Oh No you've lost your debit card!! What should you do?!
Don't panic we have some simple steps you can follow to protect your accounts.
Afterward you will want to keep a close eye on your accounts for a while to make sure you don't see any unknown or unusual transactions. If you do spot something, call the bank immediately. If it is outside of normal banking hours call the Shazam Fraud Management line at 1-866-508-2693 (we highly recommend you save this number in your phone).
Cybersecurity is one of the most important aspects of doing business in today's digital economy. There are threats on almost every digital platform that you use, and it is critically important that you know how to protect yourself from these threats.
The Cybersecurity & Infrastructure Security Agency (CISA) recommends every consumer follow four rules for better security online.
Commonly called multi-factor authentication (mfa) or two-factor authentication (2fa) this can be thought of simply as something that you know (most commonly a password) and something that you possess (a fingerprint, an authentication app on your phone, or a Face ID). A password simply isn't enough to keep you safe online. By implementing a second layer of identification, like a confirmation text message or email, a code from an authentication app, a fingerprint or Face ID you are giving us at the bank or any other site you are logging into the confidence that it really is you. Multi-factor authentication can make you significantly less likely to get hacked. So, enable multi-factor authentication on your email, social media, online shopping, and financial services accounts. And don't forget about gaming and streaming entertainment services as well, particularly if you have a payment card attached to the account!
Bad actors will exploit flaws in systems that have not received updates. Update the operating system on your mobile phones, tablets, and computers. Also be sure to update your applications - especially the web browsers - on all your devices too. In fact, you should leverage the automatic updates available for all of your devices, applications, and operating systems.
More than 90% of successful cyber-attacks start with a phishing email. Phishing is a cybercrime in which a target or targets are contacted via email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords. The information is then used to access important accounts and can result in identity theft and financial loss.
Common features of phishing emails include:
A strong password is at least 12 characters ideally it will be 15. It is not a dictionary word. It will contain upper- and lower-case letters along with numbers and special characters. Once you develop a good password remember do not use the same password for everything. Modern password managers such as KeyPass or Keeper can generate secure passwords for you and store them in a secure password vault. Most importantly Do Not Share Your Passwords!
You can report phishing attempts and other cybercrime directly to the FBI at: Internet Crime Complaint Center(IC3) | Home Page
Ransomware is a type of malicious software—or malware—that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return.
Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data. You can unknowingly download ransomware onto a computer by opening an email attachment, clicking an ad, following a link, or even visiting a website that's embedded with malware.
Once the code is loaded on a computer, it will lock access to the computer itself or data and files stored there. More menacing versions can encrypt files and folders on local drives, attached drives, and even networked computers. Most of the time, you don’t know your computer has been infected. You usually discover it when you can no longer access your data or you see computer messages letting you know about the attack and demanding ransom payments.
The best way to avoid being exposed to ransomware—or any type of malware—is to be a cautious and conscientious device user. Malware distributors have gotten increasingly savvy, and you need to be careful about what you download and click on.
Other tips:
The FBI does not support paying a ransom in response to a ransomware attack. Paying a ransom doesn’t guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.
If you are a victim of ransomware, file a report at ic3.gov.
Investment or business fraud schemes will try to lure you in with the promise of low- or no-risk investments. Scammers often ask for upfront cash in exchange for guaranteed future returns—but there is no such thing as a guaranteed return on investment. It's a scam.
Advance fee schemes ask you to invest upfront money for a larger return later, such as a loan, contract, or gift.
Nigerian Letter or 419 schemes ask someone to share in a percentage of millions of dollars that the author—a self-proclaimed government official—is trying to transfer illegally out of Nigeria.
Ponzi schemes use current investors' money to pay previous investors. They inevitably collapse.
Pyramid schemes ask you to bring in new investors to make a profit or recoup your investment.
Telemarketing fraud schemes try to steal your money over the phone, whether by telling you won a prize, are in legal trouble, or some other approach.
Visit ic3.gov, the FBI's Internet Crime Complaint Center (IC3), to report business and investment fraud.
If it sounds too good to be true, it is.
Charity fraud schemes seek donations for organizations that do little or no work—instead, the money goes to the fake charity’s creator.
While these scams can happen at any time, they are especially prevalent after high-profile disasters. Criminals often use tragedies to exploit you and others who want to help.
Charity fraud scams can come to you in many forms: emails, social media posts, crowdfunding platforms, cold calls, etc. Always use caution and do your research when you're looking to donate to charitable causes.
After a natural disaster or other emergency, unethical contractors and other scammers may commit insurance fraud, re-victimizing people whose homes or businesses have been damaged. Sometimes these fraudsters even pretend to be affiliated with the government, when they are not. If you need any post-disaster repairs, do your research before hiring any contractor.
The following tips can help you avoid these schemes:
Scammers targeting elder citizens may employ one or more of the following types of schemes:
If you believe you or someone you know may have been a victim of elder fraud, file a complaint at the FBI’s Internet Crime Complaint Center at ic3.gov.
When reporting a scam—regardless of dollar amount—include as many of the following details as possible:
Whenever possible, you should keep original documentation, emails, faxes, and logs of communications.
Cryptocurrency investment fraud, which the media commonly describes as "pig butchering," is one of the most prevalent and damaging fraud schemes today.
Scammers, through various means of manipulation, convince victims to deposit more and more money into financial “investments” using cryptocurrency. In truth, these investments are fake; all victim money is under the control of—and ultimately stolen by—criminal actors, usually overseas. As a result, victims typically lose all money they invested.
Learn more about cryptocurrency investment fraud and the process scammers use to find potential victims. If you believe you've been a victim of this scam, stop sending money to the scammers and file a report at ic3.gov.
Scammers use a variety of methods to initially lure and contact victims. Here are some of the most common methods:
Bottom Line: If you met someone through a method described above, and that person pitched an investment opportunity that involved cryptocurrency—beware: this is likely cryptocurrency investment fraud.
Visit ic3.gov, the FBI's Internet Crime Complaint Center (IC3), to report cryptocurrency investment fraud scams.
For variants involving a professional relationship only, scammers may invite victims to join chat groups, where there are often many others in the same chatroom—most of whom are scammers impersonating "happy" clients.
Once initial communication has been established, scammers seek to deceive victims about who they are (their "persona") and what they want (their "desires") to forge trust with the victim. Tactics vary, but below are common characteristics of cryptocurrency investment fraud scammer personas:
Once trust is established with victims, criminals introduce the topic of investing. It's common for scammers to say they themselves—or people in their family or close network—are experts in such investments. They may promise they can bring the victim in on "the ground floor." Types of investments can vary, however common ones include binary trading, liquidity mining, and gold futures.
Once the scammer convinces the victim to participate in their scheme, the scammer will instruct the victim how to invest the money, as follows:
Investment Platforms: Note that these "platforms" exist in the form of what appear to be traditional websites, either accessible via the web or through a specific browser only accessible via cryptocurrency applications. Common factors include:
Did You Know?
Scammers may use deepfake technology and/or hire real people to engage with you on the phone. Even if they're real people you're speaking to, they could be part of a scam.
Cryptocurrency job scams begin when scammers, masquerading as employees of legitimate companies, recruit victims and require them to deposit their own money in order to complete the job.
Red Flag: Were you introduced to the investment scheme by someone in person? If it was someone you know, it could be that they, too, are unwitting victims, and you should warn them immediately. If it was a stranger, and they pitched the idea not long after meeting you, it is entirely possible they are part of a criminal network supporting these schemes.
Once the victim starts to "invest," returns shown on the investment platform will appear to be extremely lucrative, encouraging the victim to invest more and more. It is common in the early stages for the scammers to allow victims to withdraw not only the original deposit but the earnings as well. This is meant to trick victims—a means to reassure them that the platform is legitimate. Scammers use various means to “sweeten the pot,” or encourage further investing. Examples include:
6. Taxes, Fees, and the End of the Scheme
Once the victim is ready to withdrawal all their earnings, they will find their account frozen and an arbitrary requirement will arise, usually in the form of paying "taxes" or "fees" to unlock their funds.
This is a trap: it is simply another method used by the scammers to try and convince victims to invest even more money.
It can be a particularly devastating point in the scheme, as victims will often pay more money to unlock their funds than any amount they previously deposited. At this point, there is usually nothing the victim can do: the scammers will never unlock the funds and it's likely they have already withdrawn those funds into criminally controlled cryptocurrency wallets inaccessible to the victim. In the end, the victim loses all the money they deposited into the scheme.
The FBI is investigating fraudulent cryptocurrency investment platforms and companies. The FBI may attempt to contact you via email and phone call to provide crucial information regarding this matter if you have been identified as a potential victim of a cryptocurrency investment fraud. Should you not answer, we will leave a voicemail and provide instructions on how to verify our identity.
The FBI will never ask for money, move communications to private messaging apps, or request bank account details or personal identifying information.
If you feel that you are a victim of a cryptocurrency investment fraud, stop sending any money to the suspected criminals, file a report at FBI's Internet Crime Complaint Center at ic3.gov. Please do not notify the suspected criminals of the FBI’s involvement, which may compromise law enforcement's ability to investigate.
When filing a report at ic3.gov, if possible, please include the following:
If you believe you or someone you know may be a victim of a cryptocurrency investment scam, immediately submit a report to ic3.gov or contact your local FBI field office and provide as much transaction information as possible.
For more information, see the following FBI Public Service Announcement: Increase in Companies Falsely Claiming an Ability to Recover Funds Lost in Cryptocurrency Investment Schemes (August 11, 2023, Alert Number 08112023). Be wary of anyone claiming they can recover your funds, as this may be another scam.
When submitting a report to ic3.gov, the most important information you can provide are transaction details. Transaction details include cryptocurrency addresses, amount and type of cryptocurrency, date and time, and transaction ID (hash). These unique identifiers vary in length and look like long strings of random letters and numbers. Please see examples of important transaction details in the table below. If you are unsure whether transaction information you have is relevant, please include it.
What if I do not have transaction information?
If you do not have transaction information, please still submit a report to ic3.gov and provide as much information as you have.
What other information should I provide?
Provide any other information you may have about the scam, to include:
all fields required