Security & Fraud Center

Be vigilant in the fight against fraud
Contact Us

Knowledge is the key to identifying threats and preventing damage.

Xenith provides educational materials, tips and security technologies to help you understand our role and yours in fraud protection.


Fraud and identity theft can disrupt your finances and create stress. Here's what to keep in mind to help safeguard your sensitive data.

Personal Fraud Tips and Prevention:

Safeguard your email

Email is often a vehicle used to transmit malware and commit fraud. It is important to evaluate your email behaviors and develop good habits to help protect your computer and your identity. In addition to viruses and worms that can be transmitted via email, phishing also threatens email users. A type of email fraud, phishing occurs when a perpetrator, posing as a legitimate, trustworthy business, attempts to acquire sensitive information like passwords or financial information.

  • Never open or respond to SPAM (unsolicited bulk email messages).
  • Delete all spam without opening it. Responding to spam only confirms your email address to the spammer, which can actually intensify the problem.
  • Never click on links within an email. It's safer to retype the web address than to click on it from within the body of the email.
  • Don't open attachments from strangers. If you do not know the sender or are not expecting the attachment, delete it.

Don't open attachments with odd filename extensions.

Most computer files use filename extensions such as ".doc" for documents or ".jpg" for images. If a file has a double extension, like "heythere.doc.pif," it is highly likely that this is a dangerous file and should never be opened. In addition, do not open email attachments that have file endings of .exe, .pif, or .vbs. These are filename extensions for executable files and could be dangerous if opened.

Never give out your email address or sensitive information to unknown web sites.

If you don't know the reputation of a web site, don't assume you can trust it. Many web sites sell email addresses or may be careless with your personal information. Be wary of providing any information that can be used by others for fraudulent purposes.

Never provide sensitive information in email.

Forged emails purporting to be from your financial institution or favorite online store is a popular trick used by criminals to extract personal information for fraud.

Don't believe the hype.

Many fraudulent emails contain urgent messages that claim your account will be closed if sensitive information isn't immediately provided, or that important security needs to be updated online. Your financial institution will never use this method to alert you of an account problem.

Be aware of poor design, and/or bad grammar and spelling.

A tell-tale sign of a fraudulent email or web site includes typos and grammar errors as well as unprofessional design layout and quality. Delete them immediately.

Detection

Check your credit report annually

The best way to detect evidence of identity theft is to review your credit report. Annualcreditreport.com provides a free copy of your credit report once every 12 months from each of the three nationwide consumer credit reporting agencies: Equifax, Experian and TransUnion. Requests may be made by phone, mail or online.

Be aware of your finances

Take advantage of available resources to ensure you know where your money is. Be sure to set up email alerts so you know when payments are happening. Review your online bank statements every month. And every time you log on to Online Banking, take a look at the "last login" line. A date discrepancy or unsuccessful login could indicate unauthorized logins or login attempts. If you see a log in or failed log in that you do not recognize, contact your local branch immediately to report this activity.

Prevention

Criminals have become sophisticated and cunning in finding areas of vulnerabilities within business operations such as yours. To combat some of the recent scams we have seen with other businesses, we would like to offer you some thoughtful suggestions that will hopefully minimize the possibility of fraud destroying or interrupting your business.

  1. Store your checks, deposit slips, bank statements and canceled checks in a secure and locked location. Never leave your checkbook open in your office or in a vehicle.
  2. Consider a dual process or a double check. You may split responsibilities between individuals who prepare checks, sign checks, and reconcile your account to the extent possible.
  3. Never give your account number to people you do not know, especially over the telephone. Be particularly aware of unsolicited phone sales. Fraud artists can use your account without your authorization and you may end up being responsible.
  4. Unless needed for tax purpose, shred old canceled checks, account statements, deposit tickets, and ATM receipts. The personal information on these items may help someone impersonate you and take money from your account.
  5. Lock your facility each night. Ensure that locks are effective for windows and doors. Lighting and landscaping should deter burglars. Change the locks on your facility when an employee leaves your place of employment.

Given that each business has a unique operating environment, there are risks and controls associated with online banking that a business manager should be aware. To learn more about how to reduce these risks, please contact us and our Treasury Services team will provide a customized evaluation.

Detection

  1. Reconcile your bank statement upon receipt in order to detect any irregularities. Otherwise, you may become liable for any losses due to check fraud.
  2. Review and understand transactions within your account statement upon receipt, if you do not reconcile your business accounts yourself. You are liable for your agent or bookkeepers actions.
  3. When you receive your check order, make sure all of the checks are there, and that none are missing. Report missing checks to us at once.
  4. If your business is burglarized, check your supply of checks to determine if any have been stolen. Look closely, because thieves will sometimes take only one or two checks from the middle or back of the book.

Please take a few minutes to assess your current situation. Look for areas where someone can get access to your personal account information and take advantage of you and your business. If you would like to discuss this or other topics of interest, please feel free to contact your local banking representative.

Different fraud tactics all share the same goal: to obtain your personal, confidential and financial information for fraudulent use. From obtaining your information "the old fashioned way" via discarded mail, to emails that ask you to verify personal information under the guise of a trusted source - like your financial institution - fraudulent activity comes in many different forms.

Identify Theft

The term identity theft refers to the use of a consumer's identifying information (such as your name, social security number, date of birth, and other sensitive identifying numbers) by another person, without authorization, and with the intent of committing fraud. The theft of sensitive personal information may result in considerable harm including financial loss, to the victim as well as adversely impacting other persons or entities which accepted the fraudulent information in the process of providing a product or service to the identify thief.

Be careful about providing personal information. Only provide information to reputable companies or persons that have a need to know. Review credit card and bank statements upon receipt. Your bank would not initiate a call to you asking for your Social Security number, date of birth, and other sensitive identifying numbers such as a PIN or account number because it would already have your personal information within bank records. If you ever question the authenticity of a request for information, please verify the legitimacy of the request. To learn more about identity theft please visit the Federal Trade Commission’s website.

Advance Fee or Nigerian Letters

Advance fee scams occur when you receive a communication such as a letter, fax, or email that requires you to pay a fee up front or in advance of receipt of any goods or services including money. A particular type of advance fee scam is commonly referred to as the Nigerian 419 advance fee scam. In this scam, a person pretends to be a Nigerian official or business-person asking ordinary individuals like you and even companies to help move millions of dollars out of Nigeria in exchange for large sums of money.

Do not respond. If you think about it, why would anyone give you so much money (a percentage of millions) to establish an account? All these fraudsters want is your money - the check and your account number that you have sent in advance. Once the check is cashed, the money is gone and difficult if not impossible to recover. If you have suffered a financial loss from a Nigerian "Advance Fee Fraud" scheme, please contact your local U.S. Secret Service Field Office. If you have not lost any money, but received a solicitation, please send the information by email to spam@uce.gov. As always, if you receive a request such as this, please feel free to contact your bank representative for additional guidance.

Foreign Lotteries

The scam starts when you receive a call, an email, or a letter telling you that you've won a large sum of money in a foreign lottery (Canada, Australia, another country). To claim your "winnings," you'll have to provide your bank account number so your winnings may be deposited into your account. You're told you've won a sizeable lottery and are asked to wire a few thousand dollars to a "customs agent" to cover fees and taxes. After wiring the money, you may be contacted again and told to send even more money to collect your prize. Shortly thereafter, you receive a congratulatory letter in the mail along with a check for the winnings. You're instructed to deposit or cash the check, and then wire a portion of the funds to a third party to cover taxes and fees. The catch is that you think you are keeping the remaining money as your "lottery winnings." However, bad news arrives from your bank: the check was counterfeit and you now must repay what you spent of the deposit.

Do not send a check or attempt to wire any money for these lotteries. Again, this is the fraudster's attempt to get as much money as possible from you and move on. Keep in mind – if you sent the fraudster a personal check, they now have your account number. Additionally, according to federal law it's illegal to play a foreign lottery via mail or telephone. Please contact your local U.S. Secret Service Field Office or local Xenith branch if you have questions about a lottery communication that you've received.

Telemarketing

There are many legitimate companies that use the telephone for marketing to consumers and businesses. Unfortunately there are many consumers and businesses that lose millions of dollars to telemarketing fraud each year. One sure sign that something is wrong is when telemarketers ask for a fee upfront (it is also illegal). This occurs when the telemarketer claims that they can get you a credit card or loan, or that they can repair your credit for a fee. Watch out for a telemarketer that uses scare tactics or tries to intimidate you.

Don't give any of your personal information unless you have a very good reason to trust the caller. Know who you are dealing with. If you want to know more about a person or their business, take their name and number and check it out with your state or local consumer agency and the Better Business Bureau. You may also consider placing your number on the National Do Not Call Registry to stop most telemarketing calls. "Just like any other situation, if you aren't sure, just say no.".

Sweepstakes

The scam starts as a notification that you have just won a sweepstakes, prize, car, boat, jewelry, etc. Upon notification, you are informed that you must first pay a fee to claim your prize. Legitimate sweepstakes do not require you to pay for handling, insurance, taxes and the like to claim your prize.

You should never pay a fee to claim your prize. No legitimate sweepstakes company will ask for your bank account information. There are legitimate circumstances in which you may need to provide your social security number for tax reporting purposes; however, you should be absolutely sure that you actually entered the contest and that you are familiar with the company operating it. Do the necessary research about the sweepstakes and company before submitting any sensitive personal information.

Phishing

The fraudster uses unsolicited email (spam) to bait you into disclosing sensitive personal information such as your social security number, bank account, credit or debit card numbers, PINs (personal identification numbers) and passwords. The email may appear to be from a legitimate business. The request is to update or validate billing account information. There is usually a threat attached such as: "Failure to do so may terminate your relationship." Thus, consumers submit their personal information to the imposter, who then uses that information to commit identity theft.

Do not click on links in the email or open attachments. Do a separate search on the company cited in the email. Contact the company directly if you have a concern about an email that you receive. Always avoid sharing personal or financial information unless you are sure of the website. One way you can do this is by looking for the "lock" icon on the browser's status bar before you submit. This means it is secure for transmission. If the email appears to be from Xenith and you believe it to be fraudulent forward the email to abuse@xenithbank.com. If you feel you are a victim of fraud due to a phishing email, please file a complaint at the Federal Trade Commission's website and contact your local branch immediately.

Counterfeit Cashier's Checks

A cashier's check is a check drawn on a bank using the bank's own funds. Cashier's checks are typically considered guaranteed funds and people use them to facilitate the purchase of goods and services, usually for large dollar amounts or if the seller wants additional assurances about the legitimacy of the funds. It has been a reliable method of payment. Unfortunately, technology has made it easier for fraudsters to use scanners and high quality printing to create a genuine-looking cashier's check. The loss occurs when the counterfeit check is deposited and the depositor uses those funds (believing the check is good); it can be returned and charged back to the depositor's account. The quality of counterfeits is so good that even bankers have a hard time telling the difference.

Consider if you know the person or business giving you the check. You may contact the bank that issued the check to determine if it is authentic. They would know the safe guards for their checks and if the check number has been issued. Research the bank to be sure that you have a good phone number - don't rely on the number listed on the check. If you are not comfortable with the transaction/person/business, you may be better off not moving forward with it. You could also seek another form of payment such as a wire. Remember, if it sounds too good to be true, it is!

The following sites are not associated with Xenith, but are excellent resources about fraud.

  1. Annual Credit Report - Request your free annual credit report. It's quick, easy and secure.
  2. Equifax - A nationwide consumer credit reporting agency.
  3. Experian - A nationwide consumer credit reporting agency.
  4. TransUnion - A nationwide consumer credit reporting agency.
  5. Onguard Online - Tips from the federal government on how to protect your personal information.
  6. Federal Trade Commission (FTC) ID Theft Homepage - Learn about identity theft.
  7. FDIC VIDEO - Don't be an on-line victim: How to guard against Internet thieves and Electronic Scams.
  8. American Bankers Association - Fraud and Security Solutions and Resources.
  9. Stop | Think | Connect - A resource developed by the Anti-Phishing Working Group (APWG) and National Cyber Security Alliance (NCSA).
  10. Federal Trade Commission (FTC) Identity Theft Home. Your National Resource for Identity Theft.
  11. FDIC Consumer Information. Federal Deposit Insurance Corporation quick links for consumers.
  12. National Cyber Security Alliance. The National Cyber Security Alliance (NCSA) is a public-private partnership focused on promoting cyber security and safe behavior online.
  13. Small Business Center: Security Toolkit. Every business needs a security plan. The U.S. Chamber of Commerce has partnered with Microsoft to create a comprehensive resource of tips and how-to information that can be used to protect your computers and your business.

Read more about affordable identity theft protection packages.