Following the announcement by Marriott hotels of the data security incident involving the Starwood guest reservation database, customers are reminded to check their bank and credit card statements regularly and if they spot any unfamiliar transactions, to contact their bank or card company immediately. Customers are protected against unauthorised fraud losses on a debit or credit card.
Consumers should also be vigilant of criminals attempting to use the news of the data breach as an opportunity to trick people into revealing personal or financial information.
Customers are reminded that a genuine bank or organisation will never contact them out of the blue to ask for their PIN, full password or to move money to another account.
Criminals will regularly use the publicity around data breaches as a chance to pose as a genuine organisation, including banks, police officers, retailers and telephone or utility companies. Often the criminal will pretend to be from the impacted company, such as Marriott hotel or claim they are dealing with an issue resulting from the data breach.
Fraudulent emails, phone calls or text messages in many cases claim there has been fraud on an account or the customer needs to “verify” or “update” details. The communication often suggests the request is urgent or asks for remote access to the customer’s computer.
Using the data breach as a cover story, the criminal will then attempt to get the recipient to disclose personal or financial information, which they will then use for their own fraudulent purposes.
Consumers are urged to follow the advice of the Take Five to Stop Fraud campaign:
- A genuine bank or organisation will never contact you out of the blue to ask for your PIN, full password or to move money to another account. Only give out your personal or financial details to use a service that you have given your consent to, that you trust and that you are expecting to be contacted by.
- Don’t be tricked into giving a fraudster access to your personal or financial details. Never automatically click on a link in an unexpected email or text.
- Always question uninvited approaches in case it’s a scam. Instead, contact the company directly using a known email or phone number.