Identity Theft

Identity Theft and Identity Fraud take place every day. To address this crime, Congress enacted a new federal offense of Identity Theft in 1998. To help protect our customers, Pacific Commerce Bank offers our Personal and Business debit cardholders “smsGuardian,” an anti-fraud alert notification service which sends text alerts directly to a cardholder's mobile phone or other SMS-enabled device when certain transactions occur. To sign up for this service go to: SMSGuardian TM .


NON-TECHNICAL SCHEMES

Dumpster Diving. Occurs when someone goes through garbage to obtain personal information from items found in the trash such as credit card bills, utility bills, medical insurance and bank statements. Shred everything before disposing of it with a cross-cut paper shredder – or consider going paperless by receiving statements and making your payments online.

Mail Theft.

Occurs when someone targets your mailbox and removes mail that provides pertinent information. Similar to Dumpster Diving, a criminal can steal personal information from your stolen mail. If you suspect that someone has been tampering with your mail, contact the post office immediately. Also, do not leave your mail in the box for extended periods.

Social Engineering.

Someone either in person, over the telephone, or computer, uses means to deceive someone else into divulging sensitive information. Usually, social engineers know some information that leads the victim to believe they are legitimate. Do not give out any personal information to anyone you do not know.

Shoulder Surfing.

An identity thief attempts to get close enough at an ATM so when you enter password information, such as a PIN number, the thief records the password. You should be aware of your surroundings in public when you are accessing any accounts that require a password or PIN.

Stealing Personal Items.

Identity thieves can also obtain your personal information by stealing your wallet or purse. If this occurs, immediately contact your credit card companies, bank, and credit bureaus.


TECHNOLOGICAL SCHEMES

Credit/Debit Card Theft.

Write "CID" on the signature panel of your credit card instead of your signature. CID stands for “SEE ID” and requires a merchant to request other forms of identification to verify the user of the card. When using a credit card online, make sure that a lock icon appears in the right hand corner of the merchant's web status bar.

Skimming.

A device used to read and record your credit card magnetic strip information. This enables criminals to use this information to make unauthorized card purchases. Make it a habit to frequently check your credit card transactions, online. 

Pre-texting.

Occurs when a thief has done prior research on your personal information and uses this information to bait you into releasing more sensitive information, such as a credit card number or Social Security Number. The schemer will call you on the telephone and lead you to believe they are a business requiring this information. Ask for a call back number and question why they need this information. Look up the company telephone number and call the company directly to verify legitimacy of the request.

Man-in-the-Middle Attack.

This type of theft involves intercepting communication between two parties and recording the information without the two parties ever knowing about it. The criminal then uses this information to access accounts and possibly steal the user’s identity. Protect yourself by making a habit of periodically checking your credit reports which will help you discover whether anyone has stolen your identity to access your bank accounts.


PHISHING SCHEMES

These are the most common types of computer identity theft. A thief tricks you into giving personal identifying information. The attacks occur through cell phone messages, Internet social networks, emails, text messages, and standard mail. The following are several common schemes.

Pharming.

Victims think they are on a trusted website and are more willing to enter their personal information, such as credit card numbers, social security numbers, and addresses. The hacker then uses that information to commit identity theft.

Vishing.

“Voice phishing” occurs when a thief contacts an individual over the telephone and posses as an individual working for a legitimate organization such as a government agency, a financial institution, a payment services organization, or another well-known company. The goal is to get you to disclose your personal identifying information. Always be suspicious when receiving any unsolicited telephone call.

Search Engine Phishing.

Thieves create websites which contain “too good to be true” offers, services, and other incentives. Before submitting any information or downloading any attachments, research the company. 

SMiShing.

An identity thief sends spam text messages posing as a financial institution or other legitimate entity. The text message has a sense of urgency and can scare you into thinking there is a serious emergency by leading you to believe you will suffer financial losses or fees if there is no response. This may lead you to disclose personal identifying information by clicking on the link that appears on the text message. Do not dial back the unknown number since you would be providing the spammer some of the information they need from you. 

Malware Based Phishing.

A thief attaches a harmful computer program made to look helpful onto emails, websites, and other electronic documents on the Internet. The malware uses key loggers and screen loggers to record your keyboard strokes and sites that you visit on the Internet. The message prompts you to install an updated web browser to increase your computer security. Do not reply to the email message. If you click on the link and download the supposed updated browser you may download the malware.

Phishing through Spam.

A thief, also known as a spammer, sends repeated spam emails to you. These email messages offer you opportunities for scholarships, business partnerships, or free products. In some instances, the spammer pretends to be a financial institution or organization you might belong to. The spam is sent to prompt you to provide your personal identifying information. Be extremely cautious of bogus offers. 

Spear Phishing.

This scheme is very similar to the email phishing scam, except it attacks businesses. Spear phishers send emails to almost every employee of an organization and the emails can be written to look as if they have been sent by a division within the organization such as the IT or the human resources department. Contacting the network administrator or the individual who supposedly sent the email to verify that such information is needed. Do not reply to the email; notify the head of the division or the individual who supposedly sent the email that you and other colleagues have been solicited for information.

REPORT IDENTITY THEFT.

If you believe that you have fallen victim to Identity Theft as result of any type of scheme, file a complaint with the Federal Trade Commission (FTC) at:


FTC Complaint Assistant or call the Commission at 1-877-IDTheft.


Contact the three major credit reporting agencies to obtain and review your personal credit report:

  • 800-525-6285 - Equifax
  • 888-397-3742 - Experian
  • 800-680-7289 - TransUnion