Fraud Prevention

Step-by-Step Guide to Recognizing and Reporting Scams 

Step 1: Recognize Common Scam Types

Scammers use various tactics to deceive individuals. Be on the lookout for:

• Phone Scams – Impersonating government agencies, family members, or tech support.
• Email and Phishing Scams – Fake emails asking for personal or financial details.
• Lottery and Sweepstakes Scams – Claims of winning money but requiring upfront fees.
• Romance Scams – Fraudsters pretending to be romantic partners to exploit victims.
• Charity Scams – Fake organizations soliciting donations.
• Tech Support Scams – Calls or pop-ups warning of computer viruses, asking for remote access.
• Medicare/Insurance Fraud – Fraudulent requests for personal health information.

Step 2: Identify Warning Signs

• If it seems too good to be true, it LIKELY is a scam! 
• If you feel weird about it at any time, hang up and call the company at a number you know/trust. 
• Requests for personal or financial information via phone, email, or text.
• High-pressure tactics urging immediate action.
• Unsolicited contacts claiming you’ve won something or are in trouble.
• Requests to pay using gift cards, wire transfers, or cryptocurrency.
• Caller ID spoofing (calls appear to be from trusted sources but are not).

Step 3: Take Preventative Measures

• Never share Social Security numbers, bank details, or passwords with unknown individuals.
• Verify the identity of callers by calling back official numbers (not the one provided in the message).
• Be cautious when clicking links in emails or texts. Hover over links to see the actual URL.
• Sign up for the National Do Not Call Registry to reduce unwanted calls.
• Enable two-factor authentication (2FA/MFA) for online accounts.

Step 4: Gather Information About the Scam

• Before reporting a scam, collect as much information as possible, including:
• Names, phone numbers, and email addresses used by the scammer.
• Website links or social media profiles connected to the scam.
• Copies of emails, text messages, letters, or voicemails received.
• Details about the conversation, including dates, times, and requests made.
• Any payment details (method used, transaction IDs, or receipts) if money was sent.

Step 5: Report the Scam

If you suspect a scam, report it to the appropriate authorities:

• Federal Trade Commission (FTC): www.reportfraud.ftc.gov or call 1-877-382-4357.
• FBI's internet crime division. Report cybercrimes, such as online scams, at www.ic3.org.
• Social Security Administration (SSA) Fraud Hotline: 1-800-269-0271.
• AARP Fraud Watch Network: 1-877-908-3360.
• Better Business Bureau (BBB) Scam Tracker: www.bbb.org/scamtracker
• Local Law Enforcement: Report scams to your local police department.
• Your Bank or Financial Institution: If money has been sent or your account has been compromised.
• National Elder Fraud Hotline: The hotline is a free resource created by the department of Justice. Case managers are assigned to those who call. These case managers help seniors through the reporting process at the federal, state and local levels. Call (833) 372-8311. 

Step 6: Take Action If You’ve Been Scammed

• Act Quickly
• Contact the bank to freeze your cards/accounts - or file a dispute.
• Change your passwords and security questions for any compromised accounts.
• Place a fraud alert on your credit report with Equifax, Experian, or TransUnion.
• Monitor your bank statements and credit report for unusual activity.
• Seek support from family, trusted friends, or professional services if needed.

Final Reminder

Scammers are persistent and sophisticated, but staying informed and cautious can help protect your finances and personal information. Always verify before you trust, and report suspicious activity promptly to help prevent further fraud.

What to do if you fall for a scam email, call or text

1. Contact your bank, financial institutions and creditors

• Speak with the fraud department and explain that someone has stolen your identity.
• Request to close or freeze any accounts that may have been tampered with or fraudulently established.
• Make sure to change your online login credentials, passwords and PINs.

2. Secure your email and other communication accounts

• Many people reuse passwords and your email or cell phone account may be compromised as well.
• Immediately change your accounts’ passwords and implement multi-factor authentication — a setting that prevents cybercriminals from accessing your accounts, even if they know your password — if you haven’t already done so.

3. Check your credit reports and place a fraud alert on them

• Get a free copy of your credit report from annualcreditreport.com or call 877.322.8228.
• Review your credit report to make sure unauthorized accounts have not been opened in your name.
• Report any fraudulent accounts to the appropriate financial institutions.
• Place a fraud alert on your credit by contacting one of the three credit bureaus. That company must tell the other two.
  • Experian: 888.397.3742 or experian.com
  • TransUnion: 800.680.7289 or transunion.com
  • Equifax: 888.766.0008 or equifax.com

4. Contact ChexSystems at 888.478.6536 to place a security alert on the compromised checking and savings accounts when a deposit account has been impacted.

5. Contact the Federal Trade Commission to report an ID theft incident: visit ftc.gov/idtheft or call 877.438.4338.

6. File a report with your local law enforcement

Get a copy of the report to submit to your creditors and others that may require proof of the crime.

Report Possible Fraud

To report a lost or stolen VISA^® debit card after business hours: 800-791-2525.
To report a lost or stolen Visa^® credit card after business hours: 800-325-3678.

October is Cyber Security Month!

Here are some good tips to remember!  

Cyber Security - Phishing Tips
 

Cyber Security - Phishing Tips

Be Aware of Scams!

We have been made aware that there may be a Zelle® Text Scam that has been circulating.

The text appears to be an attempt to confirm a Zelle transfer of $600 (for example).
This text is not valid – it is a scam.
The goal is to get the customer to reply ‘no’ to the text so the scammer knows the phone number is valid.

From there the scammer will contact the customer impersonating a bank or Zelle employee to ‘resolve’ the matter. The scammer will have Zelle send a dual authentication text to the customer using the customers phone number. The scammer will ask the customer to verify the code that was sent to their phone, and that is how they get access to the account. The customer thinks the code is a harmless verification, but it gives the scammer immediate access to Zelle.

A Zelle® or Bank employee will never ask you for a verification code like this.

If you receive a text like this, please ignore and/or delete it. DO NOT reply to the text, click on any links, or call phone numbers offered in the text.

Unfortunately, if you follow through with a scam like this and authorize a payment, you may NOT get your money back. Trust your gut and delete any unsolicited messages.

What is Identity Theft?

Identity theft occurs when someone uses your personal identifying information, like your name, Social Security number, or credit card number, without your permission to commit fraud or other crimes.

The Federal Trade Commission estimates that as many as 9 million Americans have their identities stolen each year. In fact, you or someone you know may have experienced some form of identity theft.

The crime takes many forms. Identity thieves may rent an apartment, obtain a credit card, or establish a telephone account in your name. You may not find out about the theft until you review your credit report or a credit card statement and notice charges you didn’t make—or until you’re contacted by a debt collector.

Identity theft is serious. While some identity theft victims can resolve their problems quickly, others spend hundreds of dollars and many days repairing damage to their good name and credit record. Some consumers victimized by identity theft may lose out on job opportunities, or be denied loans for education, housing or cars because of negative information on their credit reports. In rare cases, they may even be arrested for crimes they did not commit.

Fraud Prevention

Person-to-Person Money Transfer Fraud Prevention

There are many money movement apps available nowadays such as Venmo, CashApp, Paypal, Zelle, Samsung Pay, Apple Pay and Google Pay. Here are some tips to keep these accounts secure.

ONLY transfer money to people you know and TRUST!

• If purchasing something, do not transfer to ANYONE until you’ve received the items you’re trying to purchase. Scammers can be very harsh and portray a sense of urgency so you feel inclined to transfer the money and then they never follow through with delivery.
• If someone is promising you something that is “too good to be true” (i.e. - free money in exchange for you sending them money first or send them gift cards and they’ll pay you a “handling fee”), these are most certainly a scam.
• If you voluntarily send money to someone (whether it’s fraud or not), you are NOT likely to get the money back. Only send money to friends and family.

Attach your debit card to your accounts instead of your checking account/routing number

• We recommend attaching your First State Bank & Trust debit or credit card to your money transfer apps rather than your checking account.
• If someone hacks your money transfer app, you can easily call us and cancel your debit card and issue another one – same day. It’s not that simple to completely change your account number if it has been hacked.
• If you feel fraud has occurred, immediately close any debit card, credit card or checking account set up as a payment method on these accounts. Quick action is needed so that hackers don’t make purchases or transfer funds.

Don’t disregard your alerts

• If you’ve received an alert from any of these apps saying someone has logged in to your account from a new device, take action immediately!
  • Log in to the app and change your password immediately.
  • Change your email address or email password, just in case your email has been compromised as well.
  • If available, set up two-factor authentication on the money transfer app. This adds an additional layer of security to your account by requiring a unique ne-time passcode sent to your cell phone to be entered prior to gaining access to your account.

Better to be safe than sorry

• If you feel anything is “fishy” or your “gut” is telling you something seems wrong – FOLLOW YOUR INSTINCT
• When using these Zelle, Venmo, etc., avoid using free Wi-Fi. Use only a secured Wi-Fi network, which you may have on your home internet.

What to do if you think your money transfer account has been hacked

•  Transfer the funds out of you money transfer account to your First State Bank & Trust account.
• Call the bank immediately to cancel any debit/credit card or checking accounts attached to the service. We can shut down the card so no transactions can be approved. Quick action is needed so that hackers don’t make purchases or transfer funds.
• Change your password immediately to your money transfer account.
• Change your email address and password and attach the new email to your money transfer account.
• Set up two-factor authentication on your money transfer account, if available.
• Contact the money transfer account’s customer support to let them know your account may have been compromised.
• Check your statement history to make sure nothing has posted that you didn’t authorize. If you do spot unauthorized transactions, contact the bank to start a dispute.

Mobile Device Security

Your mobile device provides convenient access to your email, bank and social media accounts. Unfortunately, it can potentially provide the same convenient access for criminals. We recommend following these tips to keep your information – and your money – safe.

• Use the passcode lock, fingerprint, or face ID on your smartphone and other devices. This will make it more difficult for thieves to access your information if your device is lost or stolen.
• Log out completely when you finish a mobile banking session.
• Protect your phone from viruses and malicious software, or malware, just like you do for your computer by installing mobile security software.
• Use caution when downloading apps. Apps can contain malicious software, worms, and viruses. Beware of apps that ask for unnecessary “permissions.”
• Download the updates for your phone and mobile apps.
• Avoid storing sensitive information like passwords or a social security number on your mobile device.
• Tell your financial institution immediately if you change your phone number or lose your mobile device.
• Be aware of shoulder surfers. The most basic form of information theft is observation. Be aware of your surroundings especially when you’re entering sensitive information.
• Wipe your mobile device before you donate, sell or trade it using specialized software or using the manufacturer’s recommended technique. Some software allows you to wipe your device remotely if it is lost or stolen.
• Beware of mobile phishing. Avoid opening links and attachments in emails and texts, especially from senders you don’t know. And be wary of ads (not from your security provider) claiming that your device is infected.
• Watch out for public Wi-Fi. Public connections aren't very secure, so don’t perform banking transactions on a public network. If you need to access your account, try disabling the Wi-Fi and switching to your mobile network.
• Report any suspected fraud to your bank immediately.

Debit Card Security

• Check your accounts often.
• Protect your PIN number and do not share it with anyone.
• Be aware of card skimmers at gas pumps, ATMs, etc.

Travel Security

Let us know when you will be traveling. Our debit card monitoring system analyzes transaction activity in order to prevent and protect you from fraudulent charges. One factor analyzed is location. Debit card usage outside of a usual location could cause your card to be flagged or blocked. Just give us a call and we can make sure you don't experience any card interruptions.

Other tips to remember when traveling:

• Carry limited cash.
• Travel with more than one form of payment.
• Sign up for text alerts in online or mobile banking.
• Keep a record of important documents in the event of being lost or stolen.
• Avoid free Wi-Fi.
• Don't post location or agenda on social media.

Cybersecurity

The Consumer Financial Protection Bureau gives consumers four steps they can take to determine if fraudulent charges or debits have been made on their accounts:

• Check your accounts for unauthorized charges or debits and continue monitoring your accounts.
• Report a suspicious charge or debit immediately.
• Know when to ignore anyone contacting you to “verify” your account information by phone or email.

What is phishing?

Phishing is a type of online scam where criminals make fraudulent emails, phone calls, and texts that appear to come from a legitimate bank. Every year, people lose hundreds, even thousands of dollars, to these scams. The communication is designed to trick you into entering confidential information (like account numbers, passwords, PINs, or birthdays) into a fake website by clicking on a link, or to tell it to someone imitating your bank on the phone.

What to do if you receive a scam email, call, or text

Email or text

If you suspect that an email or text you receive is a phishing attempt:

• Take a deep breath. In most cases, it’s perfectly safe to open a scam email or text. Modern mail apps, like Gmail, detect and block any code or malware from running when you open an email. The key is not to click links or download any attachments.
• Do not download any attachments in the message. Attachments may contain malware such as viruses, worms or spyware.
• Do not click links that appear in the message. Links in phishing messages direct you to fraudulent websites.
• Do not reply to the sender. Ignore any requests from the sender and do not call any phone numbers provided in the message.
• Report it. Help fight scammers by reporting them. Forward suspected phishing emails to the Anti-Phishing Working Group at reportphishing@apwg.org. If you got a phishing text message, forward it to SPAM (7726). Then, report the phishing attack to the FTC at ftc.gov/complaint.

Call

If you receive a phone call that seems to be a phishing attempt:

• Hang up or end the call. Be aware that area codes can be misleading. If your caller ID displays a local area code, this does not guarantee that the caller is local.
• Do not respond to the caller’s requests. Financial institutions and legitimate companies will never call you to request your personal information. Never give personal information to the incoming caller.
• If you feel you’ve been the victim of a scam, or provided personal or financial information, contact your bank immediately at their publicly listed customer service number. Often, this is found on the back of your bank card. Be sure to include any relevant details, such as whether the suspicious caller attempted to impersonate your bank and whether any personal or financial information was provided to the suspicious caller.

What to do if you fall for a scam email, call or text

1. Contact your bank, financial institutions and creditors

• Speak with the fraud department and explain that someone has stolen your identity.
• Request to close or freeze any accounts that may have been tampered with or fraudulently established.
• Make sure to change your online login credentials, passwords and PINs.

2. Secure your email and other communication accounts

• Many people reuse passwords and your email or cell phone account may be compromised as well.
• Immediately change your accounts’ passwords and implement multi-factor authentication — a setting that prevents cybercriminals from accessing your accounts, even if they know your password — if you haven’t already done so.

3. Check your credit reports and place a fraud alert on them

• Get a free copy of your credit report from annualcreditreport.com or call 877.322.8228.
• Review your credit report to make sure unauthorized accounts have not been opened in your name.
• Report any fraudulent accounts to the appropriate financial institutions.
• Place a fraud alert on your credit by contacting one of the three credit bureaus. That company must tell the other two.
  • Experian: 888.397.3742 or experian.com
  • TransUnion: 800.680.7289 or transunion.com
  • Equifax: 888.766.0008 or equifax.com

4. Contact ChexSystems at 888.478.6536 to place a security alert on the compromised checking and savings accounts when a deposit account has been impacted.
5. Contact the Federal Trade Commission to report an ID theft incident: visit ftc.gov/idtheft or call 877.438.4338.
6. File a report with your local law enforcement

• Get a copy of the report to submit to your creditors and others that may require proof of the crime.

Report Possible Fraud

To report a lost or stolen VISA® debit card after business hours: 800-791-2525.
To report a lost or stolen Visa® credit card after business hours: 800-325-3678

Protecting Your Debit Card

First State Bank & Trust helps protect our customers by monitoring transactions to detect possible fraud.

• You may receive texts or calls from our Fraud Detection Message Center to verify transactions periodically.
• Fraud Detection Message Center phone calls/texts originate from 855-961-1602. Any fraud detection calls you receive that are NOT from 855-961-1602 or from one of our local branches are likely phishing attempts that should be ignored.
• Make sure we have your current phone number. If you have a cell phone, our preference is for you to provide us with that number as your "primary" number. This way, if you're shopping and a transaction is declined, you will be able to receive calls from the automated system even if you're not home.

Here are a few ways to help you to protect yourself from card fraud:

• Use Visa Purchase Alerts to set up alerts to help you to detect activity that you did not authorize.
• Use caution when shopping online. Criminals use fake internet sales sites, which are prevalent on social media pages so be careful when shopping online.
• Never provide your debit card number/information to any caller. If there is a legitimate need to provide your card number over the phone, hang up and call the company directly.
• Develop a routine for safekeeping of your card: remember to obtain your card from the cashier or server at restaurants, and make sure to place the card back in its assigned place before leaving a business.

Protecting Your PIN at ATMs

• Check for tampering. Before putting your card into a reader, check it for tampering. Look for anything different or misaligned. If it looks suspicious, do not use the machine. ATMs do not have loose parts so if anything jiggles, don't use it.
• Avoid stand-alone ATMs if possible. Try to use ATMs that are located at a bank.
• Shield your PIN. When typing your PIN into a machine, it is a good practice to shield the entry pad if exposed.

Identity Theft Prevention Tools

• Visit The Federal Trade Commission's ID Theft Resource Center
• With proper safety measures in place your Online Banking and Mobile Banking transactions remain confidential and secure.

In addition to using best practices for data security, including data encryption and firewalls, these additional measures have been taken to ensure your privacy:

Secure Access and Verifying User Authenticity

• Unique ID and Password: To access First State Bank & Trust Online Banking, you must enter a unique User ID and password.
• Account "pseudo" names: First State Bank & Trust allows you to choose a "pseudo name" for each of your accounts. For example, Mary's Checking, Payroll, Savings, etc.
• Challenge questions: We may "challenge" you to answer questions you've provided us answers to when we observe potentially "out-of-pattern" behavior on your account.
• Automatic log-off: If you are logged on to online banking and have been inactive for 15 minutes you will be prompted by a pop-up box to continue your session. If you do not choose to extend your session within 60 seconds, the system will automatically log you out.
• Password "lockout" system: To keep unauthorized individuals from accessing your account by guessing your password, we have instituted a password lockout system. If your password is entered incorrectly three consecutive times, the user is "locked out" of the system. You must contact us for your account to be reset and the system to become "unlocked".
• Dormant accounts: For your security, Online Banking accounts with no activity for more than 6 months may be closed. You will need to contact First State Bank & Trust to reactivate it.

How can you protect your Internet security?

While First State Bank & Trust works to protect your banking privacy, you also play an important role in protecting your accounts. There are a number of steps you can take to ensure that your First State Bank & Trust account information is protected, including:

• Keep your password to yourself. Do not share it with others.
• Make sure to keep your computer updated with anti-virus software. This can help prevent key-logging malware from obtaining your user name and password.
• Do not open emails from unknown sources or send your account information to anyone who requests it by email or by phone. First State Bank & Trust will never request your password by email or by phone - ever.
• Change your password frequently. We strongly recommend changing your password every 90-120 days.
• Remain at your computer until your online banking transactions are completed and EXIT. Use the EXIT tab, before closing your browser or visiting other Internet sites.
• If you notice suspicious or unusual activity on your online banking accounts, Contact Us as soon as possible.