Capital One Compromise and Cardholder Fraud Education

Fraudsters have become increasingly adept at getting cardholders to share the information they need to commit fraud by posing as financial institution call center agents, or by sending text messages that look like they are coming from your institution, warning of suspicious transaction activities. They are also known to call in to call centers posing as cardholders requesting changes to card information and parameters.

The fraudsters do this by using information stolen through data breaches at health insurance providers, reward program providers, credit bureaus, merchant terminals, and social media sites, as well as through malware programs deployed on personal computers, to mention just a few. Stolen personally identifiable information (PII) is combined with stolen card information, resulting in sufficient information to create profiles that fraudsters can use to position themselves as the actual cardholders.

We are providing the following points to help you avoid compromising your personal information and keeping your information safe – even when dealing with someone you think is from PennCrest BANK®.

• A text alert from us warning of suspicious activity on your card will NEVER include a link to be clicked. Never click on a link in a text message that is supposedly from us. A valid notification will provide information about the suspect transaction and ask the cardholder to reply to the text message with answers such as ‘yes’, ‘no’, ‘help’, or ‘stop’. It will never include a link.

• A text alert from us will always be from a 5-digit number and NOT a 10-digit number resembling a phone number. Text caller IDs will be 20733.

• A phone call from our institution’s automated dialer will only include a request for your zip code, and no other personal information, unless you confirm that a transaction is fraudulent. Only then will you be transferred to an agent who will ask questions to confirm that you are the actual cardholder before going through your transactions with you. If at any point you are uncertain about questions being asked or the call itself, hang up and call us directly at 888-716-7587.

• We will NEVER ask you for your PIN or the 3-digit security code on the back of your card. Don’t give them out to anyone, no matter what they say. Hang up and call us directly. Fraudsters will often ask cardholders to verify fake transactions. When the cardholder says no, they did not perform those transactions, the fraudster then says that their card will be blocked, a new card will be issued, and that they need the card’s PIN to put it on the new card. Many people believe this and provide their PIN. The 3-digit CV2 code on the back of the card will allow a fraudster to conduct card-not-present transactions.

• Regularly check your account online to see if there are any suspicious transactions that have occurred, but especially If you are unsure about a call or text message you’ve received. If anything looks amiss, call us directly for assistance at 888-716-7587.

• If you have received a voice- or a text-message from us and are unsure about responding to it, call us directly for assistance at 888-716-7587.

We hope you find these tips useful.  Should you have any questions about this alert, your account or your card, please reach out to your local office or contact us at 888-716-8587.