Spoofing Alert

 In General
0

Recently, we’ve heard reports of an increase in spoofing attempts at other financial institutions, where fraudsters reach out to clients pretending to be from their bank, SHAZAM – our debit card processing and fraud monitoring partner – or another associated bank partner.

Spoofing is a type of social engineering tactic fraudsters use when they pretend to be someone or something else. These fraud attempts appear to be from a known phone number or text to win a person’s trust. A fraudster’s goal with spoofing is usually to gain access to financial accounts, steal data, steal money, or insert and spread malware.

Please be aware that spoofing is often followed up with a vishing attempt. When an unsuspecting victim responds to a spoofing text, the fraudster often calls them to ask questions that reveal personal identifiable information, including online banking credentials.

How SHAZAM communicates

SHAZAM never asks accountholders to click links or open attachments in their text messages. They only ask you to respond with either a yes or no. Their phone calls come from a variety of phone numbers. This is intentional and helps to enhance their call center services with additional layers of identity management. As a trusted FNBC partner, SHAZAM won’t ask for any sensitive information on an outbound call. Additionally, any emails from SHAZAM will come from a shazam.net email domain. For example: [email protected]

Protecting yourself

Please be aware of the 4Us of fraud: Urgency, Unexpected, Unnerving and Under No Circumstance:

  • SHAZAM doesn’t ask accountholders to open links in text messages. (Urgency and Unexpected)

O Example of Urgency and Unexpected communication: “Dear customer, your bank account has been compromised. Please click on this link immediately to verify your information and prevent your account from being locked.”

  • SHAZAM doesn’t use threating language that accounts will be suspended or closed. (Urgency, Unexpected and Unnerving) 
  • SHAZAM doesn’t request personal identifiable information, including PIN numbers, full debit card numbers (including card numbers, CVV/CVC, and expiration dates), Social Security numbers, passwords or online banking credentials. (Under No Circumstance) 

If any unexpected communication is received, please contact us to verify the origin of the communication. You can also report any fraud or scams to the Federal Trade Commission.

 

Start typing and press Enter to search