Learn how fraud finds its way to you:
Techniques to prevent fraud
Today's criminals arrive by phone, text, email, or even by knocking on your door, posing as professional (or company) employees. But that's not a problem because you are smarter than that.
Through this course, we will introduce the most popular tricks used and help you outsmart those looking to scam you.Start the course
If the bank contacts you, it will never ask you to provide any personal information, such as:
Full Social Security number
One time password
Passwords for your online or mobile banking
Answers to online or mobile banking security questions
Confidential information about your account, such as account number, balances, transactions, etc
PIN numbers for your cards
Keep your money safer with these tools
- Get alerts with Mobile Banking
- Check your balances with Online Banking
- Activate or deactivate your cards with SecurLOCK™
If you suspect fraud and wish to report it, call us at 787.620.0000 for Puerto Rico
or Toll Free 1.800.5554 for US Virgin Islands.
What is cybersecurity?
Cybersecurity is a series of tools, procedures and equipment designed to protect the computer systems and networks of any entity or home from theft or damage. It's important, because it helps us keep our electronic devices safe and out of the hands of criminals. In addition, it maintains the confidentiality, integrity and availability of the information that we have on said devices and on the networks through which we connect to the Internet.
What is identity theft?
Identity theft is when a person obtains, transfers, uses or misappropriates the personal data of another without the authorization of the latter, usually to commit a fraud or crime.
How can I avoid being a victim of fraud?
One of the main self-protection recommendations is to always take care of physical banking products such as debit and credit cards. As well as the following financial information:
Virtual branch username and password
PINs to use the ATMs
Card number, expiration date and credit card security code
What is phishing?
Phishing is a cyber attack that attempts to trick victims into clicking on fraudulent email links. The link typically takes the victim to a seemingly legitimate form that asks them to enter their usernames, passwords, account numbers, or other private information. This information is sent directly to the scammers, and the victim may not even know it. For example, an email may state that your bank account has been locked and request that you click a link to regain access. In truth, that link will lead to a fraudulent form that collects your information, such as your online banking username and password. Scammers can log into your account and steal your money.
What is smishing?
Smishing is a type of fraud similar to phishing, except it comes in the form of a text message. A smishing text will often contain a fraudulent link that takes victims to a form used to steal their information. The link may also download malware such as viruses, ransomware, spyware, or adware onto the victim's device. These smishing text messages can look like urgent requests from a bank or package delivery service, for example. They may claim that there has been a large withdrawal from your bank account or that you need to track down a lost package. It can be easy to fall for this scam because you feel you need to take quick action to resolve an urgent issue.
What is vishing?
Fraudulent calls or voicemails fall into the category of "vishing." Scammers call potential victims, often using pre-recorded robocalls, posing as a legitimate company to solicit a victim's personal information.
Maybe you get a call about your car's extended warranty. If you answer this call and are connected to a fake agent, you may be asked for information such as:
Name and surname
Driver's license number
Social Security number
Credit card information
Some scammers may also record your voice and ask a question that you will likely answer with "Yes." They can then use this recording to impersonate you on the phone to authorize charges or access your financial accounts.
How to prevent phishing, smishing and vishing attacks
To avoid being a victim of phishing, smishing, or vishing, there are a few rules you can follow. These can directly protect you from scams and reduce the likelihood that you will be attacked in the first place.
Never click on links from someone you don't know. Go directly to the real website of the organization the communication is supposed to come from and check if the notification indicated in the email or text message is real. Never give personal information to someone who contacts you out of the blue. If they claim to represent a bank, government organization, or company you already do business with, hang up and tell them you'll call them back. Then go to the organization's official website and call them on their official phone number to find out what's really going on. Don't answer calls or texts from numbers you don't recognize. Even if you reply only with the intention of asking to be removed from the list, scammers will notice that you interacted with the call. This is likely to increase the number of calls you receive from scammers in general.
What is social engineering?
Social engineering consists of obtaining confidential information through deception and manipulation of the victim. Criminals carry out a preliminary investigation of the victim, to build trust and achieve deception. One of the most well-known forms of social engineering is when criminals call victims, posing as banks, to steal credit card information. Criminals build trust when they mention that they already have information, such as Social Security number, address, telephone, among others. Subsequently, the victim, trusting that it is actually the bank, delivers or confirms the complete number of the credit card, expiration date and security code.
How to protect yourself if your information has been stolen?
Scams are becoming more and more common, and many people become targets before they have even heard of phishing, smishing, or vishing. In addition to the preventative steps above, it's important to be familiar with resources that can help if your personal information is stolen. Credit Freeze: You can freeze your credit for free with all three national credit bureaus: Experian, TransUnion, and Equifax. If you know a scammer has gotten hold of your private information, freezing your credit can prevent them from opening credit accounts in your name.
Personal Privacy Scan: You can find out if your personal information is on the web with Experian's Personal Privacy Scan. This service scans your information online and can help protect you from robocalls and other phishing attempts by showing you where your information is exposed.
While phishing, smishing, and vishing scams are unlikely to go away any time soon, these simple steps can help you protect yourself.
What financial information do I need to protect?
The financial information that I must protect is the following:
Username and password of the Online banking or Mobile banking
Debit card PIN, to use the ATMs
Card number, expiration date and credit card security code
Social Security number
How to detect a deceptive email?
Deceptive emails have some characteristics in common:
Grammar and spelling errors
Colloquial words that suggest a lack of professionalism
Strange file attachments
Asks you to click a link or provide information
The email has a strange domain that does not match the message
How can I stay alert to the use of my cards?
Through the SecurLOCK™ application you can monitor the use of your cards by setting spending limits. For any purchase over the limit you have set you will receive instant notifications, in case it turns out that it is not you and your card has been stolen. If that's the case, the same app gives you the option to deactivate the cards instantly to avoid further unwanted spending.
What to do if you lose your mobile phone?
If you have lost your smartphone or mobile device, immediately follow these steps:
Alert your mobile operator
Let us know at 787.620.0000 for Puerto Rico, Toll Free 1.800.5554 for US Virgin Islands or through our chat at orientalbank.com.
Change any username and password that may have been stored on your mobile device
If you're using any cloud-based services, sign in to them and disable remote access and alerts for any mobile apps you've linked to your missing phone or device.
File a police report, if necessary.
The best way to defend a lost smartphone or any other mobile device against intruders is to take precautions while the phone is in your possession. This includes taking steps like protecting your data with a PIN or fingerprint login (biometrics), and enabling remote phone lookup and data wipe features.