A hand pointing to the words Fraud Prevention on a digital screen.

Fraud Help


Fraud Reporting Information

If you suspect fraudulent activity, immediately contact the following:
 
 
         WSB Deposit Operations: 315-836-8450
 
         Federal Trade Commission (FTC):
 
1-877-FTC-HELP (382-4357)

        To Report Identity Theft: 

 
         Adult Services Helpline: 
 
1-844-697-3505

Staying Safe from Scams and Fraud

Leaving yourself vulnerable to a scammer’s ill intentions can have devastating effects. At WSB, your safety and security is our priority. Knowing how to protect yourself from cybercriminals and online threats has never been more important. We’ve put together a quick guide to help you identify, prevent, and report scams and fraud. 
 
 
 
 

 

Protecting Yourself from Fraud

What Is Phishing?

Phishing is the fraudulent practice of manipulation and deception where scammers pretend to be reputable entities in an effort to trick you into giving them access to your personal information.  They do this through phone calls, emails, and texts which bait you divulging bank account numbers or other sensitive data, clicking links to fake websites, and even downloading and installing malicious software on your computer.

How Phishing Works

A phishing campaign typically starts with a message disguised to look like it’s from a legitimate sender, usually a company. While their goals may vary, scammers aim to steal your personal information or credentials in order to gain access to your accounts. A phishing message usually contains a sense of urgency in order to make you act. For example, they may threaten account suspension, money loss, or legal action unless you click on a link or call them. They may also send a message with the promise of money or an offer which seems too good to be true.

Unfortunately, victims of phishing scams typically don’t take the time to consider if the content in the message seems reasonable or verify that the source is legitimate.

How To Identify Phishing

The most successful phishing emails are carefully constructed to look identical to messages received by well-known companies or senders. These messages are often difficult to distinguish from real emails. Keep an eye out for these red flags when scanning your inbox for phishing scams:

  • Be cautious with unsolicited emails: Be especially careful with emails when they contain a link they want you to click. Never click a link in an unsolicited email. That’s how scammers get you to leave the digital door to your personal information wide open.
  • False Sense of Urgency: If an email demands that you act quickly, or presents a limited-time opportunity that failure to claim will result in a severe, negative action, take your time to read and understand the message. A reputable organization, including government entities, will not contact you via email threatening a consequence if you do not comply with the message guidelines.  Call the sender’s business directly to discuss the email message using a verifiable phone number, never reply to these emails or use the contact information within the message.
  • Attractive, “To-Good-To-Be-True” Offers: If an email is promising you something too good to be true, it probably is. These attractive offers are designed to immediately grab your attention and detract from other details within the message. If you are offered a large sum of money, a new phone, vacation, car, or other prizes, verify the sender or just ignore the message.
  • Fake Hyperlinks: If an email looks suspicious, ensure that any websites or links provided are going to a safe website. Or skip clicking on email links completely and visit the entity’s website you are familiar with. A common tactic used by phishing scammers is link manipulation where a malicious hyperlink is inserted to look like it belongs to the organization sending the email. Often these fake URLs will be misspelled to deceive you. Other times, the fake link will be disguised as a text box, asking you to “Click Here.” Make sure to hover over the text box to view the actual web address.
  • Corrupt Attachments: If you received an attachment from a questionable email, do not open it without first confirming the documents with the sender. Similar to hyperlinks, attachments in phishing emails usually contain malicious viruses or ransomware.
Have you ever been contacted by someone "claiming" to be from WSB, or any other bank, asking you to provide your personal information?  We would never ask that.  We're your bank.  We already have that information.  Scammers are good at posing as your financial institution in order to get your information.
 

Visit Banks Never Ask That to learn what to watch for in emails, texts, phone calls, and payment apps to see if you’re being scammed.  While you’re there, take a look at their helpful videos to learn what banks never ask.

Surf and Shop Securely

When surfing or shopping, stick to popular or familiar sites. If you're unsure if the site you're buying from is legit, look at your browser's address bar. Never buy anything online from a site that doesn't display a lock icon near the URL. The lock icon indicates that the site has SSL (secure sockets layer) encryption installed. This means your data transfers are more secure than they are on an unencrypted site. Another way to tell if a site has SSL is to look for a URL that starts with https://, which is standard, even on non-shopping sites.

Use Unique Passwords

You may have an online account with many online retailers. If you've used the same password across multiple accounts, a cybercriminal who cracks that password will have access to all your accounts. Every account should have its own unique, strong password. Cybercriminals can use your email to access many of your personal accounts, leaving you vulnerable to identity theft. 

Use Strong Passwords

Weak passwords can be cracked in seconds. Avoid using the most common passwords that criminals can easily guess, such as sports teams, your pet or child’s name, or the word ‘password’. The longer and more unusual your password is, the harder it is for a cybercriminal to crack. Try using at least 12 characters that include uppercase and lowercase letters, numbers, and symbols. Think your password is strong enough?  Check it here.

Keep Your Devices Up To Date

Keep your phone, tablet and computer up to date. Software and app updates contain vital security updates to help protect your devices from cybercriminals. You should apply updates to your apps and your device's software as soon as they are available. Updates include protection from viruses and other kinds of malware and will often include improvements and new features. If you receive a prompt to update your device (or apps), don’t ignore it. Applying these updates is one of the most important (and quickest) things you can do to keep yourself safe online. You should also turn on 'automatic updates' in your device's settings, if available. This enables your device to apply updates automatically.

Take That Second Step

2-step verification (2SV), also known as two-factor authentication (2FA) or multi-factor authentication (MFA) helps keep cybercriminals out of your accounts, even if they know your passwords. Once set up, each time you log into your account you’ll be sent a PIN or code, often by SMS or email. You’ll then enter this PIN to prove that it's really you. There are different types of 2-step verification. So instead of entering a PIN or code, you may be able to use your fingerprint, or face scan. Whenever possible, take the time to set up 2-step verification on all your important accounts, even for those protected with strong passwords. It’s an extra step, but the protection it provides is well worth it.

Backing Up Your Data

Safeguard your most important data, such as your photos and key documents, by backing them up to an external hard drive or a cloud-based storage system. If you use cloud storage, a backup of your data is stored on the internet. If you use products from Apple, Google or Microsoft (such as Windows computers, Apple and Android phones and tablets), you'll probably have an amount of cloud storage space for free. This might be sufficient to save all your important files. As a rule of thumb, you should back up anything that you value. That is, anything that would inconvenience you - for whatever reason - if you could no longer access it.

Stay private while using public Wi-Fi

If you're shopping via a public hotspot, it’s a good idea to use a VPN. VPN stands for "virtual private network." Encrypting your data by routing it through a VPN server makes it harder for observers to identify you and track your movements online. No VPN provides total anonymity, but it can help improve the strength of your overall online privacy.

Identity Theft

Identity theft is a broad term that applies anytime someone steals your personal or financial information and uses it without your permission.

Identity thieves may attempt to steal your:

  • Name and address
  • Driver's license, passport or Social Security number
  • Credit card or bank account numbers
  • Health insurance account numbers

 

How to Protect Yourself from Identity Theft

We live in a digital world where your personal information is always at risk. While there's no surefire way to prevent all forms of identity theft completely, there are steps you can take to make it harder for criminals to access your information and use it for nefarious purposes.

 

If you suspect Identity Theft has happened to you or someone you know, Contact the Federal Trade Commission (FTC) at https://www.identitytheft.gov/Steps and follow their step-by-step guide to take action.

 
Tips on protecting yourself from identity theft

 

Safeguard Your Devices

Use strong passwords and fingerprint or facial recognition options, to secure your mobile devices and computers. Also, be sure to routinely check for and install regular software updates to your devices. Updates include software patches designed to close security gaps, so putting off updates can leave you vulnerable.

Use a Password Manager

It's not uncommon for people to have online accounts on numerous websites. A password manager can help ensure your login credentials for each account are strong and unique.

Protect Personal Documents

If possible, opt for Electronic Statements instead of paper statements on all of your accounts so you don't risk leaving sensitive information in your mailbox. Also, be sure to check your mail daily instead of leaving it exposed for days, and shred any documents that contain personal details once you no longer need them. 

Watch Out for Phishing Scams

If you receive an email or text message saying you owe money, telling you to open an attachment or asking for personal information, be skeptical. Check the sender's email address and the URL, and do not click any links in the message. If you think the message may be legitimate, contact the company separately using contact information on a bill or the company's website. 

Don't Share Information Over the Phone

If someone calls you and asks for personal or financial information, it could be a sure sign of fraud. Before providing any details, ask the caller for a callback number, then search for it online to see if it matches the customer service number of the company supposedly calling you. Keep in mind, WSB will not call you and ask for your personal information over the phone. 

Check Your Credit Reports Regularly

A credit report monitoring service, you can get real-time alerts when changes are made to your credit report making it easier to watch out for unfamiliar activity.

Be Vigilant When Online

When using public Wi-Fi networks, consider using a virtual private network (VPN) to keep your internet connection private and secure. Also, if you're visiting a website, check the URL to see if it's secure—the URL should start with HTTPS. Stick to using only websites you know are legitimate. 

Diligence Pays Off

Recognizing the signs of identity theft and taking steps to prevent it can save you heartache, stress and loss. As you monitor your credit regularly, watch out for suspicious transactions, accounts and notifications, and act fast when something is off. If you're diligent, you'll be in a better position to catch identity theft early before too much damage can be done.

Guard your personal information
Crooks pretending to be from companies you do business with may contact you via a call, email, or text claiming they need to verify your personal information. Don’t give it out. Be especially suspicious if someone claiming to be from a company with whom you have an account asks for information that the business already has.
 
Be cautious about unsolicited emails
We all receive unwanted emails we never signed up for. Be especially careful of these emails when they contain a link they want you to click. Never click a link in an unsolicited email. It could infect your computer with malicious software (malware) and leave the digital door to your personal information wide open.
 
Stay safe online
Be careful when shopping online. Keep to reputable sites that you know to be legitimate. Don’t send sensitive information such as credit card numbers by email because it’s not secure.  
 
Resist pressure
Be wary of anyone contacting you with a “too good to be true” offer or serious situation pressuring you act immediately. This is a pretty good indicator of a scam. Scammers like to scare or pressure you into taking immediate action threatening damaging consequences if you don’t. Always take time to thoroughly verify who is requesting the money before you pay up.
 
Know who you’re dealing with
In any transaction you conduct, make sure the seller, charity, company, or organization is credible. Be especially wary if they are unfamiliar to you. Always call the number found on a website’s contact information to make sure the number legitimately belongs to the entity you are dealing with, not their callback number.
 
Set up Transaction Alerts
Setting up a Transaction Alert inside digital banking for a specified dollar amount can help notify you of possible fraudulent activity on your account. Set the alert to trigger at an amount slightly greater than what you would usually spend in a day. That way, if a fraudster is making transactions on your account, you’ll be notified as soon as they try to spend that amount or more. The sooner you receive the alert; the sooner you can notify us of the fraudulent activity which gives us a greater chance of recovering your funds.
 





Protect Your Business from Fraud

Protecting Your Small Business

You work hard to grow your business, nurture customer relationships and ensure a stable future for your employees. Unfortunately, small businesses are prime targets for scammers because they often lack the extensive security protocols of larger companies.

The financial impact of scams on small businesses can be devastating. Unlike larger companies, small businesses may not have the resources or dedicated departments to detect and combat fraud. Falling victim to a scam could bring significant financial loss, disruption of business operations and damage to your reputation with customers, suppliers and other stakeholders. Protecting your small business from scams is crucial for ensuring both its short-term stability and long-term success.

 

Common Scams Targeting Small Business

Here are some of the most common scams that small business owners need to watch out for:

  • Phishing Emails. Phishing is a scam where fraudsters use email to impersonate legitimate entities, such as banks, vendors or government agencies, to trick you into providing sensitive information. These emails often look convincing and may contain fake invoices, tax notices or urgent requests for payment. Once the scammers gain access to your account credentials, they can steal money, valuable business data or even infect your system with malicious software (malware).
  • Fake Invoices and Overpayment Scams. In fake invoice scams, scammers send fraudulent invoices to your business for products or services you never ordered or received. They count on your busy schedule to pay the invoice without verifying its authenticity. Overpayment scams involve fraudsters sending a check for more than the agreed-upon amount, then asking you to refund the difference. The original check will bounce, leaving you with a financial loss.
  • Business Identity Theft. Business identity theft occurs when scammers steal your business's identity, including tax information and business registration numbers, to open lines of credit, apply for loans or commit other forms of financial fraud in your business's name. This can lead to serious financial problems and legal disputes, as the fraudulent activities may be attributed to your business.
  • Tech Support Scams. In tech support scams, scammers pose as IT professionals or service providers and claim that there is a problem with your company's computers or software. They convince you to provide remote access to your system or charge you for unnecessary repairs. This scam can result in stolen data, malware infections or unauthorized charges to your business.
  • Directory Listing and Advertising Scams. In this scam, fraudsters pose as directory or advertising companies, offering to list your business in an online directory or place advertisements. After your payment, however, you receive little to no service. These scammers often use high-pressure tactics to push businesses into paying for services they don’t need.
  • Vendor Compromises. Another common tactic for fraudsters is to compromise vendor email accounts and then use that account to pose as the vendor in order to trick you into changing payment details. Your payment is then sent to the fraudster rather than your vendor.

 

Tips For Protecting Your Small Business

  • Educate Your Employees. Your employees are your first line of defense. Regularly train your staff on how to identify phishing emails, suspicious invoices and other common scams. Teach them to verify the legitimacy of any unfamiliar requests before taking action. Having a clear process for flagging and reporting potential scams within your organization can prevent errors and keep everyone vigilant.
  • Implement Strong Cybersecurity Measures. In today’s digital landscape, cybersecurity is essential for protecting your business from scams. Establish a robust security awareness program that includes regular testing and compliance.
  • Verify Invoices and Payments. Create a process for verifying all incoming invoices before making payments. Ensure that multiple employees review large transactions and that invoices match actual goods or services received. For overpayment scams, never refund overpayments without verifying that the original payment has cleared your account.
  • Monitor Your Business Credit. Keep an eye on your business credit report to detect any unauthorized activity, such as new credit lines or loans opened in your business’ name. Sign up for alerts with credit reporting agencies to be notified if anything suspicious arises. Early detection can help mitigate the damage caused by business identity theft.
  • Be Skeptical of Unsolicited Offers. Always be cautious of unsolicited offers for business services, especially those that come with high-pressure sales tactics. Before committing to any directory listing, advertising or service contracts, thoroughly research the provider and verify their legitimacy.
  • Leverage Vendor Relationships. Because fraudsters often pose as vendors to lure you into sharing bank account credentials, you should always leverage the relationships you’ve built with vendors by verifying the legitimacy of their requests over the phone.

While scams can be difficult to avoid entirely, these proactive tips can help you protect your small business from common threats.

Email Fraud: A Small Business Survival Guide

Email fraud is one of the most common ways scammers attack a business. While you may think your business isn’t a target, email fraud targets businesses of all sizes from large corporations and hospitals to school systems and “Mom & Pop” shops. Here are a few ways to spot the telltale signs of a fraudulent email, and what to do to help keep your business safe.

 

Common ways business email can be compromised:

 

Email-borne Malware

 

The Situation

Email scammers use a seemingly harmless email to introduce malware (malicious software) into your computer via a link or an attachment. This malware encompasses any number of codes written to “hack” into your business’s computers or network. Once it’s in, the malware can spread to other computers on your business network or to your servers. The specific type of software depends on what the hackers are trying to accomplish. For example, they may introduce a program that records every key you press. These keystroke loggers can capture banking transactions or record all of your usernames and passwords.

 

How Can This Attack Be Prevented?

If you receive an email containing a link or an attachment – slow down. Especially if it’s an email from an unknown source. Take the time to see if the sender is legitimate. Check the sender’s email address. Look for spelling or grammatical errors or inconsistencies throughout the email. NEVER open attachments or click on links in an unsolicited email that you can’t verify. If the email “seems” to be from someone you know, but something seems off – call the person directly to verify.

 

Fake Vendor Email

 

The Situation

Email hackers can also attack your business by posing as a company with which you do business. Once they have access to one of your vendor’s systems, they may hack the vendor’s email accounts or create accounts that look like your vendor’s. From there, they might send you a seemingly official email. These emails often ask that you send your regular wire payment to a new bank account and routing number.

 

How Can This Attack Be Prevented?

You may receive emails from vendors every day requesting you to transfer funds or wire money.  However, if one of your vendors has been compromised and it’s actually a hacker sending an email disguised as your vendor, chances are they will have an unusual request for sending money. If they are asking you to wire or transfer funds to a different account with a different address – STOP! Call the vendor directly to verify the request first. Avoid using any phone number provided on the email. Be sure to get it from a trusted source instead.

 

Email is key to conducting business successfully. It’s important to be aware of the signs of fraud. Help prevent a disaster by slowing down, assessing the situation, and taking the time to verify.

Check Fraud and Positive Pay

Check fraud remains an ongoing concern for business owners. WSB offers a solution to help you prevent check fraud called Positive Pay. This service is FREE of charge and available to WSB business customers only. It works by comparing the details of checks presented for payment against a list of checks the business has issued, flagging any discrepancies for review. This helps identify and prevent fraudulent checks from being cashed. 

 

How does Positive Pay work?     Learn more about Positive Pay

As a business customer with Positive Pay, you simply upload a CSV or text file each day, through your WSB Digital Banking, listing all the checks you have issued and authorized including the check amount and check number for each item. You also have the option of manually keying issued items directly into your digital banking. When a check is presented for payment, Positive Pay compares each check against your check issue file. If a check is not in your issued items list or if the check numbers and/or amounts don’t match, the check will be denied for payment at that time. Instant daily fraud protection.








Protecting The Elderly

What Is Elder Financial Abuse?

Elder financial abuse occurs when someone takes advantage of an elderly person for the purpose of stealing their money or other items of value. As people age, they may need the help of others to manage their finances and care for them. Unfortunately, elders may put their trust in people who do not have their best interest at heart. This is especially true in cases where the older person may have Alzheimer’s or dementia, as these conditions cause a decline in mental acuity.

Financial abuse can be hard to spot initially. In fact, elder financial abuse may go on for years before being noticed. The long-term consequences of elder financial exploitation can be devastating. Older Americans may lose their entire life savings and no longer be able to afford rent, nursing home care, or basic living expenses.

 

Warning Signs of Elder Financial Abuse

Early detection is important.  Make sure you can recognize these signs: 

  • Sudden large bank withdrawals or transfers between accounts
  • Unexplained withdrawals that the elderly person could not have made
  • Change of address for their checks or bank statements
  • Changes to an elder’s will or power of attorney
  • Missing belongings or property
  • Forgeries on legal documents or checks
  • Referring to a stranger as a “new friend” by the elder
  • Overpayment for common services
  • Mood changes (such as depression or anxiety)
  • The elderly person does not understand their financial situation
  • Unpaid bills and eviction notices

If you notice any of these signs in an elderly loved one, don’t wait — take action and report it immediately to keep an older adult safe.

 

 Where to Report Financial Abuse of Elderly 

  • WSB: Give us a call at (315) 836-8450 to talk with us and make us aware of the situation.
  • Adult Protective Services: Adult Protective Services (APS) works to keep vulnerable adults safe from abuse. A member of a local APS branch can investigate possible cases of financial abuse and offer assistance when needed.
  • Law Enforcement: Working with the police is crucial if you want to hold an abuser criminally accountable. Financial exploitation is a crime, and perpetrators have received long prison sentences for elder financial abuse.

You can also visit the National Center on Elder Abuse https://ncea.acl.gov or call The Eldercare Locator Helpline at 1-800-677-1116.