Privacy and Security
Copy this link for a free copy of Adobe Reader: http://get.adobe.com/reader
For more information on protecting your electronic identity click here.
Fraud Alert - NACHA – Fraudulent Emails
NACHA - The Electronic Payments Association has received reports that individuals and/or companies continue to receive fraudulent emails that have the appearance of having been sent from NACHA. These emails vary in content and appear to be transmitted from email addresses associated with the NACHA domain (@nacha.org). Some bear the name of fictitious NACHA employees and/or departments.
Be aware that clicking on the link will initiate a connection to servers delivering malware - more specifically ZEUS! Be aware that ZEUS and SpyEye often evade anti-virus software, IDS/IPs, scanning and malware detection. The only way to totally eradicate ZEUS is by reimaging the drive (or better yet - replacing the drive). NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.
Please be reminded that BCSB personnel would NEVER ask for your password or PIN under any circumstances. Additionally, we would NEVER send e-mails requesting personal information or claiming a need to verify personal information.
New Telephone Debit Card Phishing Scam
Bristol County Savings Bank has recently been aware of a new automated telephone scam that has been reported by customers of the Bank. In this scam, an automated telephone message claiming to be from Bristol County Savings Bank is randomly dialing telephone numbers in the local area and is stating that their debit card has been blocked, locked, and/or disabled. Customers are then instructed to press “one” to continue. If the recipient continues through the telephone menu system, they will be prompted to enter their debit or credit card information, including the card number, PIN, and expiration date. If you receive a call from this automated telephone system, please hang up and do not enter any information.
In the event you have entered any personal account or debit card information, please contact the Customer Contact Center at (508) 828-5420 immediately so that they can take the appropriate action to prevent unauthorized use of this information.
Bristol County Savings Bank will never ask you for your personal information via telephone, text messaging, and/or online.
Mass Joinder Lawsuit Advance Fee Mortgage Modification Scheme
Bristol County Savings Bank was recently informed about a new mortgage scam, one that targets current and former BCSB mortgagors in efforts for them to pay an up-front fee to participate in a lawsuit against the Bank for fraudulent mortgage practices.
Mortgage documents are public records, so the Bank’s mortgagors’ names and addresses can be easily researched. From this information, borrowers have historically been contacted for a variety of services, from aluminum siding and new roofs to lawn maintenance. However, the fraudsters have created a new scheme where mortgagors pay an up-front fee of up to $5,000 to be a plaintiff in a suit against the bank. Borrowers are mailed an official looking document that claims, “Your loan with Bristol County Savings Bank may be eligible for a national litigation settlement aimed at fraudulent lender actions. The goal is to make your illegal and fraudulent mortgage disappear, seek monetary relief up to $75,000, stop foreclosure, and/or seek compensation for damages.”
The mailings are a new twist on schemes to obtain up-front payments from homeowners struggling to pay their mortgages. The Better Business Bureau (BBB) warns homeowners to steer clear of any mailings that ask them to join national “mass joinder” lawsuits to force their mortgage companies to cut their loans. To read the entire article from BBB please copy this url: http://www.bbb.org/us/article/bbb-warns-homeowners-mass-joinder-lawsuit-mailings-may-be-latest-advance-fee-mortgage-modification-scheme-26797
Bristol County Savings Bank customers should not respond to this or similar mailings regarding their mortgage. Instead, customers with questions regarding their current or former mortgage should contact Customer Contact Center at 508-828-5420.
What is Identity Theft?
Identity theft occurs when a thief steals key pieces of personal identifying information, which may include a name, address, date of birth, Social Security number, and mother’s maiden name, to gain access to a person’s financial accounts. Identity thieves will then use your personal information to make illegal purchases, open new credit or financial accounts, or apply for loans using that person’s identity.
How Phishing Works
Typically, you’ll receive an email that appears to come from a reputable company that you recognize and may do business with, such as your financial institution. The email will probably warn you of a serious problem that requires your immediate attention. It may use phrases such as “Immediate attention required,” or “Please contact us immediately about your account.” The email may also state that unless you provide certain confidential information, your account will be deactivated or closed. If you provide the requested information, you may find yourself a victim of identity theft.
How to Protect Yourself
- Never provide your personal information in response to an unsolicited request, whether it’s over the telephone or the Internet.
- If you are unsure whether a contact is legitimate, contact the financial institution.
- Never provide your account information and/or password over the telephone or in response to an unsolicited Internet request. Bristol County Savings Bank will never ask you to verify your account information or confirm a password online.
- Review your account statements regularly to ensure all charges are correct.
What to do if you fall victim
- Contact Bristol County Savings Bank immediately at (508) 828-5420 to report the situation.
- Close accounts you think have been tampered with or opened fraudulently.
- Report all suspicious contacts to the Federal Trade Commission through the Internet http://www.ftc.gov/bcp/edu/microsites/idtheft/ or by calling 1-877-IDTHEFT.
- If you disclose sensitive information in a phishing attack, contact one of the three major credit bureaus listed below and discuss whether to place a fraud alert on your file. A fraud alert will help prevent thieves from opening a new account in your name:
Equifax: 1-800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
Experian: 1-888-EXPERIAN (397-3742); www.experian.com; P.O. Box 2002, Allen, TX 75013
TransUnion: 1-800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790
If you would like more detailed information to help you deter, detect, and defend against identity theft, click here: http://www.ftc.gov/bcp/edu/microsites/idtheft/
Email Fraud Scams
Two of the most common fraud scams courtesy of OnGuardOnline.gov:
The "Nigerian" Email Scam
The Bait: Con artists claim to be officials, businesspeople, or the surviving spouses of former government honchos in Nigeria or another country whose money is somehow tied up for a limited time. They offer to transfer lots of money into your bank account if you will pay a fee or "taxes" to help them access their money. If you respond to the initial offer, you may receive documents that look "official." Then they ask you to send money to cover transaction and transfer costs and attorney's fees, as well as blank letterhead, your bank account numbers, or other information. They may even encourage you to travel to the country in question, or a neighboring country, to complete the transaction. Some fraudsters have even produced trunks of dyed or stamped money to try to verify their claims.
The Catch: The emails are from crooks trying to steal your money or your identity. Inevitably, in this scenario, emergencies come up, requiring more of your money and delaying the "transfer" of funds to your account. In the end, there aren't any profits for you, and the scam artist vanishes with your money. The harm sometimes can be felt even beyond your pocketbook: according to State Department reports, people who have responded to "pay in advance " solicitations have been beaten, subjected to threats and extortion, and in some cases, murdered.
Your Safety Net: If you receive an email from someone claiming to need your help getting money out of a foreign country, don't respond. Forward "Nigerian" scams – including all the email addressing information – to email@example.com. If you've lost money to one of these schemes, call your local Secret Service field office. Local field offices are listed in the Blue Pages of your telephone directory.
The Bait: Email or pop-up messages that claim to be from a business or organization you may deal with – say, an Internet Service Provider (ISP), bank, online payment service, or even a government agency. The message may ask you to "update," "validate," or "confirm" your account information or face dire consequences.
The Catch: Phishing is a scam where internet fraudsters send spam or pop-up messages to reel in personal and financial information from unsuspecting victims. The messages direct you to a website that looks just like a legitimate organization's site, or to a phone number purporting to be real. But these are bogus and exist simply to trick you into divulging your personal information so the operators can steal it, fake your identity, and run up bills or commit crimes in your name.
Your Safety Net: Make it a policy never to respond to emails or pop-ups that ask for your personal or financial information, click on links in the message, or call phone numbers given in the message. Don't cut and paste a link from the message into your Web browser, either: phishers can make links look like they go one place, but then actually take you to a look-alike site. If you are concerned about your account, contact the organization using a phone number you know to be genuine, or open a new internet browser session and type in the company's correct Web address yourself. Using anti-virus and anti-spyware software and a firewall, and keeping them up to date, can help.
Forward phishing emails to firstname.lastname@example.org and to the organization that is being spoofed.
If you would like more detailed information regarding different types of Email Fraud Scams, click here: http://www.onguardonline.gov/topics/email-scams.aspx