By Christopher W. Pinkham
No one believes that they will be subjected to identity theft. Shopping online, bill paying online and ATMs: all a matter of convenience. The statistics for you successfully conducting a safe, reliable transaction are strongly in your favor and despite all the advertising to purchase services to safeguard your identity, e-commerce is a safe and dependable means to conduct business. And it is fast, just like everything in our lives; we need it today and we will not wait.
But one April afternoon, the Pinkham family became a statistic. A total of nearly $400 went missing from a college student’s checking account (of which $350 had been transferred from the parental account the night before for payment of college registration fees). The concern was that while this student was safely in America studying, the four transactions withdrawing the $400 were conducted at an ATM in a seaside resort in Turkey! Call the bank, we’ve been taken!
So first reconstruct the afternoon.
• You went to the mall and used an ATM to check your balance.
Parental Conclusion: you were skimmed by an electronic skimming device that had been placed in the ATM’s card reader by underworld characters. Quick, call the bank that owns the ATM.
• You then went to a mall pharmacy to purchase a soda, get cash back (to avoid the ATM fees) and used your money to eat at the food court.
Parental Conclusion: Your PIN was stolen while you conducted the transaction at the retail store either by a dishonest employee or a hidden camera!
(By now all you privacy czars are yelling, “See, I told you!”)
Well, what appears to be the situation often is not. The facts as we know them today are as follows: Three weeks before the money went missing, an online payment service was used to pay a summer registration fee. Following that transaction, an e-mail arrived in the student’s inbox (apparently from that same vendor) stating that they needed to verify the account, please log in. The student did and unknowingly gave the account number and PIN to the ‘bad guys/bad girls’ who were really NOT the vendor – they were phishers! Phishing is the art of ‘fishing’ for an account containing money to steal!
Most e-mail inboxes receive phishing e-mails. Subjects are often “Attention Customers of XYZ Bank,” or “Account Verification needed.” These are all frauds! No financial institution and no legitimate retailer will ask you for your account information.
Only put account information on the Internet when you initiate the transactions: account log-ins, for example. If you are suspicious – Call first. Transact later.
Postscript: The student notified the bank, the bank reversed the charges as a result of the student signing a statement that the transactions were unauthorized, a new debit card was ordered and, 24 hours later, the funds were restored but the local bank is still out $400 because the fraud was international and it is likely the “bad guys/bad girls” will never be caught.
Christopher W. Pinkham is president of the Maine Association of Community Banks.