Fraud Alert:

Scammers are using publicly available PPP loan data to impersonate bankers and law enforcement. Click to learn more »

Security - Secure Your Financial Information

Business Groups Warn of Scams Targeting PPP Loan Recipients

The Nebraska Bankers Association, the Nebraska Chamber of Commerce, the Greater Omaha Chamber, the Lincoln Chamber of Commerce and NFIB Nebraska are warning businesses about scams targeting recipients of Paycheck Protection Program loans. Several Nebraska banks have reported that fraudsters are calling recipients and impersonating bank employees or local law enforcement.
 
Scammers use PPP borrower information released by the Small Business Administration in 2020. The public SBA database includes business names, addresses, loan amounts, funding dates, number of employees and the names of the financial institutions that issued the loans.
 
Criminals then use this information to trick PPP borrowers into sharing online banking credentials or sending payments. In one common tactic, scammers call customers pretending to be from the bank’s fraud department and claim there is unusual activity on the account. They then send a link to reset login credentials and ask for the one-time passcode, which allows them to take control of the account.
 
In another version of the scam, callers pose as law enforcement officers and claim a warrant has been issued for the customer’s arrest for failing to appear at a court hearing related to a fraudulent PPP loan. The scammers then offer to accept a “cash bond” and provide instructions on how to send payment.

Fraud tactics include:

  • Spoofing phone numbers: Scammers alter the caller ID so the phone number appears to be from the victim’s bank or law enforcement.
  • Credential theft: Victims are pressured into providing usernames, passwords and one-time passcodes.
  • Unauthorized access: With this information, scammers are able to reset passwords and bypass security settings.
  • Same-day transfers: Criminals move funds out of accounts using Automated Clearing House transfers before the fraud is detected.

What you should do:

  • Do not use any phone number provided during the call.
  • Contact your bank using the number on its website or the back of your debit card.
  • Verify law enforcement claims by calling your local police or sheriff’s department.
  • Never share your password, PIN or one-time passcode.
  • Be suspicious of anyone who pressures you to act immediately or threatens negative consequences.

Banks Never Ask That!

 

Can You Spot a Phishing Scam?

Every day, thousands of people fall victim to fraudulent emails, texts and calls from scammers pretending to be their bank. And in this time of expanded use of online banking, the problem is only growing worse. In fact, the Federal Trade Commission’s report on fraud estimates that American consumers lost a staggering $1.9 billion to these phishing schemes and other fraud in 2019 — and the ongoing pandemic has only increased the threat. Imagine where we are in 2020.

It’s time to put scammers in their place.

Online scams aren’t so scary when you know what to look for. And at Auburn State Bank, we’re committed to helping you spot them as an extra layer of protection for your account. We’ve joined with the American Bankers Association and banks across the country in a nationwide effort to fight phishing—one scam at a time.

We want every bank customer to become a pro at spotting a phishing scam—and stop bank impostors in their tracks. It starts with these four words: Banks Never Ask That. Because when you know what sounds suspicious, you’ll be less likely to be fooled.

These top 3 phishing scams are full of red flags:

Text Message: If you receive a text message from someone claiming to be your bank asking you to sign in, or offer up your personal information, it’s a scam. Banks never ask that.

Email: Watch out for emails that ask you to click a suspicious link or provide personal information. The sender may claim to be someone from you bank, but it’s a scam. Banks never ask that.

Phone Call: Would your bank ever call you to verify your account number. No! Banks never ask that. If you’re ever in doubt that the caller is legitimate, just hang up and call the bank directly at a number you trust.

You’ve probably seen some of these scams before. But that doesn’t stop a scammer from trying. For more tips on how to keep phishing criminals at bay, including videos, an interactive quiz and more, visit www.BanksNeverAskThat.com. And be sure to share the webpage with your friends and family.

What’s Your Scam Score? Take five minutes to become a scamspotter pro by taking the #BanksNeverAskThat quiz at BanksNeverAskThat.com. Share your score on Twitter to encourage your friends and family to test their scam savviness, too. The more scamspotters out there, the harder it is for phishing criminals to catch their next victim!

 

“You’ve won! Now pay us” is always a scam.

August 12, 2020
by 
Jim Kreidler
Consumer Education Specialist, FTC
 

During these difficult economic times, it is easy to imagine our financial problems disappearing by winning a big prize. Who wouldn’t like to win a million dollars, a new car, or a vacation home? But if you get a call from someone saying, “You’ve won,” don’t believe the hype.

Here’s how it works. You get a call from someone who says they’re from Publishers Clearing House or some other well-known organization. They say, “Congratulations, you’ve won a million dollars, a Mercedes-Benz, and seven thousand dollars a week for life!” or some other amazing sounding prizes. Then they ask you to pay a “processing fee,” "taxes," or "shipping and handling charges," to claim your prize.

The scammers are trying to push you into a heightened emotional state, to knock you off balance just long enough to steal your money and personal information.

The fact is, Publishers Clearing House never notifies winners in advance. And anyone who says, “You’ve won. Now pay us,” is always scammer. Period.

Consider these tips to avoid this scam:

  • Legitimate sweepstakes don’t make you pay a fee to get your prize. That includes paying "taxes," "shipping and handling charges," or “processing fees.” There’s also no reason to give someone your checking account or credit card number in response to a sweepstakes promotion.
  • Don’t send money transfers or gift cards, or give personal information. Sending money transfers or gift cards (or providing the gift card numbers) is like sending cash: once the money’s gone, you can’t trace it or get it back. The same goes for sending money by mail or using a money order. 
  • Don’t trust your caller ID. Scammers can make any name or number show up on your caller ID. They might use an official-sounding name like Publishers Clearing House or Reader’s Digest.

Scammers don’t just scam one person. Tell your friends and family about the scam so they can avoid it. Then report it to the FTC: ftc.gov/complaint.

https://www.consumer.ftc.gov/blog/2020/08/youve-won-now-pay-us-always-scam

Be aware of Fake Checks!

Learn more at ftc.gov/scamalerts and aba.com/consumers

    Auburn State Bank Offers 7 Tips to Avoid Online Fraud

    Every year, millions of consumers fall victim to cybercrime. According to the FBI’s Internet Crime Complaint Center, in 2014, consumers lost more than $800 million from scams initiated through the web. In recognition of Internet Safety Month in June, Auburn State Bank is highlighting seven tips to help consumers protect themselves from online fraud. 

    “The Internet has become one of the most popular tools used to commit fraud and criminals are becoming more and more sophisticated with their hacking techniques”. “As a result, it’s extremely important for consumers to secure their wireless networks and filter the amount of personal information they choose to divulge online.” 

    Auburn State Bank recommends the following tips to keep you safe online:

    • Keep your computers and mobile devices up to date.  Having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats. Turn on automatic updates so you receive the newest fixes as they become available.
    • Set strong passwords. A strong password is at least eight characters in length and includes a mix of upper and lowercase letters, numbers, and special characters.
    • Watch out for phishing scams. Phishing scams use fraudulent emails and websites to trick users into disclosing private account or login information. Do not click on links or open any attachments or pop-up screens from sources you are not familiar with. Forward phishing emails to the Federal Trade Commission (FTC) at spam@uce.gov – and to the company, bank, or organization impersonated in the email. 
    • Keep personal information personal. Hackers can use social media profiles to figure out your passwords and answer those security questions in the password reset tools. Lock down your privacy settings and avoid posting things like birthdays, addresses, mother’s maiden name, etc.  Be wary of requests to connect from people you do not know.
    • Secure your internet connection. Always protect your home wireless network with a password. When connecting to public Wi-Fi networks, be cautious about what information you are sending over it.
    • Shop safely. Before shopping online, make sure the website uses secure technology. When you are at the checkout screen, verify that the web address begins with https. Also, check to see if a tiny locked padlock symbol appears on the page.
    • Read the site’s privacy policies. Though long and complex, privacy policies tell you how the site protects the personal information it collects. If you don’t see or understand a site’s privacy policy, consider doing business elsewhere.
    Back to Top