Common Fraud Scams

A DDoS Attack stands for distributed denial of service (DDoS). This is a type of online attack where scammers flood a website with millions of requests of information at once. This creates a “traffic jam” and limits the ability for customers to access their online banking. This type of attack is most common with financial service related websites.

No. During the attack, the website will seem slower than usual, or may even be disabled. This does not affect the security of our website or banking systems. All personal information will remain safe and private.

Identity theft is when someone has your personal information and is posing as you. Identity thieves can drain your bank account, make purchases with your credit card, open an account in your name, or receive medical treatment on your health insurance. Some might even attempt tax-related fraud such as filing a tax return in your name and claiming your tax refund.

They don't need much. One of the following is all one would need:

• Social Security Number
• Username or Password
• Debit or Credit Card Number
• Bank Account Information
• Driver's License Information

Malware is short for “malicious software.” Malware is when a scammer will install software on your computer, phone or mobile device without your consent. Scammers use this software to crash your computer or monitor and control your online activity by stealing personal information, sending spam, and committing fraud.

1. Keep your security software updated. In addition, set your software, internet browser, and operating systems to update automatically.
2. Don't open attachments in emails unless you are expecting an email and are familiar with the sender.
3. Download and install software only from websites you know and trust.
4. Visit websites by directly typing the URL into the browser instead of clicking on an email link. Look for the “HTTPS” in the browser.
5. Turn your pop-up blocker on and never click within the pop-up.
6. Back up your data regularly.

If you think your computer has malware, the Federal Trade Commission wants to know. File a complaint at www.ftc.gov/complaint.

During a phishing attempt, a scammer will distribute emails that appear to come from legitimate organizations or individuals. The scammer wants to entice the recipient to click on malicious links or attachments.

The typical goal of phishing attacks is to get the victim to give up sensitive information such as a Social Security number or financial information. Phishing is also used as a way for attackers to get inside an organization's network for cyber espionage or other malicious activity.

• An email appearing to be from a bank, credit card company, or other financial institutions requesting that you “confirm” your personal account information. Supposedly, your information has been lost, or your account is going to be closed, so it is “urgent” that you respond immediately.
• A phony email from the “fraud department” of a well-known company asking you to verify your information because they suspect you may be a victim of identity theft.
• An email may take advantage of a current event, such as the Anthem data breach, which scammers used to send phishing emails with malicious links for “free credit reporting.”
• An email claiming to be from a state lottery commission requests your banking information to deposit the “winnings” into your accounts.
• A scammer pretends to have a large sum of money and needs “someone trustworthy” to help access it. The scammer promises to share the wealth in exchange for your help - specifically, your financial information.

A spoofed email is a form of phishing where an email looks familiar to what you know, from someone you know. It is designed to steal personal information from you, including bank information.

1. Do not send any sensitive personal information via email. Legitimate organizations will not ask users to send information this way.
2. Visit banking or financial websites by typing the address into the address bar. Do not follow links embedded in an unsolicited email.
3. Only open an email attachment if you're expecting it and know what it contains. Be cautious about container files, such as .zip files, as malicious files could be packed inside.
4. If you want to verify a suspicious email, contact the organization directly - but don't call the number which is provided in the email.
5. Use discretion when posting personal information on social media. This information is a treasure-trove to spear phishers who will use it to feign trustworthiness.
6. Use antivirus software to detect and disable malicious programs, such as spyware or backdoor Trojans, which may be included in phishing emails. Keep your Internet browser updated with the latest security patches.

If you think you might be on a spoofed site via a spoofed email, close your web browser and forward the email to cbccustomerservice@centralbank.net. If a hacker tries to mimic a Central Bancompany site, it will take full legal action against that person(s).

Skimmer devices are placed over the card reader slot on ATMs and gas pumps to collect magnetic stripe data. Cameras are placed above or beside the keypad to capture the PIN as it is entered.

Before you use ATMs and gas pumps, tug on the card reader slot and look for an attached camera. Cover your hand while keying your PIN and wiggle the keypad. If the keypad is loose, it may be a fake keypad.