The guidance on this page is for individuals and families. If you are an organization that believes it is a victim of online bank fraud, we advise you to immediately contact your bank. If it’s a ransomware or other cybercrime, contact a cybersecurity-knowledgable attorney to protect your interest.
- Contact the fraud department(s) of the financial institution(s) affected. This might be your bank, credit union, credit card, investment manager, etc.
- Follow their instructions to recover the money.
- According to Federal financial regulations, a bank is to restore your lost funds if you are a “consumer” and the account was taken from a “consumer account.” You have a $50 liability for credit card fraud but this is rarely enforced.
- Be aware that banks are denying coverage on Zelle fraud and other instances where the “victim willingly gave away the money.”
- If you do not recover all your losses, contact your insurance company to see if you have coverage.
- Change your passwords and implement 2FA / MFA at the affected financial institutions.
- Alert the four main credit bureaus (Experian, Equifax, Transunion, and Innovis), your bank, investment companies, and other financial institutions where you have accounts.
- Follow their instructions.
- Freeze your credit, if you have not already done so
- Report your identity theft to the Federal Trade Commission (FTC). Use their easy-to-follow instructions to get a recovery plan and put it into action.
- See the IRS Taxpayer Guide at https://www.irs.gov/newsroom/taxpayer-guide-to-identity-theft.
- Contact your insurance company to see if you have coverage.
- Check out the Identity Theft Resource Center at https://www.idtheftcenter.org/.
- If you have a good backup, you can use the backup to restore your files.
- If you don’t have a good backup, try No More Ransom, an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, Kaspersky and McAfee with the goal to help victims of ransomware retrieve their encrypted data without having to pay the criminals.
- If you don’t have a good backup and No More Ransom is unable to assist, you are unlikely to be able to recover your files.
- Consider retaining the services of a cybersecurity-aware IT vendor to recover your files and to ensure that all the ransomware software has been removed from your PC.
- If you don’t make sure all the ransomware software has been removed, you are at a high risk of being reinfected.
Social Media Take-Over
- Contact the social media company
- Follow their instructions to have your account restored
- Change your password and implement 2FA / MFA on the affected social media accounts.
Other things to do if you see signs of trouble such as passwords not working, lots of pop-up ads, strange web sites in your browser, slow-running devices, or altered system settings.
- Run a full scan of the anti-virus program on your computer or smartphone
- If your anti-virus program reports that you have malware, it should be able to remove or quarantine the malware. You can be pretty sure the malware has been neutralized if the symptoms disappear.
- If your anti-virus doesn’t detect malware and the symptoms continue, consider retaining the services of a cybersecurity-aware IT vendor.
- Tighten up your security defenses (The Vital Five)
- Freeze your credit
- Use two-factor authentication (2FA / MFA)
- Be careful clicking on attachments or links in email and texts
- Keep software up to date
- Back up critical files
Contact law enforcement if you are a crime victim
- File a complaint with your local police department or district attorney’s office.
- If the loss is substantial, submit a complaint at the FBI’s Internet Crime Complaint Center – known as the IC3. https://www.ic3.gov/default.aspx.
For additional information, please visit our friends at the Cybercrime Support Network. Like SecureTheVillage, the Cybercrime Support Network is a nonprofit dedicated to security and privacy. Their Fight Cybercrime website provides “the information you need to recognize, report and recover from cybercrime.” https://fightcybercrime.org.