|
Online Fraud and Threats– These are threats that could be apparent or transparent for Internet and/or mobile phone users.
|
Email and Website Fraud – "phishing" and "spoofing"
The most common type of online fraud is called "phishing" – criminals send phony emails which look official and legitimate. Often, the e-mails provide links to websites that ask you to enter in your personal information, such as your online ID, password or Social Security number, with the intent of gaining access to your financial accounts. Remember, REGIONS WILL NEVER ASK FOR THIS INFORMATION VIA E-MAIL. Click here to learn how to detect and prevent email and website fraud.
Malicious Code (Malware)
Exploiting holes in internet security, attackers try to install malicious code by getting Internet users to unwittingly take actions that allow the code to be installed or access their computer. Keystroke loggers are currently the most common form of Malware being utilized today. A keystroke logger is surveillance software designed to capture and store every keystroke a user makes. The stored keystrokes are then sent to criminals without the victim's knowledge.
To protect yourself from malware, never click links in suspicious emails and keep your Anti-Virus software and firewall protection up to date.
Pop Ups and adware
While Marketing pop ups are used as a quick way to capture online customers' attention, criminals can use pop up ads to spread malware. In the case of adware, the pop up contains software attached to it that tricks users into visiting malicious websites unintentionally. Upon visiting one of these websites, the user's web browser could automatically download or run malicious code, infecting the host computer and possibly other systems on the internal network.
To protect yourself from unwanted pop ups, activate the pop up blocker on your web browser and only accept pop ups from trusted sites. If your web browser does not have this capability, we strongly suggest you download a newer version.
Telephone Fraud, or "Vishing"
In vishing attempts, criminals send phony emails that ask customers to call a phone number. The phone number may differ from an actual Regions phone number by only one digit or it may be completely different. Either way the criminals hope to catch a Regions customer off guard usually by emphasizing urgency in the email text. If the phone number is dialed, callers will either be prompted to enter their sensitive information via the digits on the phone or via voice. The information is collected in order to be used for fraudulent activities.
If you receive an e-mail requesting that you dial a certain number, do not call the number. Contact Regions customer service immediately at 1-800-REGIONS (1-800-734-4667).
Mobile Device Fraud, or "Smishing"
Smishing is a form of criminal activity using social engineering techniques similar to phishing. As cell phones and PDAs become more technologically advanced, attackers are finding new ways to target victims. By using text messaging or email, an attacker could lure you to a malicious site or convince you to install malicious code on your portable device. As a result, an attacker may be able to accomplish the following: abuse your service, use your device in another illegal attack, or gain access to account information. For more information, visit: http://www.us-cert.gov.
Important Note about Regions Mobile Banking:
- Only Regions Online Banking customers will be able to use Regions Mobile Banking. If you receive an SMS message for mobile banking, but you are not an online banking customer, do not respond.
- Regions will not send any SMS (text) messages to your mobile phone other than to install the mobile banking application.
- Regions will never solicit any personal information from you through SMS message or email.
|
Traditional Fraud – These are scams that normally involve physical documents or contact with another person.
|
Job scams: An unsuspecting victim accepts a job in which they are paid a commission to facilitate money transfers through their account or apply for a job that asks them to set up a new bank account. These job scams can be initiated via unsolicited email or through reputable online job boards. They offer work-at-home jobs or accounting positions. The job scam offers the victim a retained portion of the funds being moved through their account(s).
Lottery or sweepstakes scams: Victims receive unsolicited communication that they are the winner of a lottery that they did not enter. The communication will direct them to pay a small percentage for fake taxes or other fees in order to receive their prize.
Dating scams: Victims are usually found in an online dating site or chat room where the criminal asks them to send money for a variety of reasons, including a need for urgent surgery, to make travel arrangements to meet in person, or to help them facilitate receipt of their inheritance.
Internet scams: Victims may receive a check for something they sold over the Internet. The check will be made out for more than the selling price. The victim will be instructed to deposit the check, but send back the difference in cash.
Telephone scams: It is an old technique but criminals still scan the phone book in order to cold call victims hoping they reach customers of a bank they are claiming to be calling on behalf of. If the call is not initiated by the customer, the customer should ask for information from the caller, never give out sensitive information, and report the phone call to his or her bank.
Nigerian Scam Letters: This type of scam involves unsolicited letters and emails that are sent to individuals and companies offering the recipient something of value for their assistance in transferring millions of dollars to American banks. These "old-fashioned fraud schemes" have existed for a long time. Examples are bogus business opportunities, chain letters, "free goods", work-at-home schemes, diet scams, etc. The Federal Trade Commission (FTC) has a list of the most common schemes at http://ftc.gov. Should you receive one of these letters, please do not reply, but report the letter to the Internet Fraud Complaint Center at http://www.ic3.gov.