Fraud Resources

Your security is our top priority. As part of our commitment to protecting your financial well-being, we’ve compiled a list of common scams to help you stay informed and vigilant.

These scams are designed to trick you into giving up personal information or money. By knowing the red flags and how to respond, you can better safeguard your accounts and personal information. Select from the links below to learn more about these scams and how to protect yourself from falling victim.





































Don't Help the Fraudsters

The bank will not call or text you to ask for your PIN number or personal information. If someone asks for this information, do not share it. This is the primary way fraudsters gain unauthorized access to unsuspecting victims.

We've received reports of a text message phishing scam circulating in our community. Scammers are sending texts claiming that your card may have been charged and urging you to click on a link to dispute the charge.

Remember, we will never request personal or account information via text message. If you receive a suspicious text, please don't click on any links or provide any information. Instead, contact us directly at (877) 441-2784 or visit your nearest branch.

Beware of scammers and the tactics they use to trick victims into approving fraudulent charges.

Scammers now use advanced technology to disguise their phone numbers, posing as the bank when they reach out via phone calls or text messages. They may use convincing language to prompt you to approve a fraudulent charge through the bank's fraud prevention alert and management system.

These fraudsters rely on your cooperation to gain unauthorized access to your debit card via Apple Pay or Google Pay. BankFirst will never ask you for an Apple/Google Pay code, Personal Identification Number (PIN), or the three-digit security code on the back of your debit card.

If you encounter a fraudulent incident, please contact our call center at (877) 441-2784.
Visit our Check Washing Scams page for more information.
Often criminals impersonate personnel from legitimate, well-known companies or government agencies to trick people into handing over personal financial information, account numbers, user identification and passwords. The goal is account fraud and theft.

Don’t underestimate them – they are convincing sophisticated con artists.
 

How The Scam Works   

The scammer contacts a person to report an urgent security problem or some suspicious activity with an internet device that needs immediate attention. Then they ask to verify personal information or to allow them access to computer files. Often, they direct a person to a website that looks authentic – but it is not. The page was set up to phish for personal information that collects the data and embeds malware.

These scammers need one thing; that is, to get account information and account access – without it – they can’t steal.

If you get an unexpected pop-up, telephone call, email or other urgent message about a problem with your computer or other device, stop right there! Technology companies will never call you to offer a solution to a random computer problem.

This call is likely a technical support scam and the goal is to convince you that your computer or other device has a serious, urgent problem – and only they can provide the fix.

These scams occur when a scammer contacts you pretending to work for a legitimate business or government agency. The initial contact may be by telephone, email, mail, or even a text message. The two most common types of this fraud are:

  • Tax collection scam – You receive a phone call or letter claiming that you owe taxes. They will demand that you pay immediately, often with a prepaid debit card or wire transfer. They threaten serious consequences if you don’t pay.
  • Verification scam – You receive a phone call, an email or text message that requires you to verify your personal information for the Social Security Administration. The message often includes a link to a phishing website.

Scam Prevention and Protection:

  • Hang up if you get a telephone call from someone who claims to be from computer tech support or a government agency asking for personal information.
  • Ignore it if you get a pop-up message, email or text that directs you to call a specific telephone number or go to a website for technical support or government agency.
  • Never use the phone number in the pop-up or on caller ID. Instead, find the real contact information online.
  • Never give control of your computer or other device to anyone who contacts you by telephone, email, pop-up or text message.
  • Remember the IRS doesn’t initiate contact with taxpayers by telephone, email, text messages, or social media channels to request payments or personal information. Call 800-366-4484 to report it.

If you recently bought a ticket to a local event, you may have used Eventbrite’s website or smartphone app. Eventbrite is an online platform that allows you to create, promote, and attend events. But cybercriminals are abusing this platform to steal your personal information and money. In this week’s scam, cybercriminals use Eventbrite to set up a fake event and then email you an invitation. 

The Eventbrite email invitation contains realistic logos and brands, and it appears to be legitimate. But if you select the link within the email, you will be taken to a fake webpage that is actually controlled by cybercriminals. The webpage will prompt you to enter personal data such as your login information, tax identification number, and even your credit card number. The cybercriminals are trying to steal your personal details and funds!

Follow these tips to avoid falling victim to a phishing scam: 

  • Be wary of emails that urge you to take quick action. Phishing emails are designed to catch you off guard and trigger you to act impulsively. 
  • Never select a link in an unexpected email. In this case, it would be best to navigate to Eventbrite’s official website or smartphone app if you have concerns about tickets you’ve purchased. 
  • If you aren’t sure if an email you received is legitimate, contact Eventbrite’s customer support directly to verify.

No one is immune to being targeted by scammers, including lawyers and law firms. Lawyers often handle debt collection, and cybercriminals are seeking to take advantage of that. In this week’s scam, a law firm is contacted by someone claiming to be a client who needs assistance with collecting a debt payment. The firm works with the client to determine who owes the debt and then sends a letter requesting that the debt be paid. The person who owes the debt money immediately agrees to pay and sends what appears to be a real cashier’s check to cover the cost.

The law firm deposits the check and wires money to the client’s account. However, both the client and the person who owes the debt are scammers who are working together. The entire story about being owed a debt is a scam, and the cashier’s check is fake. The fake check doesn’t clear at the bank, and the scammers are able to escape with the law firm’s money!

Follow these tips to avoid falling victim to a cashier’s check scam:

  • Look for red flags. Always be suspicious of situations or opportunities that seem too good to be true.
  • Be extra cautious when dealing with money or other financial requests. Trust your instincts and contact your bank if you have concerns about a check or money transfer.
  • Be suspicious of requests to take action quickly. Cybercriminals pressure their victims to act quickly so they won’t be caught.

When it comes to staying safe online, it usually helps to remember an old rule: “If it seems too good to be true, it usually is.” In this week’s scam, cybercriminals are trying to trick you into forgetting this simple rule by sending you phishing emails. The phishing emails say that you have an opportunity to win a prize, usually from a major organization or brand, such as Marriott, Costco, Lowes, and more. 

The emails vary slightly in their content, but they all offer you the opportunity to win a prize by simply clicking a button and providing some personal information. However, the emails were sent by cybercriminals. If you click the link, you will be directed to a webpage that they control. If you enter any personal or financial information here, the cybercriminals will be able to see it immediately. You won’t win any prize from clicking the links, but the cybercriminals will. They’ll be able to steal your data! 

Follow these tips to avoid falling victim to a phishing scam:

  • Major companies don’t usually give things away for free. Be very cautious of any unsolicited emails that offer something at no cost.
  • Be very cautious when entering personal or financial information, especially after clicking a link in an email. If you need to enter your information online, make sure that you are on the organization’s official webpage.
  • Look for signs of a phishing email. Most will contain a call to action, such as clicking a link in order to win a prize. If you aren’t sure about the legitimacy of an email, follow your organization’s policy for reporting suspicious emails.

No one is immune to being targeted by phishing attacks. In this week’s scam, cybercriminals targeted candidates in a local election. During any election season, many candidates post information about themselves online or on social media sites. Scammers can use this information to craft targeted attacks on the candidates. In the specific attacks mentioned below, the scammers pretended to be another election candidate. This type of attack is known as Business Email Compromise (BEC).

In one of the attacks, the scammers emailed an election candidate. In the email, they impersonated someone else who was also running for election. The scammers explained that they needed the victim to purchase $500 in Apple gift cards and send them via email. When this didn’t work, the scammers later sent a separate email that appeared to come from DocuSign. This email contained an attachment that directed the victim to a fake login screen that prompted them to enter their user credentials in order to continue. If the victim had fallen for either of these scams, the scammers would have been able to steal both money and login credentials from the victim.
 
Follow these tips to avoid falling victim to a BEC scam:

  • Be wary of any unsolicited emails or calls asking you to buy gift cards or transfer money, even if they appear to be from someone you know. Verify the request through another channel before acting.
  • Be extra vigilant during high-profile events like elections when scammers may increase phishing attempts.
  • Remember, the information that you post online is publicly available for anyone to see. Scammers can use this information to target you with more realistic phishing attacks.


































Note: Fraud resources published are intended to provide general information and educational content related to personal finance and banking services. While we strive to ensure the accuracy and reliability of the information presented, it should not be considered as financial advice and may be revised as needed.