Paragon Bank takes great care to protect its clients from the risks of fraud and identity theft. That care is to be prepared whenever any of our clients experience financial account fraud or identity theft. If you have become a victim of financial account fraud or identity theft, please review the details below.
How to Respond to Account Fraud
If you identify or suspect fraudulent activity related to your financial accounts, immediately take the following action.
Step 1: Contact your financial institution if you suspect fraudulent activity.
- Immediately contact your Paragon Client Relationship Coordinator or call 1-800-837-1059 (Raleigh) or 1-866-589-8562 (Charlotte) to report the fraud.
- We have a detailed response plan in place to address suspected fraud.
- This is especially important if you suspect fraud related to ACH or wire transactions. There is a limited recovery window for these transactions and immediate escalation may assist us in preventing further loss.
- If you need to report your Paragon Debit Card as lost or stolen, you may also contact our card processor, Monday – Friday (8:30 a.m. – 5:00 p.m.) at 1-888-638-6718 or during after hours, weekends, federal holidays at 1-866-952-5651
Step 2: If the fraudulent activity involves online banking transactions, cease all online activity and remove internet access from all computers that may be compromised.
- Disconnect the Ethernet cable and any other network connections (such as wireless connections) to isolate the computer from the internet as well as any unauthorized access.
- Consider other financial institution accounts or information that may have been compromised, and take appropriate action.
- Engage a computer professional to evaluate the security and health of your computer or computer network.
Step 3: Work with Paragon Bank to take the following action.
- Obtain new usernames and passwords for online banking, if applicable.
- Close compromised accounts and open new ones, depending on the type of fraudulent activity.
- Provide information to support Paragon’s investigation of the fraudulent activity.
- Consider additional security controls to prevent future fraudulent activity from occurring.
Step 4: Contact the appropriate law enforcement office and file a police report, if appropriate.
How to Respond to Identity Theft
If you determine or suspect that someone has stolen your identity, immediately take the following action to reduce the amount of damage that it may cause.
Step 1: Place an initial fraud alert on your credit report.
- Call any one of the three credit reporting agencies. The agency you notify is responsible for notifying the other two agencies.
• Equifax: 1-800-525-6285
• Experian: 1-888-397-3742
• Transunion: 1-800-680-7289
Step 2: Order your credit report.
- Contact all three credit reporting agencies and obtain a copy of your credit report. Identity theft victims can get the reports for free.
- Identify accounts on your credit report that you did not establish. Immediately contact the companies where these accounts have been opened and report the fraud. Ask to speak with someone in the company’s fraud department. It may also be necessary to write a letter to these companies to help document that you reported the fraud.
Step 3: Complete an Identity Theft Affidavit.
- Submit a complaint to the Federal Trade Commission (FTC) to complete an Identity Theft Affidavit. Retain a copy of the Identity Theft Affidavit for your records.
• By phone: Call 1-877-438-4338 (1-866-653-4261 TTY)
• Online: Go to http://ftc.gov/complaint
Step 4: Report the identity theft to law enforcement.
- Contact the appropriate law enforcement office and file a police report.
- Attach a copy of your FTC Identity Theft Affidavit to your police report.
- Retain a copy of your police report for your records.
Step 5: Report the identity theft to other relevant federal agencies.
- The Social Security Administration (SSA) of the Office of the Inspector General investigates allegations of identity theft. If you know or suspect your SSN may be involved in identity theft, notify the SSA and request a copy of your Social Security statement.
• By phone: Call 1-800-269-0271
• Online: Go to http://oig.ssa.gov/report
- The U.S. Postal Inspection Service is the law enforcement entity of the U.S. Postal Service and is the entity that investigates identity theft when it involves stolen mail or other violations of the integrity of the mail service.
• By phone: Call 1-800-372-8347
• Online: Go to https://postalinspectors.uspis.govx
Common Fraud Scams & Notifications
Businesses Still Falling Victim to Fake BBB Email
In December 2011, the Better Business Bureau (BBB) issued an alert regarding emails purporting to come from their organization when, in fact, they were sent by cyber criminals and contained malware. When the attachment was opened by employees, a keylogger was installed on the business’ systems that gave the cyber criminals access to the companies’ information, including their banking credentials.
Fraudulent E-mails Claiming to Be From the FDIC
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent emails that have the appearance of being sent from the FDIC, according to a notice released October 3
October 3, U.S. Federal Deposit Insurance Corporation
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent emails that have the appearance of being sent from the FDIC, according to a notice released October 3. While the emails exhibit variations in the “Subject” lines, the messages are similar. They all make reference to the suspension of recipient’s ability to conduct transfers via ACH and/or wire transfer. The emails then encourage recipients to install a software update by clicking on a link provided. They then say that functionality will be restored once the software update is installed. The emails and the link provided are fraudulent.
FTC Issues Warning to Small Businesses Regarding Fake Email
The Federal Trade Commission (FTC) is warning small businesses about an email, purporting to be from the FTC with the subject line “NOTIFICATION OF CONSUMER COMPLAINT,” that may install a virus or other spyware on the computer.
The email falsely states that a complaint has been filed with the agency against their company. The FTC advises recipients not to click on any of the links or attachments with the email and to delete the email.
FDIC Fraudulent E-mail Survey
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being sent from the FDIC.
The e-mail exhibits the “Subject” line: “SURVEY CODE: STJSPNUPUT”. The “From” line may exhibit variations; however, the messages are similar.
The email states, “You have been chosen by the FDIC to take part in our quick and easy 5 questions survey. In return we will credit $100 to your account just for your time!” The recipient is then instructed to “Click here to Continue.” Recipients should not click on the link provided.
This email and link are fraudulent. Recipients should consider the intent of the email as an attempt to collect personal or confidential information, or to load malicious software onto end users’ computers. As a reminder, the FDIC does not send unsolicited emails to consumers or business account holders.
LinkedIn Email Scam Deposits Banking Trojan
Don’t be too quick to make that connection! GFI Labs recently discovered a LinkedIn email phishing scam that installs the Cridex banking Trojan.
Online Banking Insurance Fraud Scam
Cybercriminals are targeting consumers in a fake insurance scam. Trusteer reports that cybercriminals are targeting consumers in a fake insurance scam. Victims infected with the Tatanga malware receive an offer, purportedly from their bank and via a web browser injection, for insurance that would protect them against losses due to online banking fraud. To activate the insurance account, the victim must authorize the transaction by entering the one-time password sent by the bank via SMS to his or her mobile device; however, the victim is actually authorizing a fund transfer to a money mule account. For bank accounts with a balance is between $1,300 and $6,500, the cyber thieves will steal the entire amount, but they will not exceed $6,500.