Many of you use Zelle to send money to friends and family. Zelle is a safe and secure way to send money to people you know, but with the rise of digital payments, there is also an increasing number of scammers looking to take advantage of these payment platforms.
We want to bring to your attention a Zelle scam that is receiving national media attention. Scammers contact a customer saying they have noticed suspicious activity such as money being sent from their account to another account. The scammer will then ask the customer to send the money to themselves with Zelle to another financial institution to reverse the payment. Representatives of The State Bank or Zelle would never do this.
We want to remind you that representatives of The State Bank and Zelle will never call, email, or text asking you for personal information. If you receive a message regarding Zelle, don’t click links within the message and call The State Bank rather than any number provided in the message to inquire about the validity of the message.
As events relating to Russia’s invasion of Ukraine continue to unfold, including the United States Government’s notification of high alert for the conflict to possibly spill over into cyberattacks, The State Bank wants you to know that we partner with several private and government agencies to stay abreast of current cybersecurity threats throughout the world. The State Bank has deployed several layers of defense to help safeguard the bank’s infrastructure as well as your personal data. We continuously monitor these measures to assure everything is in place, updated, and secure.
The State Bank takes safeguarding your personal information seriously and appreciates your business and trust in the bank to protect your financial interests. Consumers can also be confident in the Federal Deposit Insurance Corporation, or FDIC, which supplies insurance to The State Bank so that a customer can be refunded if money is taken from their account without their permission.
Every day regular people like you lose their hard-earned money to online phishing scams. Don’t fall for fake — learn how to spot shady texts, emails, and phone calls by knowing the things your bank would never ask.
Visit the American Bankers Association site Banks Never Ask That, for more tips, resources, and the latest news on phishing scams.
Ensuring your devices are updated and patched is extremely important and is a simple step to help you stay safe online. Software updates not only improve how your device runs – they also fix or remove bugs, patch security vulnerabilities that are exploitable by hackers, and add new and improved features. By regularly updating and patching your devices, you can help keep your personal information safe and out of the wrong hands.
Personally Identifiable Information (PII) refers to any information that can be used to identify, locate, or contact an individual. This includes, but is not limited to – your name, Social Security number, date of birth, address, and phone number. It is important to be mindful of where you might use, or share, your PII. Be careful not to include any identifying information in your passwords, PIN numbers, or passcodes. Consider what you post online, as social media is a huge source for cybercriminals to gain your private information. Look over the privacy settings of your social media accounts and enable multi-factor authentication when possible.
To learn more about how to protect, store, and use your PII, read the Department of Homeland Security’s factsheet.
Ransomware is an ever-evolving form of malware designed to take your files hostage (encryption), rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for releasing files (decryption). Here are some important tips that will help protect your files:
It is imperative to implement both personal and device safety measures while at home. Resist using public WiFi to access personal accounts, make purchases, or sign into banking, credit, or other applications where personal data is present.
Cybercriminals have the potential to intercept information being transmitted over unencrypted network connections and can use their findings in a wide variety of cyberattacks. Learn more on how to safeguard your home network and information.
Strong passwords are essential in practicing online security and protecting your information. Strong passwords are those that include uppercase and lowercase letters, numbers, and special characters, and are at least twelve to fifteen characters in length.
Remember to never write down, share, or store your passwords overtly. Instead, use a secure password manager to organize and keep track of your passwords. Never use the same password for multiple accounts. Don’t give passwords or PINs to anyone. The State Bank will never ask you for your password over the phone, in person, or via email.
It is important to update your passwords frequently, set up multi-factor authentication, and enable biometric login when available.
Phishing refers to a type of social engineering attack, in which a cybercriminal sends deceptive emails in an attempt to infect a user’s device with malware and/or obtain personal information, such as credit card numbers, login credentials, and other sensitive material.
To learn more about how to spot a social engineering attack and how to avoid them, visit the United States Cybersecurity and Infrastructure Security Agency (CISA) website and review their tips on Avoiding Social Engineering and Phishing Attacks.
Business email compromise (BEC)—also known as email account compromise (EAC)—is one of the most financially damaging online crimes. It exploits the fact that so many of us rely on email to conduct business—both personal and professional. In a BEC scam, criminals send an email message that appears to come from a known source making a legitimate request, like in these examples:
Versions of these scenarios happened to real victims. All the messages were fake. And in each case, thousands—or even hundreds of thousands—of dollars were sent to criminals instead. In these instances, a scammer might:
Learn more on how to protect your business against fraudulent requests
Voice phishing, or Vishing, is a social engineering scheme, that aims to gather personal and confidential information using verbal scams.
If you suspect that you might have received (or are on) a vishing call, it is always best to hang up and verify legitimacy by calling an official, public phone number of the company in question. Like phishing, vishing calls may evoke a sense of panic, and attackers will attempt to persuade their victims to provide sensitive, personal material over the phone.
Cybercriminals may even leverage programs that can create bogus phone numbers using local area codes and numbers, or ones that resemble a reputable organization’s business number.
You may also wish to register for the Federal Trade Commission’s National Do Not Call Registry which will greatly reduce the telemarketing calls your number receives, and help you spot a possible vishing attack.
Identity theft is the deliberate and intentional use of another person’s identity, usually for financial gain. Luckily there are ways to mitigate your risk of becoming a victim of this crime. The State Bank is committed to ensuring we protect your financial assets, but also your good name and positive credit history.
When it comes to scams that work to steal your identity, prevention and vigilance are key. Credit monitoring is easy to set up and tracks activity at all three major credit bureaus – Equifax, Experian, and TransUnion. This service will alert you when it detects newly opened loans or accounts, unexpected changes to your credit limits, a change in personal information on your credit file, and more.
Regularly monitoring your financial account statements, as well as keeping track of activity on your credit report, are good ways of being proactive and can help you stop identity theft before it’s too late.
Setting up alerts on your bank account is simple and will help you spot suspicious activity like invalid logins, transactions, or fraudulent online charges.
Learn more about identity monitoring services and Identity Theft Protection Services by visiting the United States Federal Trade Commission’s website.
Criminals access your information through obvious ways like stealing your wallet and using your credit cards, or in ways not as obvious, like going through your trash and pulling bank account numbers from receipts that were not shredded. To protect yourself against things like this, take the protection of your bank and credit card numbers seriously. Never throw away ATM receipts, credit statements, credit cards, or bank statements in the trash without shredding them. Only provide your credit card number over the phone if it is a business you called yourself to make a purchase. Check your bank and credit card statements monthly. In addition, monitor your credit score regularly for any unusual changes.
This occurs when internet fraudsters act as a familiar business to trick you into giving them your personal or financial information through an email, text, or even a pop-up message. Your information is then used to commit fraud on your account.
The State Bank or any legitimate business will never ask for your sensitive information through communications that are insecure such as text or email. At The State Bank, we will never ask for your username or password, even over the phone. It’s important that if a person or business asks you for any information that may allow them to access your financial accounts, you refuse. Just as importantly, do not click on any links that ask you for your personal information or financial information.
Fraudsters are smart – they often make it appear as though the message is coming from a business or person you trust. It’s best that if you receive a message like this that you pick up the phone and call the company directly, using a phone number you have saved or found online – do not call the number that was provided to you in a suspicious message.
Nowadays we are constantly using our computers and smartphones to make purchases online. Our home or work computers can be used against us by fraudsters who attempt to capture usernames and passwords on sites we may think are legitimate. Viruses and spyware can be transferred to your computer from websites, as well as emails, links in emails, and removable storage such as a USB drive, without your knowledge.
The best way to protect against this activity is to install a recommended antivirus program. If you are ever suspicious about something you clicked or a site you visited and made a purchase from, consider having your computer inspected by a qualified company.
Do you think you’ve been a victim of fraud? Don’t worry, The State Bank is here to help. If you suspect fraudulent activity on your account, please contact your local branch manager or representative. In addition, setting up alerts on your bank account is simple and will help you spot suspicious activity like invalid logins, transactions, or fraudulent online charges.
You may wish to file a formal complaint or report a scam or consumer issue directly with the Federal Trade Commission (FTC): FTC Complaint Assistant.
You can also report stolen identities and finances to the FBI’s Internet Crime Complaint Center (IC3): Complaint Referral Form.
*Based upon number of approved loans for the SBA fiscal years ending September 30, 2020, 2021 & 2022.
© 2021 The State Bank, Fenton, Michigan. All Rights Reserved
