In February 2023, FinCEN (a bureau of the US Department of the Treasury), in collaboration with the United States Postal Inspection Service, issued an alert regarding the nationwide surge in mail theft related check fraud schemes. From 2018-2023, postal inspectors arrested almost 9,000 suspects for theft of mail and packages. Criminals are targeting USPS blue collection boxes and unsecured residential mailboxes. Mail theft can occur through forced entry, the use of makeshift fishing devices, or the use of authentic or counterfeit master keys. Criminals will generally steal all types of checks in the U.S. Mail, but business checks may be more valuable because business accounts are often well-funded and it may take longer for the victims to notice. Today’s criminals have learned to commingle the physical and digital worlds to carry out their illegal activities.

First, a check, an image of a check, or check information is stolen by various means. The information is then sold through digital storefronts via apps like Telegram, WhatsApp, and even Facebook. Next, checks are “washed” and negotiated multiple times all over the United States. Organized crime rings like the Felony Lane Gang, also use these apps to hire “walkers” in multiple towns. “Walkers” are people that will walk physical checks into bank branches to negotiate. The digital storefronts (Telegram, WhatsApp, Facebook, etc.) even host classes that teach fraud techniques to those looking to commit these crimes.

Protect yourself against mail theft by:

• Promptly picking up mail or arranging for prompt pick up if you are out of town
• Inquiring about overdue mail
• NOT sending cash
• Requesting signature confirmation
• If using the blue USPS collection boxes, drop mail prior to the last collection time for the day to avoid mail sitting overnight.

According to the Federal Trade Commission, more than 95,000 people reported $770M in fraud losses for various scams in 2021 and that number continues to rise at alarming rates. There are several methods that fraudsters will use to trick trusting individuals out of their hard-earned money. The story line will change, but the overall process remains the same. The fraudsters will create a story, locate a victim, send the victim a check to deposit to their personal account and ask for a portion of the funds to be returned to them via wire transfer. All seems fine until the victim receives notice that the check they deposited is being returned and charged back to their account as fraud. The victim takes the hit on the fraudulent check and the fraudster disappears.

These are a few themes that are popular:

• Romance Scam
• Fake Paycheck
• Lottery
• Online Sales

Protect yourself by being mindful of what you post on social media, use reputable websites, avoid developing relationships strictly based on electronic communication, and be aware if you are asked for financial information.

According to the FBI, Business Email Compromise (BEC) – also known as Email Account Compromise (EAC) – is one of the most financially damaging online crimes. It exploits the fact that so many of us rely on email to conduct business – both personal and professional.

In a BEC scan, criminals send an email message that appears to come from a known source making a legitimate request, like in these examples:

• A vendor your company regularly deals with sends an invoice with an updated mailing address
• A company CEO asks her assistant to purchase dozens of gift cards to send out as employee rewards. She asks for serial numbers so she can email them out right away.
• A homebuyer receives a message from his title company with instructions on how to wire his down payment.

Versions of these scenarios happen to real victims. All the messages were fake. In each case, thousands, or even hundreds of thousands, of dollars were unknowingly sent to criminals.

By openly sharing things like pet names, schools you attended, links to family members, and your birthday, you can give a scammer all the information they need to guess your password or answer your security questions.

Do not click on anything in an unsolicited email or text message asking you to update or verify account information. Look up the company’s phone number on your own instead of using the one a potential scammer is providing, and call the company to ask if the request is legitimate.

Carefully examine the email address, URL, and spelling used in any correspondence. Scammers use slight differences to trick your eye and gain your trust.

Be careful what you download. Never open an email attachment from someone you do not know, and be wary of email attachments forwarded to you.

Set up two-factor (or multi-factor) authentication on any account that allows it, and never disable it.

Verify payment and purchase requests in person if possible or by calling the person to make sure it is legitimate. You should verify any change in account number or payment procedures with the person making the request.

Be especially wary if the requestor is pressing you to act quickly.

Synthetic Identity Fraud is a type of fraud where criminals combine fake and real information to create a new identity. This new identity is then used to establish credit, open accounts or make fraudulent purchases. Criminals target Social Security Numbers or other personally identifiable information of minors, elderly, or those incarcerated in hopes they are not actively monitoring their credit reports. Once the fraudster is successful establishing credit, they make timely payments to build up the credit score so that they qualify for higher credit limits. Eventually, they max out the credit lines, stop making payments, and disappear.

Protect yourself by monitoring your credit reports on a regular basis and subscribe to a service that will alert you when changes occur.

Invoice fraud occurs when someone submits a fake, altered, or duplicate invoice to your business, or when an employee or a vendor colludes to overcharge or underdeliver on goods or services.

• Fake invoices can be sent in an attempt to deceive you into paying for goods or services that were never ordered or received. Sometimes these fraudsters will impersonate a legitimate vendor that you are familiar with.
• Altered invoices are legitimate invoices that have been modified to increase the amount, change the payment details or add extra charges or fees.
• Duplicate invoices involve a fraudster submitting the same invoice multiple times to receive multiple payments for the same goods or services.

Establish and enforce strong internal controls, policies, and procedures. Consider establishing dual control in your accounts payable process for creating, approving, verifying, and paying invoices. Invoices should be compared to the original purchase order and signed off by the appropriate person prior to submitting payment. Make sure to audit or review accounts payable on a periodic basis to look for fraud or errors.

In Triangulation Fraud, the fraudsters pose as reputable online merchants. Victims make a genuine purchase on a third-party marketplace, like Amazon, but the merchant is actually a fraudster. The fake merchant is purchasing the merchandise from a reputable merchant, who will send your merchandise to you so you suspect nothing! Since the fraudster intercepted your purchase, they now have your confidential information including financial information. Protect yourself by carefully evaluating where you make online purchases, monitor your account daily, and promptly report any unauthorized transactions.

It is almost impossible to avoid every fraud attempt or data breach. Regardless of how your information is compromised, the best way to deter fraud is to MONITOR YOUR ACCOUNT DAILY and promptly report transactions you are not familiar with. In addition, CNB provides a suite of services to help protect your account.

Fraud Protection Package Contains:

• Online/Mobile Banking is available 24/7/365 to monitor transactions clearing or to set up alerts for certain activities.
• Card Valet App allows users to set up Controls (to block transactions) or Alerts (notification) or the ability to lock/unlock a debit card.
• Debit Card Transaction Monitoring keeps a watch for potential fraud. You may receive a text to ask if a transaction is valid.

please click link for more information

• Fraud Protection Services for business accounts ensures only checks you issued or electronic items you authorize clear your account!
  • Check Positive Pay with payee line verification and Teller Positive Pay available
  • ACH Positive Pay
  • ACH Credit Monitoring
• CNB Customer Awareness Program for Internet Safety – CNB partnered with KnowBe4 to bring online security training to customers. This program is designed to help you spot and avoid scams, phishing, and to be safe online. Business owners should strongly encourage employees to complete this training. See CNB’s website for access.