS has already identified a new scam that began with cyber criminals stealing data from several tax practitioners’ computers and filing fraudulent tax returns.

Tax-related phishing emails are trying to get victims to provide personally identifiable information, click on a malicious link, or pay a ransom.

Sometimes these requests were followed by or combined with a request for an unauthorized wire transfer.

The most popular method remains impersonating an executive, either through a compromised or spoofed email in order to obtain W-2 information.

We encourage all taxpayers to review the IC3 Alert page w-2 Phishing

Social Security Scam:

Reports from the Federal Trade Commission are reporting of a new Social Security Scam. Scammers are calling and claiming to be from the Social Security Administration. They say there is a problem with their computers and they need you to verify your Social Security number. 

There are also spoof websites that look like a place where you would apply for a new Social Security Card-These websites are just a set-up to steal your personal information.

If you get a phone call or are directed to a website other than ssa.gov that is claiming to be associated with the Social Security Administration, Do Not Respond!! Its most likely a scam.

Some Tips:

  • Do Not Give the caller your information-Never give out or confirm sensitive information.
  • Do Not trust a name or number-To make their call seem legitimate, scammers use internet technology to spoof their area code.
  • Check with the Social Security Administration-Call them directly at 1-800-772-1213 if you come across one of these scams and report it to the 


Meltdown and Spectre

Researchers have recently found out that the main chip in most computers has a hardware bug. It's a design flaw in the hardware that has been there for 20 years. This is a big deal because it affects almost every computer, phone, tablet etc. 
This hardware bug allows malicious programs to steal data that is being processed in your computer memory. So, if the bad guys are able to get malicious software running on your computer, they can get access to your passwords stored in a password manager or browser, your emails, instant messages and even business-critical documents. Not good. 

Make Sure your Browser and other computer updates are patched to the latest version. Be extra vigilant and as always Think Before You Click!

Publishers Clearing House Scams:

We are all familiar with Publishers Clearing House knocking on someone's door, congratulating you for your winnings and handing you a check for millions. The FTC has released a statement that warns you about possible scams involving Publishers Clearing House. Scammers are pretending to be them and tricking people into sending money.

There have been many reports about scammers calling and claiming you have won the sweepstakes, but they will need you to send money for "fees and taxes". 

Paying to collect a prize is a scam. Always is. Scammers like to ask you to send money by Western Union or MoneyGram or by getting a prepaid card or gift card. Why? because it is nearly impossible to trace that money and you will almost never get your money back.

If you think you have won a prize, here are a few things to know:

  • No Legit prize is promoter will ever charge you to win.
  • If anyone calls asking you to pay for a prize, hang up and report it to the FTC.
  • Never send money to collect a prize. Its a scam
  • Publisher's Clearing House does not call ahead to say you have won.

if you or someone you know believes they have been victim of a scam, please report it to your institution, 


Phishing Scams Summer Edition

It might be time for Summer Vacation but the bad guys never take a break. During these summer holidays make sure you are still aware of all the possible scams out there. 

These are some of the most recent Phishing scams emails you might receive :

  • Microsoft/Office 365: Secure your Microsoft Email Now-This message spoofs Microsoft and advises users to reconfirm ownership of their account by clicking a malicious link.
  • Outlook/McAfee notification and attempts to trick the user into clicking a malicious link to comply with their account requirements.
  • Summons Notification: This shocking message informs the user they've violated a Federal Law and provides a malicious link that they need to click on to download more information. 
  • Western Union:Too many login attempts on your account. This message contains a malicious HTML file that is disguised as updated sof
  • Message from Microsoft:Upgrade to our advanced secure software and safety precautions the user must follow for security reasons, to prevent phishing attacks-this message contains a malicious link which the user is prompted to click on to migrate to a newer, more secure email platform.
  • American Express: you have a new message-This message advises the user that their personal security key has expired and that they must verify their information by clicking on a malicious link.

*Always be cautious when opening emails from an unknown sender*


Google Docs Phishing Campaign

A Phishing campaign Involving Google emails accounts and Docs, is concerning and you need to proceed with caution. The emails appear to be a legitimate Google user inviting you to view a document or file. It is actually authorizing authentication to a malicious party to harvest your credentials.

When it comes to this scam, before clicking on the "Open" or "View" take these steps into consideration:

  1.  Are you expecting email from this user, more specifically a document?
  2. Is this coming from a legitimate person?
  3. Does the Document have misspelled words/bad grammar within the subject line or the body
  4. Be careful when clicking directly on links in emails, even if the sender appears to be known; attempt to verify web addresses independently
  5. Exercise caution when opening email attachments. Be particularly wary of compressed or ZIP file attachments.
  6. Before clicking on any e-mail please make sure you know who the sender is. As Always think before you click and be cautious.


Fake Check Scams

Scammers know how to make a phony check look legitimate. Fake Checks are known as one of the most popular scams and one of the most risky ones. Fake check scams come in many different ways. Look out for fake jobs, Prizes, online sales or even the person next door handing you a check. Money orders and cashier's checks can be counterfeited too.

Here is how to avoid a counterfeit check scam;

  • Throw away any offer that asks you to pay fro a prize or a gift. If its free or a gift, you shouldn't have to pay for it. Free is Free.
  • Resist the urge to enter foreign lotteries. It's illegal to play a foreign lottery through the mail or the telephone, and most foreign lottery solicitations are phony.
  • Know you you are dealing with, and never wire money to strangers.
  • If you are selling something, do not accept a check for more than the selling price, no matter how tempting the offer or how convincing the story is. Ask the buyer to write the check for the correct amount. If the buyer refuses to sent the correct amount, return the check. Do not sent the merchandise.
  • If you accept payment by check, ask for a check drawn on a local bank, or a bank with a local branch. That way, you can make a personal visit to make sure the check is valid. If that is not possible, call the bank where the check was issued and ask if its valid. 
  • If the buyer insists that you wire back funds, end the transaction immediately. Legitimate buyers do not pressure you to send money by wire transfer services. In addition, you have little recourse if there is a problem with a wire transaction.
  • Resist any pressure to "act now". If the buyer's offer is good now, it should be good after the check clears.


Tips to Prevent Tax ID Fraud

With the 2017 Tax season upon us it is important to take some precaution to protect yourself from being affected by fraud. Here are some Helpful tips to keep in mind as you file for your taxes.

  • File as soon as you can 
  • File on a protected WiFi network
  • Use a secure mailbox
  • File with someone you trust
  • Shred what you don't need 
  • Beware of Phishing scams by email, text, or phone
  •  Keep an eye out for missing mail

If you believe you are a victim of tax identity theft or if the IRS denies your tax return because one has previously been filed under your name, alert the IRS Identity Protection Specialized Unit at 1-800-908-4490

you should also:

  • Respond to any IRS notice
  • Contact your bank immediately
  •  Continue to pay your taxes, even if you must do so by paper 


Safe and Secure Online-Seniors 

Learn how to be safe and secure while connecting with friends and family in this new digital age.

  • Always think before you click.
  • Make sure you keep your computer and software updated. 
  • Create Strong and unique passwords.
  • Do not post sensitive information on social media sites.
  • Know who you are speaking and connecting with.
  • It is better to question what you see in e-mails and pop-ups.
  • Be mindful of email and phone call fraud attempts. 
  • Like always "if it seems too good to be true, it probably is"

Security Education


Cyber Security Awareness

10/7/2016

The Following are some tips so you and your personal information is secure:

  • Always be suspicious of unsolicited phone calls
  • Never Open emails from unknown senders. 
  • Be careful, read the email and look for grammar errors and misspelled words.
  • Install security software and keep it up to date 
  • Back up any data and scan your systems regularly
  • Do not Post or provide personal information, such as addresses, phone numbers, social security etc.
  • Make Passwords long and strong
  • Always be smart about using your devices; do not connect to unknown WiFi connections.


IRS Phishing and Online Scams:

Please be aware a combination of calls, emails and text messages that appear to be from the IRS are going around. The IRS does not initiate contact with taxpayers by email, text, or social media. They are trying to lure people to a malicious website or to provide personal and financial information. Always know who your are speaking with or what sites you are clicking on.

  • Don't Reply to unknown emails or text
  • Don't open any attachments
  • Don't click on any links 
  • Be Skeptical; it’s best to doubt the legitimacy of the call
  • Always check the source
  • Never send money to receive money 


 Tax Scams


Visit Colonial Federal's Privacy & Security page for security tips and your responsibilities.