New Wire Fraud Scam Reroutes Payroll Direct Deposits
A recent article by CNBC.com details a current fraud scheme where fraudsters are targeting businesses’ Human Resources departments through email. The fraudsters impersonate senior executives and attempt to convince human resources personnel to change employee’s bank account and routing information in order to route employees’ paychecks to offshore accounts owned by the criminals.
Additionally, the fraudulent emails often go undetected because it defies many existing red flags for malicious communications. The emails are well-written, cordial, and lack misspellings and grammatical errors that would typically trigger email filters.
Focus your company’s efforts, which may include adjusting email filters to pick up common traits of this type of request and training employees in security best practices. Ask your company’s executives to avoid using their personal emails when sending messages. Companies that have been seen versions of this fraud scheme can report it the FBI’s IC3 tip line.
Beware of calls claiming to be First Tennessee Bank
First Tennessee Bank customers may be the target of fraud schemes in which a customer is contacted through phone call, email, or text by fraudsters requesting the customer verify personal bank information. A recent scheme involves individuals contacting First Tennessee Bank customers using a telephone number spoofed to appear on caller ID as First Tennessee Bank’s legitimate Customer Service department phone number. This scheme is an attempt to convince the customer to provide account information, passwords, and in some cases, one-time passcodes that enable takeover of the customer’s account relationship.
It is essential to remember that First Tennessee Bank never will contact you directly and ask for your personal or account information that we already have on file. Additionally, we never will ask you to verify your identity by texting codes or passwords to you to confirm who you are. If First Tennessee Bank initiates the call, we already will have at hand the information we need.
If you have received a phone call claiming to be from First Tennessee Bank and believe you are a victim of fraud or notice potentially suspicious activity on your account, contact Customer Service at 800-382-5465.
Safeguard your card
First Tennessee is committed to providing you with the latest in secure technology for conducting your personal card and/or banking transactions. Protecting your account information is critical in preventing unauthorized access to your account. The following are a few methods criminals may use to obtain your card/banking information:
- Skimming devices that look and feel just like a card reader you use at an ATM or gas pump are inserted into the card reader or snapped over the terminal. These devices read your card data as your card is inserted into the terminal, and have the ability to transmit that data in real-time or store the data for future use.
- Sometimes criminals use hand held devices to skim your card (such as an insert into an IPhone or IPad).
How can I prevent it?
- Before using your card, inspect the terminal you are using. If there are any visible signs of tampering, or the terminal looks out of place, you should not use the machine and report it to the attendee/operator in the store where you are attempting to make the purchase. If you are using an ATM, report it to your bank representative, or call the number on the back of your card for assistance.
- Do not use your PIN at a gas pump when using your debit card. In many cases, criminals have placed a small camera over the PIN reader to capture your PIN as you enter it. If you must use your PIN, cover the PIN pad with your hand to prevent a camera from recording while it’s entered.
- When you have to hand your card over to an attendant or cashier to make a purchase, pay attention to what they are doing with your card. Ask them if possible, to please run your card in your presence.
- If available, always insert your card into the merchant terminal. This is more secure and can prevent your card from being counterfeited.
- When shopping online, be sure to look for the “secure transaction symbols” such as a lock symbol on the lower right of the screen.
- Never give out your card, pin or personal information over the phone unless you initiated the call.
Online Banking Fraud
- Keystroke logging devices can be installed on computers that are available for public use, such as libraries or hotel business centers. They can also be downloaded on your personal computer if you click on a malicious link or attachment you receive in an email.
How can I prevent it?
- Avoid using publicly shared computers to check personal bank accounts.
- Maintain anti-virus software updates/patches on personal computers.
Other Ways to Protect Your Card
- Always use the chip! The encryption technology used in your chip cannot be counterfeited and helps to keep your card information secure.
- Never give out your debit card number, PIN or personal information over the phone unless you initiated the call. Remember, to protect your security, the bank is not going to ask you for your account information and/or your PIN information.
- Use Card Control functionality in Online Banking to restrict usage on your card.
- If you have a First Tennessee Visa card, sign up for fraud text alerts to be notified when a suspicious transaction occurs.
Protect Your Business from Wire Transfer & ACH Transaction Fraud
First Horizon has identified an increasing trend involving fraudulent wire transfer and ACH requests initiated by corporate customers. The following are some important steps you can take to reduce fraud risk related to wire transfers and ACH transactions.
- Utilize call-back verification procedures for any email or faxed wire transfer request, particularly if the instructions have changed.
- Changes in an ACH funding request should be verified the same way using call-back verification. Be especially vigilant in initiating ACH funding changes based on email or faxed instructions.
- Never use contact information provided in an email or fax to conduct the call-back verification – always use the phone number listed on the account profile or your business records.
- Regardless of the relationship with the customer or business, always verify each email or fax request.
- Even if multiple requests are received from the same party in a short period of time, each request requires separate verification.
- When conducting call-back verification, speak with the requestor to ensure proper verification. Leaving a voicemail is not considered a proper verification method.
- Be aware of suspicious activity and red flags as it relates to wire transfer and ACH transaction fraud to minimize fraud risk.
If you confirm any suspicious or fraudulent transactions that involve your FTB account, (particularly wire transfers or ACH transactions), immediately escalate the situation by calling First Horizon’s Customer Service at 800-382-5465. There is a limited recovery window for these transactions and immediate escalation may prevent further loss.
How we protect you
The First Horizon Family of Companies (First Tennessee, FTB Advisors, and First Horizon) consider the security of your financial information a top priority. We employ extensive security measures to ensure a safe and reliable online experience for all of our customers.
Password Protection – to gain access to an account or account information, a user must verify his or her identity with a password.
Firewall Protection – all systems are protected with firewalls that limit access to only those services that we needed. In addition, all activity passing through the firewall is documented.
128-Bit Key SSL Encryption – before data is exchanged between the customer and the bank, it is encoded or scrambled with 128-bit key SSL encryption. Secure Socket Layer, or SSL, locks the data so that regardless of the path the data takes as it passes across the internet, it only can be opened by the end user with the proper key or 128-character-long combination to the lock on the data. Upon arriving at the computer that requested the information, the packets are reassembled into the original message.
Fraud Detection – we use cutting-edge technology and trained employees to aid in fraud detection. Additionally, we participate in industry consortiums made up of some of the largest financial institutions in the United States, which allows us to address emerging issues in Internet and email fraud.
Email Alerts – email alerts will let you know when your log-in information has been changed. In the event that you did not initiate that change, we ask that you contact us immediately so we can take the necessary steps to block unauthorized users from your account.Additionally, we request that customers enter at least one mobile phone number or email address (two are suggested) upon setting up a Banking Online account. These email addresses and/or mobile phone numbers can be used to send verification emails or texts anytime you initiate a change to your contact information or select to add a custom Payee in Bill Pay Online.
Privacy Notice – a copy of our privacy notice can be found here
Federal Laws and Regulations – Federal laws and regulations protect you from fraudulent credit and debit card usage as well as from unauthorized online banking activity.
Safeguarding your smartphone
With the increasing popularity of smartphones, more and more people are using apps to conduct personal business online – business that often requires the use of sensitive information such as bank account numbers, credit card data, or passwords. While your smartphone can make life simpler, you should also be aware of potential threats to the security of your smartphone and the precautions you can take to keep it secure.There are three areas where smartphone users can potentially fall victim to fraudulent activity. Keep these in mind as you use your smartphone as well as the related tips for preventing fraud.
Lost phones – if you've owned a smartphone for any length of time, chances are you've probably misplaced it, at least temporarily. The danger here is that, if you've made purchases on your phone or, perhaps, conducted banking activities with it, someone who finds or steals your phone may be able to extract sensitive personal information from it.
- Set PINs and passwords on your phone’s home screen to prevent unauthorized access to your phone. Configure it to automatically lock after 5 minutes or less of being idle.
- Wherever possible, use different passwords for each of your important log-ins.
- Don’t modify your smartphone’s security settings, as it can undermine valuable built-in security features.
- Keep your smartphone’s operating software up-to-date by enabling automatic updates from your service provider. You may also want to install trustworthy security apps that allow you to remotely locate and erase all of the data stored on your phone.
- Always report a stolen phone. Wireless providers in conjunction with the Federal Communication Commission (FCC) have established a stolen phone database that will help your provider prevent your phone from being activated without your permission.
App downloads – hackers often use apps to entice smartphone users into downloading malware that can steal information or cause damage to your phone.
- Only install apps from trusted sources. If you have doubts, you can check user reviews, confirm the legitimacy of the app store, and compare it to the app sponsor’s official website.
- You may also want to install security apps that allow you to remotely locate and erase all of the data stored on your phone.
Surfing on open Wi-Fi networks – cybercriminals often use unprotected Wi-Fi hotspots to target people online.
- Avoid public hotspots and instead use protected Wi-Fi from sources you trust or your own mobile wireless connection.
- Ignore pop-ups or prompts to download software. They are often a hacker’s attempt to infect your phone with malware or spyware.
- If you don’t get automatic updates, manually update your smartphone’s security software before you travel. Wi-Fi in airports and hotels can be potentially troublesome if your smartphone is not fully protected with the latest security updates.
Multi-Layered Mobile Banking Security– when you use Mobile Banking, you can be certain that your personal information is protected. Our security measures are delivered in a multi-layered platform that offers you security at each level of your Mobile Banking experience.
At enrollment – you will provide credentials upon first use, and your identity is then verified by answering challenge questions generated by an existing authentication system. Once verified, you can use the device to immediately access mobile banking functionality.
Logging in – initiating a secure session requires two factors of authentication: 1) Your confidential passcode; 2) Confirmation of the correct end user device. Without both, authentication will not occur and log-in is prevented. Our process requires that our Mobile Banking users must have previously proven to the bank that the device being authenticated is in the user’s possession and is authorized for access.
Confirming transactions – our systems periodically present mobile users with step-up challenge questions in response to transfer, payment, and check deposit transactions deemed high risk or suspicious. This safeguard provides you with an extra level of security before a transaction is approved.
Other ways you can protect your information
Here are some steps that you can take to ensure your identity and information are as safe as possible.
- Monitor your accounts frequently. Review your accounts and monthly statements to ensure that all information is correct. Additionally, review your credit report annually. Immediately report any discrepancies.
- Verify the contact. Do not provide confidential information via email, text message, or phone call unless you initiated contact. When responding to requests, use a telephone number or web site address you know to be legitimate.
- Beware of "free" offers. Beware of unsolicited requests for cash or account information in exchange for a prize or gift. Remember, if it sounds too good to be true, it probably is.
- Travel light. Only carry what is necessary in your wallet or purse. Photocopy the front and back of your driver's license, passport, and credit cards and store in a secure place in case they are lost or stolen.
- Protect documents. Keep sensitive documents in a safe place, shred all personal and financial information before discarding, and don’t discard receipts at ATMs and gas pumps.
- Practice password safety. Create a strong password for each online service (10 characters, including mixed case letters, numbers, special characters). Change them frequently and store in a secure place.
- Protect yourself online. Verify use of a secure session (https:// not http://) in the browser when banking online and when making online purchases. Also, look for a lock icon in the browser, which indicates a secure website.
- Beware of shoulder surfers. Be aware of your surroundings when entering your Personal Identification Number (PIN) or any other sensitive information at a point-of-sale terminal, an ATM, or in your computer, phone, etc.
- Delete emails from senders you don't recognize. If you get an email that you think is from a person or company you recognize, use caution when clicking on embedded links. If you are suspicious, type the address into your browser instead of clicking the link.
- Report. Notify your bank immediately if you discover that your checks, debit cards, or credit cards have been lost or stolen. Close accounts that you know or believe have been tampered with.
The First Horizon Family of Companies is committed to providing your company with the latest in secure technology for conducting your business or corporate banking. However, there are some important steps you can take to ensure your own internal security.
- Conduct reconciliation of all banking transactions on a daily basis.
- Initiate ACH and wire transfer payments under dual control, with a transaction originator and a separate transaction authorizer.
- Familiarize yourself with our account agreement and with your liability for fraud under the agreement and the Uniform Commercial Code as adopted in the jurisdiction. You can also educate yourself with tips on combating fraud in your business.
- Stay in touch with other businesses to share information regarding suspected fraud activity.
- Immediately escalate any suspicious transactions, particularly ACH or wire transfers. There is a limited recovery window for these transactions and immediate escalation may prevent further loss.
- Employ best practices to secure computer systems including:
- If possible, for businesses that transact high value or large numbers of online transactions, it is recommended that all commercial online banking activities be carried out from a stand-alone, hardened and completely locked down computer system from which e-mail and Web browsing are not possible.
- Be suspicious of e-mails purporting to be from a financial institution, government department or other agency requesting account information, account verification or banking access credentials such as usernames, passwords, PIN codes and similar information. Opening file attachments or clicking on Web links in suspicious emails could expose your system to malicious code that could hijack your computer.
- Install a dedicated, actively managed firewall, especially if you have a broadband or dedicated connection to the Internet, such as DSL or cable. A firewall limits the potential for unauthorized access to a network and computers.
- Create a strong password with at least 10 characters that includes a combination of mixed case letters, numbers and special characters.
- Prohibit the use of "shared" usernames and passwords for online banking systems.
- Use a different password for each Web site that is accessed.
- Change the password a few times each year.
- Never share username and password information for online services with third-party providers.
- Limit administrative rights on users' workstations to help prevent the inadvertent downloading of malware or other viruses.
- Install commercial anti-virus and desktop firewall software on all computer systems. Free software may not provide protection against the latest threats compared with an industry standard product.
- Ensure virus protection and security software are updated regularly.
- Make certain computers are patched regularly, particularly operating systems and key applications with security patches. It may be possible to sign up for automatic updates for the operating system and many applications.
- Consider installing spyware detection programs.
- Clear the browser cache before starting an online banking session in order to eliminate copies of Web pages that have been stored on the hard drive. How the cache is cleared will depend on the browser and version. This function is generally found in the browser's preferences menu.
- Verify use of a secure session (https not http) in the browser for all online banking.
- Avoid using automatic log-in features that save usernames and passwords for online banking.
- Never leave a computer unattended while using any online banking or investing service.
- Never access bank, brokerage or other financial services information at internet cafes, public libraries, etc. Unauthorized software may have been installed to trap account number and sign on information leaving you vulnerable to possible fraud.
How we protect you online
The First Horizon Family of Companies uses a strong authentication process to protect your sensitive information online. Using an authentication method the user knows (user ID and password) and one the user holds (token) for high-risk transactions, ensures that the right user is accessing our products and systems online.
As we upgrade our online banking platform, we will be deploying more sophisticated security solutions that will detect unusual user behavior and prompt the user for more information before granting access. Unusual behavior includes:
- Accessing the system in timeframes the user typically does not access the system
- Accessing the system from different geographical regions
- Accessing the system from different computers
Our external facing applications are protected from malicious attacks against our servers by firewalls and intrusion detection systems. These solutions not only protect our applications from hackers but also detect any intrusion or hack attempts and alert us.