Security Banking Tips From First National Bank of River Falls

Protect Yourself: Recognize, Report, and Prevent Fraud, Scams, and Identity Theft

Every year, billions of dollars are stolen by scammers and identity thieves, targeting unsuspecting individuals through sophisticated tactics. These criminals use emails, phone calls, texts, and online platforms to steal personal information or trick victims into sending money.

Stay informed and safeguard your finances by learning how to identify warning signs, report suspicious activity, and protect yourself from fraud, common scams, identity theft, and cybercrimes.

Click below to explore actionable tips and resources to stay a step ahead of cybercriminals.

Frauds and Scams
In 2022, consumers reported losing a staggering $8.8 billion to fraud, according to the Federal Trade Commission (FTC). Out of 2.4 million fraud reports, imposter scams topped the list as the most common, followed by online shopping scams, prize and lottery scams, investment scams, and business/job opportunity scams.

Common Types of Frauds and Scams
Type of Fraud/Scam Description
Imposter Scams

Imposters often disguise themselves as someone you trust—a family member, friend, or representative from organizations like the NCUA, IRS, or Social Security Administration. They may also pose as tech support agents or representatives of companies you do business with. Their goal? To gain your trust and steal your personal information or convince you to buy gift cards, send digital currency, or transfer money.

Stay vigilant. Legitimate government agencies, including the NCUA, will never ask for money or your personal and financial information. If you’re unsure whether a request is legitimate, do not send money or share sensitive information. Instead, end the communication immediately and contact the organization directly to verify their claims.
Online Shopping Scams

Online shopping scams can happen in various ways, from paying for products that never arrive to losing money and sensitive payment information on fake websites or apps. Scammers create fraudulent websites that mimic trusted retailers and design counterfeit apps embedded with malware to steal your data and money.

Protect Yourself:
  • Check Refund and Return Policies: Review policies carefully before making a purchase.
  • Dispute Unauthorized Charges: If your order doesn’t arrive or your refund request is denied, dispute the charges with your credit card provider.
  • Use Credit Cards: Paying with a credit card can simplify the dispute process and provide added security.
  • Stick to Trusted Retailers: Only use official retailer websites or apps with stronger security measures.
  • Monitor Transactions: Regularly review your credit and debit card activity to detect unauthorized purchases early.
Prizes, Sweepstakes, and Lotteries

Scammers may contact you claiming you’ve won a prize, sweepstakes, or lottery, then demand money or account details to cover "taxes" or "fees" upfront. They might impersonate government agencies or claim you've won a foreign lottery—common signs of a scam.

Protect Yourself from Prize Scams:

  • Know the Rules: Legitimate sweepstakes are free to enter and won by chance.
  • Beware of Upfront Fees: Government agencies never request money or financial information to claim a prize.
  • Validate Claims: If you didn’t enter a lottery or sweepstakes, it’s likely a scam.
  • End Suspicious Contact: Hang up or delete messages if something feels off. Contact the organization directly to verify any claims.
Investment Fraud

Investment fraud comes in many forms, including Ponzi schemes and pyramid scams. A Ponzi scheme pays returns to earlier investors using funds from new investors, while pyramid scams operate similarly. Often, these scams promise high investment returns without actually investing your money. Despite their names, most investment scams share common red flags: guaranteed high returns with no risk and high-pressure sales tactics.

How to Protect Yourself from Investment Fraud:

  • Watch for Vague Details: Scammers often avoid providing written information or claim details are "confidential."
  • Consult Experts: Speak with fiduciary financial advisors before making decisions.
  • Do Your Research: Don’t rush into investments without conducting independent research.
  • Trust Your Network: Discuss opportunities with trusted friends or family to gain clarity.
  • Report Suspicious Activity: If you suspect fraud, report it to agencies like the SEC, FINRA, CFTC, FBI, or FTC.
Business and Job Opportunity Scams

Scammers frequently advertise fake job and business opportunities that sound too good to be true. Promises like "minimal work with a high salary," "guaranteed income," or a "proven business operation system" are red flags. These scams often disguise themselves as legitimate job offers, mentoring programs, or business opportunities to exploit your money and steal personal information.

Tips to Protect Yourself:

  • Trust Your Instincts: If it sounds too good to be true, take your time to investigate.
  • Verify Employers: Honest employers, including the federal government, will never ask for payment to secure a job.
  • Research Business Opportunities: Before paying for a business opportunity, research the seller, company, and coach’s credentials.
  • Request a Disclosure Document: Legitimate business opportunities must provide a one-page disclosure document outlining lawsuits, cancellation or refund policies, and other critical details.
  • Seek Advice: Talk to someone you trust to gain perspective before making decisions.
Fake Check Scams

Fake check scams follow a common pattern: scammers send you a cashier’s check or money order and ask you to return a portion of the money using gift cards, money orders, or cryptocurrency. While the check may initially clear, it’s later identified as fraudulent, leaving you responsible for repaying the deposited funds to your credit union or bank.

How to Protect Yourself from Fake Check Scams:

  1. Understand Cashier’s Checks: Cashier’s checks are not cash, and it can take weeks to verify their legitimacy.
  2. Beware of Overpayments: If the check amount exceeds what it should be, void it and request a replacement for the correct amount.
  3. Avoid Risky Transactions: Never send money via gift cards, money orders, or cryptocurrency in response to a check—it’s not a protected transaction.
  4. Stay Skeptical: If something feels off, stop the transaction and verify the source of the payment.
Check Washing Scams

Check washing scams involve criminals altering checks by changing the payee names and often increasing the dollar amounts before fraudulently depositing them. Scammers frequently steal these checks from mailboxes and use chemicals to erase ink, allowing them to rewrite the check details.

How to Stay Safe from Check Washing Scams:

  1. Secure Your Mail: Retrieve your mail promptly to reduce the risk of theft.
  2. Use Secure Drop-Offs: Deposit outgoing mail at your local Post Office or in blue collection boxes before the final pickup of the day.
  3. Plan for Absences: If you’re traveling, have your mail held at the Post Office or ask a trusted friend or neighbor to collect it daily.
  4. Stay Informed: Learn more about check washing scams and prevention tips from the United States Postal Inspection Service website.
Disaster Fraud

Disaster fraud occurs when scammers exploit vulnerable individuals during crises. Common tactics include posing as fake government employees or representatives of bogus charities. These fraudsters aim to steal your money and financial information under the guise of offering recovery assistance.

Tips to Protect Yourself from Disaster Fraud:

  1. Verify Identity: FEMA, federal, and state workers will never ask for or accept money when assisting with disaster relief. Always ask to see an official ID.
  2. Be Skeptical: If someone claiming to be a government worker approaches without proper identification or credentials, do not provide personal or financial information.
  3. Confirm Legitimacy: Contact government agencies or local law enforcement to verify the identity and legitimacy of suspicious individuals or organizations.
  4. Stay Cautious: Take your time before engaging with anyone offering help—don’t let urgency pressure you into acting.
Romance Scams

Romance scams occur when scammers create fake online identities to gain your trust and affection. They manipulate you into believing you’re in a close or romantic relationship. These scammers often promise to meet in person but never follow through, claiming to be working abroad or dealing with emergencies. Their ultimate goal? To ask for money or trick you into sharing sensitive information.

How to Protect Yourself from Romance Scams:

  1. Guard Your Social Media: Scammers often use personal details shared on social media or dating profiles to target you. Be mindful of what you post.
  2. Verify Their Identity: Use a reverse image search to check if their profile photo is linked to multiple accounts or scams.
  3. Be Skeptical: Avoid sending money, gifts, or gift cards to someone you haven’t met in person, no matter how convincing their story.
  4. Trust Your Instincts: If something feels off, take a step back and evaluate the relationship critically.
Identity Theft

Identity theft occurs when someone steals your personal information without permission to commit fraud. Thieves use stolen identities to apply for credit, file taxes, obtain medical services, or impersonate victims during legal issues. These fraudulent activities can severely harm your credit score, finances, and reputation, costing you significant time and money to resolve.

Protect Your Identity:

  • Monitor your financial accounts and credit reports regularly.
  • Avoid sharing sensitive information online or over the phone unless you trust the source.
  • Use strong, unique passwords for your accounts and enable multi-factor authentication when available.

How Scammers Steal Personal Information: Common Tactics to Watch For

Scammers use various methods to steal your personal information and commit fraud. Here are some common tactics:

  1. Wallet or Purse Theft: Scammers steal your ID, credit, or debit cards for fraudulent use.
  2. Public Wi-Fi and USB Charging Scams: Thieves can access your personal data when you use unsecured networks or public USB charging stations.
  3. Data Breaches: Scammers exploit breaches to obtain sensitive information like passwords or account numbers.
  4. Social Media Snooping: Fraudsters look through your social profiles for personal details like your name, birthdate, or address.
  5. Phishing Attacks: Scammers trick you into sharing personal information through fake emails, texts, or websites (see our Cybersecurity section for more details).
  6. Skimming Devices: Card readers installed at ATMs, cash registers, or fuel pumps capture card numbers and PINs.
  7. Mail Theft or Diversion: Criminals intercept mail or submit fraudulent change-of-address forms to gain access to sensitive documents.
  8. Dumpster Diving: Scammers rummage through trash for credit union statements or other personal information.
  9. Other Fraud Tactics: Scammers combine these methods with various types of fraud and scams to exploit victims.

Protect Yourself from Scammers:

  • Use secure connections for online activities and avoid public Wi-Fi or USB charging stations.
  • Regularly monitor your financial accounts for suspicious activity.
  • Shred sensitive documents before discarding them.
  • Be cautious about sharing personal information online or in public.

What to Do If Your Identity Is Stolen: A Step-by-Step Guide

Act quickly to prevent further misuse of your identity. Follow these essential steps immediately if your identity is stolen:

Step 1: Notify Companies Where Fraud Occurred

  • Contact the fraud department of the companies involved.
  • Inform them that your identity has been stolen and request account closure or suspension.
  • Update login credentials for all affected accounts.

Step 2: Place a Fraud Alert and Review Credit Reports

  • Request a fraud alert from one of the three main credit bureaus (Equifax, Experian, or TransUnion). The bureau you contact will notify the others.
  • Fraud alerts are free, last one year (renewable), and make it harder for scammers to open new accounts.
  • Access your free credit reports and review them for unauthorized accounts or transactions. Take notes for use in reports to authorities.

Step 3: Report Identity Theft

  • File an identity theft report with the FTC and your local police department.
  • These reports serve as proof that you are a victim of identity theft.

Step 4: Close Fraudulent Accounts and Dispute Charges

  • Contact the companies where fraudulent accounts were opened or unauthorized charges occurred.
  • Provide copies of the FTC identity theft report and police report.
  • Request account closures, bogus charge removal, and written confirmation of the actions taken.

Step 5: Correct Your Credit Report

  • Send an identity theft letter, along with your FTC report and proof of ID, to all three credit bureaus.
  • You have the right to remove fraudulent information from your credit report.

Extra Protection: Fraud Alerts or Credit Freezes

  • Extended Fraud Alert: Lasts up to 7 years and makes it even harder for scammers to open accounts.
  • Credit Freeze: Restricts access to your credit report indefinitely until you lift or remove it, offering additional protection.

Visit IdentityTheft.gov for more information and resources to help recover your identity.

Cybersecurity
Cybersecurity involves protecting networks, devices, and data from unauthorized access and criminal activities to maintain the integrity, confidentiality, and authenticity of information. In today’s interconnected digital world, cybersecurity plays a crucial role in safeguarding the ways we communicate, shop, bank online, travel, and work remotely.

With cybercriminals worldwide continually developing new ways to exploit digital systems, staying vigilant and proactive in securing your online presence is essential to avoid potential damage.

Best Practices for Cyber Safety

Adopting these habits ensures your online safety and security.

1. Enable Multifactor Authentication (MFA):
  • MFA adds an extra layer of security by requiring additional identification, like a PIN, fingerprint, or confirmation text, along with your password.
  • Opt-in to MFA whenever prompted by websites and applications for stronger protection.
2. Keep Software Updated:
  • Cybercriminals exploit known vulnerabilities. Regular updates and security patches for operating systems, antivirus software, and apps protect against cybercrime.
  • Enable automatic updates for seamless protection.
3. Recognize and Report Phishing:
  • Phishing is a leading cause of data breaches. Avoid clicking on unsolicited links or attachments in emails, texts, or calls.
  • Never share sensitive information unless absolutely necessary. Trust your instincts—if something seems suspicious, don’t click.
4. Use Strong Passwords:
  • Create long, unique, and random passwords using all character types.
  • Use a password manager to generate and securely store your passwords.
By following these cyber hygiene tips, you can significantly reduce your risk of cyber threats. Stay vigilant and take control of your digital security today.

Different Types of Cybercrimes

Types of Cybercrime Description
Business Email Compromise (BEC)

BEC scams target businesses and individuals, evolving from simple fake email requests for urgent wire transfers to sophisticated schemes. Scammers now hack real business email accounts using social engineering or hacking to authorize unauthorized fund transfers. Many now use cryptocurrency platforms to quickly disperse stolen funds.

How to Protect Yourself:

  • Verify Emails: Double-check the sender’s email address for accuracy.
  • Confirm Payments: Always verify payment requests or changes with the recipient directly.
  • Act Fast if Fraud Occurs:
    • Contact your financial institution immediately.
    • Request a fund recall and obtain a Hold Harmless Letter or Letter of Indemnity.
Ransomware

Ransomware is malicious software (malware) that blocks access to your files, systems, or devices. It’s often installed via phishing emails, malicious downloads, or infected drives. Cybercriminals demand payment to unlock your data or threaten to destroy or leak it.

How to Stay Safe:

  • Use Security Software: Run regular scans with anti-virus and anti-malware tools.
  • Backup Data: Keep offline backups of important files.
  • Update Regularly: Install updates for your systems and software to fix security flaws.
  • Avoid Suspicious Links: Don’t click on unknown links or attachments.

If You’re Attacked:

  • File a report, even if you’ve paid the ransom.
  • Seek expert help to recover your data securely.
Spoofing

Spoofing scams involve falsifying email addresses, sender names, phone numbers, or website URLs to make them appear from a trusted source. Scammers use this tactic to trick you into downloading malware, sending money, or sharing sensitive personal or financial information. Spoofing is often linked to other crimes.

How to Stay Safe from Spoofing Scams:
  1. Check Details Closely: Scammers often alter a single letter, symbol, or number to mimic legitimate sources.
  2. Verify Before Clicking: Never click on links or download files unless you confirm they’re from a trusted source.
  3. Be Cautious with Unknown Calls: If you receive a call from an unfamiliar number or are asked to press buttons or answer questions, hang up immediately.
Phishing

Phishing scams trick you into providing sensitive information by mimicking legitimate businesses. Scammers send emails, texts, or social media messages with links to fake websites designed to look real. These sites ask for details like Social Security numbers, login credentials, or personal information, which scammers then use to steal money or sell your data to others.

How to Stay Safe from Phishing Scams:

  1. Know the Red Flags: Legitimate businesses and financial institutions will never contact you first to ask for sensitive information.
  2. Avoid Clicking Links: Don’t click on links in unsolicited emails or messages. If you think the message may be legitimate, visit the business's official website directly.
  3. Verify Requests: Never share personal or financial information over the phone or the Internet in response to unexpected requests.
  4. Act Fast if Targeted:
    • Alert your credit union and financial institutions immediately.
    • File a report with the FTC if you suspect phishing or fall victim to a scam.
Technical Support Impersonation Scams

Scammers pose as tech support, claiming you have an expensive subscription renewal. They convince you to grant remote access to your computer, stealing sensitive information and conducting unauthorized transfers. Almost half of victims are over 60.

Protect Yourself:
  • Ignore Unsolicited Contacts: Don’t respond to unexpected emails or calls about services you didn’t request.
  • Verify Companies: Search for the company online and contact them directly.
  • Avoid Wire Transfers: Never send money to someone you’ve only spoken to online or by phone.
  • Protect Your Computer: Don’t download unknown software or allow remote access.
Fraud Report Cheat Sheet

If you find out you’ve been scammed, there may still be something that can be done to stop the further damage.

Where to report

If you suspect a fraud, scam, identity theft, or cybercrime, report to as many agencies as possible.

What to Report Where to Report
Report anything you think may be identity theft - in a scam, cybercrime, or data breach - and get a recovery plan.  Identitytheft.gov
Report unwanted calls from telemarketers and register you number on the national do not call registry.  Donotcall.gov
Report anything you think may be a fraud, scam, or bad business practice.  Reportfraud.ftc.gov
Report any suspected cybercrime. Ic3.gov
Report a suspected investment fraud or a problem with your investments. Sec.gov
Report a potentially fraudulent, illegal, or unethical investment activity. Finra.org
Report a violation of the Commodity Exchange Act or Commission regulations. Cftc.gov
Report a suspected financial/economic crime or fraud (e.g., mortgage fraud or investment fraud). Fbi.gov
Report any fraud related to natural or man-made disasters. Justice.gov