However, we also feel it is important to arm all of our members with as much information as possible to help you protect your money and personal financial information from fraudsters. The following information includes details of current scams as well as information about how to best monitor your accounts for fraudulent activity. Please review the information so you can best protect your accounts and your personal information.
Please be aware of a scam that is circulating through phone calls and text messages with the phone number of the recipient’s financial institution. The individual is informed there has been fraud on their account, and they need to provide their online user ID and password to stop the transactions. Others are being asked for their debit card information. Additionally, they are told they will not have account access for 24 hours. If you receive such a call or message DO NOT GIVE OUT YOUR INFORMATION. WE WILL NEVER REQUEST YOUR USER NAME AND PASSWORD AT ANY POINT IN TIME. Do not share your information with anyone. If you are unsure of a text or call hang up and call our member service team directly at 1-(800) 888-4728.
- Scammers are using financial institution employee names to try to defraud members of the public.
- The latest phone and video scams may include:
- A phone or video call or an email from an imposter claiming to be an SCU or other U.S. government official.
- Messages or calls notifying you of an opportunity to participate in a class-action lawsuit, or that you’ve won a lawsuit or owe money you didn’t expect.
- Being told you must first pay taxes or another upfront fee to collect the money. They may continue to find “reasons” for you to pay more fees or taxes. It is all part of the scam.
- If you believe you have received one of these calls, hang up immediately and DO NOT give out any of your personal information. If it seems fishy, trust your gut!
Ways protect yourself.
- Don’t share sensitive information – Avoid sharing Social Security numbers, account information, or credit card numbers with people you don’t know.
- Never pay upfront for a promised prize – If you’re told you must pay fees or taxes to receive a prize, it’s a scam.
- If it sounds too good to be true, it probably is – If someone is trying too hard or pressuring you, you can always walk away or hang up.
- Watch SCU’s Avoiding Scams video for more tips.
Fraudsters can use a special scanner to collect data off a debit card that can later be used to make unauthorized purchases. Often, the person owning the card has no idea that their information has been compromised.
These debit card scanners can be installed on ATMs or gas station pumps and many are virtually undetectable. A camera or magnetic device set up nearby can then capture the PIN entered by the victim. The PIN and the card number collected from the scanner give the fraudster all the information he needs. The victim is unaware his information has been compromised until he notices strange and usual purchases made on his account.
- Be wary of any stand-alone ATM. Obviously there are plenty of legitimate ones, but look around and be suspicious of an ATM that isn’t bolted to the side of a building or secured inside a facility. A legitimate ATM is heavy and not easy to move. Also, beware of stand-alone ATMs that advertise “no fees,” since most legitimate owners of stand-alone ATMs have to charge fees to make money.
- Avoid ATMs if the access door or any part of the machine is broken. If the lock on the door to the room accessing the machine is broken, beware and don’t use the machine. A fraudster may have forced open the door to install a skimming device.
- Beware of “out of service” signs. If your ATM has a “out of service” sign, it could be legitimate — or it could be trying to get you to use another nearby ATM that had been compromised.
- Report “malfunctions” immediately. If you get an error message instead of money, contact your financial institution immediately.
- Access your account on line and frequently monitor your transaction activity. Take a few minutes every week to log onto your accounts and review your transactions. Report bogus transactions immediately.
Email phishing is one type of fraud. Scott Credit Union has been made aware of emails being received by our members. This email refers to a failed direct deposit. Within the email is a link that requires you to open for more information. Any links or attachments could cause unwanted viruses and/or take you to a site that may ask for personal information to obtain the information referred to in the email.
PLEASE REMEMBER: SCU will never request personal and/or private information by email nor do we randomly send emails to our members that include attachments or links. Do not open any emails and or attachments that you yourself did not request. Do not provide private and/or personal information by email as this can be a way for criminals to get your information.
If you have any questions about any emails you may have received from Scott Credit Union, please contact our Member Service Center at 618-345-1000 or toll free at 1-800-888-4728.
A common credit card scam is being used to gain people’s credit card information so they can purchase items fraudulently. Please be aware of the scam and avoid giving any information.
The scammers provide YOU with all the information, except the one piece they want. Note, the callers do not ask for your card number; they already have it.
By understanding how the Telephone Credit Card Scam works, you’ll be better prepared to protect yourself.
The scam works like this:
Caller: This is (name), and I’m calling from the Security and Fraud Department at VISA. My Badge number is 12460. Your card has been flagged for an unusual purchase pattern, and I’m calling to verify. This would be on your VISA card which was issued by (name of financial institution). Did you purchase an Anti-Telemarketing Device for $497.99 from a Marketing company based in Arizona?’
When you say ‘No’, the caller continues with, ‘Then we will be issuing a credit to your account. This is a company we have been watching and the charges range from $297 to $497, just under the $500 purchase pattern that flags most cards. Before your next statement, the credit will be sent to (gives you your address), is that correct?’
You say ‘yes’. The caller continues – ‘I will be starting a fraud investigation. If you have any questions, you should call the 1- 800 number listed on the back of your card (1-800-VISA) and ask for Security.
You will need to refer to this Control Number. The caller then gives you a 6 digit number. ‘Do you need me to read it again?’
Here’s the IMPORTANT part on how the scam works. They will then ask you for the 3-digit security code on the back of your card. There are 7 numbers; the first 4 are part of your card number, the next 3 are the security numbers that verify you are the possessor of the card. These are the numbers you sometimes use to make Internet purchases to prove you have the card.
The caller will ask you to read the 3 numbers to him. After you tell the caller the 3 numbers, he’ll say, ‘That is correct, I just needed to verify that the card has not been lost or stolen, and that you still have your card. Do you have any other questions?’ After you say No, the caller then thanks you and states, ‘Don’t hesitate to call back if you do’, and hangs up.
You actually say very little, and they never ask for or tell you the Card number. What the scammers want is the 3-digit PIN number on the back of the card. Don’t give it to them. Instead, tell them you’ll call VISA or Master card directly for verification of their conversation. The real VISA will never ask for anything on the card as they already know the information since they issued the card! If you give the scammers your 3 Digit PIN Number, you think you’re receiving a credit. However, by the time you get your statement you’ll see charges for purchases you didn’t make, and by then it’s almost too late and/or more difficult to actually file a fraud report.
The scam is being performed by fraudsters saying they are from both Visa and Master Card.
ZeusBot (or ZBot) is malicious software that is bypassing top Anti-Virus / Malicious software scanners. Once your computer is infected, it waits for you to login to your online banking. When you login, it records your information and creates a pop-up that asks you to further verify your account by entering your credit card information. All information gathered is sent back to the attackers. Even if you do not enter additional information when prompted, the damage is already done because your online banking login has been compromised.
The only solution for victims to this type of fraud is to shut down your computer, change your online banking account passwords, look for changes to your account, and delete and restore all computer content.
There are many risks when you browse the Internet. It is important that you take some simple steps to assure that you are accessing web sites, including your online accounts, in the safest way possible.
It is very important that you have up-to-date antivirus, anti-spyware and anti-malware programs installed on any devices you are using.
We also warn you against accessing your Scott Credit Union accounts on a public computer. Examples of a public computer would be ones at work, a library, or school that other people use to browse the Internet. These computers can be risky because they could be infected with malware designed to capture your personal or financial information when you login to your accounts.
As always, we remind you to be vigilant when using the Internet. We welcome you to call or email us if you have any questions regarding the security of your online account access.
If you encounter an online scam, or anything that appears suspicious, please notify us by calling the Scott Credit Union Member Service Center at (618) 345-1000 or toll free at (800) 888-4728 or email email@example.com.
- Shred all personal and financial information — such as bills, bank statements, ATM receipts, and credit card offers — before you throw it away.
- Keep your personal documentation (e.g., birth certificate, Social Security card, etc.) and your bank and credit card records in a secure place.
- Call the post office immediately if you are not receiving your mail. To get the personal information needed to use your identity, a thief can forge your signature and have your mail forwarded.
- Be aware of your surroundings when entering your Personal Identification Number (PIN) at an ATM.
- Limit the number of credit cards and other personal information that you carry in your wallet or purse.
- Report lost or stolen credit cards immediately.
- Review and consider whether you need currently inactive card accounts. Even when not being used, these accounts appear on your credit report, which is accessible to thieves. If you have applied for a credit card and have not received the card in a timely manner, immediately notify the appropriate financial institution.
- Closely monitor the expiration dates on your credit cards. Contact the credit issuer if the replacement card is not received prior to your credit card’s expiration date.
- Sign all new credit cards upon receipt.
- Review your credit reports annually.
- Use passwords on your credit cards, bank accounts, and phone cards. Avoid using the obvious passwords — your mother’s maiden name, your birth date, or the last four digits of your Social Security or phone number.
- Match your credit card receipts against monthly bills to make sure there are no unauthorized charges.
- Volunteer any personal information when you use your credit card.
- Give your Social Security number, credit card number, or any bank account details over the phone unless you have initiated the call and know that the business that you are dealing with is reputable.
- Leave receipts at ATMs, bank counters, or gasoline pumps.
- Leave envelopes containing your credit card payments or checks in your home mailbox for postal carrier pickup.
- Record your Social Security number or passwords on paper and store them in your wallet or purse. Memorize your numbers and/or passwords.
- Disclose bank account numbers, credit card account numbers or other personal financial data on any Web site or online service location, unless you receive a secured authentication key from your provider.
*Note – Visa’s Zero Liability policy covers U.S.-issued cards only and does not apply to commercial credit cards, ATM transactions or PIN transactions not processed by Visa. Cardholders must notify card issuers promptly of any unauthorized use. Consult issuer for additional details or visit www.visa.com/security.
- Thieves rummage through trash to find bills, credit card offers, or other papers that include your personal information.
Lifting Information from Receipts and Records:
- One of the easiest ways a thief can obtain a person’s credit card number or other vital information is by taking advantage of carelessness. For example, you have just signed your receipt at the restaurant and you have left it there for the waiter/waitress. A thief can stop by the table, and copy down your information. In fact, the way technology is today, the thief can take a picture using the camera on his or her phone!
Information from Credit Reports:
- Some identity thieves pose as a landlord, employer or someone else who may have a legitimate need for your credit report. Once they pull the credit report, they are able to retrieve your personal data, including credit card numbers, history, employment, and much more information.
- Phishing is also referred to as brand spoofing or carding. It is a variation of “fishing,” in that the thief puts out the bait in hopes that some will be tempted to partake. In a phishing scam, the thief sends thousands of e-mails that appear to come from sites that you trust (e.g., Scott Credit Union). These messages, pop-up windows, and even the websites they link to appear to be official and legitimate. However, in the phishing scams, the link is not to an official website, but rather to a phony website. Once inside that website, you may be asked to provide a Social Security number, account numbers, passwords, or other information. When you provide the information, the thieves can begin to access your accounts or assume your identity.
Click here for more information on how to Deter-Detect-Defend against Identity Theft.
What To Do If You Suspect A Scam
- Stop contact with the scammer. Hang up the phone. Do not reply to emails, messages, or letters that the scammer sends. Do not make any more payments to the scammer. Beware of additional scammers who may contact you claiming they can help you get your lost money back.
- Report potentially compromised bank account, credit or debit card information to your financial institution(s) immediately. They may be able to cancel or reverse fraudulent transactions.
- Change your passwords. This includes passwords for your bank, credit card, social media, and email account, etc. to try to limit further unauthorized access. Make sure to use a strong password.
Each member’s deposits at Scott Credit Union are federally insured to at least $250,000 by the National Credit Union Administration. Additionally, Individual Retirement Account (IRA) deposits are insured separately to $250,000.
The National Credit Union Administration (NCUA) is the federal agency that charters and supervises federal credit unions and insures savings in federal and most state-chartered credit unions across the country through the National Credit Union Share Insurance Fund (NCUSIF), a federal fund backed by the full faith and credit of the United States government.
Scott Credit Union currently uses social media as a way to increase brand awareness, advertise specific products, and to continue the credit union mission of “people helping people” through financial education. We encourage anyone to provide us feedback about Scott Credit Union through our social media sites. When communicating through social media, please remember:
We will never…
- ask you for any information such as account number, social security number, or date of birth.
- ask for any transaction information that may appear on your account.
We will always…
- request that conversations which could disclose personal information be taken off of social media to protect the confidentiality of your information.
- listen to any and all feedback that you have about Scott Credit Union whether it is positive or negative.
Please remember that it is very important that you never post any personal financial information to any social media site. If you have a comment or question for us, be careful not to post any personal financial information. We are extremely careful to secure your personal data. Social media sites have become an integral part of many people’s daily online lives. They are a great way to stay connected with others, but you should be wary about the information you post. The rise in social media’s popularity has also lead to an increase in the number of unsavory people on the sites. Scammers, hackers, virus writers, identity thieves, and other criminals can use information posted to social networks. Here are some tips for you to protect yourself when using social media sites:
- Click links with care. A common way for these criminals to gain access to your social media account or information is by sending you messages with fraudulent links in them. As a general rule, if you are not expecting a link via social media from someone, do not click on it. If someone sends you an unexpected link, verify with the person who sent it that it is legitimate.
- Don’t trust that a message is really from who it says it is from. Hackers can break into accounts and send messages to people connected to that person. When in doubt about links in a message, refer to the first bullet point in this section.
- Be selective about who you connect with on social media. Identity thieves and hackers can use the information you post on social media against you.
- Be mindful of what you post and what questions you answer. When setting up profiles for many different online accounts, it is common for them to ask you security questions in order for you to recover your account if the information is lost. Identity thieves and hackers can use this information to reset your password to one of their choice. Whenever possible, choose to write your own security questions and make them answers not found online.
- Assume anything you publish on a social media site is permanent. Even if you delete your account, in many cases, the information you published on social media is still stored on the site. In addition, anyone who can view your photos and/or information can easily take a screen shot or save the information another way.
- Be careful installing third party applications. Third party applications can be a great addition to social media sites, but they can also open loopholes for criminals to gain access to your private information, including your password.