Fraud Awareness
ATM Fraud
Do not fall prey to ATM skimming scams. Scammers can quickly read a card’s information and use it to access your account fraudulently. With a small device, your card’s information gets stored so that criminals can easily use it at a later time.
Skimmers may be installed on ATM machines, resembling the machine itself. A small device goes over the normal card reading slot and reads your card’s magnetic stripe. Skimmers can also be handheld devices that a dishonest merchant can keep in his or her pocket. When charging your card while you are out at dinner, for example, a scammer can run your card through a skimmer as well.

Equipment being installed on the front of an existing bank card slot.

The equipment as it appears installed over the normal ATM bank slot.

The PIN reading camera being installed on the ATM is housed in an innocent looking leaflet enclosure.

The camera is installed and ready to capture PINs by looking down on the keypad as you enter your PIN.
Organized criminals are installing equipment on legitimate bank ATMs to steal both the ATM card number and the PIN. The equipment used to capture your ATM card number and PIN is cleverly disguised to look like normal ATM equipment. At the same time, a wireless camera is disguised to look like a leaflet holder and is mounted in a position to view ATM PIN entries. The criminals sit nearby in a car receiving the information transmitted wirelessly from the equipment they install (see photos). The thieves copy the cards and use the PIN numbers to withdraw thousands from many accounts in a very short time.
If you see an attachment like this, do not use the ATM and report it immediately to the bank using the phone number on the front of the ATM.
Phishing Scams
Phishing is a new twist on an old telemarketing scam, but uses e-mail. These criminals send e-mails to millions of people hoping that even a few will give away valuable information such as their usernames, passwords or credit card numbers. The criminal then uses this information to steal the victim’s identity. To avoid becoming the victim of a phishing scam, Banc of California offers the following tips:
- Do not click on links within an email unless you are sure of the sender. Many phishing emails include company logos or appear to come from government agencies, and appear legitimate. However, the links take you to a fraudulent website that has been set up to look and feel just like the legitimate site. Check the URL carefully for differences in spelling, or go directly to a known website without the link. You may often find an alert on the legitimate site warning that a phishing email has been circulated by fraudsters.
- Never give out your personal or financial information in response to an unsolicited phone call, fax or email, no matter how official it may seem.
- Do not respond to emails that may warn of dire consequences unless you validate your information immediately. Contact the company to confirm the e-mail’s validity using a telephone number or web address you know to be genuine.
- Check your credit card and bank account statements regularly and look for unauthorized transactions, even small ones. Some thieves use small transactions in hopes that they will go unnoticed. These small transactions are also used to test the bank account and routing numbers for future use. Report discrepancies immediately.
- When submitting financial information online, look for the padlock or key icon at the bottom of your Internet browser. Also, most secure Internet addresses, though not all, use “https” in the URL.
- If you are a victim of an online or email crime, immediately file a report with the Internet Crime Complaint Center referenced at the bottom of this page.
- For attempted fraud that did not result in the loss of money, you should file a complaint with the Federal Trade Commission. The FTC cannot resolve individual complaints but will share your complaint with local, state, federal, and foreign law enforcement partners. Your complaint might be used to investigate cases or in a legal proceeding.
- If you believe your banking information has been disclosed, contact Banc of California immediately so we can help protect your account and your identity. Forward phishing emails portraying to be Banc of California to InformationSecurity@bancofcal.com, then delete the email from your system. Click on the Phishing link below to take the OnGuard Online Phishing Quiz: https://www.consumer.ftc.gov/sites/default/files/games/off-site/ogol/phishing_quiz.html
When internet fraudsters impersonate a business to trick you into giving out your personal information, it is called phishing. Do not reply to the email, text or pop-up messages that ask for your personal or financial information. Do not click on any links within them either – even if the message seems to be from an organization you trust. Legitimate businesses do not ask for sensitive information through insecure channels.
Examples of Phishing Messages
Examples of phishing emails, texts, or pop-ups may have messages such as:
“We suspect an unauthorized transaction has occurred on your account. To help ensure that your account is not compromised, please click the link below and confirm your identity.”
“During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.”
“Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.”
When sending these types of messages, the senders are phishing for your information so they can use it to commit fraud.
How to Deal with Phishing Scams
Delete email and text messages that ask you to confirm or provide personal information (credit card and bank account numbers, Social Security numbers, passwords, etc.).
The messages may appear to be from organizations you do business with – banks, for example. They might threaten to close your account or take other action if you do not respond.
Do not reply or click on links or call phone numbers provided in the message, either. These messages direct you to spoof sites – sites that look real but whose purpose is to steal your information so a scammer can run up bills or commit crimes in your name.
Area codes can mislead, too. Some scammers ask you to call a phone number to update your account or access a “refund.” But a local area code does not guarantee that the caller is local.
If you are concerned about your account or need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card.
Action Steps
You can take steps to avoid a phishing attack:
- Do not email personal or financial information. Email is not a secure method of transmitting personal information.
- Only provide personal or financial information through an organization’s website if you typed in the web address yourself and you see signals that the site is secure, like a URL that begins https (the “s” stands for secure). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
- Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call to confirm your billing address and account balances.
- Be cautious about opening attachments and downloading files from emails, regardless of who sent them. These files can contain viruses or other malware that can weaken your computer’s security.
Tax Scams
Videos: Tax Scams Warning I, Tax Scams Warning II
Tax Refund Scam Artists Posing as Taxpayer Advocacy Panel
A new email scam targeting taxpayers has emerged. According to the Taxpayer Advocacy Panel (TAP), taxpayers are receiving emails that appear to be from TAP about a tax refund. These emails are a phishing scam, where unsolicited emails which seem to come from legitimate organizations — but are really from scammers — try to trick unsuspecting victims into providing personal and financial information. Do not respond or click the links in them. If you receive an email that appears to be from TAP regarding your personal tax information, please forward it to phishing@irs.gov and note that it seems to be a scam email phishing for your information.
TAP is a volunteer board that advises the IRS on systemic issues affecting taxpayers. It never requests and does not have access to, any taxpayer’s personal and financial information such as Social Security and PIN numbers or passwords and similar information for credit cards, banks or other financial institutions.
IRS-Impersonation Telephone Scam
An aggressive and sophisticated phone scam targeting taxpayers, including recent immigrants, has been making the rounds throughout the country. Callers claim to be employees of the IRS, but are not. These con artists can sound convincing when they call. They use fake names and bogus IRS identification badge numbers. They may know a lot about their targets, and they usually alter the caller ID to make it look like the IRS is calling.
Victims are told they owe money to the IRS and it must be paid promptly through a pre-loaded debit card or wire transfer. If the victim refuses to cooperate, they are then threatened with arrest, deportation or suspension of a business or driver’s license. In many cases, the caller becomes hostile and insulting. Or victims may be told they have a refund due to try to trick them into sharing private information. If the phone isn’t answered, the scammers often leave an “urgent” callback request.
Note that the IRS will never: 1) call to demand immediate payment, nor will the agency call about taxes owed without first having mailed you a bill; 2) demand that you pay taxes without giving you the opportunity to question or appeal the amount they say you owe; 3) require you to use a specific payment method for your taxes, such as a prepaid debit card; 4) ask for credit or debit card numbers over the phone; or 5) threaten to bring in local police or other law-enforcement groups to have you arrested for not paying.
Aggressive and threatening phone calls by criminals impersonating IRS agents remain a major threat to taxpayers, but now the IRS is receiving new reports of scammers calling under the guise of verifying tax return information over the phone.
Scam artists call saying they have your tax return, and they just need to verify a few details to process your return. The scam tries to get you to give up personal information such as a Social Security number or personal financial information, such as bank numbers or credit cards.
E-mail, Phishing and Malware Schemes
The IRS saw an approximate 400 percent surge in phishing and malware incidents in the 2016 tax season.
The emails are designed to trick taxpayers into thinking these are official communications from the IRS or others in the tax industry, including tax software companies. The phishing schemes can ask taxpayers about a wide range of topics. E-mails can seek information related to refunds, filing status, confirming personal information, ordering transcripts and verifying PIN information.
Variations of these scams can be seen via text messages, and the communications are being reported in every section of the country.
When people click on these email links, they are taken to sites designed to imitate an official-looking website, such as IRS.gov. The sites ask for Social Security numbers and other personal information, which could be used to help file false tax returns. The sites also may carry malware, which can infect people’s computers and allow criminals to access your files or track your keystrokes to gain information.
Mortgage Fraud
Mortgage fraud continues to be one of the fastest-growing crimes in the United States. Traditional mortgage fraud includes situations in which consumers, lenders, brokers or real estate agents falsify information to obtain a mortgage. Consumers should never sign mortgage documents that have incomplete or inaccurate information.
If you have any information regarding suspected mortgage fraud, please contact us at 877-770-BANC (2262).