• Fraud & Identity Theft

  • Identity theft occurs when someone steals your personal information and identification to commit fraud. With this information they may be able to open credit card accounts, apply for loans, rent apartments, or purchase phone services – all in your name. In many cases, they request address changes so you never see the bills for their activity.

    These impersonators spend your money as quickly as possible and most victims are unaware of the fraudulent activity until they apply for a loan or receive a call from a collection agency. Clearing your name and erasing the effects of identity theft can be a nightmare, and it can take months or even years to re-establish your creditworthiness.

    Don’t become a victim of fraud. Know how to identify the threats and what to do to minimize your risk.

    Identifying types of fraud


    Social Engineering
    Social Engineering is a technique used to psychologically manipulate individuals into divulging personal and or secure information. Most targets are victimized because they are naturally trusting and want to provide as much help as possible. The following techniques are commonly used to gain unauthorized access to systems or information in order to commit fraud, network intrusion, industrial espionage, identity theft or to simply disrupt and compromise computer systems:

    • Social Engineering by phone – pretexting
    • Dumpster Diving
    • Online Social Engineering through Phishing, Vishing, SMiShing, Pharming
    • Persuasion
    • Reverse Social Engineering
    • Shoulder Surfing – looking over a shoulder to see what is being typed
    • And many more…

    Scams or Spoofs
    A scam is an attempt to obtain personal or financial information through fraudulent means, such as:

    • Phishing: A technique used to lure online consumers to fake corporate websites through links sent via email.
    • Vishing (Voice Phishing): Fraudulent use of the telephone system to gain access to personal and financial information.
    • SMiShing (SMS Phishing): Use of mobile phone text messaging to fraudulently solicit personal or financial information.
    • Pharming: A technique used to redirect a website’s traffic to another fraudulent site.

    Here are some examples to watch out for:

    • Email Scams and Spoofs:
      It is sometimes difficult to determine the legitimacy of an email or website. Scammers and fraudsters have become increasingly savvy in creating authentic-looking emails and websites.

      Through deceptive phishing practices, victims will typically receive an urgent email requesting personal information. Many times the email informs them that their account will be closed if their information is not updated or “verified.” The links within the email are often pointed to Web forms that ask for personal or financial information, such as routing numbers, account numbers, PINs, passwords or Social Security numbers.

    • Lottery Scams
      In a lottery scam, targeted victims typically receive an email claiming that they have won an international lottery (Jamaican Lottery, Spanish Lottery, etc.). In order to claim the winnings, they must contact the claims agent, usually via an email address that is most often from a free provider (e.g., Yahoo, Hotmail, etc.).

      When contacted, the “lottery agent” sends a claim form to verify identity. Victims are instructed to return the form with personal details, along with copies of passports and/or driver’s licenses to “verify true identity.” By providing the information, the fraudsters have enough details to duplicate the victim’s identity.

      In addition, in order to claim the winnings, a request is typically made to wire funds to the fraudsters to cover the transaction, insurance, tax and legal fees associated with receiving the winnings. Victims are required to transfer the requested money via Western Union, leaving them out the funds that have been wired to the fraudsters and leaving the fraudsters with personal identification to continue to commit fraud.

    • Nigerian Scams
      The Nigerian Purchase Scam is another form of fraud that is becoming widespread in auction sites and on business’ ecommerce websites. A buyer will bid on or seek to purchase big-ticket goods (e.g., cars, boats, etc.) from the website.

      The buyer will “accidentally” overpay the seller, stating they “wanted to make sure there were enough funds for shipping.” The buyer will then ask the seller to deposit the check and refund the amount of the overpayment.

      The seller will deposit the counterfeit check and send the overpayment to the buyer prior to the check clearing through the international banking system. The seller is out the funds equal to the overpayment. In addition, the seller could be down the value of the shipped goods if those are sent at the same time.

      To protect yourself, always be careful when transacting with unknown parties. If you question the legitimacy of a buyer, talk with your branch representative to determine the best way to validate the check and funds prior to shipping any goods or providing a refund for the overpayment.

    • Mystery Shopper
      Victims typically will receive an email or a letter in the mail from a "mystery shopping company" whose name often sounds official.

      Usually there is a check included, or a promise to send a check. They tell the victim to cash the check and complete an assignment at a major retail store.

      A request is then made to take the rest of the money that wasn’t spent and send it to another mystery shopper via Western Union.

      The only problem is, that's not a mystery shopper, that's the scammer! The initial check sent to the victim was not legitimate, but the bank won't realize it for at least a week. When the check is returned as fraudulent, the victim is normally responsible for the charges. Meanwhile, monies were sent to the scammer via Western Union and the victim is left holding the bag.

    • Check Scams
      If you receive an email or letter in the mail saying you won a lottery and they send you a check, or if you sell something on eBay and the buyer pays with a check, you may think you can just take the check to your bank and cash it.

      Unfortunately, you can’t. What’s worse, if you cash it in most states, you may be assisting a criminal in passing a counterfeit check, money laundering or worse.

      Blank checks are stolen every day from individual mail boxes, homes, businesses and even banks. Counterfeiters and scammers use these checks to create scams and frauds.

    • Key-Logging
      Key-logging is a process in which fraudsters secretly capture the keystrokes generated from a keyboard. Usually this is done using a physical device or a disguised computer application that is downloaded to your PC. The key-logging device is used to log all the keystrokes generated from a keyboard, including personal and financial data such as user names, Social Security numbers, bank account numbers, credit card numbers as well as passwords to secure websites. The keystrokes are secretly logged without the user knowing and can be transmitted to the criminal remotely using email, Bluetooth signals or other methods.

    • Man in the Middle Attacks
      Man in the Middle fraud occurs when a victim receives a fake email that may be from a retailer or financial institution asking for his or her password and account information, or providing a link to a fake website that resembles the real site to extract personal information. After the victim provides this information, the criminal has the ability to access financial accounts and can cause significant financial damage. Note that First Niagara never requests your bank card number, account number, Social Security number, Personal Identification Number (PIN) or password through email. If you should receive an email requesting such information, that appears to be from First Niagara, do not respond to the email and contact First Niagara immediately at 1-800-421-0004.

    • Malware
      Malware is malicious software that is usually downloaded and installed on your computer or mobile device without consent. Malware can be used by fraudsters to obtain personal information or commit other types of fraud. Usually, Malware takes the form of viruses or spyware that may be disguised as other applications. Never download suspicious software or click on links to websites from sources you are not familiar with. It is also advised to have a reputable anti-virus software application installed on your computer to minimize your chances of having malware installed on your system.


    Protect Your Personal Information


    Here are some helpful tips to avoid becoming a victim of identity theft.

    • Store personal information in a safe place. Shred financial statements, bank checks, credit card offers, charge receipts and credit applications before discarding them.
    • Don't release personal information. Never disclose account numbers, Social Security numbers or credit and debit card numbers over the phone or email unless you know the person or organization you're dealing with.
    • Guard against mail theft. Deposit outgoing mail into a secure, official U.S. Postal Service collection box. Promptly remove incoming mail after it has been delivered.
    • Monitor account information and billing statements. Know your billing cycles and review monthly statements for authorized charges or withdrawals. Missing statements could indicate that someone has filed a change of address notice to divert your mail to his or her address.
    • Consider switching to electronic statements that are delivered directly to an email address that only you have access to.
    • Obtain and review copies of your credit report. Order copies of your credit report yearly to review your file and make certain the information is accurate. The three major credit bureaus are:

      P.O. Box 740256
      Atlanta, GA 30374
      P.O. Box 2002
      Allen, TX 75013
      TransUnion LLC
      P.O. Box 2000
      Chester, PA 19022

      Call the credit reporting agency at the telephone number on the report if you find:

      • Accounts you did not open
      • Inquiries from creditors that you did not initiate
      • Inaccurate personal information such as home address and Social Security number


    Steps to take if you find suspicious activity on your credit report or become a victim of identity theft:


    • File a report of identity theft with your local police or sheriff’s office. Request a copy of the police report as you may need to give copies to creditors to clear up your records or access some services that are free to identity theft victims.
    • Call the Federal Trade Commission's toll-free "Identity Theft Hotline" at 1-877-ID THEFT (1-877-438-4338). The FTC provides online guidance regarding steps you can take to protect against identity theft. You can also visit their online resources at www.ftc.gov
    • Notify the three credit bureaus' fraud departments. Request that a "fraud alert" be placed in your file, as well as a victim's statement asking that creditors call you before opening any new accounts. The initial fraud alert stays on your credit report for ninety (90) days. You can renew it after ninety (90) days.
    • If you haven’t already done so, request a copy of your credit report. Credit reports are free to fraud victims.
    • Contact your creditors for any accounts that have been opened fraudulently. Close your accounts and obtain new credit, debit and ATM cards.
    • Consider contacting the credit reporting agencies to place a credit freeze on your credit file. A credit freeze means that potential creditors are unable to get your credit report and makes it less likely that a thief can open new accounts in your name. Note that the cost to place and lift a freeze depends on state laws, but in some cases may be free.
    • Report any suspected stolen mail to your local postal inspector, and check the post office for unauthorized change of address requests.

Customize Your Experience.

By providing your ZIP code, we can customize our content to display the rates, products, locations and Mortgage Consultants in your area. Alternately, you can continue without ZIP code.