INFORMATION & LINKS

Information > Security

New "E-mail" Scam (03/18/09) -      

In this scam, consumers are falsely notified by e-mail that their Visa® cards may have been compromised due to fraudulent activity.  The e-mail provides official-looking information about Visa's commitment to fighting fraud, along with a false "Case ID Number."  It also directs cardholders to verify their identity through the Web in order to continue using online services.  Please see below for an example of a fraudulent e-mail.

Dear Visa® Cardholder,

Continuous monitoring is an integral part of Visa's multiple layers of security.  In addition to other fraud monitoring tools, we can often spot fraud based upon transactions on the card that are outside of cardholders typical purchasing pattern.

This allows us to spot fraudulent activity as quickly as possible and acts as an early-warning system to identify fraudulent activity.

During a recent checkout we detected suspicious activity and your Visa card may have been compromised.  Fraudulent activity made it necessary to limit your card for online services.

Your Case ID # is: DD7Q8QQ9EDR7

Conform to our security requirements and in order to continue online services with your card, we must validate your identity.

Please click here to validate your identity.

Visa takes online security very seriously so that you can shop safely on the internet.  As part of our commitment to fighting fraud we have the right to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or violations of the terms and conditions for using Visa.

Sincerely,

Visa Customer Service.

Copyright 2001-2009, Visa All Rights Reserved

Always remember...Neither Visa nor Mastercard will request personal information, account details, or card information over the telephone or through e-mail. 

 

New "Vishing" Scam (12/01/08) -

Consumers are advised to be on alert for a debit card fraud attack known as "Vishing."  SHAZAM has been alerted to a "vishing" fraud attack that is targeting SHAZAM participating institutions.  The attack consists of an automated telephone call in which a prerecorded voice advises the recipient that the call is on behalf of SHAZAM and that the cardholder must "reactivate" his or her card by entering information immediately.  These calls are fraudulent and have not been authorized by SHAZAM.  This attack differs from traditional vishing attacks because there is no telephone number provided for the cardholder to call back and release information.

Consumers are urged not to provide any personal or financial account information over the phone, including debit card specifics unless you initiate the phone call.

Jury Duty Scam — A Lesson in Identity Theft

Consumers are advised to be on alert for a new identity theft exploit known as the "Jury Duty Scam." In this scam:

A fraudster posing as a local court official telephones you, claiming that because you have failed to report for jury duty, a warrant has been issued for your arrest.

To "clear things up," or "for verification purposes," the fraudster asks for confidential personal information such as a Social Security number or birth date.

As payment for alleged fines, the fraudster may also ask for financial account information such as a credit card number or bank account details.

Consumers are urged not to provide any personal or financial account information over the phone.

Fraudsters are very skilled in gaining the trust of their victims, and in this scam, the fraudster is attempting to commit identity theft by appealing to the victim’s sense of social conscience and fear of prosecution. This type of manipulation or "social engineering," when conducted by e-mail, is known as "phishing." Similar fraud schemes conducted over the telephone, such as the "Jury Duty Scam," are known as "vishing" — voice-phishing.

How to avoid online scams

GTSB, Visa, the Federal Bureau of Investigation (FBI), the Federal Trade Commission (FTC) and other agencies all advise consumers to never give out confidential personal information or financial account information when receiving unsolicited phone calls or e-mails. Additionally, they note that court personnel will never ask for such information over the phone, and that courts typically communicate only via traditional mail.

To protect against identity theft, consumers are advised to take these precautions:

Always verify the legitimacy of a caller by asking for official company or agency contact information and using directory assistance to verify and cross-reference the information given.

Never rely solely on the phone number the caller provides as verification of the legitimacy of the call. Scam artists often have accomplices answer the phone to appear legitimate in the event of a return call. Never respond directly to unsolicited e-mail messages or follow links to web sites provided therein. Close the message and open a new Web browser window to go to the official company or agency web site to verify the authenticity of the e-mail.

No matter how official the caller sounds or the e-mail message appears, legitimate businesses and government agencies will not ask for confidential personal information or financial account information in their correspondence.

This information was provided to Germantown Trust & Savings Bank in a Visa® U.S.A. Inc. Data Security Brief.