Protecting yourself begins with understanding how identity theft works
It’s a different world. We can become victims without ever seeing our attackers—and lose something more valuable than money: our identity. Identity theft (ID theft) occurs when someone assumes another person's personal identifying information (e.g., a name, Social Security number, or date of birth) with the intent of committing fraud. It’s been said that ID theft is the largest growing crime in America, with new methods turning up constantly.
Your identity can be stolen in a variety of ways:
Loss or theft of your wallet, purse, or credit card
Mail theft
Skimming information from the magnetic strip on credit or debit cards
"Dumpster diving"
"Shoulder surfing"—spying your PIN or password over your shoulder
Eavesdropping
Scam phone calls soliciting personal or financial information
Phishing emails and spyware
Computer hacking
Protect yourself
Here’s what you can do to try to prevent identity theft and fraud
Do not carry your Social Security card in your wallet
Do not have your Social Security number or driver's license number printed on your checks
Avoid giving out your Social Security number unless it is absolutely necessary
Beware of giving information to anyone over the telephone or Internet unless you initiate the call
Shred any documents with account numbers or other personal data you are throwing out and any pre-approved credit offers, ideally with a micro-cut shredder
Watch for regular monthly bills that aren't delivered. Stolen mail is one way to obtain sensitive information
Do not leave mail for pickup at an unlocked mailbox
Check your credit report at least once a year to identify accounts that may have been opened in your name without your knowledge. You can get a copy of your credit report at www.annualcreditreport.com every 12 months. Members of Fifth Third Identity Alert® and Fifth Third Identity Alert Premium® can receive notice of any changes to their credit report information
Monitor your online financial accounts frequently and check your credit card statements as soon as they arrive to ensure you made all of the charges listed
Never write your full credit card number on a check. Instead, write "ends in" and the last four digits of the credit card number
Sign your new debit and credit cards promptly
Do not keep personal identification numbers (PINs) attached to credit, debit, or ATM cards
Keep your Social Security card, passport, birth certificate, and other important cards and documents in a locked location
Protect your computer with a firewall and other security related software, and keep this software up-to-date
When disposing of an old computer, be sure to wipe or destroy the hard drive first, using special software designed for this purpose
If you are a member of a military service unit who is on active duty, consider placing an active duty alert on your credit report. The active duty alert can prevent prescreened offers of credit and insurance being sent while you are away on active duty
Consider purchasing an identity theft protection service such as Fifth Third Identity Alert® or Fifth Third Identity Alert Premium® to add another layer of protection for your accounts and your personal information
React quickly
If you should become a victim of ID theft, it’s important that you act quickly to stop further damage to your name. Here are the steps you can take:
If you have a Fifth Third Enhanced Checking account or are a Fifth Third ID Alert member, work with a Resolution Specialist to resolve your identity theft related issues. To contact a Resolution Specialist, call 866-797-8451
Contact the financial institution(s) or the companies where the information about you has been used and let them know you are a victim of identity theft
Contact the credit reporting agencies to report the identity theft and request they place a fraud alert on your account. You only need to contact one. The first agency you contact will contact the other two. The credit reporting agencies are:
www.equifax.com - 800-525-6285
www.experian.com – 888-397-3742
www.transunion.com – 800-680-7289
Contact the police department to report the crime. Be sure to request a copy of the report
Contact the Federal Trade Commission at www.consumer.gov/idtheft to make a report and review their helpful hints for dealing with identity theft
Keep good records including who you talk to, summaries of conversations, and documentary evidence of the crime
Be on guard
Phishing occurs when a fraudster impersonates a legitimate company or organization using email, faxes, and/or websites in an attempt to lure recipients into revealing confidential information. Quite often, the tone of the email is urgent, leading recipients to believe there is something wrong with their account. They are urged to take immediate action, which often includes opening an attachment or clicking on an embedded link to go to the "company's" website to update, verify, or review account information. When the victim logs in or enters confidential information, they are actually giving it directly to the criminals. Vishing (voice phishing using the phone) and SMiShing (phishing via text messages) are two newer, but just as dangerous, forms of phishing that consumers and businesses need to be aware of. The scams are the same, but the technology used is different. Some of the signs you should look for:
Attackers urge the recipient to click on the link (phishing and SMiShing) or call a telephone number (vishing and SMiShing) to update or verify account information, reactivate an account, or cancel an order
Attackers convey a sense of urgency and often mention negative consequences for failing to respond
Attacks are not consistent with other email, telephone, or text messages from the business
Messages do not contain any personalization that shows the sender knows something about the recipient's account (e.g., the recipient's name, the last four digits of their account number, or other information)
Attacks often contain spelling errors and bad grammar
Attacks using SMiShing often indicate the message came from the number "5000" instead of displaying an actual telephone number
Messages often claim the user has ordered something that they never ordered
Protect your computer
Malware or "malicious software" is designed to infiltrate or damage a computer system without the owner's knowledge or informed consent. The term “malware” covers a host of software including computer viruses, worms, Trojan horses, spyware, and other malicious software. Malware for personal smart phones and other mobile devices has now entered the market as well. As mobile devices continue to grow in popularity, so too will this form of malware. As a result of malware, users may find that their computers have become part of a botnet. A botnet is a collection of software robots, or bots, that run autonomously and automatically. Although the phishing attacks that lead to malware are designed to be nearly impossible to distinguish from legitimate email messages, there are some common signs you can look for:
Attackers urge the recipient to click on the link to update or verify account information, reactivate an account, or cancel an order
Attackers convey a sense of urgency and often mention negative consequences for failing to respond
Attacks are not consistent with other email messages from the business
Messages do not contain any personalization: the recipient's name, the last four digits of their account number, or other information that shows that the sender knows something about the recipient's account
Attacks often contain spelling errors and bad grammar
Messages often claim the user has ordered something that they never ordered
Keep your signature safe
Payment fraud occurs when an individual uses one of several payment devices (e.g., checks or credit cards) to conduct fraud and steal your money. They include:
Check fraud
Wire fraud
ACH fraud
Card fraud
Check fraud includes counterfeit checks, altered checks, and forged signatures. To protect yourself:
Keep your checks, deposit slips, and bank statements in a secure location
Review your statements closely and report any discrepancies to your bank immediately
Do not share your account number with anyone who does not need it
Destroy old checks, statements, ATM receipts, etc., before discarding
If you pay bills using checks that will be put in the mail, put them in a U.S. Postal Service blue box or bring them to the Post Office
Never sign a blank check
Do not endorse a check until you are ready to cash or deposit it
Do not put your Social Security number, driver’s license number, telephone number, or credit card number on your checks
Use a Uniball 207 gel pen (available at office supply stores, discount department stores, and some grocery stores) to write checks. The gel gets trapped in the paper and makes it much harder to wash than regular ink
Both wire and ACH (automated clearing house) transactions are forms of electronic fund transfers (EFTs). Wire and/or ACH fraud occur when a fraudster uses one of these transfer methods to obtain money based on false representation or promises. To protect yourself:
Monitor your accounts regularly for unauthorized transactions. Report any unauthorized transactions to your bank immediately
Do not share your online banking logon credentials (user ID and password) with anyone
Do not share your account number with anyone who does not need it
Never access your bank account using a public computer (e.g., at the library or a hotel business office)
Install a firewall on your computer to prevent unauthorized access
Install and run anti-virus and anti-spyware software on your computer and keep them up-to-date
Card fraud is theft or fraud committed using a credit or debit card. The fraudster may use the card to obtain products or services or to withdraw money from your account. To protect yourself:
Sign the back of your card as soon as you get it
Get online statements instead of paper statements that come in the mail
Check your statements as soon as you get them
Be sure any sites you put your card information into (e.g., online shopping sites) are secure. The URL should start with https, not http
Protect your cards like you would cash—try not to let them out of your sight
If your card is lost or stolen, notify your bank immediately
Shred credit card applications you may receive in the mail
Keep a record of account numbers, expiration dates, phone numbers, and addresses for each credit card in a secure place
Never give your credit card number over the phone unless you initiated the call and are dealing with a trusted source
Do not store your PIN with your credit/debit card
We’re helping to keep you safe with free security software
Helping you to safeguard your assets and data continues to be our top priority. For this reason, Fifth Third Bank is offering you Rapport—free security software from Trusteer, an expert in online security. Trusteer’s Rapport plug-in application is designed to detect malware intrusions and then provide protection to the computer’s browser, thus preserving sensitive information. Rapport works with your antivirus and firewall software, and is not designed to replace these valuable tools. Use the links below to download Rapport for your operating system:
Using your mobile device to check the balances of your accounts or to process a simple transaction is convenient and can save you time, but has its risks as well. To protect yourself you should:
Treat your mobile device with the same level of care as you would a credit card
Password-protect your mobile device with strong passwords
Store your mobile device in a safe place and use your mobile device’s auto-lock feature
If your mobile device supports device encryption, use it
Consider having a remote wiping system in case you lose your device or it gets stolen
Keep all your software current. This includes security, browser, operating system and all other applications
Do not send confidential information in email or text messages (e.g., account numbers)
Delete messages that contain account information, including account balances, and any alerts you receive on a regular basis
Only download information (photos, ring tones, video clips, etc.) from trusted sources, and only download mobile apps from official app stores. Google Play and Apple iTunes are the only app stores Fifth Third publishes apps to at this time
Follow the same rules you use on your computer with respect to opening email and attachments. Similar to phishing attacks on your computer, SMiShing attacks involve fraudsters using text messages with links or phone numbers to call on your mobile device
To confirm you are on the legitimate Fifth Third mobile login page before entering your user credentials, check the URL. It should be https://m.53.com/ib/#/login
If you are concerned about the sites you are accessing from your mobile device, turn on the "show URL" or "show address bar" option so that you can see the actual site addresses to ensure they start with "https." Check the information that came with your device for specific instructions
Install antivirus software on your mobile device. Contact your carrier for specific information on available antivirus software for your device
You are leaving a Fifth Third website and will be going to a website operated by a third party which is not affiliated with Fifth Third Bank. That site has a privacy policy and security practices that are different from that of the Fifth Third website. Fifth Third and its affiliates are not responsible for the content on third parties.