We know you work hard for your money and we want to help you keep it safe and have it accessible in case of emergencies.
Unfortunately, each year scammers and identity thieves steal billions of dollars from unsuspecting consumers with the most vulnerable being the senior population. These criminals use various communication methods to steal information or trick consumers into handing over their money.
Part I. Common Types of Fraud & Scams
Imposter Scams – Imposters pretend to be someone you know, like a family member or friend, a tech support company, an IRS or Social Security Administration representative, or a company you do business with. It may be someone trying to manipulate you into believing that you have a romantic or close relationship with them. Imposters try to make you trust them so you will provide your personal information. Or they will ask for funds directly by asking you to buy a gift card and give them the information on the gift card, send digital currency, or transfer money. There is often a sense of urgency to these requests so that you won’t have time to question whether it is legitimate. They will also often coach the person to avoid questions presented by credit union staff. Whenever you are unsure whether the person you are talking to is who they say they are, DO NOT send money or share your information. Instead, terminate the communication and call the organization directly (not from a number they’ve provided) to authenticate the communication.
Identity Theft – someone uses your personal or financial information without your permission. They might steal your name and address, credit card or bank account numbers, Social Security number, or medical insurance account numbers. Be sure to regularly check your credit report for inquiries you didn’t make, names and addresses you’re associated with, and credit lines you may not have opened. You can also contact any of the three major credit bureaus (Equifax, Transunion, and Experian) and put a freeze on your credit.
Online Shopping Scams – Scammers develop fake websites mimicking popular retailers’ sites and take your money and payment information without delivering products. They also create counterfeit apps containing malware (malicious software) for the same reasons. Be sure to read refund and return policies prior to making a purchase. Watch out for bogus websites and suspicious apps and only use official retailer websites and apps, which may offer stronger security.
Fake Check Scams – Despite many variations, fake check scams involve two main components:
- Scammers send personal, business, or cashier’s checks or money orders to you
- They ask you to send part of the cashed money back to them in gift cards, money orders, or cryptocurrency.
If you deposit a check into your account, you are required to pay funds back to the credit union if the check turns out to be fraudulent. While the credit union does place a hold on checks, when a hold releases, this does not mean that the check is legitimate. If you receive a check from someone whom you have no involvement with, it is best to assume the check is fake; tear it up and throw it away. Cashier’s checks are not cash, and it can take weeks to validate legitimacy. Do not wire or send gift cards, money orders, or cryptocurrency. Your money is not protected in these transactions.
Prizes, Sweepstakes, and Lotteries – scammers may contact you claiming you won a prize, sweepstake, or lottery and then ask for money or your account information to cover taxes and other fees upfront. They might pretend to be from government agencies or claim you’ve won a foreign lottery, which is almost certainly a scam.
Remember, government agencies do not call to demand money or your financial information to collect a prize. Also, real sweepstakes are free and by chance. If you did not enter a lottery or sweepstakes or are unsure about the call, message, email, or letter, do not send money or share your information.
Business and Job Opportunity Scams – Job and business opportunities that sound too good to be true, often are. If the message promotes doing minimal work with a high salary, pledging guaranteed income, or a proven business operation, it’s likely a scam.
Take your time and get a second opinion or talk to someone who has your best interests in mind. Before accepting a job offer, know that honest employers, including the federal government, will not ask for payment for the promise of a job. Before paying for a business opportunity, research the seller, the company, and the coach’s credentials, and ask for the legally required 1-page disclosure document that tells any lawsuits against the seller, a cancellation or refund policy, and other information.
Disaster Fraud – involves others trying to take advantage of the situation and examples include fake government employees and bogus charities. Fraudsters approach when you are vulnerable and in crisis to exploit your money and financial information while pretending to help with recovery.
No FEMA, federal, or state workers will ask for or accept money from you when applying for disaster assistance. If someone wearing a FEMA jacket or shirt without an I.D., approaches, do not trust or offer any personal information and always ask to see an official I.D. Take your time and contact government agencies or local law enforcement to confirm identity and legitimacy of suspicious contacts.
Social media is also full of illegitimate charities after natural disasters or large tragedies. Do not click on any links that are not supported by well-known, trusted charities.
Check Washing – involves changing the payee names and often dollar amounts on checks and fraudulently depositing them. Occasionally, these checks are stolen from mailboxes and washed in chemicals to remove the ink. Retrieve your mail regularly instead of leaving it in your mailbox. Deposit your outgoing mail at your local Post Office or in blue collection boxes before the last pickup. If you’re going on vacation, have your mail held at the Post Office or have it picked up by a friend or neighbor each day.
Spoofing – when someone disguises an email address, sender name, phone number, or website URL – often by just changing one letter, symbol, or number – to convince you that you are interacting with a trusted source. For example, you might receive an email that looks like it’s from your boss, a company you’ve done business with, or even from your family – but it isn’t. Criminals count on being able to manipulate you into believing that these spoofed communications are real, which can lead you to download malicious software, send money, or disclose personal, financial, or other sensitive information.
Phishing – often uses spoofing techniques to lure you in and get you to take the bait. These scams are designed to trick you into giving information to criminals that they shouldn’t have access to. In a phishing scam, you might receive an email that looks legitimate asking you to update your personal information via a link. That link takes you to a site that looks legitimate, but it’s a spoofed site that might look nearly identical to the real thing. These fake websites are used solely to steal your information.
Phishing has evolved and now includes these variations:
- Vishing – scams happen over the phone, voice email, or VoIP (voice over internet Protocol) calls
- Smishing – scams happen through SMS (text) messages
- Pharming – scams happen when malicious code is installed on your computer to redirect you to fake websites
Skimming – occurs when devices illegally installed on or inside ATMs, point-of-sale (POS) terminals, or fuel pumps capture card data and record cardholder’s PIN entries. Criminals then use the data to create fake payment cards and then make unauthorized purchases or steal from victim’s accounts. To protect yourself, inspect ATMs, POS terminals, and other card readers before using. Look for anything loose, crooked, damaged, or scratched. Don’t use any card reader if you notice anything unusual. Pull at all edges of the keypad before entering your PIN. Then, cover the keypad as fully as possible when you enter your PIN to prevent cameras from recording your entry. Keep in mind that a pinhole camera may be present anywhere on or around the terminal. When possible, use ATMs in a well-lit, indoor location as they are less vulnerable targets. Routinely monitor your accounts and promptly notify your credit union of any unauthorized transactions. Set alerts for transactions through Card Valet.
Pretext Calling – is a social engineering technique where someone uses a false identity or fabricated scenario to trick a target into revealing confidential information, often over the phone. The caller is often pressuring you to take action (give information that is personal, financial, or proprietary) right away rather than contact someone for approval or a second opinion. If you are ever unsure, just hang up.
Part II. What to do if You’ve Been A Victim
If you paid someone you think is a scammer or gave them your personal information or access to your computer or phone, your money might be gone already.
- Report anything you think may be fraud, scam, or bad business practice to the Federal Trade Commission (FTC)
- Report unwanted calls from telemarketers and register your number on the national Do Not Call Registry via the FTC.
- Report a suspected investment fraud or a problem with your investments to the SEC or report a potentially fraudulent, illegal, or unethical investment activity to FINRA.
- Report a suspected financial/economic crime or fraud to the FBI (e.g. mortgage fraud or investment fraud)
- Report any unfamiliar charges on your account and/or debit card to your credit union. Often the credit union can prevent additional fraud if reported in a timely manner.
ACTIVITY
In the following scenario, there are at least three types of fraud that will be present. Read through the scenario and see how many fraud types you can identify.
John Smith receives a phone call from the IRS. They tell him that he owes $2,800 in back taxes and if he does not pay, they are going to come and take his vehicle. John is very concerned because needs his vehicle for work and says he wants to pay right away. They tell him their card machine is broken and so they can’t take payment over the phone; however, they accept cryptocurrency. John says he has never used cryptocurrency before but he’s willing to try. They tell him to go to his bank and withdraw the $2,800 in cash and if the bank teller asks what the funds are being used for, tell them “home improvement.” Then, once you get the cash, there is a cryptocurrency ATM at the convenience store down the road. You can go there to complete the transaction. John does as instructed and sends the $2,800 via the cryptocurrency ATM.
What tactics did the fraudsters use? Is there a way for John to get his money back?
SUMMARY
Fraud comes in various many forms and can happen to anyone. The best way to avoid being scammed is to S.T.O.P.:
- See who the sender is
- Take a moment to think about the request; do not rush to meet any demands.
- Opt to get a second opinion
- Proceed only when verified
If you think you have been a victim of fraud or a scam, contact us as soon as possible so we can assist you in preventing any additional loss of funds.