Fifth Third Bank - Fraud & Email Scams

Sunday 11 March 2007

Advice from www.53.com

If you are a Fifth Third customer who has received a suspicious email but did not divulge any information, please forward the email, along with your contact information, to 53investigation@security.53.com and then delete the suspicious email from your computer. The emails help us to track the scammers.

—————————————

Fifth Third values the safety and security of our customers, their accounts and identities. We want to help our customers take precautions that will protect them. Education and awareness is the most important step—this tutorial will help provide you with information to take the steps that will protect you online.

There are many types of online fraud. One that is on the rise is the sending of fraudulent emails known as “phishing” that appear to be from a trusted source like a financial institution and ask for banking logins, passwords, or other personal information.

Please take a few minutes to read more about phishing and other online scams to learn how you can best protect yourself. Use the buttons at the top or bottom to navigate through the tutorial.

In a phishing attack, scammers send millions of email messages that appear to come from popular websites that you trust, like your bank or credit card company. The email messages, pop-up windows, and the websites they link to are designed to look similar enough to the real websites that they trick people into believing that they are legitimate. Victims who are deceived by these sites will unwittingly provide their credit card numbers, passwords, account information, or other personal data.

Phishing email messages are designed to look legitimate, often including actual logos or graphics from financial institutions. Phishers may place a link in the email that appears to go to a legitimate website, such as http://www.53.com, but it will actually take you to a phony scam site with a similar URL or IP address or possibly a pop-up window that looks exactly like the official site. These copycat sites are also called “spoofed” websites

Be Skeptical: It is better to err on the side of caution. Unless you are 100% sure that a particular message is legitimate, assume it is not. Look for telltale signs of a phishing email, such as:

  • bad grammar.
  • broken graphics.
  • urgent requests for information that may threaten negative actions if you don’t respond (for instance: we will close your account if you don’t verify your username and password).
  • “from” addresses that look similar to “53.com”, such as “53-support.com”.
  • generic greetings like “Dear Customer” instead of your actual name.

You should NEVER supply your username, password, account number, credit card number or any other personal or confidential information via email, and NEVER click on links or reply directly to the email in question. The image below is an example of a phishing email.

Fifth Third will NEVER send you an email asking you to verify or supply personal information, such as:

  • User IDs.
  • Passwords.
  • Social Security Number.
  • Card or Account Numbers.
  • Credit Card Security Code (CCV).

If you are unsure about an email or a website that appears to be from Fifth Third, take the following precautions:

  • Visit Fifth Third’s website only by typing into your browser our known website address, www.53.com.
  • Look for the secure lock at the bottom of the page to verify that the security certificate is valid for www.53.com. Refer to the right sidebar for an example.
  • Click on the VeriSign Secured Seal to verify the identity of Fifth Third’s website. Fifth Third is committed to providing a secure online banking experience. Our website is certified by the VeriSign Secure Site Program.

Besides phishing attacks, there are other online threats that you should be aware of. Another common online threat is called “spyware,” which loads malicious software programs onto your computer without your knowledge via email attachments, Internet downloads, messenger chats, or file sharing. These programs, also known as “Trojans” or “keyloggers,” are designed to capture your logins, passwords, or other personal data as you log into authorized websites. Or they will present a fake web page when you type in the real website address of a site you want to visit to trick you into providing confidential information.

You can take a few precautions to protect yourself from other online threats:

  • Install a Firewall and anti-virus software—many of them contain spyware protection. Keep your virus definitions and browser and security software current.
  • Exercise reasonable care when downloading software and opening email attachments.
  • Have your computer analyzed by a qualified technician if you suspect your computer is running abnormally, you are receiving an unusual amount of “pop-up” pages, or you notice that you are being redirected to other web pages.
  • Beware of using non-encrypted wireless connections with computers, phones, and portable devices to send sensitive information from public wireless locations or even from home wireless networks. Using scanning devices, individuals can intercept unencrypted signals and view or obtain your information.
  • Beware of “shoulder surfers” while using a computer in public areas who may be trying to intercept your passwords or information.
  • Use strong passwords with a combination of uppercase and lowercase letters, numbers, and symbols. Change passwords periodically, and always change pre-assigned temporary passwords. When creating PINs and passwords, do not use birth dates, addresses, phone numbers, etc. that are easily guessed from personal information.
  • Never use the “save ID and password” option in your browser at home, or on a laptop or public computer.
  • Do not email personal and financial information to non-secure sites. Because of the potential for loss, avoid storing personal information on a laptop computer.
  • Properly dispose of old computers and ensure all sensitive information is removed from the hard drive. Reformatting the hard drive may not be sufficient—use specialized software to erase information.
  • Review your bank statements closely. Make sure there are no transactions that you can’t account for and that all of the decimals are in the right spots. If you find any problems contact Fifth Third immediately.
  • Check your credit report periodically. The Fair Credit Reporting Act (FCRA) requires each of the nationwide consumer reporting companies—Equifax, Experian, and TransUnion—to provide you with a free copy of your credit report, at your request, once every 12 months. The three nationwide consumer reporting companies have set up a central website and a toll-free telephone number through which you can order your free annual report. To order, go to annualcreditreport.com or call
    1-877-322-8228.

    • If you are a customer who has provided sensitive account or personal information in response to an unsolicited email, immediately contact a Fifth Third Bank Customer Service Professional at
    1-800-676-5869. They are available to serve you Monday through Friday from 8 AM-9 PM and Saturday and Sunday from 8 AM-5 PM ET. You may also contact us securely via our website 24 hours a day, seven days a week.

    If you are a Fifth Third customer who has received a suspicious email but did not divulge any information, please forward the email, along with your contact information, to 53investigation@security.53.com and then delete the suspicious email from your computer. The emails help us to track the scammers.