Online Fraud

The increased sophistication and rapid growth of online fraud continues to be a challenge. These scams appear in many forms, as noted below.

Spoof Websites/Phishing

Through the use of fraudulent emails, internet thieves attempt to "phish" for your confidential information. They attempt to steal this information from you by means of "pop-ups" or emails with internet links to deceive you into disclosing sensitive information (such as bank account numbers and Social Security numbers).

Often the email appears to be from a trusted source (such as your bank) and directs you to a "spoof" Website that requests you to divulge sensitive information or even ask you to call a phone number and provide account information. But the Website is a fake. 

What you should look for:

  • Asking for personal information should raise a flag since Sterling Bank will never send you unsolicited emails with embedded links or pop-up windows that ask for confidential information, such as your Social Security number, account numbers, or Debit Card PIN.
  • Urgent appeals claim that your account may be closed if you fail to confirm, verify or authenticate your personal information. Sterling Bank will never ask you to verify information in this way.
  • Messages about system and security updates claiming that the bank needs to confirm important information due to upgrades and state that you must update your information online. Sterling Bank will not ask you to verify information in this way.
  • Offers that sound too good to be true often are. You may be asked to fill out a short customer service survey in exchange for money being credited to your account, and you are then asked to provide your account number for proper routing of the supposed credit.
  • Typos and other errors are often the mark of fraudulent emails or Websites. Be on the lookout for typos or grammatical errors, awkward writing and poor visual design.

Malware

Malware, short for "malicious software," includes viruses, spyware and Trojans that are designed to infiltrate or damage a computer system. Malware is often used to steal personal information and commit fraud. There are several easy ways to minimize the risk of malware:

  • Avoid downloads from file sharing and social networking sites, which can be distribution points for malware.
  • Do not open email attachments or install free software from unknown sources.
  • Do not click on pop-up advertisements asking for personal or financial information.
  • Regularly update your security and system software to protect your computer from malware threats.

Vishing 

Vishing is the criminal practice of using social engineering over the telephone system, most often using features facilitated by Voice over IP (VoIP), to gain access to private personal and financial information from the public for the purpose of financial reward.

Typically, when the victim answers the call, an automated recording, often generated with a text to speech synthesizer, is played to alert the consumer that their credit card has had fraudulent activity or that their bank account has had unusual activity. The message instructs the consumer to call the phone number provided immediately. The same phone number is often shown in the spoofed caller ID and given the same name as the financial company they are pretending to represent.

When the victim calls the number, it is answered by automated instructions to enter their credit card number or bank account number on the key pad. Once the consumer enters their credit card number or bank account number, the visher has the information necessary to make fraudulent use of the card or to access the account.