Security Center

The Latest FDIC Consumer News:

FDIC Consumer News

Consumer Scams and Alerts:

Most Recent Scams Targeting Businesses:

Identity Theft can happen to anyone, anywhere. Many people think that consumers are the only targets for identity theft, but businesses are also a favorite target for scam artists. Whether you are worried about your personal or business information, the material on this page will help educate you on how to recognize a scam, how to avoid being a victim of Identity Theft, and what to do if your financial information becomes compromised.

General Information

What are some ways that a thief can use to steal an identity?

There are many different scams, but they are commonly called one of the following:

  • Phishing
  • Pharming
  • Smishing
  • Vishing
  • Spoofing

What is Phishing?

"Phishing” is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a website where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The website, however, is bogus and set up only to steal the user’s information.
Customers are often recipients of fraudulent notices that appear to come from their local bank. The customer sees headings like “Danger” or “Security Account Notice” or “(Bank name) security notice” and click onto what they believe to be the bank’s web site. Instead, the customer is switched to a bogus server run by the phishers. The phishers take the bank customer’s login information and empty the account. A number of these phony programs originate in Brazil, others have been found coming from Mexico and Israel.

What is Pharming?

When a hacker goes “pharming” the aim is to redirect a website’s traffic to another, bogus website. Businesses are concerned about “pharming” because it is a threat to e-commerce and online banking services. Customers want to go to a particular website, but the “pharmer” moves the victim to a fraudulent website and obtains confidential information.

What is Smishing?

This is a text message on your phone. Victims are directed to a bogus website or asked for personal information.

What is Vishing?

“Vishing” is tricking people to call a telephone number where they then give out personal information.

What is Spoofing?

Someone is “spoofed” when their phone shows a phone caller id pretending to be a legitimate business or financial institution.

Other low-tech ways my identity can be stolen.

While most people think phishing and pharming scams are making them very vulnerable, ID thieves have found that low-tech methods are still very effective. A new study by Javelin Strategy and Research of San Francisco found the ID thieves have gone back to tried and true methods. Their findings showed that the biggest scources of Identity Theft are:

  • 33 percent from theft of wallet, check or credit card
  • 23 percent from in-store, mail or telephone purchases
  • 17 percent from friends, relatives or in-home employees
  • 8 percent from computer viruses, hackers, spyware
  • 7 percent from data breaches
  • 6 percent from stolen paper mail

Helpful Hints

“Phive” Things you can do to “Phight” Phishing

  1. Never divulge personal information in response to an unsolicited call, letter or e-mail. Just having information about your checking account may be enough for a thief to obtain a bank draft that deducts funds from your account. So unless you initiate the contact with another party and you know it’s reputable, don’t provide details such as your Social Security Number, bank account and credit card numbers, personal identification numbers, date of birth, or your mother’s maiden name.
  2. Thoroughly check out any offer before agreeing to anything. Always get key details in writing. Carefully read all the documentation, including the fine print in applications and contracts, to understand your potential costs, risks and requirements. Don’t just rely on what a sales person tells you or what’s printed in promotional literature. Ask friends and family what they think.
  3. Try to deal only with businesses you already know or that have been recommended by someone you trust. This minimizes the chance that you may be lured in by a high-cost company or a shady marketer, perhaps even a con artist. When in doubt, start with your state or local consumer protection office (listed in the blue pages of your phone book) and ask where to go for information on whether a service provider is properly licensed to do business and whether there are complaints or rule violations tied to this company. Another resource for complaints against a company is the Better Business Bureau.
    For guidance on whether a bank is legitimate, you can call the FDIC’s toll-free consumer assistance line (1-877- ASK-FDIC, which is 1-877-275-3342.)
  4. Assume that any offer that “sounds too good to be true” - especially one from a stranger or an unfamiliar company - is probably a fraud. Common examples include:
    • A telephone call or a letter notifying you of winning a lottery or a sweepstakes that you don’t remember entering, and you are told to pay “taxes” or “fees” before you can claim your prize.
    • You receive an unexpected check in the mail, and you are told to deposit it, and send a “processing fee” to the sender.
    • A promise of an investment paying significantly above market rates.
    • A fake job offer that promises to pay a lot for doing very little (such as stuffing packages or envelopes at home) and may involve handling or wiring money. “The crooks mostly want to learn your Social Security Number from your application or they want you to deposit a fraudulent check and then wire money to them out of your bank account,” says Michael Benardo, manager of the FDIC’s financial crimes section.
    • An Internet friendship or romance that soon leads to pleas for money and secrecy.
  5. Know the other signs of a scam. In general, any story that grabs your attention and emotions and then forces you to act quickly - before you have time to think rationally - may be part of a con game.

Tips to Avoid Becoming a Victim

  • St. Johns Bank will never send an email requesting you to click on a link to sign in to your account or to call a phone number to provide private information.
  • Whenever you sign in to your NetConnect Online Banking account, always use your normal process (e.g. your Favorites link or our homepage link). Do not use a link sent in an email.
  • If you receive a suspicious email or phone call, do not hesitate to call us to ask us about it. We do not mind looking into the matter for you.
  • If you call us, you should use our main phone numbers (314) 428-1000, (314) 428-1059 or (636) 939-3495. Do not use a phone number sent to you in an email or left on an answering machine.
  • If we call you and you want to be sure that the phone call is legitimate, ask us for our name and tell us that you will need to call us back (using one of our main phone numbers). We do not mind if you take this extra step to protect your information.
  • Be suspicious of any unanticipated emails that request you to open an attachment. These may be actually installing a keystroke logging virus on your computer.