Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

Consumer Archive

Consumer

CFPB advisory offers consumer tips in wake of data breaches

 Permanent link
WASHINGTON (1/28/14)--There is a new advisory from the Consumer Financial Protection Bureau (CFPB) to help consumers protect themselves in the wake of recent financial data breaches. The advisory also contains information on where to get help if consumers suspect their information has been compromised.

In recent months alone, data breaches have exposed millions of payment card accounts to potential fraud. In addition, millions of consumers' names, phone numbers, emails, and addresses also appear to have been stolen separately from card information.
 
Payment cards, such as credit, debit and prepaid cards, are among the most commonly used consumer financial products. Over 70% of Americans have at least one credit card, and debit cards are now used for more consumer purchases than credit cards. The use of prepaid cards is continuing to grow.
 
The CFPB consumer advisory suggests these steps:
  • Monitor your accounts for unauthorized charges or debits. Consumers should regularly review their accounts online if possible, and at a minimum examine their monthly statements closely. Consumers should report even small problems immediately as some thieves may process a small charge or debit just to see if the account is live, or whether the consumer notices. Fraudulent charges may occur many months after information is stolen. Even if consumers think the PIN on their debit card was not stolen, they should consider changing the PIN in order to be on the safe side.
  • Alert card provider immediately if fraud is suspected. Consumers should alert their card provider immediately if they suspect an unauthorized debit or charge. If fraudulent charges appear, the consumer should ask the card provider to close access to the account and issue a new card before more transactions come through. Under federal law and other applicable rules, consumers are generally not responsible for unauthorized debits or charges to credit or debit card accounts, as long as they report them quickly to their bank or card providers.
  • Follow up and maintain records. If consumers find a fraudulent transaction, they should call the financial institution or card provider's toll-free customer service number immediately, and also ask how they can follow up with a written communication. When consumers communicate in writing, they should be sure to keep a copy for their own records. Consumers should write down the dates on which they make follow-up calls and keep this information together in a file.
  • Avoid scams that ask for personal information over email or by phone. A common scheme, known as "phishing," involves a scammer contacting a consumer over email or phone and asking to verify account information. Banks and credit unions never ask for account information through email. If consumers receive this type of email, they should immediately contact their card provider and report it. If consumers receive this type of phone call, they can ask for a call-back number to verify the requestor is actually their financial institution.
If consumers are unsatisfied with how their bank or card provider responds to a report of fraudulent charges, they can submit a complaint to the CFPB. Card providers should investigate charges and respond quickly.

Consumers have a right to see the results of the bank's or card company's investigations.

The CFPB accepts consumer complaints on payment cards and other financial products and services. Consumers can submit a complaint by:
  • Going online at www.consumerfinance.gov/complaint;
     
  • Calling the toll-free phone number at (855) 411-CFPB (2372) or TTY/TDD phone number at (855) 729-CFPB (2372);
     
  • Faxing the CFPB at (855) 237-2392: and
     
  • Mailing a letter to: Consumer Financial Protection Bureau, P.O. Box 4503, Iowa City, Iowa 52244.

Be careful about security breach emails

 Permanent link
ATLANTA (1/28/14)--At least one major retailer has sent emails to millions of customers potentially affected by the recent mega security breaches. Be on the lookout for scammers who mimic them (CNN Money Jan. 20).
 
Homeland security investigators have warned several large retailers about sophisticated malware that has potential to compromise customers' credit card numbers and other personal information on an unprecedented scale. Target alone has as many as 110 million affected customers.
 
While the hacking is under investigation, if you receive email from a retailer regarding a security breach, here's what to do:
 
Don't automatically open the email: First go to the retailer's website or call to make sure the information online matches the email you received. One adviser, Adam Levin of Credit.com, cautions that even opening a fraudulent email could allow malware to be installed on your computer.
 
If you've already opened the email: Don't click on any links until you verify the information with the retailer by going online or calling.
 
If you've already clicked a link to an external website and entered personal information: Verify the information in the email with the retailer at its website. If the information in the email doesn't match the retailer's information, take action quickly:

  • If the retailer is offering free fraud-monitoring, take advantage of it. Your credit union also might offer a fraud-monitoring service or recommend an affordable and reliable outside service.
     
  • Check and confirm your debit and credit card transactions every day via your financial institution's online platform.
     
  • Alert your financial institution, the credit card company, and call the "big three" credit reporting agencies--Equifax, TransUnion, and Experian--to tell them you clicked through on a bogus ink and shared info you wish you hadn't.
     
  • Ask to have a fraud alert placed on your account. It costs nothing to place a fraud alert on your credit report if your information is compromised, and the alert will remain in place for 90 days.
     
  • Alert the Federal Trade Commission (FTC). Report fraud via FTC.gov or by calling 877-438-4338.
     
  • If you're really worried, request a credit freeze, which prohibits any credit from being extended under your name.
To learn more about protecting your accounts from fraud, talk to the professionals at your credit union. They can recommend steps you can take to keep your information safe.
 
For related information about credit cards, read "How to Tell If Your Identity Has Been Stolen" in the Home & Family Finance Resource Center.