Security Alerts, Scams & News

---

FBI warns against using public phone charging stations

Don’t let a free USB charge end up draining your bank account! The FBI is currently warning consumers about “juice jacking,” where scammers are loading viruses and malware into public charging stations. Malware installed through a tampered-with USB port can lock a device or export personal data and passwords directly to the scammer. These viruses can also be loaded directly into the charging cables, as well, and fraudsters may try to give you infected cables as a promotional gift. Stay vigilant, and refer to the following tips to avoid becoming a juice jacking victim:

• Avoid using a USB charging station. Use an AC power outlet instead.
• Only use your personal USB cables to charge your devices when travelling.
• Consider carrying a portable charger or external battery

To learn more about scams and virus prevention, please visit this CNBC article (Opens in a new Window).  

---

Social Engineering:  Vishing & Smishing:  What you need to know 

• Vishing: In vishing attacks, scammers use phone calls or voice messages to impersonate legitimate businesses and trick you into giving them money or revealing personal information. Sometimes these fraudulent calls are made by actual people; other times they are done via robocalls. Worse yet, the scammers may spoof phone numbers that belong to real companies or individuals to deceive you.
• Smishing: In smishing attacks, scammers send phishing messages via text messages or messaging apps to your smart phone or tablet. Like phishing e-mails, you are prompted to open a link to access a website or app. The link may take you to a login page to enter your username and password, a form to provide your personal information, or a malicious app that infects your device.

Common Vishing and Smishing ScamsBelow are examples of common Vishing and Smishing Scams to look out for.

• Demands for payment. The scammer pretends to work for a government agency such as the IRS and tells you that you owe money. They may threaten that you will be fined or even arrested if you do not pay.
• Account verification. The scammer poses as an employee of your bank or credit card company and states that they noticed unusual activity on your account. You are asked to provide personal information to verify your account.
• Program enrollment. The scammer represents themselves as a representative of a government program such as Medicaid and offers to help you with your benefits. You are asked for your personal or financial information to complete enrollment.
• Order/shipping confirmation. The scammer sends you a link to track a package or confirm your order, even though you did not order anything recently. The link may ask for your username and password or install malicious software on your device.
• Winning a prize. The scammer informs you that you won a contest. From there, they may ask for personal information or walk you through accessing your bank account so you can receive a deposit.
• Tech support. The scammer offers to fix a computer problem that you didn’t even know you had. They may ask you to visit their support website, install software to give them remote control, or provide them with your accounts and passwords.

How to Protect Yourself from Vishing and Smishing ScamsHere are some tips to help protect yourself from both vishing and smishing scams.

• Pause, think, and act. Scammers will stress a sense of urgency to trick you into doing what they want. Don’t take the bait. Take time to think about what you are being asked to do and why before you take any actions. Think twice before clicking on links in text messages. Instead, visit the organization’s website directly to ensure you are communicating with the real business.
• Do not answer the phone or respond to texts from unknown numbers. If the scammers can’t reach you, they can’t trick you. If you do answer the call, hang up immediately.
• Keep your personal information private. Never give out personal information such as account numbers, Social Security numbers, passwords, or Multi-Factor Authentication (MFA) (Opens in a new Window) codes to unknown people.
• Verify the source. If you receive a message from someone who says they represent a company or a government agency, hang up and contact them by using the contact information posted on the organization’s website.
• Enable strong security on your accounts. Creating strong and unique passwords is still a security best practice for protecting your personal and financial information. If you have difficulty creating unique passwords for each of your accounts, consider using password generators and managers to develop more complex passwords and store them securely as well. Enable MFA when available as an added layer of protection for your online accounts.

https://www.fcc.gov/spoofing (Opens in a new Window)

https://www.cisa.gov/uscert/ncas/tips/ST04-014 (Opens in a new Window)

---

Elder Abuse - GET INVOLVED, GET SAFE 

Please look at pamphlets below that reflect Elder Abuse and how to identify it, protect yourself and find help. 
Prevent Financial Abuse (Opens in a new Window) Most common scams affecting older Americans (Opens in a new Window) Caregiver's Guide to Elder Abuse (Opens in a new Window) Targeting Older Veterans, know the scams (Opens in a new Window) Prevent Elder Abuse, it can happen to anyone (Opens in a new Window) For more information about Elder Abuse and the ways you can help, visit: https://www.justice.gov/elderjustice/elder-abuse-flyers. (Opens in a new Window)

---

Phishing Scams 
Every day, thousands of people fall for fraudulent emails, texts, and calls from scammers pretending to be a bank. These are commonly referred to as phishing scams and victims can lose hundreds, even thousands of dollars. Tennessee State Bank has partnered with the ABA’s #BanksNeverAskThat campaign to turn the table on fraudsters by empowering consumers to spot bogus bank phishing scams. For more tips on how to keep phishing criminals at bay, including videos, an interactive quiz and more, visit www.BanksNeverAskThat.com. (Opens in a new Window)Phishing is when you get emails, texts, or calls that seem to be from companies or people you know, but they’re actually from scammers. They want you to click on a link or share personal information (like a password or social security number) so that they can use that information to steal your money and/or identity.For more information about phishing, visit https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams (Opens in a new Window)

---

Job Scams 

Scammers are targeting millions of unemployed Americans searching for jobs, looking for opportunities to obtain access to victims’ identities and financial assets. In 2020, the FBI’s Internet Crime Complaint Center (IC3) received complaints amounting to over $62 million in losses from employment scams, an increase of nearly $20 million from 2019.Criminals promote fake job opportunities through many of the same job boards that legitimate companies use, such as online job sites, social media platforms, and newspapers. The fake postings claim to offer employment but are instead used to acquire victims’ personal information and financial assets.For more information about job scams, visit: https://www.aba.com/advocacy/community-programs/consumer-resources/protect-your-money/job-scams. (Opens in a new Window)

---

Money Mule 

What is a Money Mule?If someone sends you money and asks you to send it to someone else, STOP! You could be what is being called a “Money Mule", someone scammers use to transfer and launder stolen money. Scammers are taking advantage of the uncertainty and fear surrounding the COVID-19 pandemic to steal your money, access your personal and financial information, and use you as a money mule. 

What's a money mule scam? (Opens in a new Window)  Money mule awareness booklet  (Opens in a new Window)

---