Archive for the ‘ Scam ’ Category

Defending Yourself Against Identity Theft


As technology advances, you can be sure that identity thieves are not far behind. Here are some common methods cyber-thieves use to steal your personal information and how you can increase your security while shopping or banking.

Phishing/vishing

Your email messages may not be quite what they appear to be if you’re targeted by a phishing scam. Phishing is the act of sending fraudulent emails that seem to come from familiar businesses. These messages contain links to phony websites designed to steal personal information either directly or through malware and key-loggers. Often you’ll see a problem referenced with a request to click on the link provided to correct it. Once you’ve entered your information, ID thieves can access your accounts.

Vishing is the telephone version of phishing. Callers are sometimes bold enough to suggest the victim call back to verify authenticity. But the vishers don’t actually hang up; instead they play a recorded dial tone to make the victim believe he’s making a call.

Debit and credit card fraud

Most shoppers love the convenience of plastic, and identity thieves use this to their advantage whether it involves skimming, phishing, vishing, malware, mail theft or just looking over a victim’s shoulder to steal account numbers. Someone running up debt in your name can ruin your credit score. When debit cards are compromised, it’s particularly alarming because fraudulent purchases drain your checking account instantly.

BEC scams

Business email compromise, or BEC, scams have cost companies more than $1.2 billion. A phony email from a CEO requesting that funds be transferred per attached instructions is sent to an employee. Because the email appears to come from the employee’s superiors, and because the message so closely resembles requests this employee receives regularly, the transfer is often made without question. The money then ends up in overseas accounts that are almost impossible to trace.

Tips to protect yourself

To even further reduce fraud risk:

  • Install the latest editions of anti-spyware, antivirus, firewalls and browsers to all devices, and password-protect them.
  • Use strong passwords for all accounts and change them frequently.
  • Monitor accounts and credit reports to detect fraud early
  • Don’t use public Wi-Fi networks for financial transactions.
  • Keep cards away from public view, and shred personal documents before discarding.
  • Opt in for two-factor authentication on accounts.
  • Turn off Bluetooth and near-field communication when not in use.
  • Don’t click on email links. Type full web addresses to access business websites.
  • Never share sensitive information in response to an unsolicited call or email.
  • To verify calls, hang up for at least one minute to ensure the first call is disconnected. Call the customer service number listed on your bank’s website or the back of your credit card, not a number provided by an unsolicited contact.
  • To protect your business from BEC scams, use a two-step verification process for all money transfers. Verbal confirmation is also wise.

Staying informed and adopting smart fraud prevention practices will go a long way toward protecting your identity. Between your efforts and your bank’s security, you should be able to stay a step ahead of identity thieves.

Source: NerdWallet, Inc.


Set up Members 1st Mobile Card Controls to control how, when and where your payment cards are used. Real-time transaction alerts and controls will provide you with a method to protect your payment information.

Members 1st is here to help you through all of life’s most important moments and milestones. If you have any questions, please call customer service at (800) 237-7288, visit our website, or visit one of our various branch locations.

Preventing Elder Financial Abuse


Stop-Elder-AbuseThe Commonwealth of Pennsylvania ranks fourth for states with a high percentage of elderly residents. This year will bring more instances of elder financial abuse, with annual losses expected to approach $3 billion.

Senior citizens are favored targets for many types of fraud and scams including those related to identity theft, telemarketing, charitable donations, the lottery, investments, utilities and home repairs. It often goes hand-in-hand with other types of abuse and neglect such as verbal/ emotional abuse, physical abuse and neglect of care. The financial, verbal and emotional abuse of actor Mickey Rooney from a few years ago certainly raised awareness that anyone could be a victim. Cases like this commonly involve a trusted person in the elderly person’s life such as a caretaker, family member, neighbor, friend, nurse or even pastor.

The Pennsylvania House Aging & Older Adult Service Committee has been actively reviewing proposed language to ensure older Pennsylvanians are afforded the maximum protections from abuse, neglect, exploitation and abandonment. If you have any of the following concerns, you may be vulnerable to financial abuse:

  • You don’t understand the financial decisions that someone else is making for you.
  • You have trouble paying bills because the bills are confusing to you.
  • You are pressured by your children or others to give them money.
  • You don’t feel confident making big financial decisions alone.
  • You find yourself giving loans or gifts for more than you can afford.

Be particularly aware that significant abuse may easily occur through a power of attorney, so choose your agent wisely. If you don’t have a close family member or friend that you trust to manage your finances, you should consider asking a trusted financial advisor, attorney or accountant.

If you’re concerned about protecting a loved one, make sure to speak with and visit them regularly. Pay attention to the relationships  that your loved one has with family members, neighbors, aids, and others. If he or she is frequently going to the credit union or bank with another person, find out the reasons for these trips.

If you feel that you are a victim of financial elder abuse, our Loss Prevention Team is here to help you. Please contact us at (800) 283-2328, ext. 5202. It’s also important to report your concerns to the Department of Aging. Call the Pennsylvania Elder Abuse Hotline at (800) 490-8505 or visit www.aging.state.pa.us.

—————————————

Guest Blogger: Frank Serina, VP of Risk Management/Security Services (reprinted from the July/August 2014 edition of Avenues)

Mobile Malware: What You Need to Know


9597031_xxl

Trojan horses, worms and viruses are the tools of choice for theft, fraud and other forms of malicious activity. These threats are on the rise and targeting mobile devices effectively. Most notably is the recent malware Svpeng, which specifically targets financial mobile applications and combines it with “ransomware” capabilities.

Svpeng “locks” mobile devices and requests a ransom to unlock it. Svpeng is “context aware” and checks for the following mobile banking apps (Bank of America, Citi Mobile, Amex Mobile, TD App, Chase Mobile, BB&T Mobile Banking, USAA, Wells Fargo and other U.S. bank apps) on mobile Android devices. When it detects one of these applications, it locks the device down, presents a phony FBI penalty notification and demands $200 in the form of Green Dot’s MoneyPak cards. Svpeng also captures and steals information entered on the device. It’s considered different from other ransomware because it locks the device down completely.

“If it happens to you, you can do almost nothing. The only hope for unlocking the device is to boot into ‘Safe Mode’ and erase all data on the phone only, [since] SIM and SD cards will stay untouched and uninfected.”1

What can you do to protect your mobile device?2

Mobile devices are just as susceptible to viruses and malware as desktops and laptops. Install and use mobile anti-virus software and browser protection tools.

  • Download apps only from trusted sources like the Apple® App Store or Google® Play. Beware of malicious applications.
  • Question links in emails and social media posts. Malicious links could direct you to websites or install harmful software to compromise your device.
  • If accessing the Internet through a public, unsecured or unfamiliar WiFi connection, avoid accessing sensitive services like banking and investment services on your device until you can access a trusted WiFi service.
  • Turn off unnecessary services such as Wi-Fi, Bluetooth, and location apps when you’re not using them.
  • Secure your data and photos. Back up all important documents and photos to an external storage device, such as a cloud-based server, external hard drive or flash drive.

Your financial safety and security is important to us.

We offer several ways to help you monitor your account activity. You can set up a variety of alerts through Members 1st Online to notify you via email or text of activity on your account.

To set up or manage alerts on your account(s), log into Members 1st Online > Messages > Manage Alerts and follow the prompts. You can also set up custom alerts specific to your Members 1st VISA® Credit Card to notify you of account and transaction activity. If you’re logged into Members 1st Online, click on your VISA® Credit Card > See Your Current VISA® Activity > Alerts and follow the prompts.

Not using Members 1st Online yet? It’s easy and FREE! Go to https://myonline.members1st.org and click on “Enroll  Now.”

What should I do if I see suspicious charges on my account?

Please notify TeleBranch (Customer Service) immediately if you see any unauthorized activity on your account(s) at (800) 237-7288.

—————–

1Source:  http://www.kaspersky.com/about/ news/virus/2014/

2Source: http://securityaffairs.co/wordpress/25771/malware/svpeng-android-ransomware.html

Guest Blogger: Patricia Brock, AVP/Information Security Officer (reprinted from the July/August 2014 edition of Avenues)

How to Protect Your Financial Info on Your Smartphone


smart phone

You might think that smartphone buzzing in your pocket or purse is relatively safe from hackers, because for years phones weren’t fraudsters’ main targets. But as smartphones have exploded in popularity, so has the chance that a hacker will steal your financial information. Here’s how they try to gain access to your sensitive information and what you can do to stop them.

Spam and SMS phishing – What is it?
Spam is the use of messaging systems to send unsolicited bulk emails, usually advertising. Most of it is just annoying, but some of it will be unsolicited offers or SMS phishing (arrives via text messages). In either case, you’ll receive messages pitching products or services. You may also receive messages that ask you to update a password, re-enter your credit card number or provide sensitive info that can be used to defraud you.

How can you protect yourself?
• Never open a message from a source you’re not familiar with. Booby-trapped attachments are often disguised in clever greetings.
• Don’t answer emails or texts that ask for personal information.
• Watch for red-flag statements such as “verify your account.” Legit companies don’t request sensitive information via email.
• Shop online with a retailer’s official app, not through an emailed or texted link. Shopping apps are designed to ward off scams. With browsers, malicious software can be downloaded to a phone without a user knowing it.
• Buy security software. It’s essential to use mobile security software and keep it updated. Mobile antivirus software can help spot and block malware-infection attempts.

Public Wi-Fi – What is it?
This is a wireless network you connect to in places like Starbucks. Since your traffic is public, there’s a chance that it is being captured. So if you’re browsing the Internet and go to a page that doesn’t use Secure Socket Layer (SSL) to encrypt your communication, everything you are seeing and anything you send back (like forms you fill out or usernames and passwords) can be captured and seen by anybody else on the network.

How can you protect yourself?  Most financial sites use SSL for login information (you know you’re on an SSL site when the URL starts with “https”), but it’s still safer not to send any sensitive data over an untrusted wireless network.

Theft – How bad is it?
Thieves are snatching smartphones in alarming numbers. If a thief gets ahold of your phone, he or she may get access to all of your sensitive information contained on it. How can you protect yourself?
• Keep tabs on your device. Don’t leave your smartphone by its lonesome at a cafe or bar.
• Be discreet. Use caution when pulling out your expensive new phone when you’re in big crowds, such as sporting events.
• If it gets swiped, wipe it. If your cherished device is lost or stolen, remotely wipe it. Remote wipe is a security feature that lets you send a command to your phone and delete data.

Other important steps to take
• Update the operating system. Updates usually give you enhanced functionality and features, as well as fixes to security vulnerabilities.
• Log out of financial accounts. Make sure you log out when you finish banking through your mobile phone. Don’t check the box that asks you to save your user ID or password. Sure, it’s less convenient to log in every time. But it’s worth it to protect your financial information. It’s ultimately up to you to protect your private information. Be sure to take the steps listed above to ensure the sensitive financial information on your smartphone remains safe.

Guest post provided by Tom Dunlap, NerdWallet

Don’t Be a Money Mule


fraud-theft-danger_13607409_l

Money Mules are people who are used to launder stolen money or some type of merchandise. Criminals may even recruit money mules to use stolen credit cards or other information. Individuals being used as money mules may be willing participants or unknowingly be used to commit fraud. We have seen our members become involved in these scams, which potentially cause a loss to them, Members 1st, or a victim at another credit union or bank.

The most popular scam method is disguised as a “work from home” opportunity, which targets unsuspecting people interested in jobs with convenience and flexibility. Recruiting may occur through the mail or online by what only appears to be a legitimate website or advertisement. The fraudulent company will collect personal data from you such as your social security number and information on your credit union account. You may be asked to sign a seemingly official contract. You’ll receive funds in your credit union account or be instructed to transfer them to some other financial account. You may also be asked to deposit a check (actually counterfeit) into your account and then withdraw cash. The funds you receive could also be stolen from a customer at another credit union or bank.  In either case, you will be permitted to keep a percentage of the money and be instructed to transfer the remaining funds to another financial account (also associated with the criminal). By doing so, you become a Money Mule. So how do you avoid being scammed?

Remain Cautious:

  • Of any job that involves transferring money or goods (especially overseas companies requesting money transfer agents in the U.S.).
  • Of a request to open a credit union account or to receive money from someone you don’t know.
  • Of a job opportunity where you’ve never met the individual and he or she is requiring all interactions to be completed online.
  • Of a job opportunity that promises significant earning potential for little effort (if it sounds too good to be true then it’s usually fraud).

Remember:

  • You may be held responsible if you’re a Money Mule or other types of fraudulent activity have been transacted through your credit union account.
  • Money mules may be prosecuted and found personally responsible for repaying the losses suffered by the other victims.
  • Make sure you know the person with whom you’re doing business. NEVER provide your account information (account number, password, PIN, card number, etc.) to anyone you don’t know and trust.

If you believe you’ve been a victim, our Loss Prevention Team is here to help. Contact us immediately at (800) 283-2328 ext. 5202. For more information about Money Mules and other scams visit  http://www.consumer.ftc.gov/scam-alerts.

%d bloggers like this: