Why PAC banking fees may be a silent budget killer and what you can do about it

When a supporter writes a check to your PAC, they’re investing in your mission. They’re not thinking about monthly maintenance fees, wire transfer charges or account analysis costs.

Yet without the right banking relationship, that’s exactly where some of their contribution goes. Excessive banking fees are donor money that never reaches its intended purpose – creating political impact. The solution? Partner with a bank that understands PAC operations and structures relationships to minimize these costs.

The Real Cost of “Standard” Banking Fees

Let’s put this in perspective. If your PAC is paying $200 monthly in banking fees (a conservative estimate for many corporate and trade association PACs), that’s $2,400 annually. For a PAC with $200K in deposits, those fees represent more than 1% of your entire budget—gone before you even begin your real work.

But here’s what makes this truly painful: those fees compound over time. That $2,400 could have funded direct mail campaigns, event sponsorships, or additional advocacy efforts. Instead, it’s padding your bank’s revenue while your actual political objectives compete for increasingly scarce resources.

Why This Matters More for PACs Than Anyone Else

Corporate treasury departments negotiate banking relationships with leverage—they bring massive deposits, complex cash management needs, and long-term partnerships. Your PAC? You’re often an afterthought, stuck with whatever fee structure the corporate relationship dictates.

The irony is stark: while your parent organization may have negotiated favorable terms for their operational banking, your PAC—with its unique compliance requirements and specialized needs—gets treated like a standard commercial account. You’re paying premium prices for basic service.

The Fee Trap That’s Costing You More Than Money

Beyond the direct financial impact, excessive banking fees create a dangerous cycle:

· Limited budgets get squeezed tighter. Every dollar lost to fees means less money for your core mission—whether that’s supporting candidates, driving policy initiatives, or engaging stakeholders.

· Planning becomes harder. When you can’t predict your actual banking costs, budgeting for campaigns and advocacy becomes a guessing game.

· Donor trust erodes. Contributors expect their money to fund political action, not administrative overhead. High banking fees force you to redirect donor dollars away from visible impact.

Breaking Free From the Fee Cycle

The solution isn’t complex—it’s strategic. PACs that prioritize banking relationships specifically designed for their needs consistently spend less on fees and more on their missions.

Consider this: if restructuring your banking relationship could save your PAC $1,500 annually, what could you accomplish with that money? An additional direct mail piece? Extended digital advertising? More comprehensive compliance tools?

What Donors Really Want

Your supporters aren’t writing checks so you can pay bank fees. They’re investing in outcomes—policy changes, candidate support, issue advocacy. When excessive fees eat into that investment, you’re not just losing money; you’re undermining the very reason your PAC exists.

Smart PAC managers ask themselves: “Is this expense moving us closer to our political objectives?” Banking fees rarely pass that test.

The Path Forward

Every PAC faces budget constraints. But not every PAC has to accept unnecessary banking fees as an inevitable cost of doing business. The most effective PACs—regardless of size—treat banking relationships as strategic decisions, not inherited obligations.

Your donors believe in your mission. Partner with a bank that shares that commitment by keeping more dollars working toward your goals.

Post Date: 10/28/2024

At Capital Bank, safeguarding our customers and their financial information is our top priority. One way we uphold this commitment is by making sure our customers stay informed about the latest cybersecurity vulnerabilities. Below are some emerging threats  and trends:

Ransomware Attacks: Ransomware involves malicious actors or third parties introducing malware into your systems. This type of malware infiltrates secure platforms, capturing and encrypting your data. Once encrypted, attackers demand a ransom for the release of  your information.

Increasing use of AI: The growing use of AI has led to advancements in many areas, but it’s also being exploited by hackers for malicious activities. AI-generated phishing emails, in particular, have become more convincing, with fewer errors and faster distribution, making them harder to detect.

Deepfakes: Bad actors are using deepfake technology to create highly convincing scams and false claims. These deepfakes can mimic a person’s voice or likeness to fraudulently access private banking information.

Screen Captures and User Interfaces: Screen captures occur when hackers or malware take a screenshot of your computer or mobile device, exposing sensitive information that can then be shared on malicious websites. Additionally, hackers are designing realistic, yet deceptive, user interfaces that confuse everyday users. These interfaces may even feature pop-ups requesting login credentials, which could introduce malware into your system.

How Capital Bank Can Help:

As cyber threats evolve, it’s essential to discuss your bank’s incident response protocols designed to mitigate and minimize their impact. If you have any concerns, reach out to Capital Bank. Our team is dedicated to keeping you informed and helping reduce the risks of malware and data breaches.

Post Date: 10/21/2024

At Capital Bank, we’re committed to keeping your information protected and secure. Therefore, this week we are sharing essential tips about how you can keep yourself protected online.

Online safety is a crucial practice to master. Especially today where most of our information can be found online.

Below are some safe browsing practices that our team suggests:

Utilize strong passwords. While a six-character password might seem strong to you, a good computer can crack that very quickly. Strong passwords are long passwords that range anywhere from twelve to fourteen characters in length. These passwords are unique and use a variety of numbers, symbols, and both upper- and lower-case characters.

Organize your passwords with a password manager. As mentioned above, strong passwords are typically very long and random, meaning they can be difficult to remember. Password managers are secure programs that keep track of all the passwords you utilize on a variety of platforms.

Enable two-factor authentication. Two-factor authentication is a practice that involves a secondary device that receives a text or email to verify that it’s you who is logging into your account. This device is typically one that a hacker would not have access to, adding a second layer of security to your information and accounts.

Keep your software updated at all times. Regular software updates are critical for cybersecurity hygiene, because typically hackers will target companies or individuals who leave their software unpatched. By falling behind on software updates, you leave your information vulnerable to the everyday hacker. Not only will software updates further protect you online, but they will also enable your devices to run smoothly.

How Capital Bank Can Help

We encourage you to enforce these strategies in your day-to-day online browsing. If you have any questions or concerns, don’t hesitate to reach out to Capital Bank. Our team is here to help you implement these practices and ensure your personal and financial information is safe.

Post Date: 10/15/2024

At Capital Bank we’re dedicated to keeping you and your financial information protected.

This week, we’re continuing our Cybersecurity Awareness Month series by discussing social engineering attacks.

From pretexting to baiting, social engineering attacks are some of the most common ways that hackers and bad actors obtain your private information.

Here is some more information about the methods used in social engineering attacks:

Pretexting your cell phone. A lot of times, pretexting is an unsolicited or random text message from someone claiming to be reaching out to you through a wrong phone number. In this situation, bad actors hope that you’ll reply and eventually share your private information.

Baiting through text messages or emails. Baiting is very similar to pretexting in the sense that bad actors are trying to engage in some sort of conversation with you. Ultimately, the bad actors will attempt to make you share your personal information during this conversation which will eventually lead to your sensitive information.

The most important thing to remember when encountering social engineering attacks is to never trust the unknown. Banks and financial institutions will never reach out to you about your private information via social media, email or text message. With that in mind, if something feels off, report the email or text message as junk and don’t interact.

How Capital Bank Can Help
We encourage you to visit your bank’s official website or call the main number for your bank if you are ever concerned and need clarification about who is trying to reach you. If you have any questions or concerns, don’t hesitate to reach out to Capital Bank. Our team is here to help you implement these practices and ensure your financial information is safe.

Post Date: 10/07/2024

October is Cybersecurity Awareness Month, and at Capital Bank, safeguarding your financial information is our top priority.

To kick off the month we’re sharing essential tips on how to protect your accounts, prevent fraud, and maintain excellent cybersecurity hygiene.

From secure banking practices and multi-factor authentication to recognizing phishing scams and avoiding public Wi-Fi risks, we’re here to help you stay vigilant and secure.

Here are four strategies to help you protect your bank information and prevent information
theft:

Secure your banking practices with long passwords. Strong passwords are crucial when securing your accounts and the reasoning behind them is relatively simple. The longer the password, the longer it takes for a computer to crack that password.

Utilize multi-factor authentication. Multi-factor authentication uses an extra device to secure your account which a hacker would not have access to. This provides excellent protection and enforces an added layer of security.

Recognize and identify phishing attempts. Phishing is the number one way that hackers access information, it’s important to keep an eye out for signs of phishing. Some signs include a sense of urgency, suspicious links or attachments, and emails that seem to be coming from your bank or IT department. Banks are never going to ask for your password, so keep that in mind when deciding whether to open an email or not.

Don’t access confidential information over public Wi-Fi. When accessing banking or other confidential information, it is best practice not to do so over public Wi-Fi. Hackers will often plant networks and make them available for people to use. In doing so, these hackers can steal your information over those networks. Instead, a much safer way to access your private banking information is by utilizing a virtual private network, or VPN.

How Capital Bank Can Help

We encourage you to discuss these strategies with your managers to strengthen your banking information security. If you have any questions or concerns, don’t hesitate to reach out to Capital Bank. Our team is here to help you implement these practices and ensure your financial information is safe.

Watch the video below to hear Anguel Lindarev, Chief Information Officer at Capital Bank, provide insights on these topics.

Post Date: 07/01/2024

Identity theft has gotten a lot of publicity and attention lately. Most of this has focused on individuals, but business identity theft is also a growing problem. In fact, the IRS calls business identity theft a “serious threat to business, partnership, estate and trust filers.”*

Small businesses may be especially vulnerable to business identity theft because they usually don’t have the resources large businesses do to guard against it. This includes sophisticated security controls designed to detect and deter fraudulent activity. As a result, small firms are often specifically targeted by identity thieves.

Also, business identity theft is usually more complex than personal identity theft. Since businesses typically have higher bank account balances and credit limits than individuals, many thieves focus their attention here. All of this makes it crucial to understand the different types of business identity theft and what you can do to protect your company.

What Does Business Identity Theft Look Like?

In a typical business identity theft scheme, thieves assume the identity of business owners or officers to fraudulently obtain credit on behalf of the business. This might include bank lines of credit, credit cards and vendor credit. In another scheme, thieves file false tax returns on behalf of the business in order to claim refundable business credits.

According to Emily Koch, CFCI, Capital Bank Financial Crimes Fraud Investigations Lead, a common scheme is the filing of fake incorporation documents with states. “Once identity thieves have the fraudulent filing documents, they are able to open bank accounts in the name of the business and steal their mail,” she says. “Thieves also fraudulently change business addresses to redirect mail and important documents.”

In addition to the direct costs involved with these kinds of identity theft, businesses may also face legal consequences, including defending intellectual property such as trademarks, copyrights and patents. Victimized businesses also must spend time and money repairing the harm to their credit, reputation and overall finances.

Types of Business Identity Theft

Probably the most common type of business identity theft is financial fraud, as described above. But there are other types as well, including web defacement, or building fake websites that impersonate real ones. Identity thieves use these to redirect visitor traffic and capture sensitive business and customer information.

Thieves also steal business identities to commit tax fraud. Using stolen employer identification numbers (EINs), they file fraudulent tax returns to obtain subsidies and refunds through state and federal programs. In another scheme, thieves create LLCs with a similar or even the same name as an existing LLC and register the business in another state. Then they reroute mail, including checks, to the fraudulent LLC’s address.

Trademark ransom is yet another type of business identity theft. Here, thieves register business names and logos as official trademarks and demand a ransom in order to release them from the trademark.

How Thieves Steal Business Identity

There are lots of different ways thieves can steal a business’ identity. One of the most common is referred to as business email compromise, or BEC. Here, thieves use stolen logos and other brand identities to create fake emails that look legitimate. The emails try to trick employees into clicking on links that download malware onto their computers or take them to fake websites where thieves try to steal sensitive corporate information.

In another BEC scam, identity thieves use compromised or closely spoofed email accounts to trick an employee into initiating wire transfers to bank accounts they think belong to trusted partners. However, the money is actually wired into accounts controlled by the thieves. In a similar scam, thieves send fake emails to employees asking them to provide sensitive corporate information to unlock supposedly locked accounts. The thieves then use the information to steal money from corporate bank accounts.

Identity thieves can also hack into business owners’ and executives’ email accounts and send messages instructing finance employees to send wire transfers to bank accounts they control. Or they can plant unsecure Wi-Fi hotspots around the business and wait for employees to use them by mistake, which can expose sensitive corporate information. Good old-fashioned dumpster diving remains a low-tech identity theft tactic in which thieves rifle through garbage looking for sensitive corporate information they can use to steal funds.

Combatting Business Identity Theft

Here are four strategies to help you combat business identity theft at your company:

1. Educate and train your employees. Your employees are your first line of defense against business identity theft so make sure they understand what it is and how they can guard against it. This includes training them to spot fraudulent emails and carefully scrutinize all wire transfer requests. Also educate employees about the importance of creating strong passwords and changing their passwords regularly.
2. Regularly review your commercial credit report and business records. Koch says to keep Secretary of State records up to date and make sure all your sensitive records are stored securely. “Also check your business records to make sure that no fraudulent business entities have been created, as well as your street address to ensure it has not been fraudulently changed,” she says.
3. Protect sensitive business information. This includes your EIN, bank account numbers, usernames and passwords. “Never share this information electronically or digitally, such as by email or online,” says Koch.
4. Keep computer software and browsers updated. Software updates include security patches that help protect computers from identity thieves and BEC. So train your employees to update software whenever they’re promoted to and make sure they are using the latest versions of web browsers with pop-up blockers. Also consider adding key-logger software to all corporate computers.

What to do if Your Business is Victimized

If you think your company has been victimized by business identity theft, Koch recommends that you report it immediately to law enforcement and the Secretary of State. “Also notify your bank and ask them to place an alert on your accounts and profile,” she says. “And report any fraudulent change of address to the U.S. Postal Inspectors.”

In addition, consider reporting the identity theft to the major small business credit reporting bureaus: Equifax, Experian and Dun & Bradstreet. If you believe your EIN has been stolen and used fraudulently, notify the IRS. And speak with your attorney and business insurer about any potential legal and insurance ramifications of the theft.

How Capital Bank Can Help

Talk to your managers about how you can implement strategies like these to guard against business identity theft. Contact Capital Bank to discuss how we can help you initiate wire transfers and electronic funds transfers safely and securely.

* https://www.wolterskluwer.com/en/expert-insights/business-identity-theft-is-a-big-threat-to-small-business

Published: June 3, 2024

Cybercrime in all its different forms is on the rise, and one of the most common types of cybercrime is business email compromise (BEC). Reported losses due to BEC totaled nearly $3 billion in 2023, which made it the second costliest type of cybercrime last year behind only investment scams, according to the FBI IC3 Internet Crime Report. This is an increase of 58% since 2020¹.

What is Business Email Compromise?

BEC, also sometimes referred to as phishing and spear phishing, can take many different forms, but it is usually targeted at employees who have access to corporate finances. In a typical scam, thieves use compromised or closely spoofed email accounts to trick an employee into initiating wire transfers to bank accounts they think belong to trusted partners. However, the money is actually wired into accounts controlled by the criminals.

While this might sound simple, the level of sophistication involved in executing this type of theft is very high. Business email compromise is especially dangerous because once wire transfers are sent, they generally can’t be reversed. So it’s smart to verbally confirm all wire transfer requests received via email to verify their authenticity. Use the phone number you have in your system instead of a phone number in the email, which could be a fake number that calls the scammers. This simple step can thwart many BEC schemes.

In another type of BEC scheme, cyberthieves send legitimate-looking emails to finance and accounting employees stating that the company’s bank accounts have been frozen due to suspected fraudulent activity. The emails ask employees to provide sensitive information so they can unfreeze the accounts. Instead, the criminals use the information to access and steal funds from the accounts.

Or the emails might instruct employees to click on a link that supposedly takes them the bank’s website to resolve the problem. Instead, the link leads to a clone site that downloads malware onto employees’ computers that enables thieves to capture sensitive account information and launch Man-in-the-Browser attacks.

Combatting Business Email Compromise

Here are four tips for combatting business email compromise:

1. Build a “human firewall.” Your employees are your first line of defense against BEC and other cyberthreats. So it’s smart to educate them about these risks and how to practice proper cybersecurity hygiene. For example, teach them how to recognize fraudulent spoof emails and scrutinize any funds transfer requests they receive by thinking critically (e.g., why are they requesting this transfer?).

Also emphasize the importance of password security and teach employees how to create strong passwords and change them regularly. Provide employees with a password management system and make sure they know how to use it. You can also conduct simulated BEC attacks to test employee readiness and shore up any weaknesses you see.

2. Take advantage of cybersecurity technology tools. There are a number of tech tools that can help prevent BEC, starting with identity verification tools like multifactor authentication and single sign-on. Digital certificates, also known as S/MIME certificates, add cryptographic digital signatures to your emails to increase security. These certificates also allow you to send encrypted emails to other digital certificate holders using their public keys.

You can go a step further by setting up DNS records for your email domain to prevent unauthorized users from sending emails from your domain. This will give servers reporting instructions regarding fraudulent messages to keep you aware of any suspicious activity from your domain. Also consider using verified mark certificates to display your verified brand logo in recipients’ inboxes. In addition, network monitoring tools can help you monitor domain traffic and IP addresses being used to sign in to your accounts.

3. Create and implement request verification procedures. Employees should follow detailed, documented procedures before initiating any wires or other types of electronic funds transfers (EFTs). This includes verifying the identity of anyone requesting funds via email through a different channel, such as face-to-face (if feasible) or over the telephone (as noted above).

It’s also smart to require that at least two separate employees originate and approval all wire transfers and EFTs. In addition, set aside a dedicated computer for employees to use for executing wire transfers and other financial transactions and don’t allow any web browsing or email use on the computer.

Also train employees to be on the lookout for fake phone and video calls requesting wire transfers and EFTs. Cyberthieves are using generative AI technologies to create audio and video deepfakes to initiate fraudulent funds transfer requests. If the employee asks questions and the caller ignores them or talks over them, there’s a good chance it’s a deepfake call.

4. Update computer software and browsers regularly. Software updates include security patches that help protect computers from BEC and other cyberthreats, so be sure employees update software whenever they’re promoted to do so. Also make sure employees are using the latest versions of web browsers with pop-up blockers, and consider adding key-logger software to all corporate computers.

Other Cybersecurity Threats

The widespread use of social media in our society also presents cybersecurity risks for businesses. Many cyberthieves are using popular social media sites like Facebook and Instagram to trick employees into downloading malware or divulging sensitive corporate information that enables them to hack into bank accounts.

Therefore, it’s critical to establish corporate policies that dictate what kinds of social media activity are allowed on work computers and what kinds aren’t. This could include an outright ban on social media activity on all corporate digital devices, if necessary.

Pay especially close attention to mobile devices since these tend to be a primary target of cyberthieves. For example, program mobile devices to delete content after a certain number of failed log-in attempts. You should be able to wipe these devices clean remotely in case they’re ever lost or stolen.

Cloud computing also presents cybersecurity threats since companies have less control over data that’s stored in the cloud than over data stored locally. Whatever cybersecurity standards apply at your business should also be applied to any service providers storing your data, as well as third party vendors they deal with. Find out what kinds of data protection measures they have in place and be prepared to switch service providers if you believe these measures are insufficient.

How Capital Bank Can Help

Talk to your managers about how you can implement strategies like these to guard against business email compromise. And contact Capital Bank to discuss how we can help you initiate wire transfers and EFTs safely.

¹https://www.thesslstore.com/blog/business-email-compromise-statistics/

Updated: 5/31/2024

Fraud is the largest source of illicit proceeds in the country, according to the Financial Crimes Enforcement Network (FinCEN). Mail theft related to check fraud has become an especially serious problem, with 680,000 reported instances of this type of fraud in 2022 alone¹.

In this type of fraud, thieves brazenly steal mail right out of residential mailboxes or blue postal mailboxes. Or they steal the keys to cluster mailboxes at apartment complexes so they can break into dozens or even hundreds of mailboxes at once. In some instances, carriers have even been robbed of mail by armed thieves. Criminals rip open envelopes that contain checks, which are relatively easy to spot, and change the payee to themselves, create fake checks or sell the checks on the dark web.

Fewer Checks Written, but Average Amount is High

More than three billion checks were written in 2022. This is down significantly from 1990 when 19 billion checks were written, though the average amount per check is relatively high at $2,430. However, a recent FinCEN alert warned that despite the declining overall use of checks in the U.S., mail theft related to check fraud is on the rise. “Criminals have been increasingly targeting the U.S. mail since the COVID-19 pandemic to commit check fraud,” FinCEN stated in the alert¹.

For example, a criminal ring in Milwaukee used stolen arrow keys to break into blue postal mailboxes and steal more than 900 checks. In North Carolina, a man was convicted of stealing more than 850 pieces of mail containing checks, credit card and financial statements from at least 10 people. And in Missouri, a man was convicted of trying to bribe postal carriers for the keys to mail collection boxes. ²

According to the U.S. Postal Service (USPS), 412 mail carriers were robbed on the job in 2022 while 38,500 incidences of high-volume mail theft were reported. Another 25,000 incidences of high-volume mail theft were committed in the first half of 2023 while another 305 mail carriers were robbed. ³

A Top Concern

“Check fraud related to mail theft is one of our top concerns,” says Emily Koch, CFCI, Capital Bank Financial Crimes Fraud Investigations Lead. “This type of fraud has been on the rise since 2020 and has had a major impact on customers.” ³

Koch says that the fraud typically originates when businesses or consumers utilize the blue postal mailboxes. “In the past few years, the keys for these mailboxes have been circulated and replicated for criminals to gain access to them,” she says. “Once the criminals have the mail, they go through it looking for checks. They will either chemically remove and alter the information on the check, which is known as check washing, or use the information to create counterfeit items.³”

In a case reported by CBS News, a customer mailed a $42 check to pay his phone bill, but the check was stolen by thieves, altered and cashed for $7,000.⁴ In another case reported on Forbes.com, a man settling his father’s estate was victimized when thieves stole a check out of the mail and cashed it in a state where he doesn’t live and had never been. Fortunately, his bank spotted the fraud quickly and alerted him and the thief was apprehended.³

In addition to stealing money, criminals are also stealing identities from the names and addresses printed on pilfered checks. They then use these stolen identities to open bank accounts and apply for loans and credit in victims’ names.

How Criminals Are Circumventing Positive Pay

Many businesses use Positive Pay to help prevent check fraud, but criminals have even found a way around this. Koch explains:

“Positive Pay enables businesses to validate the checks being posted to their account by utilizing information such as the check number, date and amount to review checks posting to the account daily.  If items do not match the information provided, an exception is created for the business to review and decide if the item should be returned.

“However, criminals are aware of how this works so they have begun to keep the same date, amount and check number when they create counterfeit checks,” says Koch. “As a result, Positive Pay does not identify the check as an exception for the business to review.” ³

Steps to Protect Yourself and Your Business

There are a number of steps consumers and business can take to guard against mail theft related to check fraud. For starters, the USPS advises against depositing any mail containing checks in a blue postal mailbox, or even in your own mailbox at home. Instead, the USPS recommends taking mail containing checks directly to the post office and placing it in a secure mail drop there or handing the mail directly to a mail carrier. “Walk your mail inside the post office whenever possible,” says Koch.

Here are a few more ways to guard against mail theft related to check fraud:

• Pick up your mail promptly every day. Don’t let your mail sit in your mailbox for two or three days or longer, which gives thieves more time to steal it.
• Find out about overdue mail. If you’re expecting to receive a check in the mail but it hasn’t arrived yet, contact the sender to inquire about it. At this point, it might be smart to issue a stop payment on the check.
• Use Signature Confirmation. With this service, recipients must sign to indicate that they have received the mail, thus ensuring its delivery.
• Fill out a change of address form when moving. This will help ensure that all of your mail is forwarded to your new address. Also let your financial institution know that you have a new address.

On the business side, Koch stresses the importance of reviewing your business checking account daily. “Otherwise, it will take longer to detect fraudulent activity,” she says. “Time is of the essence when attempting to recover funds so the longer it takes for a business to notify its bank of fraud, the lower the chances of recovery.”

Unfortunately, check fraud due to mail theft isn’t always avoidable because the theft usually occurs at delivery on the recipient’s end. “Often, the best solution is simply not to mail checks at all,” says Koch. “Instead, use electronic payments like ACH or person-to-person payments like PayPal or Venmo.”

If you believe that you are a victim of check fraud due to mail theft, Koch recommends that you contact your bank right away and file a police report with local law enforcement, as well as a report with the U.S. Postal Inspectors. “Also close the compromised account or implement Positive Pay,” she says.

Remember, in cases of suspected check fraud due to mail theft, swift action is crucial to mitigate potential losses and protect yourself or your business from further harm.³

¹ https://www.fincen.gov/news/news-releases/fincen-alert-nationwide-surge-mail-theft-related-check-fraud-schemes-targeting
² https://www.usatoday.com/story/news/nation/2024/02/23/mail-theft-united-states-postal-service-concerns/72703972007/
³ https://www.forbes.com/sites/johnwasik/2023/10/08/why-you-should-be-worrying-about-the-rise-in-check-fraud-and-thieves-stealing-your-mail/?sh=6dd521e5e685
⁴ https://www.cbsnews.com/news/us-postal-service-warning-checks-mail-fraud-theft/

Post Date: 05/03/2024

Watch Out for Disaster-Related Fraud

According to the Consumer Financial Protection Bureau (CFPB)¹, scammers often try to take advantage of victims after a disaster or during a crisis, when they might be most vulnerable. And our area has suffered one of the greatest disasters in recent memory with the collapse of the Francis Scott Key Bridge.

The bridge collapse was both a human and economic tragedy, with the Port of Baltimore effectively closed for the foreseeable future. The port directly employs up to 15,000 workers and indirectly helps support almost 140,000 jobs in the Baltimore region.² Between $100 million and $200 million in cargo moves in and out of the port each day, affecting $200 million in wages. State of Maryland and federal officials estimate that the port’s closure could cost the regional economy up to $15 million per day³.

Tips for Spotting Scammers

After a disaster, the CFPB urges consumers to watch out especially for fake government employees, bogus charities and dishonest contractors, as well as anyone else who might try to take advantage of your situation.

To spot potential scammers, start by asking questions and being alert to warning signs. If someone trying to sell you a product or service can’t or won’t answer your questions, this should be a warning. For example, ask to see a contractor’s license, as well as how long they have been in business. Also ask for recent referrals from within your area.

Scammers often pose as law enforcement, insurance adjusters, bank employees or anyone else who they believe can separate you from your money. It’s relatively easy for them to create fake titles and uniforms so be sure to ask for an official piece of identification and then contact the organization they claim to represent to confirm that they’re legit. Government officials generally don’t ask for sensitive financial information such as account or routing numbers, so if someone asks for this, that should be a major red flag.

Common Disaster Scams

According to the CFPB, the most common scams after a disaster include the following:

• Fake charities — These scammers try to take advantage of the desire by many people to help disaster victims. They often come up with a name that is similar to but slightly different from a legitimate charity to try to catch people off guard. Many scammers today are using artificial intelligence (AI) and social media streaming to try to get people to donate money to supposedly help disaster victims, often requesting donations by Bitcoin or another virtual currency.The Federal Trade Commission (FTC) offers some tips for donating safely. For starters, perform an online search of the charity’s name plus words like “complaints” or “scams” to see if anything comes up. Also be suspicious of requests to make donations by cryptocurrency, gift card or wire transfer — it’s safer to donate using a credit card.

• Fake FEMA representatives — No representative of the Federal Emergency Management Association (FEMA) will ever ask for or accept donations. Also, FEMA does not charge money for home inspections or any type of disaster assistance — so if someone claiming to be from FEMA asks for money, this is probably a scam. All FEMA representatives carry a laminated photo ID so be sure to ask for this. You can also call FEMA directly at (800) 621-3362 if you’re ever suspicious.
• Mortgage repayment and modification scams — Here, scammers offer foreclosure relief or help negotiating or delaying mortgage payments after a disaster. It’s true that lenders are often willing to work with and offer forbearance to homeowners affected by disasters. But you should make sure you’re dealing directly with the mortgage servicer, not some supposed third-party. Contact your mortgage servicer directly via the phone number on your monthly mortgage statement to discuss your options.
• Robocalls — Recorded phone calls promising flood insurance, government grants and help with government assistance applications are common in areas affected by disasters. These are often scammers trying to obtain credit card and checking account information from disaster victims, so don’t share any information like this with these callers. Instead, visit FEMA’s disaster assistance website to learn more about what types of assistance might be available.

Avoiding Scams After a Disaster

Here are 4 tips from the CFPB to help you avoid some of the most common disaster scams:

1. Don’t make decisions under pressure. Scammers often use high-pressure tactics to try to get disaster victims to make big financial decisions while they’re under stress. This includes contractors going door-to-door offering home repairs and debris removal. Instead, take your time and thoroughly investigate any service providers before signing a contract.
2. Watch out for “scarcity tactics.” This occurs when scammers say that their price will rise if you don’t act right away, or that their price is a special limited-time offer. Don’t feel pressured to make a big financial decision under these circumstances. And never make a final payment until all of the work performed has been completed to your satisfaction.
3. Stay on top of scams in your area. It pays to be informed. After disasters, FEMA creates a Rumor Control page on its website to make disaster victims aware of scams that are proliferating in their area. FEMA also has a Current Disasters page on its website that lists recent disaster declarations, searchable by location.
4. Guard against identity theft. Disaster victims are often legitimately asked for personally identifiable information, so it can be easy to let your guard down. Scammers see this as a prime opportunity to steal this sensitive information and use it for identity theft purposes, so you have to be especially vigilant.

It might make sense to freeze your credit reports after a disaster to restrict access to your credit file, which you can do for free at Equifax, Experian and TransUnion. You might also want to put a one-year fraud alert on your credit report, which you can renew after a year if you choose. This will require lenders to call you and verify your identity before extending new credit in your name.

How to Report Disaster Scams

If you believe you have been a victim of a disaster-related scam, call the National Center for Disaster Fraud’s hotline at (866) 720-5721. Also contact local law enforcement, your state attorney general and the FTC’s online fraud reporting hotline.

Sources:
¹Consumer Financial Protection Bureau (CFPB)
²https://www.brookings.edu/articles/economic-impact-of-the-baltimore-bridge-collapse/
³https://www.npr.org/2024/04/02/1242327964/the-economic-impact-of-the-baltimore-bridge-collapse