Federal banking regulators say scam artists are impersonating banks around the country and committing both ID theft and wire fraud. The scam starts with fake ads in newspapers, complete with authentic bank logos, regulators say. The ads offer great loan terms, but the supplied phone numbers actually connect callers to the alleged perpetrators. Consumers who agree to refinance their home loans then lose all their personal information, and usually the first month’s payment, too. Fifty financial institutions have been so impersonated, the Federal Deposit Insurance Corp. says.
“WHETHER IT’S A NEW home you want to buy or refinance the one you have ... no problem, we can help,” one of the allegedly fake ads says. “We’ve got exactly what you need.”
People who call the supplied numbers (which the FDIC says are really prepaid cell phones purchased in Canada) are asked to provide application information over the phone, including their Social Security numbers. In some cases, customers were even duped into sending a follow-up “loan package” with banking information and copies of their Social Security cards.
Eventually, customers are asked to make an advance payment on their loan through a Western Union wire transfer.
That should be a red flag, experts said: banks won’t ask for upfront payments on loans, nor will they request Western Union wire transfers, says an FDIC spokeswoman.
The warning was issued quietly two weeks ago on the FDIC’s Web site, but one bank executive hit by the scam in June told MSNBC.com that con artists have been using the technique successfully for almost two years.
The executive, who spoke on condition of anonymity, said his bank hadn’t lost any money because of the scam — but some consumers had.
“This is corporate identity theft,” the executive said. “They are taking advantage of people who do not realize this is not the normal way to do business.”
Banks are learning about the scheme when newspapers contact them looking for payment for the advertisements, the FDIC said. “This practice is believed to affect as many as 50 financial institutions,” the agency said in a statement.
A spokeswoman for the FDIC declined to say which institutions were impacted; she also couldn’t say how many consumers had fallen for the prank.
“Our goal in issuing this special alert was to make financial institutions and consumers aware of the scam,” she said. “The risk of name swiping is a risk (banks) may have to deal with creatively.”
A separate FDIC spokesman said both the Federal Trade Commission and the Royal Canadian Mounted Police were investigating the string of incidents. A spokeswoman for the FTC said the agency doesn’t comment on ongoing investigations.
The bank executive who spoke to MSNBC.com said the scam artists are targeting small and mid-sized banks and newspapers. The newspaper advertisement was paid for with a stolen credit card, he said.
NEW ID THEFT GUIDELINES
The FDIC fake loan warning was released just days before a set of banking regulators — including the FDIC — suggested a slate of new guidelines to stem the growth of identity theft. The key proposal would require banks to tell customers if their personal information has been stolen or somehow compromised. The guidelines mirror a privacy law which took effect in California on July 1.
“ID theft is an issue of growing concern for everyone,” said Andrew Williams, a spokesman for the Federal Reserve. The published guidelines have no force of law; banking regulators are merely soliciting comments from the public and the industry, which are due by Oct. 14.
Banking industry consultant Rob Douglas applauded the effort at standards combined to combat ID theft. He objected, however, to the portion of the guidelines that let banks decide when a consumer is at risk, and thus should be told about a data compromise.
“It seems to me it’s the customer who should be able to decide,” he said. “Most Americans would say, ‘Let me make that decision. Notify me that the bank’s customer information system has been compromised, and I’ll decide if I want to put fraud alerts on my credit files.’”