Recommendations for Online Fraud Victims

In the event the customer is a victim of fraud, there are a number of immediate recommendations they should take to help protect their financial interests. A few general suggestions include:

  • Immediately cease all activity from computer systems that may be compromised. Unplug the Ethernet or cable modem connections to isolate the system from remote access.
  • Immediately contact their financial institution so that the following actions may be taken as a priority to contain the incident:
    • Online access to the accounts be disabled.
    • Online Banking passwords changed.
    • New account(s) opened as appropriate.
    • Request the financial institution’s agent review all recent transactions and electronic authorizations on the account.
    • Additionally, ensure that no one has requested an address change, title change, PIN change or ordered new cards, checks or other account documents be sent to another address.
  • Customers can generally find customer service or fraud prevention contact telephone numbers on monthly statements. Recommending they have this information readily available will often facilitate a call.A customer suffering from fraud should file a police report with the local police department and provide the facts and circumstances surrounding the loss. Obtain a police report number with the date, time, department, location and officer’s name taking the report or involved in the subsequent investigation. Having a police report on file will often facilitate dealing with insurance companies, banks, and other establishments that may be the recipient of fraudulent activity. The police report may initiate a law enforcement investigation into the loss with the goal of identifying, arresting and prosecuting the offender and possibly recovering losses.
  • The customer should maintain a written chronology of what happened, what was lost and the steps the customer took to report the incident to the various agencies, banks and firms impacted. Be sure to record the date, time, contact telephone number, person spoken to, and any relevant report or reference number and instructions.
  • Realize that if the customer carries out personal online banking from the business computer system, there are also potential identify theft aspects to the compromise. Recommend the customer review the recommendation at the Federal Trade Commission’s Identity Theft website.
  • Dependent on law enforcement investigative and forensic considerations, recommend the customer have their network and systems reviewed by a qualified computer forensic/information security professional.

Information provided by NACHA and FS-ISAC (Financial Services Information Sharing and Analysis Center)