- What is Identity Theft
- ID Theft Protection
- Online Banking Security
- Business E-Mail Compromise (BEC) scam
- Fraud Hotline
Identity theft is a serious crime and it is on the rise. The Bureau of Justice reports that 11.7 million people were victims of identity theft last year, a 30% increase from the prior year. Identity theft is often thought of as an Internet crime but, you can be victimized by ID theft in many other ways.
What Is Identity Theft and How Does it Occur?
Identity theft is when a person wrongfully obtains your personal information and uses it to commit fraud or steal money. Identity thieves use a variety of methods to steal personal information. These methods can range from robbery of personal items (such as a wallet, pocket book or personal computer) to very sophisticated high tech assaults and attacks. Some of the techniques used today include:
Phishing: Typically conducted using email messages that appear to be from a trusted source attempting to obtain your sensitive information such as usernames, passwords, credit card details.
Spear Phishing: A type of phishing email targeting a specific organization or person.
Pharming: A type of cyber-attack that redirects an internet user to a bogus website that looks like the legitimate website for the purpose of obtaining sensitive information.
Skimming: Credit and debit card numbers are stolen using a special storage device when processing a card.
Social Engineering: Psychologically manipulating people into divulging confidential information.
Address Change: Billing statements are diverted to another location by completing a change of address form.
Dumpster Diving: Rummaging through the trash looking for items that contain personal information.
Businesses and Individuals Working Together
Although financial institutions and credit card companies have numerous security standards and protocols in place to detect and defend against identity theft, there are numerous steps individuals can take to minimize risk, as well. Make it a habit to monitor your checking and credit card accounts and check monthly bills and online accounts for suspicious transactions. Check your credit report information annually. The Fair Credit Reporting Act guarantees you access to your credit report for free from each of the three nationwide credit reporting companies — Experian, Equifax, and TransUnion. AnnualCreditReport.com is the only authorized source for the free annual credit report that's yours by law. Other precautionary steps to prevent ID theft include:
- Do not carry all of your credit cards and IDs with you; leave some in a separate and safe location.
- Never give your credit card number or personal information over the phone, unless you have initiated the call and trust that business or person.
- Shred documents that contain any personal information before you throw them away.
- Do not click links in unsolicited e-mails or purchase anything online from unknown sources.
- Do not use passwords that anyone can guess and never write them down or email them.
Cases of Identity theft are increasing in frequency but there are steps you can take to minimize your chances of becoming a victim. Be aware of the tactics used by identity thieves and what you can do to protect yourself. If you should fall victim, act swiftly in contacting authorities, creditors, and government agencies. For more information and additional resources, visit www.ftc.gov/idtheft.
| Identity theft is on the rise across the United States. It is increasingly important that you take steps to reduce the risk of becoming an identity theft victim.
Cybersecurity is a process, not a one-time plan.
Download the infographic
There are a number of useful online resources for consumers. One great one is www.ftc.gov/idtheft, a one-stop national reference tool providing detailed information to help you deter, detect, and defend against identity theft. It will also help you address questions like:
- What are the steps I should take if I'm a victim of identity theft?
- What is a fraud alert?
- What is a credit freeze?
- What is an identity theft report?
- What do I do if the police only take reports about identity theft over the Internet or telephone?
- What do I do if the local police won't take a report?
- How do I prove that I'm an identity theft victim?
- Should I apply for a new Social Security number?
To speak to a professional identity theft counselor call 1-877-FTC-HELP (382-4357).
If you suspect you have been affected by Internet fraud or identity theft related to Alliance Bank of Arizona credit card purchases, contact Customer Service at (877) 273-2265. If you believe you have been a victim of Internet fraud or identity theft regarding your debit card or bank accounts, contact your local Alliance Bank of Arizona office.
If you notice suspicious or unusual activity on your online banking accounts, or if you need to report fraud immediately, please call (775) 828-2000.
If you suspect you might be a victim of identity theft, alert a credit bureau with your concerns and questions immediately.
You can contact one of the three major credit bureaus listed below to place a fraud alert on your credit file. You also can order a credit report to identify any unauthorized activity.
Equifax: 1 (800) 525- 6285
Experian: 1 (888) 397-3742
Trans Union: 1 (800) 680-7289
With proper safety measures in place, your online banking transactions remain confidential and safe.
The following measures have been taken to ensure your privacy:
Secure Access and Verifying User Authenticity:
User ID and password - In order to access Alliance Bank of Arizona's online banking, you must enter a User ID and password.
Alliance Bank of Arizona allows you to choose a "Nickname" for each of your accounts. For example, Checking, Payroll, Money Market, etc.
If you are logged on to online banking but do not use it for 15 minutes, you will not be able to proceed until you "re-log" onto the system.
Password "Lockout" System:
To keep unauthorized individuals from accessing your account by guessing your password, we have instituted a password lockout system. If your password is entered incorrectly three consecutive times, the user is "locked out" of the system. You must contact the bank for your account to be reset and the system to become "unlocked".
Secure Data Transfer:
Encryption - The latest encryption technology ensures that your confidential account information cannot be accessed by another party.
Encryption is a way to rewrite something in a code, which can be decoded later with the right "key." When you request information about your accounts, the information is sent across the web in an encrypted format to Alliance Bank of Arizona. We decode your request and send the requested information back to you in an encrypted format. When the information reaches you, it is decoded so that you, and no one else, can read it.
Other Security Measures:
In addition to the above safeguards, sophisticated firewalls and an authentication process ensure that only authorized individuals are allowed to enter our system.
While online banking works to protect your banking privacy, you will also play an important role in protecting your accounts.
Here are some important ways to ensure that you can help to keep your sensitive information protected:
Go paperless. Try to reduce the amount of mail you receive containing personal information. Continually utilize all security updates offered by your software providers. Make sure that your computer always has up-to-date versions of both anti-spy ware and anti-virus software. Implement steps to prevent and detect spyware and understand the risks associated with spy ware. Be aware of potential phishing attempts by making sure requests for sensitive personal, financial, or account information are legitimate, particularly if they are made in an urgent or threatening tone. Utilize strong passwords, change them often and do not share IDs or passwords with anyone. Do not use personalized information, such as names or birthdays. Log out of online banking prior to visiting other Internet sites.
The Secret Service and FBI are currently observing a significant increase in the frequency, sophistication, and fraud losses associated with Business E-mail Compromise (BEC) scams, which are a form of wire fraud. Organizations are encouraged to immediately implement additional authentication steps before performing wire transfers initiated via e-mail.
About Business E-mail Compromise (BEC) Scams
BEC is a sophisticated scam commonly targeting businesses working with foreign suppliers or companies that regularly perform wire transfer payments. This scam uses social engineering techniques, often coupled with unauthorized access to corporate networks, to use business emails to initiate fraudulent wire transfer payments to non-U.S. financial institutions. These payments are often transferred several times before being quickly dispersed and “cashed-out” in a foreign jurisdiction. Banks located within Asia are the most commonly reported destinations for these fraudulent transfers. However, recent reports indicate banks in Eastern European countries are increasingly used as the ending destination for dispersal. Although the scam is not new, it has recently grown in popularity and increasingly sophisticated versions of the scheme are being employed.
In one version, the victim company’s Chief Financial Officer (CFO) or business’s accounts payable department are receiving spoofed e-mails from their Chief Executive Officer (CEO) requesting a wire transfer or from a regular vendor purportedly updating their bank account information with the target business. The fraudulent e-mails are highly deceptive and are usually not detected as fraudulent. The request is typically then forwarded to specific individuals responsible for initiating and completing wire transfers and contains specific language and wire amounts that are customary for the victim company. Victims report this version of the scam is usually not discovered until business executives contact each other during casual conversation, face to face, through e-mail, or by phone calls to verify or confirm the wire transfer request.
In another version, company’s or employees’ e-mail systems are being compromised through malware. Investigations indicate the malware was uploaded through “spear phishing” e-mails when employees opened email attachments verifying shipping documents or other normal business functions. Once the illicit actors have access to the systems, they initiate requests for payments from the compromised email accounts to multiple vendors identified from the compromised contact list that include fraudulent payment instructions. The emails are highly deceptive and avoid detection because the messages are specific to the business in the type and amount of the request. The victim business usually does not become aware of the multiple fraudulent requests until they are contacted by their vendors due to overdue invoices.
The illicit actors in both versions appear to have conducted extensive research, both open source and through access to private business records, to identify responsible parties as well as normal operating procedures used by the specific businesses and employees. In some cases, it appears the suspects have maintained illegal access to the business’s computer systems or networks for extended periods of time. In all cases, the fraudulent wire transfer payments are sent to non-U.S. banks and are usually transferred several times before being quickly dispersed.
Losses associated with this scheme since October 2013, reported by U.S. businesses and international law enforcement, totaled over $1 billion. This scheme is currently growing in popularity amongst organized cybercrime groups and techniques are rapidly evolving. Implementing stronger authentication measures before initiating wire transfers to non-U.S. financial institutions is strongly encouraged.
Those who have been victims of BEC fraud schemes, or detect suspicious activity related to these schemes, should report this activity to their local FBI field office and file an online report. Early reporting of such incidents leads to the potential recovery of compromised funds.
A list of Secret Service field offices is available at: https://www.ic3.gov
We strive to do all that we can to protect our clients from bank fraud. If you are aware of any possible instances of bank fraud committed by employees of the bank or customers, we hope that you would contact us and share any information so that we can take action. Please use the form below or mail the information to the address noted in the "Mail Submissions" section below. If you prefer, the details can be sent anonymously through either regular U.S. mail or through the online contact form by entering "NA" in any fields you do not wish to include with your submission.
Use this site to report:
- Falsification of Bank records
- Improper destruction of Bank documents/information
- Submission of fraudulent bids
- Intentional release of proprietary information
- Submission of fraudulent claims or invoices
- Theft of goods/services
- Fraudulent payments
Do not use this site to report:
- Lost or stolen Business credit Card, call (866) 839-3409 within the U.S. or (727) 570-4881 outside the U.S.
- Lost or stolen ATM/Debit Card, call (800) 236-2442.
- Compromised bank account, contact Customer Service: (877) 273-2265.
Please include the following information:
- Date/Time of Activity
- Location of Activity
- Who committed the alleged act, crime or violation?
- What exactly happened?
- Who else has knowledge of the alleged act, crime or violation?
- Did you report this alleged act, crime or violation to anyone else? If yes, who?
If you prefer to send your submission to us by mail, please mail information to the address below. If you would like to be contacted regarding your submission, please include your contact information.
Western Alliance Bank
One East Washington Street, Suite 1400
Phoenix, AZ 85004