Archive for the ‘ fraud ’ Category

Tips for Avoiding Debit Card Fraud


For many people, debit cards are the perfect plastic. They offer most of the conveniences of credit cards with no risk of accumulating debt.

But like credit cards, debit cards are vulnerable to rip-off artists. And debit card fraud is particularly scary because thieves can withdraw money directly from your checking account.

Here’s how debit fraud happens and how to protect yourself.

How identity thieves operate

Debit card fraud can be sophisticated or old-school. Thieves use techniques including:

  • Hacking- When you bank or shop on public Wi-Fi networks, hackers can use keylogging software to capture everything you type, including your name, debit card account number and PIN.
  • Phishing- Be wary of messages soliciting your account information. Emails can look like they’re from legitimate sources but actually be from scammers. If you click on an embedded link and enter your personal information, that data can go straight to criminals.
  • Skimming- Identity thieves can retrieve account data from your card’s magnetic strip using a device called a skimmer, which they can stash in ATMs and store card readers. They can then use that data to produce counterfeit cards.
  • Spying- Plain old spying is still going strong. Criminals can plant cameras near ATMs or simply look over your shoulder as you take out your card and enter your PIN. They can also pretend to be good Samaritans, offering to help you remove a stuck card from an ATM slot.

Smart ways to protect yourself

Adopt these simple habits to greatly reduce your odds of falling victim to debit card fraud:

  • Be careful online- Shop and bank on secure websites with private Wi-Fi. If you must shop or bank in public, download a virtual private network to protect your privacy.
  • Monitor your accounts- Review your statements and sign up for text or email alerts so you can catch debit card fraud attempts early.
  • Don’t ignore data breach notifications- The majority of identity theft victims received warnings that their accounts might have been breached but did nothing. If you get one of these messages, change your PIN and ask your provider to change your debit card number. You can also ask one of the major credit card bureaus to place a fraud alert on your file.
  • Inspect card readers and ATMs- Don’t use card slots that look dirty or show evidence of tampering, such as scratches, glue or debris. And steer clear of machines with strange instructions, such as “Enter PIN twice.”
  • Cover your card- When using your debit card or typing your PIN at an ATM, block the view with your other hand. Go to a different location entirely if suspicious people are hanging around the ATM, and if your card gets stuck, notify the financial institution directly rather than accepting “help” from strangers.

Even if you’ve taken precautions, debit card fraud can still happen. If your card gets hacked, don’t panic. Tell your financial institution right away so you won’t be held responsible for unauthorized charges, and file a complaint with the Federal Trade Commission.

Source: NerdWallet, Inc.


For more information on how to safeguard your financial information, visit the Members 1st Fraud & Security Center page.

To learn more about how to set up text, email, and other alerts to protect your cards, visit the Members 1st Card Control page.

Preventing Elder Financial Abuse


Stop-Elder-AbuseThe Commonwealth of Pennsylvania ranks fourth for states with a high percentage of elderly residents. This year will bring more instances of elder financial abuse, with annual losses expected to approach $3 billion.

Senior citizens are favored targets for many types of fraud and scams including those related to identity theft, telemarketing, charitable donations, the lottery, investments, utilities and home repairs. It often goes hand-in-hand with other types of abuse and neglect such as verbal/ emotional abuse, physical abuse and neglect of care. The financial, verbal and emotional abuse of actor Mickey Rooney from a few years ago certainly raised awareness that anyone could be a victim. Cases like this commonly involve a trusted person in the elderly person’s life such as a caretaker, family member, neighbor, friend, nurse or even pastor.

The Pennsylvania House Aging & Older Adult Service Committee has been actively reviewing proposed language to ensure older Pennsylvanians are afforded the maximum protections from abuse, neglect, exploitation and abandonment. If you have any of the following concerns, you may be vulnerable to financial abuse:

  • You don’t understand the financial decisions that someone else is making for you.
  • You have trouble paying bills because the bills are confusing to you.
  • You are pressured by your children or others to give them money.
  • You don’t feel confident making big financial decisions alone.
  • You find yourself giving loans or gifts for more than you can afford.

Be particularly aware that significant abuse may easily occur through a power of attorney, so choose your agent wisely. If you don’t have a close family member or friend that you trust to manage your finances, you should consider asking a trusted financial advisor, attorney or accountant.

If you’re concerned about protecting a loved one, make sure to speak with and visit them regularly. Pay attention to the relationships  that your loved one has with family members, neighbors, aids, and others. If he or she is frequently going to the credit union or bank with another person, find out the reasons for these trips.

If you feel that you are a victim of financial elder abuse, our Loss Prevention Team is here to help you. Please contact us at (800) 283-2328, ext. 5202. It’s also important to report your concerns to the Department of Aging. Call the Pennsylvania Elder Abuse Hotline at (800) 490-8505 or visit www.aging.state.pa.us.

—————————————

Guest Blogger: Frank Serina, VP of Risk Management/Security Services (reprinted from the July/August 2014 edition of Avenues)

Heartbleed bug – what you need to know


heart bleed bug

The media has been reporting about a widespread website bug called “Heartbleed” which is a vulnerability in the security software used by millions of web sites.

We want you to know that Members 1st does not use OpenSSL 1.0.1 to 1.0.1f which means we are not affected by Heartbleed. We have taken extra steps to test our web applications and third party applications and either they are not susceptible or have controls in place to prevent any malicious activity. 

If you’re not familiar with this, OpenSSL is one form of an encryption library used in HTTPS communication – online stores and banking websites that give you that lock icon in your browser bar when you visit them. OpenSSL uses a “heartbeat” to echo back data which a hacker can use to trick the server to return anything from Usernames, account passwords to sensitive data.

Here’s what you need to keep in  mind:
While Members 1st is not affected by this, it is a good security practice to periodically change your passwords. If you use the same password for your financial institutions that you use for any of the following vulnerable sites , you should change your password immediately: Facebook, Instagram, Pinterest, Tumblr, Google, Yahoo, Gmail, Yahoo Mail, Amazon Web Services, GoDaddy, Intuit, USAA, Box, DropBox, Minecraft, OKCupid, SoundCloud, Wunderlist.

Rest assured, securing your personal and financial information is a top priority.

How to Protect Your Financial Info on Your Smartphone


smart phone

You might think that smartphone buzzing in your pocket or purse is relatively safe from hackers, because for years phones weren’t fraudsters’ main targets. But as smartphones have exploded in popularity, so has the chance that a hacker will steal your financial information. Here’s how they try to gain access to your sensitive information and what you can do to stop them.

Spam and SMS phishing – What is it?
Spam is the use of messaging systems to send unsolicited bulk emails, usually advertising. Most of it is just annoying, but some of it will be unsolicited offers or SMS phishing (arrives via text messages). In either case, you’ll receive messages pitching products or services. You may also receive messages that ask you to update a password, re-enter your credit card number or provide sensitive info that can be used to defraud you.

How can you protect yourself?
• Never open a message from a source you’re not familiar with. Booby-trapped attachments are often disguised in clever greetings.
• Don’t answer emails or texts that ask for personal information.
• Watch for red-flag statements such as “verify your account.” Legit companies don’t request sensitive information via email.
• Shop online with a retailer’s official app, not through an emailed or texted link. Shopping apps are designed to ward off scams. With browsers, malicious software can be downloaded to a phone without a user knowing it.
• Buy security software. It’s essential to use mobile security software and keep it updated. Mobile antivirus software can help spot and block malware-infection attempts.

Public Wi-Fi – What is it?
This is a wireless network you connect to in places like Starbucks. Since your traffic is public, there’s a chance that it is being captured. So if you’re browsing the Internet and go to a page that doesn’t use Secure Socket Layer (SSL) to encrypt your communication, everything you are seeing and anything you send back (like forms you fill out or usernames and passwords) can be captured and seen by anybody else on the network.

How can you protect yourself?  Most financial sites use SSL for login information (you know you’re on an SSL site when the URL starts with “https”), but it’s still safer not to send any sensitive data over an untrusted wireless network.

Theft – How bad is it?
Thieves are snatching smartphones in alarming numbers. If a thief gets ahold of your phone, he or she may get access to all of your sensitive information contained on it. How can you protect yourself?
• Keep tabs on your device. Don’t leave your smartphone by its lonesome at a cafe or bar.
• Be discreet. Use caution when pulling out your expensive new phone when you’re in big crowds, such as sporting events.
• If it gets swiped, wipe it. If your cherished device is lost or stolen, remotely wipe it. Remote wipe is a security feature that lets you send a command to your phone and delete data.

Other important steps to take
• Update the operating system. Updates usually give you enhanced functionality and features, as well as fixes to security vulnerabilities.
• Log out of financial accounts. Make sure you log out when you finish banking through your mobile phone. Don’t check the box that asks you to save your user ID or password. Sure, it’s less convenient to log in every time. But it’s worth it to protect your financial information. It’s ultimately up to you to protect your private information. Be sure to take the steps listed above to ensure the sensitive financial information on your smartphone remains safe.

Guest post provided by Tom Dunlap, NerdWallet

Don’t Be a Money Mule


fraud-theft-danger_13607409_l

Money Mules are people who are used to launder stolen money or some type of merchandise. Criminals may even recruit money mules to use stolen credit cards or other information. Individuals being used as money mules may be willing participants or unknowingly be used to commit fraud. We have seen our members become involved in these scams, which potentially cause a loss to them, Members 1st, or a victim at another credit union or bank.

The most popular scam method is disguised as a “work from home” opportunity, which targets unsuspecting people interested in jobs with convenience and flexibility. Recruiting may occur through the mail or online by what only appears to be a legitimate website or advertisement. The fraudulent company will collect personal data from you such as your social security number and information on your credit union account. You may be asked to sign a seemingly official contract. You’ll receive funds in your credit union account or be instructed to transfer them to some other financial account. You may also be asked to deposit a check (actually counterfeit) into your account and then withdraw cash. The funds you receive could also be stolen from a customer at another credit union or bank.  In either case, you will be permitted to keep a percentage of the money and be instructed to transfer the remaining funds to another financial account (also associated with the criminal). By doing so, you become a Money Mule. So how do you avoid being scammed?

Remain Cautious:

  • Of any job that involves transferring money or goods (especially overseas companies requesting money transfer agents in the U.S.).
  • Of a request to open a credit union account or to receive money from someone you don’t know.
  • Of a job opportunity where you’ve never met the individual and he or she is requiring all interactions to be completed online.
  • Of a job opportunity that promises significant earning potential for little effort (if it sounds too good to be true then it’s usually fraud).

Remember:

  • You may be held responsible if you’re a Money Mule or other types of fraudulent activity have been transacted through your credit union account.
  • Money mules may be prosecuted and found personally responsible for repaying the losses suffered by the other victims.
  • Make sure you know the person with whom you’re doing business. NEVER provide your account information (account number, password, PIN, card number, etc.) to anyone you don’t know and trust.

If you believe you’ve been a victim, our Loss Prevention Team is here to help. Contact us immediately at (800) 283-2328 ext. 5202. For more information about Money Mules and other scams visit  http://www.consumer.ftc.gov/scam-alerts.

%d bloggers like this: