Fighting Cybercrime Together
Citadel Cybersecurity & Scam Protection
As technology advances, you can be sure that identity thieves are not far behind. Here are some common methods cyber thieves use to steal your personal information and how you can increase your security.
Frequently Asked Questions Related to Cyber Scams
Credential stuffing is a cybercrime tactic in which criminals use login credentials that were previously exposed due to prior security events/breaches at organizations like Yahoo, Facebook, Door Dash, etc. The cybercriminals create a computer script with the list of exposed credentials and ultimately attempt to gain access to a website such as Online Banking.
Cybercriminals are aware that consumers regularly use the same usernames and passwords for many of their online logins. To be safe, consider changing your passwords on all accounts and avoid repeating the same password for different logins. Citadel recommends making passwords as unique and complex as possible.
Read our Learn and Plan article for additional ways to protect your information.
Your email messages may not be quite what they appear to be if you’re targeted by a phishing scam. Phishing is the act of sending fraudulent emails that seem to come from familiar businesses. These messages contain links to phony websites designed to steal personal information either directly or through malware and keyloggers. Often, you’ll see a problem referenced with a request to click on the link provided to correct it. Once you’ve entered your information, ID thieves can access your accounts.
Vishing is the telephone version of phishing. Callers are sometimes bold enough to suggest the victim call back to verify authenticity. But the vishers don’t hang up; instead they play a recorded dial tone to make the victim believe he’s making a call.
Over the past few years, social media financial scams of multiple varieties have become more frequent. In fact, Citadel members have been targets of social media scams, and this scamming continues to occur across multiple regions and involves a variety of financial institutions.
One of the most common types of social media scams is when an individual is asked to surrender personal information in order to provide access to their bank account(s). The fraudsters tell the victim they will deposit money into their accounts, then deposit fraudulent checks via ATMs. These scams are sometimes positioned as “work from home” opportunities to make money.
The crime of stealing someone's personal, identifying information for the purpose of using that information fraudulently. Personal, identifying information includes Social Security numbers, credit card and banking account numbers, user names, passwords, and patient records. Fraudulent uses for that information can often include opening new credit accounts, taking out loans in the victim's name, stealing money from financial accounts, or using available credit.
Most shoppers love the convenience of plastic, and identity thieves use this to their advantage whether it involves skimming, phishing, vishing, malware, mail theft or just looking over a victim’s shoulder to steal account numbers. When debit cards are compromised, it’s particularly alarming because fraudulent purchases drain your checking account instantly.
Business email compromise, or BEC, scams have cost companies more than $1.2 billion. A phony email from a CEO requesting that funds be transferred per attached instructions is sent to an employee. Because the email appears to come from the employee’s superiors, and because the message so closely resembles requests this employee receives regularly, the transfer is often made without question. The money then ends up in overseas accounts that are almost impossible to trace.
Still have questions? Visit our Security Center.
Common Scams & Red Flags
- Tech Support Scam: You receive a request from tech support claiming your computer has malware and requesting payment to fix the defects or access your computer.
- Business Email Compromise Scam: You receive a request to change fund transfer details unexpectedly.
- Email Account Compromise Scam: You receive a request to redirect funds for a legitimate purpose such as a home or auto purchase.
- Grandparent Scam: You receive a call from someone claiming to be a grandchild or loved one asking for money to help with an emergency and instructions on where to send the funds.
- Lottery and Sweepstakes Scam: You receive a request to prepay fees or taxes in order to receive a large prize you supposedly won.
- Investment Scam: You receive a request to invest in a business opportunity with promises of high returns to getting rich quick.
- Charity Scam: You receive a request to donate to a charity that you've never heard of and for which you can’t find an official website.
- Overpayment for Goods or Service Scam: You receive an overpayment for an item you are selling and a request to deposit the check and then send money via a wire or gift card.
- Fake Goods Scam: You receive a request to send a money transfer to pay for an online purchase. Never transfer money for example by using Zelle® for a product or merchandise that you have not received yet
- Debt Relief Scam: You receive a request for payment in order to establish a service relationship to pay, settle or get rid of debt.
- Assistance Cashing a Check Scam: You are approached outside branch and asked to cash a check for someone who claims they don’t have an account or their ID with them. The bad check will be held against your account when it doesn’t clear.
- Fake House/Apt Rental Scam: Your house is legitimately listed for sale on multi-listing service (MLS) web sites, however scammers set up a fake website and list your house as a rental. You then receive inquiries from prospective renters about deposit checks they sent you (which they really sent to the scammer).
Quick Tips to Protect Yourself
✔ Install the latest editions of antispyware, antivirus, firewalls and browsers to all devices, and password-protect them.
✔ Use strong passwords for all accounts and change them frequently.
✔ Monitor accounts and credit reports to detect fraud early.
✔ Don’t use public Wi-Fi networks for financial transactions.
✔ Keep cards away from public view, and shred personal documents before discarding.
✔ Opt in for two-factor authentication on all online accounts where possible.
✔ Turn off Bluetooth and near field communication when not in use.
✔ Never share sensitive information with unsolicited callers or email senders.
✔ To verify calls, hang up for at least one minute to insure the first call is disconnected.
Learn how to identify and avoid fraud attacks.Explore Now
How to Avoid Fraud Scams:
➜ Legitimate businesses or employers will not ask for your account information. Never allow another individual to use your account or have access to your account information. These folks may promise you’ll make money, but ultimately, their promises are fraudulent, so refrain from answering suspicious requests via social media.
➜ If information is shared, you can be held responsible. When account or personal information is willingly shared with another individual, the victim can face monetary losses, civil action, and possible criminal charges.
➜ Keep your information as secure as possible. To keep your accounts safe from other types of fraud or scams, create strong passwords/PINs, keep your cards secure, and report suspicious activity to Citadel immediately.
Digital Tools Built to Protect Your Finances
- Download the Citadel Card Control app – which allows you to set controls and manage your Citadel debit and credit cards from a centralized location with the Mobile Banking App.
- Sign up for Account Alerts – we offer account alerts and e-alerts through Online and Mobile Banking to help members monitor spending behaviors, fraudulent activity, and more.
- Consider purchasing ID Theft Protection services – Citadel member have access to sign up for credit file monitoring and identity theft protection through a trusted party.
Take control of your cards with Citadel Card Control.
Turn your cards on/off, set spending limits, and manage location settings right from your mobile device. Enjoy added security and peace of mind knowing you have control over how, when, and where your cards are used.