Security

At Scott Credit Union, one of our top priorities is to protect your money and your personal financial information. We need your help in this effort, so we created this page to give you tips on how to best protect yourself from fraud and scams as new technology becomes available.

As technology continues to improve and become more sophisticated, so do the tactics through which criminals attempt to steal people’s identity and information. Debit card fraud also has become more prevalent.

We have systems in place to detect fraudulent activity in an effort to minimize fraud on our members’ accounts. However, we also feel it is important to arm you and all of our members with as much information as possible to help you protect your money and personal financial information from fraudsters.

The following information includes details of current scams as well as information about how to best monitor your accounts for fraudulent activity. Please review the information so you can best protect your accounts and your personal information.

Fraud Alerts

Debit Card Skimming

Fraudsters can use a special scanner to collect data off a debit card that can later be used to make unauthorized purchases. Often, the person owning the card has no idea that their information has been compromised.

These debit card scanners can be installed on ATMs or gas station pumps and many are virtually undetectable. A camera or magnetic device set up nearby can then capture the PIN entered by the victim. The PIN and the card number collected from the scanner give the fraudster all the information he needs. The victim is unaware his information has been compromised until he notices strange and usual purchases made on his account.

Recommendations:

  • Be wary of any stand-alone ATM. Obviously there are plenty of legitimate ones, but look around and be suspicious of an ATM that isn't bolted to the side of a building or secured inside a facility. A legitimate ATM is heavy and not easy to move. Also, beware of stand-alone ATMs that advertise "no fees," since most legitimate owners of stand-alone ATMs have to charge fees to make money.
  • Avoid ATMs if the access door or any part of the machine is broken. If the lock on the door to the room accessing the machine is broken, beware and don't use the machine. A fraudster may have forced open the door to install a skimming device.
  • Beware of "out of service" signs. If your ATM has a "out of service" sign, it could be legitimate -- or it could be trying to get you to use another nearby ATM that had been compromised.
  • Report "malfunctions" immediately. If you get an error message instead of money, contact your financial institution immediately.
  • Access your account on line and frequently monitor your transaction activity. Take a few minutes every week to log onto your accounts and review your transactions. Report bogus transactions immediately.
Email Phishing Scam

Email phishing is one type of fraud.  Scott Credit Union has been made aware of emails being received by our members.  This email refers to a failed direct deposit.  Within the email is a link that requires you to open for more information.  Any links or attachments could cause unwanted viruses and/or take you to a site that may ask for personal information to obtain the information referred to in the email.

PLEASE REMEMBER: SCU will never request personal and/or private information by email nor do we randomly send emails to our members that include attachments or links.  Do not open any emails and or attachments that you yourself did not request.  Do not provide private and/or personal information by email as this can be a way for criminals to get your information.

If you have any questions about any emails you may have received from Scott Credit Union, please contact our Member Service Center at 618-345-1000 or toll free at 1-800-888-4728.

Credit Card Scam

A new credit card scam is currently being used to gain people’s credit card information so they can purchase items fraudulently. Please be aware of the scam and avoid giving any information.

The scammers provide YOU with all the information, except the one piece they want. Note, the callers do not ask for your card number; they already have it.

By understanding how the VISA & MasterCard Telephone Credit Card Scam works, you'll be better prepared to protect yourself.

The scam works like this:

Caller: This is (name), and I'm calling from the Security and Fraud Department at VISA. My Badge number is 12460. Your card has been flagged for an unusual purchase pattern, and I'm calling to verify. This would be on your VISA card which was issued by (name of financial institution). Did you purchase an Anti-Telemarketing Device for $497.99 from a Marketing company based in Arizona?'

When you say 'No', the caller continues with, 'Then we will be issuing a credit to your account. This is a company we have been watching and the charges range from $297 to $497, just under the $500 purchase pattern that flags most cards. Before your next statement, the credit will be sent to (gives you your address), is that correct?'

You say 'yes'. The caller continues - 'I will be starting a fraud investigation. If you have any questions, you should call the 1- 800 number listed on the back of your card (1-800-VISA) and ask for Security.

You will need to refer to this Control Number. The caller then gives you a 6 digit number. 'Do you need me to read it again?'

Here's the IMPORTANT part on how the scam works. The caller then says, 'I need to verify you are in possession of your card'. He'll ask you to 'turn your card over and look for some numbers'. There are 7 numbers; the first 4 are part of your card number, the next 3 are the security numbers that verify you are the possessor of the card. These are the numbers you sometimes use to make Internet purchases to prove you have the card.

The caller will ask you to read the 3 numbers to him. After you tell the caller the 3 numbers, he'll say, 'That is correct, I just needed to verify that the card has not been lost or stolen, and that you still have your card. Do you have any other questions?' After you say No, the caller then thanks you and states, 'Don't hesitate to call back if you do', and hangs up.

You actually say very little, and they never ask for or tell you the Card number. What the scammers want is the 3-digit PIN number on the back of the card. Don't give it to them. Instead, tell them you'll call VISA or Master card directly for verification of their conversation. The real VISA will never ask for anything on the card as they already know the information since they issued the card! If you give the scammers your 3 Digit PIN Number, you think you're receiving a credit. However, by the time you get your statement you'll see charges for purchases you didn't make, and by then it's almost too late and/or more difficult to actually file a fraud report.

The scam is being performed by fraudsters saying they are from both Visa and Master Card.

Online Pop Up Scam

Some of our members have reported being presented with an online pop-up message asking them to verify personal information such as their social security number. Reports indicate this is happening while making online purchases for items such as airline tickets. Do not share your personal information with anyone unless you are completely sure of their identity.

WE WILL NOT EMAIL, GENERATE AN ONLINE POP UP, OR CALL YOU TO VERIFY ANY OF YOUR PERSONAL OR FINANCIAL INFORMATION.

If you encounter a pop-up such as this, please notify us by calling the Scott Credit Union Member Service Center at 618-345-1000 or toll free at 1-800-888-4728, or you may email [email protected] We will report any further information via this website.

Telephone Text Message Phishing Scam

Please be aware of a scam that is being circulated via telephone text messages in an attempt to get personal financial information. Some of our members have reported receiving a text message on their cell phone recently telling them that their debit card was suspended for shopping purchases. Then it gave an 800 number to call to reactivate the card. If you receive such a message, do not call the number provided. REMEMBER, WE WILL NOT EMAIL, TEXT OR CALL YOU ASKING YOU TO VERIFY ANY OF YOUR PERSONAL OR FINANCIAL INFORMATION. Do not share any of your information with anyone unless you are completely sure of their identity. If you receive a call, text, or email requesting personal or financial information, and you are unsure if it is legitimate, please call the Scott Credit Union Member Service Center at 618-345-1000 or toll free at 1-800-888-4728.

ZeusBot (or ZBot) Attacks

ZeusBot (or ZBot) is malicious software that is bypassing top Anti-Virus / Malicious software scanners. Once your computer is infected, it waits for you to login to your online banking. When you login, it records your information and creates a pop-up that asks you to further verify your account by entering your credit card information. All information gathered is sent back to the attackers. Even if you do not enter additional information when prompted, the damage is already done because your online banking login has been compromised.

The only solution for victims to this type of fraud is to shut down your computer, change your online banking account passwords, look for changes to your account, and delete and restore all computer content.

Internet Browsing Safety

There are many risks when you browse the Internet from your computer or laptop at home. It is important that you take some simple steps to assure that you are accessing web sites, including your online accounts, in the safest way possible.

It is very important that you have up-to-date antivirus, anti-spyware and anti-malware programs installed on any devices you are using.

We also warn you against accessing your Scott Credit Union accounts on a public computer. Examples of a public computer would be ones at work, a library, or school that other people use to browse the Internet. These computers can be risky because they could be infected with malware designed to capture your personal or financial information when you login to your accounts.

As always, we remind you to be vigilant when using the Internet. We welcome you to call or email us if you have any questions regarding the security of your online account access.

If you encounter an online scam, or anything that appears suspicious, please notify us by calling the Scott Credit Union Member Service Center at 618-345-1000 or toll free at 1-800-888-4728 or email [email protected].

Identity Theft

Protect Yourself & Your Identity

This page gives you information on how to Deter-Detect-Defend against Identity Theft. If you think you have been a victim of Identity Theft, click here for what you need to do right away.

Do's & Don'ts

Protecting yourself from Identity Theft is important. You can become a victim of Identity Theft in many ways. Here are some of the things you need to know to protect yourself.

Do...

  • Shred all personal and financial information — such as bills, bank statements, ATM receipts, and credit card offers — before you throw it away.
  • Keep your personal documentation (e.g., birth certificate, Social Security card, etc.) and your bank and credit card records in a secure place.
  • Call the post office immediately if you are not receiving your mail. To get the personal information needed to use your identity, a thief can forge your signature and have your mail forwarded. Be aware of your surroundings when entering your Personal Identification Number (PIN) at an ATM.
  • Limit the number of credit cards and other personal information that you carry in your wallet or purse.
  • Report lost or stolen credit cards immediately.
  • Review and consider whether you need currently inactive card accounts. Even when not being used, these accounts appear on your credit report, which is accessible to thieves. If you have applied for a credit card and have not received the card in a timely manner, immediately notify the appropriate financial institution.
  • Closely monitor the expiration dates on your credit cards. Contact the credit issuer if the replacement card is not received prior to your credit card's expiration date.
  • Sign all new credit cards upon receipt.
  • Review your credit reports annually.
  • Use passwords on your credit cards, bank accounts, and phone cards. Avoid using the obvious passwords — your mother's maiden name, your birth date, or the last four digits of your Social Security or phone number.
  • Match your credit card receipts against monthly bills to make sure there are no unauthorized charges.

Don't...

  • Volunteer any personal information when you use your credit card.
  • Give your Social Security number, credit card number, or any bank account details over the phone unless you have initiated the call and know that the business that you are dealing with is reputable.
  • Leave receipts at ATMs, bank counters, or unattended gasoline pumps.
  • Leave envelopes containing your credit card payments or checks in your home mailbox for postal carrier pickup.
  • Record your Social Security number or passwords on paper and store them in your wallet or purse. Memorize your numbers and/or passwords.
  • Disclose bank account numbers, credit card account numbers or other personal financial data on any Web site or online service location, unless you receive a secured authentication key from your provider.

*Note - Visa’s Zero Liability policy covers U.S.-issued cards only and does not apply to commercial credit cards, ATM transactions or PIN transactions not processed by Visa. Cardholders must notify card issuers promptly of any unauthorized use. Consult issuer for additional details or visit www.visa.com/security.

Dumpster Diving

  • Thieves rummage through trash to find bills, credit card offers, or other papers that include your personal information.

Lifting Information from Receipts and Records

  • One of the easiest ways a thief can obtain a person's credit card number or other vital information is by taking advantage of carelessness. For example, you have just signed your receipt at the restaurant and you have left it there for the waiter/waitress. A thief can stop by the table, and copy down your information. In fact, the way technology is today, the thief can take a picture using the camera on his or her phone!

Information from Credit Reports

  • Some identity thieves pose as a landlord, employer or someone else who may have a legitimate need for your credit report. Once they pull the credit report, they are able to retrieve your personal data, including credit card numbers, history, employment, and much more information.

Phishing

  • Phishing is also referred to as brand spoofing or carding.  It is a variation of "fishing," in that the thief puts out the bait in hopes that some will be tempted to partake. In a phishing scam, the thief sends thousands of e-mails that appear to come from sites that you trust (e.g., Scott Credit Union). These messages, pop-up windows, and even the websites they link to appear to be official and legitimate. However, in the phishing scams, the link is not to an official website, but rather to a phony website. Once inside that website, you may be asked to provide a Social Security number, account numbers, passwords, or other information. When you provide the information, the thieves can begin to access your accounts or assume your identity.

Click here for more information on how to Deter-Detect-Defend against Identity Theft.

Your Money is Safe

Each member’s deposits at Scott Credit Union are federally insured to at least $250,000 by the National Credit Union Administration. Additionally, Individual Retirement Account (IRA) deposits are insured separately to $250,000.

The National Credit Union Administration (NCUA) is the federal agency that charters and supervises federal credit unions and insures savings in federal and most state-chartered credit unions across the country through the National Credit Union Share Insurance Fund (NCUSIF), a federal fund backed by the full faith and credit of the United States government.

Social Media

Scott Credit Union currently uses social media as a way to increase brand awareness, advertise specific products, and to continue the credit union mission of “people helping people” through financial education.  We encourage anyone to provide us feedback about Scott Credit Union through our social media sites.  When communicating through social media, please remember:

We will never…

  • ask you for any information such as account number, social security number, or date of birth.
  • ask for any transaction information that may appear on your account.

We will always…

  • request that conversations which could disclose personal information be taken off of social media to protect the confidentiality of your information.
  • listen to any and all feedback that you have about Scott Credit Union whether it is positive or negative.

Please remember that it is very important that you never post any personal financial information to any social media site. If you have a comment or question for us, be careful not to post any personal financial information. We are extremely careful to protect your information.

Social media sites have become an integral part of many people’s daily online lives.  They are a great way to stay connected with others, but you should be wary about the information you post.  The rise in social media’s popularity has also lead to an increase in the number of unsavory people on the sites.  Scammers, hackers, virus writers, identity thieves, and other criminals can use information posted to social networks.  Here are some tips for you to protect yourself when using social media sites:

Social Media Tips
  • Click links with care.  A common way for these criminals to gain access to your social media account or information is by sending you messages with fraudulent links in them.  As a general rule, if you are not expecting a link via social media from someone, do not click on it.  If someone sends you an unexpected link, verify with the person who sent it that it is legitimate.
  • Don’t trust that a message is really from who it says it is from.  Hackers can break into accounts and send messages to people connected to that person.  When in doubt about links in a message, refer to the first bullet point in this section.
  • Be selective about who you connect with on social media.  Identity thieves and hackers can use the information you post on social media against you.
  • Be mindful of what you post and what questions you answer.  When setting up profiles for many different online accounts, it is common for them to ask you security questions in order for you to recover your account if the information is lost.   Identity thieves and hackers can use this information to reset your password to one of their choice.  Whenever possible, choose to write your own security questions and make them answers not found online.
  • Assume anything you publish on a social media site is permanent.  Even if you delete your account, in many cases, the information you published on social media is still stored on the site.  In addition, anyone who can view your photos and/or information can easily take a screen shot or save the information another way.
  • Be careful installing third party applications.  Third party applications can be a great addition to social media sites, but they can also open loopholes for criminals to gain access to your private information, including your password.