- Credit Union National Association is aware of phone calls, text messages, and emails being made about:
• Account De-activation
• Account Status Alert
• Changes to Terms and Conditions
• Irregular Activity
These e-mails and text messages ask that the customer call a number in order to have their account reactivated. Some may request that you leave callback information or provide your financial information directly. All of these messages are fraudulent. Please do not respond to these messages.
The Credit Union National Association is the trade association for credit unions in the US. CUNA does not maintain any type of customer/member financial information. Additionally, your financial institution would never solicit your personal identification information via email. If you did respond to such a solicitation, you should contact your financial institution directly using the local phone number provided by your financial institution.
**NEW** Phishing Scam
Please be aware that random individuals and companies may have received a falsified e-mail with the subject title “Rejected ACH Transaction.”
This e-mail appears to be from NACHA – the Electronic Payments Association – telling them that there is a problem with an ACH transaction they have originated. The e-mail includes a link which redirects the individual to a fake web page which appears like the NACHA website and contains a link which is almost certainly an executable virus with malware.
If you receive an e-mail similar to the following sample, do not click on any of the links. Delete the e-mail immediately.
= = = = = Sample E-mail = = = = = =
From: nacha.org [mailto:report@nacha.org]
Sent: Thursday, November 12, 2009 10:25 AM
To: Doe, John
Subject: Rejected ACH transaction, please review the transaction report
Dear bank account holder,
The ACH transaction, recently initiated from your bank account, was rejected by the Electronic Payments Association. Please review the transaction report by clicking the link below:
Unauthorized ACH Transaction Report
Additional information regarding this issue can be found at www.nacha.org.
If you have any questions or if you receive an email similar to this, please contact DLFCU immediately at (888) 369-2207.
International Mail Fraud Scheme Identified
Consumers in as many as 10 states have reportedly received counterfeit checks bearing the Nationwide name. Each check has been issued in the amount of $4,500 and has been accompanied by a letter which informs the recipient that they are the winner of a $150,000 “Consumer Promotion Draw” organized for consumers who shop in major stores in the US, Canada and United Kingdom. The letter goes on to explain the $4,500 check has been issued to cover the “Non-Resident Government Tax” the consumer will have to pay to a British Tax Officer. The individuals generating the correspondence and counterfeit checks have no affiliation with Nationwide Insurance and are fraudulently using the Nationwide name.
In order to receive the $150,000 prize, recipients are told they must cash the check and then forward $3,750, by Moneygram International or via a Western Union Money Transfer, to an address located in the United Kingdom. While consumers are provided with a 1-866 number to call, they are urged to keep the matter confidential until their claim has been processed.
Consumers should be leery of “advanced fee scams” such as this as they stand to lose a great deal of money. In this particular situation, if a consumer were to cash the fraudulent check, they could find themselves owing the bank between $3,750 and $4,500.
As consumers are defrauded of millions of dollars each year, the following are tips so consumers do not find themselves the victim of a mail fraud scheme:
·If an offer sounds too good to be true, it probably is.
·Be skeptical of any correspondence offering you the opportunity to win a large sum of money in exchange for specific information.
·Be leery of checks received from companies you do not do business with. The check is most likely fraudulent.
·If the name of a well known company is noted on the correspondence received, contact the company to verify the legitimacy of the letter.
·Be wary of sweepstakes or contests that require you to send money to a P.O. Box, a drop-box or an overseas address before you can claim your prize.
NEW! The Latest in 'Skimmers'
Nowadays, skimmers are attached to the fronts of ATMs and gas pumps. But you probably don’t know how impressive the latest version is. It’s tiny: 3.5 inches long, by a half inch by a quarter inch. It’s almost impossible to detect. It contains batteries charged by an induction plate and stores data on a camera memory card. It attaches to a thin number pad overlay to capture PINs, and as a secondary method, also has a motion-activated video camera (jury-rigged from a high-end mobile phone) which is time-tagged to match up with the right credit card info. It has a bluetooth transmitter that allows remote, anonymous downloads, which means the skim-master doesn’t have to go near the scene of the crime, once the thing is installed. The best line of defense against such devices appears to be an alert facility owner. Consumers, of course, need to be aware of their surroundings while using credit cards and
review monthly reports.
(Courtesy of Wayne Dickey, Florida Intelligence Unit eINTEL)
Attention! Copiers Pose New Fraud Threat
It has just been announced that the newest culprit to identity fraud is the photocopier. Most of the digital copiers manufactured in the last five years have disc drives, the same type of data-storage mechanism that is found in computers.
Unknowingly, many Americans have been using copy machines that retain the data being scanned. If the data on the copier's disc is not protected with encryption or an overwrite mechanism, sensitive information like social security numbers and financial account numbers could get into the wrong hands.
Many copier makers are adding the necessary security features, but many machines in public venues and offices are still not protected. Before making copies, ask if the copy machine you are using has data security installed. If it does not or if it is uncertain, go somewhere else. Also find out ahead of time if your tax preparer's machines have data security installed.
In a recent fraud targeting Sprint cell phone users in several states, criminals are using text messages purportedly from financial institutions – including credit unions – in order to get people to disclose their personal financial information.
According to a story in Tuesday’s Pittsburgh Tribune-Review, consumers are sent a text message asking them to reply with their bank account and PINs, or personal identification numbers. The phone number with the text message is typically false and leads consumers to enter their information through an automated system.
The Tribune-Review also noted that Sprint cell phone customers in dozens of states, including New York, Michigan, Missouri and Texas, have been targeted by this scam. Text messages in this scam directed members to call a toll-free number where they were prompted to provide personal financial information.
A warning has also come from Idaho Attorney General Lawrence Wasden. On Jan. 23, the Idaho Press-Tribune reported that criminals are sending text messages to random cell phones asking consumers to be part of a “protection program.” The texts, which claim to be from their bank, ask consumers to call a telephone number where a recorded message prompts them for their credit card numbers.
To report text message scams, contact the FBIInternetCrimeComplaintCenter at www.ic3.gov.
Normal0falsefalsefalseMicrosoftInternetExplorer4A fraudulent e-mail seeking credit card information (known as a "phishing fraud") has been circulating nationwide since 2 p.m. EST today. This fraudulent phishing email appears to be from NCUA and contains a link purportedly to obtain a subscription for the NCUA Express Subscription service. When that link is used, the recipient is directed to a "clone" of the NCUA Express Service site that seeks credit card information from those to whom the phish was sent. If you receive such an email, please ignore it, as it is fraudulent. The NCUA does NOT charge for the Express Subscription service and does NOT solicit credit card information over the Internet. If you have questions or comments, please contact the NCUA Fraud Hotline at 800-827-9650 or, during off duty hours, at 703-728-0700.
These aren’t the only fraud alerts issued in recent days. For example:
·A Syracuse.com report said that credit union members in Central New York have been targeted by a cell phone text-message scam. The fraudulent texts appear to be from Empower FCU in Oswego, N.Y., and claim that members’ ATM cards have been deactivated. It then directs members to call a toll-free number where they are prompted to enter their card number, expiration date and pin number.
·In another related item, a Jan. 13 SearchSecurity.com report (“Phishing attack uses pop-up message on bank sites”) notes a new phishing technique called session phishing. This method utilizes fraudulent pop-up login messages that appear on legitimate banking Web sites. This pop-up window may request that the user retype their username or password because their session had expired. The pop-ups can also take the form of customer satisfaction surveys.
*NEW FRAUDULENT EMAIL SCAM ALERT*
From: Credit Union Access [mailto:card@creditunionaccess.comcard@creditunionaccess.com]
Sent: Sunday, December 14, 2008 6:39 PM
To:
Subject: Account Status Alert
Dear CU Member:
This is not a promotional e-mail. Please call us immediately at (877) 898-7930 regarding recent restriction placed on your account. We're available 24/7 to take your call.
Please disregard this e-mail if you've already call us since the date this e-mail was sent.
We appreciate your prompt attention to this matter.
Thank you CU Fraud Prevention Security Department
*New* PHISHING Attack
Hopefully, everyone has heard of the word “phishing”. Recently, our credit card vendor, PSCU, has been “attacked” by a phishing attempt. You may have received an email disguised as coming from PSCU stating that your card has been compromised and that you need to click on a link in order to stop or dispute the charges. When you click on the link, it shows that there was an unauthorized charge on the card and that you need to click on another link and type in credit card information.
If any DLFCU member did this, then your credit card information was given to the hacker possibly allowing them to perform online charges against your card.
Please remember that DLFCU will NEVER send out an email requesting the member to access a website and provide their personal information. Never!!
Please also note that even though you may have received an email and clicked on the link to the webpage asking them to verify their card data, their account data is perfectly safe unless you typed in their card information.
**PHISHING ALERT**
A number of local Credit Unions have been the targets of phishing attacks. Criminals are sending out fraudulent messages via email and text message requesting members to visit counterfeit websites or call fraudulent phone numbers.
The counterfeit sites and automated phone system request credit card numbers and / or PINs. Please be reminded that your financial institution WILL NEVER ask you for your personal information, whether it is via a website OR a voice recorded phone call unless you initiated the contact.
We understand that these messages are going to consumers that do not have accounts with our credit union. That does not mean you are not at risk. If you provide ANY banking/credit card information, you are at risk of being victimized.
If you have received an email or text message, you can assist financial institutions in the fight against fraudulent activity by filing a complaint with the FTC at 877-382-4357 or spam@uce.gov. When you call be sure that you provide the FTC with the phone number you have been asked to call and/or the website you have been asked to visit to provide personal financial information.
If you believe you have responded to a message and provided personal information, please contact us immediately by sending an email to dlfcu@dowlafcu.org or by calling the DLFCU at (888) 369-2207.
Beware of 'Fraud Prevention' Phishing Scams
Emails are being sent out seemingly from your local bank or credit card company asking for your banking information. These emails are NEVER addressed to you. Please see below for an example:
This is not a promotional e-mail. Please call us immediately at 1-800-687-0821 regarding recent restriction placed on your check card or atm card (4011-XXXX-XXXX-XXXX). We're available 24/7 to take your call.
Please disregard this e-mail if you've already call us since the date this e-mail was sent.
We appreciate your prompt attention to this matter.
Thank you SunTrust Fraud Prevention Security Department
Dow Louisiana Federal Credit Union will never ask for your banking information via email. Please report suspicious emails immediately to us at (888) 369-2207, or forward them to dlfcu@dowlafcu.org.
Vishing Getting More Use, Report Suggests
Recent incidents point to a rise in vishing, or phishing utilizing voice-over-IP, in their efforts to trick people into providing personal account data, according to a Jan. 11 online report by CUInfoSecurity.com.
The online service noted recent attempts targeting account holders at Beneficial Bank (Philadelphia), Yakima Valley CU (Yakima, Wash.) and Catholic CU (also in Yakima). The instances involved a combination of phishing e-mails and voicemail directing consumers them to another Web site or phone number to update account data (“Bank Credit Union Customers Struck by Fraud Attempts,” by Linda McGlasson).
In the voicemails, callers were given a toll-free number to call; when they did call, they were asked to provide account data.
Vishing is getting greater use as financial institutions beef up their online security, according to Avivah Litan of Gartner, the report says. Another analyst says that vishing could be the next “attack vector” as consumers become more savvy about phishing e-mail.
Beware of a New "Phishing" Methods
Now that consumers are getting wise to phishing emails (attempts to get you to disclose your credit account numbers or other private information through email messages set up to look like they are sent from legitimate sources) the scammers have added a new twist. Instead of directing you to click on a link that takes you to a fake site where they expect you to enter your private information, they now direct you to call a "special" phone number. Once you call, an automated system asks you to verify your identity by punching in your credit card number. Of course, if you do that, you have just given the thieves open access to charge up your account!
Our advice remains the same: do not give out your account information to anyone unless you verify that they are legitimate!!! Dow Louisiana Federal Credit Union will never contact you via e-mail or phone to ask for your account numbers. We already have your account numbers and information. However, if you initiate the call, we will ask for some identifying information before we disclose any information on your accounts.
If you ever have any doubts about the legitimacy of a phone call or e-mail, call DLFCU at (888) 369-2207 to double check before you give out any information.
NEW "Phishing" E-mail Scam The latest scam is an e-mail warning that your account is being accessed from overseas or referring to the IRS. These e-mails are scams and should be deleted.
Dow Louisiana Federal Credit Union will never ask for credit card, debit card, or pin number information over the phone or online to verify your identity.
At the begining of this year DLFCU took extra steps to protect our members by adding an additional Security Authentication to ePal, DLFCU's Online Banking System. Most financial institutions only have 1 Security Authentication on their online banking system, which makes it less secure and vulnerable to Phishing scams. Since our addition, DLFCU members have 2 Security Authentication Factors to protect their financial information.
Credit Card Scam Alert!
Recently, Scammers have been calling credit card holders claiming they are from the "Security and Fraud Department" of either VISA, MasterCard or American Express and are contacting the cardholder because of recent "unusual purchasing patterns" related to their credit card. Unfortunately, the scammers appear to be legitimate because they already know most of the cardholder's account information! The scammer then gives you a phony control number to document the fraud claim and asks you to provide the CVV code from the card to prove that you are in possession of the card.
The CVV (Card Verification Value) code is a security feature on all major credit cards and is either 3 or 4 digits, depending on the type of card. Most retailers who accept orders over the phone or online usually require customers to verify the CVV code to help prevent fraudulent transactions. But if the scammer obtains the code, it will be very easy to the credit card to quickly make a few fraudulent purchases.
Important Tips To Avoid Being Scammed:
• Be aware that credit card companies DO MONITOR ACCOUNT ACTIVITY as a preventative measure against fraud, and they regularly contact people about "unusual purchasing patterns"
• If you receive a suspicious call, hang up and confirm that the call originated from your credit card company by calling the toll free number on the back of your card
• Typically, you only need to provide your CVV code when making a purchase online or over the phone - the code should not be used to verify other account information
• Likewise, never give out account information in response to an E-mail. That's how phishing works.
• VISA Credit and Debit Cards feature a 3 digit non-embossed CVV code on the back of the card printed within the signature panel after the account number.
Letters May Be A "Phishing" Expedition
It has come to our attention that some of our members who have mortgage loans through DLFCU have received misleading letters from bogus “mortgage lending” companies claiming to have important information about our members’ mortgage loans. The majority of these letters are not only misleading and completely false, but they also pose a real danger to anyone who responds to the sender and provides account information. This type of solicitation is commonly known as “phishing” which is a serious crime!
Sometimes you just need the money. Whether it's a new wardrobe or taking the vacation of your dreams, we can get you loan you need - quick and easy. Anyone can open an account and we make it easy to join! Applying online is quick and secure. Click here to get started.
WE'LL TAKE THE STING OUT OF INTEREST RATES. Dow Louisiana Federal Credit Union's Visa Cards are no-strings, no-hassle cards you can trust. We won't lower your credit limit on a whim, and we won't surprise you with a new interest rate. We give you a rate that starts out low - and stays that way. Get rid of your high-rate cards and transfer those balances to a DLFCU Visa card for real value you can trust. Apply online today!
