Online Scams and Alerts
Capital One Data Security Incident
On July 29, 2019, Capital One announced that an outside individual was able to obtain personal information from Capital One. The information was obtained from credit card applications dated 2005 through early 2019. The event affected 100 million individuals in the U.S. and 6 million individuals in Canada.
Information accessed includes names, addresses, zip codes, phone numbers, email addresses, dates of birth, and self-reported income. Also, about 140,000 social security numbers and 80,000 linked bank account numbers, as well as some customer status and transactional data was accessed.
More information is available on Capital One’s website.
Information Regarding Equifax Cybersecurity Attack
The credit reporting agency, Equifax, reported on September 8, 2017 that a flaw in a web application exposed 143 million customer records to hackers.
The information exposed includes Personally Identifiable Information (PII), such as names, addresses, birth dates, social security numbers, and driver’s license numbers. Among additional information exposed to hackers are numerous U.S. consumer credit card numbers and U.S. consumer dispute documents.
Mars Bank uses Equifax data services in its loan application and review process. There was no breach of information maintained by Mars Bank.
Please review the important information below and use the described links to access more information about the data breach at Equifax.
How can an individual determine if their data has been breached at Equifax?
Visit the Equifax page and follow instructions on the webpage.
What other resources are available to monitor credit information?
You are entitled to one free credit report from each of the three credit reporting agencies each year. The three agencies are: Transunion, Experian and Equifax. Access your free credit report.
Fictitious Notification Regarding OCC Release of Funds
The OCC (Office of the Comptroller of Currency) has reported a scam of consumers receiving fictitious e-mail messages stating that the OCC is holding 25 million euros related to an international funds transfer until a “Capital Currency Control Permit” fee of 25,000 euros is paid. The e-mail included an “Application for Capital Currency Control Permit” which requests, among other information, a copy of the individual’s passport and bank account information. Any communication claiming that the OCC is involved in holding any funds for the benefit of any individual or entity is fraudulent, as the OCC does not participate in this activity. If you have received a request, appearing to come from the OCC, that asks for personal account information, or requires the payment of any fee, the OCC recommends to:
- contact the OCC directly at email@example.com, or call 202-649-6450,
- contact state or local law enforcement,
- file a complaint with the Internet Crime Complaint Center.
If you have provided your bank account information, you should immediately contact the Bank by calling your local Banking Center or 724-625-1555.
Recent Texting Scam
Robo calling/texting machines are a sophisticated method of calling or texting cell numbers to carry out fraudulent activities, such as stating that a bank account was compromised and asking for account information. Be aware that Mars Bank will never ask for personal or account information over the phone, via text or email. If you receive this type of call or text, please report it to the Bank. This illegal practice is called SMishing (SMS Texting based Phishing) SMishing is an attempt to lure people into providing personal account information to be used for criminal activity. It is done using cell/smart phone SMS texting. Fraudsters try to get customers to provide details of their card, including their pin, as well as techniques to identify the CVC/CVV security code. This method of fraud is known as Brute Force. Please do not respond to these texts or call the phone present within the text. If you have responded to this type of text message, please call the Bank at 724-625-1555.
Recently, researchers have disclosed an Internet vulnerability known as “OpenSSL Heartbleed”. If exploited, this vulnerability could allow an unauthorized user to monitor information passed between a user and a web service or it could decrypt past collected traffic. Mars Bank is aware of this situation and has done extensive analysis on the systems used to process your information. There is no evidence that indicates your information has been compromised. However, since this vulnerability has existed since March 2012 and it affects an estimated 50-60% of websites that use SSL encryption, you can protect your personal information by using the following security best practices: • Create strong passwords with at least 8 characters and a combination of mixed case letters, numbers and special characters. • Change your password frequently. • Never share your username and password. • Avoid using automatic login features that save your username and password. • Securely store passwords where others cannot find them. For more information on how you can further protect your information, please visit us at: https://www.marsbank.com/deposits/online-banking/online-banking-security-statement, or call your local branch for more information.
Online Banking Fraud Prevention Best Practices
Click here for Guidelines and Tips to bank securely online.
Warning Regarding Email/Internet Scams
Please be aware of e-mails circulating the Internet contain various Subject lines, such as “Your ACH transfer” or “Your Direct Deposit declining” and a link, which may launch a computer virus or an Internet connection to a phishing website. As a policy, Mars Bank does not request account or personal information via any medium, such as telephone, e-mail, or text messaging. For your protection, do not reply and do not provide any information. NACHA (the Electronic Payments Association) makes the following statement regarding communications: “NACHA has been the victim of sustained and evolving phishing attacks in which consumers and businesses are receiving emails that appear to come from NACHA. The attacks are occurring with greater frequency and increased sophistication. NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.” For more information, please visit NACHA’s website at http://www.nacha.org.
Planning a Trip Outside the United States?
To further protect our Check/Debit Card holders, Mars Bank has implemented new procedures for card holders traveling outside the United States. To use your Check/Debit card while traveling abroad, You Must contact our Electronic Banking experts at 724-625-1555 x226 prior to your trip. This applies only to Check/Debit cards. ATM and credit card users need not contact us before travel abroad. While we know this is an added step in the busy days before a trip, making this call will ensure uninterrupted use of your card and access to your money while you travel.