Identity theft happens when someone steals your identity and impersonates you in order to open credit or bank accounts, rent apartments, or engage in criminal acts. The victim may not know the fraud has occurred until they are unexpectedly turned down for a loan, they get a call from a collection agency about an account they never opened or, worse yet, get a call from the police about a crime they didn't commit.
On average, identity theft is discovered 14 months after the thief has wreaked havoc on the victim's credit standing. Identity thieves use a variety of ways to gain access to this personal information including:
No Mariner's Bank representative will ever ask you for personal information such as PINS, bank account numbers or social security numbers via the phone.
Some scammers attempt to commit fraud through fraudulent telephone calls posing as legitimate financial institutions and ask for your personal and account information.
Be wary of telephone scammers. If you receive a call from someone asking for personal and account information, call the company back using a phone number you know is legitimate. Here are some examples of recent fraudulent telephone activities:
No bank or legitimate business will request a customer to verify personal information such as PINs, bank account numbers or Social Security numbers over the phone.
Personal information that you should never release in a conversation not initiated by you includes:
If you should receive a phone call that you believe is fraudulent - note the name of the caller, the institution represented and contact information. The consumer should then contact said institution, using contact information gleaned from a different source like a bank statement, to verify the request. If the request was not legitimate, the incident should be reported to the police, the misrepresented institution and the consumer’s financial agencies.
If a consumer is ever in doubt about a request, they should immediately contact the police or their financial institution. Both agencies are well equipped to determine the legitimacy of the request and will be happy to offer assistance.
Phishing is by far the easiest way to steal login credentials for accessing secure online accounts. Various types of phishing allow fraudsters to copy the login page of any bank and set up a fraudulent website, in addition to creating malicious email messages and sending to customers with links that lead to these fraudulent websites.
There is a new variation of phishing attacks called 'in-session phishing,' which targets online banking sessions through a popup window posing as a legitimate message from the Bank.
A typical scenario would be as follows:
A user logs into their online banking account.
They might leave the browser open and navigate in another window to other websites.
A short time later a popup appears, allegedly from the bank, asking the user to retype their username and password because the session has expired, or to complete a satisfaction survey.
Since the user had already logged into the website, they don't suspect this popup is fraudulent and provide the requested details.
In order for 'in-session- attacks to work the following is required:
The first requirement is easier to achieve, since so many websites are compromised by criminals. Once a website is compromised, code is injected into website, showing no difference in appearance on the website making it very hard to detect. The second is harder to achieve, but not impossible. Once compromised website identifies a website to which the user is logged on, it can inject a popup message in the browser pretending to be from the legitimate website and ask for credentials and private information. If the user enters their credentials in the phony popup, the phisher then steals the login information.
Since this is a browser based attack, the best way to defend against this is to be aware and practice browser security including:
To learn more about identity theft and ways to protect yourself:
There have recently been an increasing number of attempts on the Internet to trick people into revealing sensitive and private information about themselves to con artists who use that information to defraud them. The latest scam, popularly called 'phishing', uses replicas of existing web pages to deceive users. These replicated pages prompt the user to enter personal, financial or password data. We encourage you to review this documentation which includes tips to protect your accounts.
They include a link to a website that appears to be a legitimate Mariner's Bank webpage, asking for personal information such as your ATM/Debit Card number and PIN. If you have received one of these unsolicited emails and provided confidential information through the linked website, you could be a victim of identity theft. If you believe this has happened to you, please call us at 1-201-224-9110.
As a customer of Mariner's Bank, the security of your personal and account information is extremely important to us. By practicing good security habits, you can help us ensure that your private information is protected.
Mariner's Bank account numbers or credit card numbers
Personal Identification Numbers (PIN) or passwords
Social Security Number
Mother’s maiden name
Or other private information
If you have any questions regarding emails or phone calls soliciting information about your Mariner's Bank accounts, call 1-201-224-9110.
If you receive an email claiming to be from Mariner's Bank, but which you suspect is aimed at defrauding you, contact your financial institution and the FBI's Internet Fraud Complaint Center at http://www.ic3.gov/.
Phishing is a term coined by Internet hackers who use email lures to 'fish' passwords and financial data from the world of Internet users. Email messages designed to look like they came from a merchant or financial institution are mailed to Internet users. The emails direct the recipient to update or provide information back to the company's web site by instructing the user to click on a URL embedded within the email. The embedded URL links the user to a counterfeit web site designed to look like the company's official website. Passwords and other personal information are then solicited and collected by the web site and used by the hacker to defraud the user.
To date, large financial institutions have been primary targets of these phishing scams. It is reasonable to expect that smaller financial institutions may also be targeted.
If you receive an email claiming to be from Mariner's Bank, but which you suspect is aimed at defrauding you, or suspect that you have already been 'hooked' into a phishing scheme and have divulged personal data in response to an e-mail solicitation, contact your financial institution and the FBI's Internet Fraud Complaint Center at http://www.ic3.gov/
If you think you've been a victim of identity theft, here's what to do now:
a. Contact Mariner's Bank at 1-201-224-9110.
b. Report a fraud alert on your credit report with the three major credit bureaus. Also request to review your credit reports for suspicious activity at that time.
P.O. Box 740241
Atlanta, GA 30374
National Consumer Assistance Center
P.O. Box 2002,
Alien, TX 75013
Consumer Disclosure Center
P.O. Box 1000
Chester, PA 19022
c. File a complaint with the Federal Trade Commission at http://www.ftc.gov/
You are now eligible to receive a free credit report each year from the three major credit bureaus.
Due to the increasing number of identity theft occurrences, it is important to review your credit report to make sure there are no accounts linked to your name that you did not authorize. With the new laws put into effect under the Fair and Accurate Credit Transactions Act (FACT Act), you now have the ability to obtain a credit report, annually, from each of the three nationwide consumer credit reporting companies: Experian, Equifax, and Trans Union.
The website, http://www.annualcreditreport.com/, provides a streamlined process for obtaining your credit report from each of the three credit bureaus. By visiting this website, you will find instructions for requesting your credit reports online, by telephone or by mail.