Keeping your sensitive information safe and secure is our top priority. To help, we’ve identified some of the most common topics concerning information security and provided steps you should take to keep your information safe.
- Contact American at 877-483-6811.
- Contact all other creditors. Call each creditor's fraud department and ask them to close or freeze the accounts.
- Change logins, passwords and PINS for your accounts.
- Place a free, one-year fraud alert and get your credit reports by contacting one of the three credit bureaus.
- Report Identity Theft to the FTC by completing this online form. Based on the information you enter, IdentityTheft.gov will create your Identity Theft Report and recovery plan.
Business email compromise (BEC) is a sophisticated scam targeting businesses of all sizes. It's carried out by hackers who compromise legitimate business email accounts through phishing emails, a fake email account or computer intrusion techniques to conduct unauthorized transactions.
Phishing attacks use email or malicious websites to infect your devices with malware and viruses in order to gather personal and financial information. Cyber criminals lure users to click on a link or open an attachment that infects devices. Phishing emails may appear to come from a real financial institution, government agency, business or individual and may request sensitive, personal information such as account numbers, passwords, or Social Security numbers.
- Think before you click. Never click on a link or an attachment that you weren’t expecting, even if it appears to be from someone you know. The sender’s email address could be spoofed. Reach out to the sender by phone to confirm the legitimacy of the email before clicking.
- When an email requests that you to log in to an account, do not click the link in the email. Instead, go directly to the website through your browser. This ensures you are accessing the real page and keeping your credentials safe.
- American will never ask for sensitive information in an email or text message.
Smishing is a security attack in which a fraudster sends a text message asking the user to provide sensitive, personal, and/or financial information via a web link to a false website or via a telephone number. It will trick the user into downloading a virus or other malware onto a smart device.
- Avoid clicking links within text messages, especially if they are sent from someone you don't know. Be aware that these messages can appear to come from someone you do know, so think before you click.
- Don't respond to text messages that request private or financial information from you.
- If you get a message that appears to be from your bank or other entity that you do business with, contact that business directly to determine if they sent you a legitimate request.
The caller may know some of your Social Security number and your caller ID may show a Washington, DC area code. But these are just tactics the scammers use to reel in victims. The real IRS will not ask you to pay with pre-paid debit card or wire transfers. They also will not ask for a credit card over the phone. When the IRS first contacts you about unpaid taxes, they will do it by mail, not by phone.
Do not wire money or pay with pre-paid debit cards. Once you send funds, the money is gone. If you have tax questions, visit irs.gov or call the IRS at 1-800-829-1040.
Money wiring scams
- “You won a prize or inherited money, but you have to pay fees first.”
- “You won the lottery, but you have to pay some taxes first.”
- “A friend or family member is in trouble and needs you to send money to help.”
- “You need to pay for something you just bought online before they send it.”
- “You got a check for too much money and need to send back the extra funds.”
- “Grandma, I need money for bail.”
- “Grandpa, I need money for a medical bill.”
- Or some other kind of trouble. The call says it’s urgent and tells you to keep it a secret.
If you get a call from someone you don’t know who is trying to sell you something, ask for more information or say “no, thank you.” If they pressure you about giving out personal information, like your credit card, social security number, or bank information, keep asking questions or hang up before giving out any information.
- Federal Trade Comission (FTC): This free, one-stop resource can help you report and recover from identity theft. You can also report fraud online.
- US-CERT: Report computer or network vulnerabilities to US-CERT via the hotline: 888-282-0870 or online. Forward phishing emails or websites to US-CERT at firstname.lastname@example.org.
- Internet Crime Complaint Center (IC3): If you are the victim of an online crime, file a complaint with IC3 online.
- Social Security Administration: If you believe someone is using your Social Security number, contact the Social Security Administration's fraud hotline at 800-269-0271.