Security Common Scams
Unless you initiate the contact, Enterprise will not request your personal information (e.g., account number, Social Security number, PIN, user ID, password or Security Access Code) through email, U.S. mail, live or automated phone call, or text message. If you receive unusual calls or emails claiming to be from Enterprise and requesting your personal or account information, do not respond and contact us immediately at (833) 896-2850. If you call Enterprise, we may ask for information to verify your identity.
Note: All Enterprise debit and credit cards have 24/7 fraud protection. If we spot potentially fraudulent charges on your account, we’ll text, email or call you and ask if the charge is legitimate. If no response is received to text or emails, Enterprise will call you at the number listed on your account. During the call, we will ask for information to verify your identity.
Phishing
Phishing involves the use of fraudulent email or browser pop-up messages that appear to be from a legitimate source, often using a company name, logo and/or graphic. A typical scam consists of:
- Receipt of an email message stating you need to update or validate your account information.
- A message that suggests a dire consequence, such as your online access expiring or being suspended, if you do not respond.
- A link in the message that directs you to a website that looks legitimate, but is not.
The intent is to trick you into divulging personal information, such as your account number, Social Security number, user ID or password, so they can commit crimes of a monetary nature or identity theft. It may also be an attempt to deliver and install malicious code (malware) that can harm your computer.
Phishing Attempt - Example #1
The outgoing Wire fund transfer that you placed 09/14/2018, was not processed by the Federal Reserve Wire Network.
Please [malicious link removed] to view report.
This service is provided to you by the Federal Reserve Board. Visit us on the web at [link removed].
Phishing Attempt - Example #2
Dear Customer,
It has been reported that bank customers across the country are receiving fraudulent emails that appear to originate from the Federal Deposit Insurance Corp. (FDIC). Enterprise Bank is carrying out a major system upgrade. This upgrade became necessary following recent security threats. Consequently, in the next few days, you may notice temporary interruption when using online banking to access your account. To experience a smoother and more secure online banking, please update your information in our records. The link below will guide you through the process:
[hyperlink to bogus website here]
Please note that this one time exercise is mandatory for all Enterprise Bank customers. For security reasons,we may suspend your account if your information is not updated.
We sincerely regret any inconvenience.
Jay Banker
Head of Online Banking
How to Avoid Falling for Phishing Scams
Never open any email unless you know the sender. The very act of opening an email can infect your computer with malware. Be skeptical of every email you get, and never click on suspicious links or download suspicious attachments.
Reporting a Fraudulent Email
If you receive a suspicious email that appears to be coming from Enterprise Bank & Trust, please forward the email to [email protected].
Due to the insecure nature of email, do not include any personal information such as account numbers or Social Security numbers in your emails or forms.
To report unauthorized transactions on your account, immediately contact your branch location or call (800) 438-0378.
Online Scams
Pharming
This occurs when you enter a web address but are redirected, without your consent or knowledge, to a fraudulent site that looks similar to a legitimate site. The intent of the fraudulent site is to capture confidential information.
Lottery / Sweepstake / International Scam
Lottery, Sweepstake and International scams involve unsolicited letters and emails that individuals and companies receive, offering the recipient large sums of money for assistance in transferring millions of dollars to American banks. They offer recipients a percentage of the money transferred as compensation for their help. Individuals/companies who respond are asked to provide their account information in order to have the money transferred to them. Once these scam artists have your account information, they not only don’t transfer money to the account, they use the account information to steal money. These offers are often originated out of the country.
"Prince" Scam Example
Dear Friend,
My name is Prince Imona Jeht and I am very rich prince of the Island and Guantego. I need an account to store $1,000,000 USD located in America, please allow me to have your bank account number and I will transfer the money asap.
In a month I will remove the money after I set up my own account, but will reward you with $250,000 USD as a token of my appreciation. I look forward to doing business with you.
Kindly regards,
Prince Imona Jeht
Business Email Compromise Scam
One of the newest scams is the business email compromise. The criminals may use fake invoices, wire transfer or international payment requests that appear to have been originated by an executive or coworker. The goal of the scam is to trick employees into making payments which are directed to a fraudulent bank account. Because these scams do not have any malicious links or attachments, they can evade traditional solutions.
Other Internet / Online Fraud
Fraud can also occur when selling items online. If the item is being purchased by a check, the seller may request the purchaser issue a check for an amount greater than the asking price. The "seller" is asked to wire the difference back. Frequently, the original check used is counterfeit or forged.
Tips to Avoid Online Scams
Please keep in mind, there is NO legitimate reason for someone to give you money (in any form, including money order, check or wire transfer) only to ask you to send the money back. It’s illegal for a company to require you to buy something or pay a fee in order to win or claim a prize. Should you receive one of these letters, please do not reply, but report the letter to the Internet Crime Complaint Center.
Employee training and awareness can help organizations spot these types of scams.
Unless you initiate the contact, Enterprise will not request your personal information (e.g., account number, Social Security number, PIN, user ID or password) through email, U.S. mail, live or automated phone call, or text message. If you receive unusual calls or emails claiming to be from Enterprise and requesting your personal or account information, do not respond and contact us immediately at (833) 896-2850. If you call Enterprise, we may ask for information to verify your identity.
Note: Enterprise may contact you to verify credit card activity that appears suspicious.
Skimming
“Skimming“ is a method by which thieves capture the magnetic stripe data from your card and use it to create a new, counterfeit card. These counterfeit cards are then used to process unauthorized transactions against your account. There are two main methods of skimming card information:
- A small device that appears to be a part of the machine is placed over the card insertion slot of an ATM, gas pump or other self-service kiosk. As you slide your card into the ATM, this device “reads” the data on the stripe and either stores it or transmits it to a nearby location. Oftentimes, there is also a small, hidden camera that captures your keystrokes as you input your PIN into the machine.
- The device is carried by an employee in a restaurant or merchant’s store location during a legitimate transaction. When the employee takes your card to complete the transaction, they swipe the card through a skimming device and capture the magnetic stripe data.
How to Protect Yourself from Skimming
- If you see an attachment on an ATM that looks suspicious, don’t use the ATM. Notify the institution that owns the machine as soon as possible. If it’s an Enterprise Bank & Trust ATM, contact the branch location of the ATM or call (800) 438-0378.
- Never give your PIN to anyone or write it on your card.
- Review your monthly statements immediately and notify us of any discrepancy by calling (800) 438-0378.
Fraud Protection for Card Products
All Enterprise debit and credit cards have 24/7 fraud protection. If we spot potentially fraudulent charges on your account, Enterprise will send a 2-way SMS message to your mobile device or an email. Be sure your cell phone and email address is on file with us. If no response is received to text or emails, Enterprise will call you at the number listed on your account. During the call, we will ask for information to verify your identity.
Debit Cards
You can take easy steps to reduce your risk of fraud and monitor debit card spending. SecurLOCK Equip™ is a mobile app that puts the power to protect your debit card in your hands. You can turn your debit card on or off when needed.
Credit Cards
Visa® Purchase Alerts are also available on Enterprise credit cards. Cardholders can enroll their card and set up transaction alerts on the Visa® website. Once registered, cardholders will receive email alerts based on their preferences.
Card Best Practices
- If your card is lost or stolen, contact us immediately using the following telephone numbers:
- Debit Cards: (800) 500-1044
- Credit Cards: (866) 234-4691
- You will never be contacted directly by companies like Mastercard® or Visa® to verify personal or card information, your PIN or to request that you transfer funds or process transactions to protect your account.
- Make a list of the customer service telephone numbers for each of your bank and card issuers. Keep this list in a safe and secure place so you can easily notify the necessary companies in case you lose your wallet or purse. This will also mitigate the risk of fraud.
- Whether at home or traveling, only carry ATM, credit and debit cards that are necessary. If traveling, secure unused cards in a safe place while you’re away.
- Memorize your PIN. Never write it on the card or anywhere else it could be compromised.
- It’s not a good idea to use the last four digits of your Social Security number, date of birth, address or numbers that may be easily obtained by identity thieves as your PIN.
- Never give out your credit or debit card numbers over the telephone or on the internet unless you have a trusted business relationship with the person or company.
- Never leave ATM, credit or debit cards lying around where anyone has access to them.
- Always keep your receipts for card purchases or withdrawals. Never throw them in a public trash container where they could eventually be found.
- When vacationing, contact your bank regarding your plans. Most banks monitor suspicious activity, including geographic shifts in cardholder use. They may choose to temporarily restrict the card until the activity can be validated. By informing the bank before you go, you can prevent unnecessary inconveniences while traveling.
- Always thoroughly review credit card and bank statements upon receipt. If there is suspicious activity on your account, notify the credit card company or bank immediately.
Vishing/Smishing
Vishing stands for voice-phishing and smishing refers to phishing via SMS, also known as text messages. These attacks involves the use of email, voice messages, automated calls or text messages that appear to be from a legitimate source, such as a debit or credit card issuer, financial institution, police department, etc., but are, in fact, criminals that are attempting to gain information to be used for illegitimate purposes.
The intent is to trick you into divulging personal information, such as your account number, Social Security number, user ID or password, or clicking a fraudulent link that gives them access to your information or device, so they can commit crimes of a monetary nature or identity theft. If you believe the call may be legitimate, call the customer service number provided by the financial institution at the time the account was opened or the number on the back of the debit/credit card.
A scam often consists of:
- Receipt of an email, voice mail or text message asking the recipient to call a phone number. They are directed to an automated system that asks them to enter their account number, debit card and PIN, Social Security number or other personally identifiable or financial information.
- Receipt of a text message asking the recipient to reply to the message in order to:
- Activate an account or newly issued debit/credit card by entering the account number or the card number and/or PIN
- Verify that a debit/credit card is in their possession by entering the card number and/or PIN
- To reactivate their account or debit card, commonly used to make people think that it’s recently been suspended or deactivated
- Receipt of an automated call stating the recipient's account or card has been blocked. They are directed to select a menu option and asked to enter their account number, debit/credit card and PIN, Social Security number or other personally identifiable or financial information.
Keep in mind that there are specific reasons that Enterprise may send you a legitimate text message:
- Authentication and security messages that ask you to verify your identity (via a Secure Access Code, “SAC”) or authorize a transaction.
- Financial alerts you have opted in to that notify you of transactions, payment approvals (including Positive Pay) and balance limits.
- To verify transactions if we spot potentially fraudulent charges on your account.
- Note: All Enterprise debit and credit cards have 24/7 fraud protection. If we spot potentially fraudulent charges on your account, Enterprise will send a 2-way SMS message to your mobile device or an email. Be sure your cell phone and email address is on file with us. If no response is received to text or emails, Enterprise will call you at the number listed on your account. During the call, we will ask for information to verify your identity.
Mail Theft
Mail theft occurs when someone illegally intercepts your mail. Their intent is to get your personal information, such as account numbers, Social Security number, credit card numbers, etc. They then use this information to commit identity theft. If you have reason to believe your mail has been stolen, contact your local post office or your local postal inspector.