New Mexico Bank & Trust
Fraud Center

In a world where fraud attacks are increasing each year, we want you to feel safe when banking with New Mexico Bank & Trust.

Cyber security awareness.

We take fraud prevention very seriously, and we are dedicated to acting as your advisor and partner in your protection against fraud. We are perpetually investing in the right technology to make sure your personal, business and financial information is safeguarded from fraudsters.

When banking with New Mexico Bank & Trust, it’s important to remember that:

  • We will never ask for personal or financial information by, in response to or via a link in an email or text message.
  • We will never initiate a phone call asking for financial information, including your account password, social security number, balances or Secure Access Code.
  • When you call us we may ask you for specific information in attempt to verify your identity before disclosing financial information.
  • If we have reason to doubt the authenticity of a caller, we are not required to provide financial information.
  • If you feel you received a suspicious or unusual call, hang up and call the bank directly.

COVID-19 Related Scams

Fraudsters are taking advantage of fears surrounding COVID-19. Customers should monitor their accounts regularly and log in to online banking or our mobile app.

Fraudsters are setting up websites to sell bogus products, and using fake emails, texts, and social media posts as a ruse to steal money and personal information. The emails and posts may be promoting awareness and prevention tips, and fake information about cases in your neighborhood. They also may be asking you to donate to victims, offering advice on unproven treatments, or contain malicious email attachments.

What type of scams are being reported?

  • Imposter Scams – Bad actors attempt to solicit donations, steal personal information or distribute malware by impersonating government agencies (e.g., Centers for Disease Control and Prevention), international organizations (e.g., World Health Organization), or healthcare organizations. The BBB is already reporting about an imposter scam around the new Coronavirus Aid Relief and Economic Security (CARES) Act.
  • Investment Scams – The Securities and Exchange Commission (SEC) urged investors to be wary of COVID-19-related investment scams, such as promotions that falsely claim that the products or services of publicly traded companies can prevent, detect or cure COVID-19.
  • Product Scams – The Federal Trade Commission (FTC) and Food and Drug Administration (FDA) have issued public statements and warning letters to companies selling unapproved or misbranded products that make false health claims pertaining to COVID-19. Additionally, FinCEN has received reports regarding fraudulent marketing of COVID-19-related supplies, such as certain facemasks.
  • Charity Scams - The Department of Justice (DOJ) has indicated that scammers are soliciting donations for individuals, groups, and areas affected by COVID-19.
  • App Scams - The DOJ has also warned that scammers are creating and manipulating mobile apps designed to track the spread of COVID-19 to insert malware that will compromise users’ devices and personal information.
  • ATM Skimmers – Fraudsters will attach a skimmer to ATMs to try and collect your card information. Customers should always inspect any ATM they use and ensure there are no skimmers attached to the card reader. If you believe an ATM is at risk, don’t use the machine and contact your bank immediately to further investigate.
  • Point-of-Sale (POS) Devices at Merchants – Merchant terminals are also at risk to have their information compromised. We recommend you use your Digital Wallet (Apple Pay, Samsung Pay and Google Pay) for paying for items at merchants and online. Digital Wallets use an encrypted token instead of your actual card number to prevent fraud.

How can you avoid these scams?

The U.S. Attorney's office urges everyone, especially those most at risk of serious illness, to avoid these and similar scams by taking the following steps:

  • Independently verify the identity of any company, charity, or individual that contacts you regarding COVID-19.
  • Check the websites and email addresses offering information, products, or services related to COVID-19. Be aware that scammers often employ addresses that differ only slightly from those belonging to the entities they are impersonating. For example, they might use “cdc.com” or “cdc.org” instead of “cdc.gov.”
  • Be wary of unsolicited emails offering information, supplies, or treatment for COVID-19 or requesting your personal information for medical purposes. Legitimate health authorities will not contact the general public this way.
  • Do not click on links or open email attachments from unknown or unverified sources. Doing so could download a virus onto your computer or device.
  • Make sure the anti-malware and anti-virus software on your computer is operating and up to date.
  • Ignore offers for a COVID-19 vaccine, cure, or treatment. Remember, if there is a medical breakthrough, you won’t hear about it for the first time through an email, online ad, or unsolicited sales pitch.
  • Check online reviews of any company offering COVID-19 products or supplies. Avoid companies whose customers have complained about not receiving items.
  • Research any charities or crowdfunding sites soliciting donations in connection with COVID-19 before giving. Remember, an organization may not be legitimate even if it uses words like “CDC” or “government” in its name or has reputable looking seals or logos on its materials. For online resources on donating wisely, visit the Federal Trade Commission (FTC) website.
  • Be wary of any business, charity, or individual requesting payments or donations in cash, by wire transfer, gift card, or through the mail. Don’t send money through any of these channels.
  • Be cautious of “investment opportunities” tied to COVID-19, especially those based on claims that a small company’s products or services can help stop the virus. If you decide to invest, carefully research the investment beforehand. For information on how to avoid investment fraud, visit the U.S. Securities and Exchange Commission (SEC) website.

For the most up-to-date information on COVID-19, visit the Centers for Disease Control and Prevention (CDC) and World Health Organization (WHO) websites.

If anyone believes they have been the victim of a COVID-19 fraud scheme, please contact the U.S. Attorney’s Office, or your state or local authorities.

 

CYBERSECURITY FOR BUSINESS

Make sure you know who you are paying

Always verify payment requests submitted to your business. Verify with a second individual or the requestor, but through a different channel than the one used to submit the request. Always use a phone number on file, not a phone number contained in the request. Never feel pressured to initiate a payment without verification. It is safer to take a little longer and be sure the payment is legitimate, than to be quick and lose thousands of dollars to fraud. Always verify any change to vendor payment instructions (i.e., bank name or account number) and use dual control – meaning you establish a dual control requirement for all outgoing ACH or wire payments.

Reduce payment fraud risks

Once your Accounts Payable process has the checks and balances you need to avoid duplicate and/or unauthorized payments, talk to your Treasury Management team to evaluate today’s tools and technology that not only help reduce payment fraud, but can also help you automate some of the Accounts Payable process to save time and money.

Require multi-factor authentication (MFA)

MFA confirms your identity only after successfully presenting two or more pieces of evidence (or factors), such as a password, security token and/or fingerprint. A valuable tool when receiving payment information or updating your contact information.

Learn more about protecting your business against fraud

Learn More

 

 

CYBERSECURITY AT HOME

Use strong passwords

The combination of strong passwords and changing them at least once per quarter is highly recommended. DO NOT use the same password for multiple logins and use multi-factor authentication whenever it’s available.

Avoid unknown links or attachments in email

When you receive a request for payment via email, review it carefully, and if there is any doubt, contact the vendor via the phone number on a previous invoice or look up their number online to verify. Fraudsters can change any company’s email address by adding a letter, a period or something else that people may miss if they are not aware of the risk of fraud.

Use Internet Security Software

Install and maintain current Internet security software on all devices, including mobile phones and tablets.

Learn more about protecting your home and family against fraud.

Learn More