FRAUD ALERTS

Scams are on the rise! Make sure you are protecting your money and your personal information.  Read about recent fraud attempts and how to avoid them.

Is That Really a Text From My Credit Union?

There has been a significant rise lately in phishing scams. These are text messages or emails that attempt to get your personal information. This rise is due in part to improvements in Artificial Intelligence (AI) software, which becomes more sophisticated with each day.

Businesses are using AI to help improve their customer service wait times, for instance, using Chatbots to answer consumers’ frequently asked questions online. Unfortunately, fraudsters are also using this tool to help their “business.” Their techniques have become so clever that it’s getting harder to tell whether or not the text or email you receive is really from a business you use frequently or even from your credit union.

Before AI, scam emails and texts had common tell-tale traits: mangled sentence structure, poor grammar or spelling, etc. Today, scammers can give the software instruction to generate an email or text in perfectly written English in the format needed, like a legal document, utility bill, or message from your credit union.

To protect yourself from scammers trying to access your credit union account, be suspicious of any text or email that:

  • Comes from an unknown number, claiming to be from the credit union, telling you there is a problem with your account.
  • Asks you for your personal, confidential information. This includes your online banking username, password, one-time passcodes, Social Security number, account number, debit or credit card number, PIN or CVV.
  • Uses scare tactics or claims to be “urgent,” requiring you act immediately to avoid disaster.
  • Asks you to transfer money via a link in the message.

If you do receive such a request, do not click or respond to it. Call us immediately at 260-432-3433 to let us know. Then take a screenshot of the message and send it to us. You may also want to report it to law enforcement or the FTC.  Then delete the message and block the sender. If you did click on a link or replied to the message, call us immediately so we can check and secure your account.

New Venmo Scam

I thought everyone should be aware of a new scam that has come to my attention. A member was selling an item on Facebook marketplace and the buyer offered to pay via Venmo. A short while later our member got multiple emails from Venmo stating that the payment couldn’t go through because it exceeded their limit for consumer accounts, and she would have to upgrade to a Venmo business account first.

One of the stated requirements for a Venmo business account was a balance of at least $1000. The buyer offered to send the member more money so that she met the requirements, then just asked that she pay her back as soon as possible. The buyer even asked that the member send them some money to prove they were trustworthy. Venmo sent the member another email after this stating that the member would need to send the buyer $400 back before the original pending payments could be posted, and that there could be a waiting period of up to 21 days.

Finally, the member called Venmo and discovered that the emails were not coming from Venmo. Not only that, but none of the “pending payments” had ever been sent in the first place. The scammer planned to have our member pay them hundreds of dollars and give the scammers the merchandise, and it almost worked.

Make sure that if you hear one of our members mention anything like this, listen for details characteristic of a scam. Remember, if you have to SEND money to get money, it’s probably fraud.

Article by Robbie Boswell, Branch Manger Public Service Credit Union

“Click the Link” Scams

Phones and computers are a huge part of our daily life and are becoming a common target for fraud. Have you ever been browsing online or shopping when, suddenly, you get a pop-up claiming that your device was hacked? Has someone ever called you from a well-known company saying they found a problem with your computer? These may have been part of what is called a “Tech Support Scam”.

Who should be on the lookout for Tech Support Scams?

There is a stereotype out there that these scams focus on the elderly, but in truth anyone with a computer can be targeted. Everyone needs to be familiar with what these look like in order to protect themselves.

So how do these scams usually play out?

Typically, a pop-up will show up on a website you are visiting that will say something like “Your computer is infected with (7) viruses!” The pop-up will include instructions, often telling you not to shut down your computer or close your browser. Sometimes they will include a phone number to call tech support or a link you can click to run a protection software. The pop-up will tell you what information is at risk, such as credit card numbers and other private data.

If you call the phone number provided, a tech support specialist might ask you to grant remote access of your PC. Once you do so, they will often lock down some of the computer’s functions and claim they need you to pay a service fee for them to reinstate those functions. Victims of these scams often state that this is the point they realized something was wrong, but some don’t notice the red flag and pay the scammers. At this point, the person you are on the phone with has had access to your computer and its sensitive data for several minutes.

These scams use realistic and frightening situations to trick you. Devices can actually be compromised, and that can make it hard to separate the legitimate claims from the fraudulent ones. So how can you protect yourself?

First, slow down. – If you come across a concerning pop-up online, take the time to think before acting. Scammers will try to use fear and urgency to manipulate you into doing what they want, and by rushing you they hope to take away your ability to think critically. If you feel rushed, that’s a good sign that you should slow down. You can always reach out to PSCU for advice if something seems fishy.

Do your own research. – It’s important not to assume that you can tell what’s legitimate at first glance. Scammers get more and more sophisticated every day and can make their handiwork look more professional than ever. Take a moment to look up your own information before trusting what the pop-up says. If the source claims to be Microsoft or Apple, look up those companies’ contact information yourself instead of using what is listed by the pop-up.

Don’t click. Don’t call. Don’t pay. – Most of these scams can’t do anything unless they trick you into taking action. If you see a pop-up or email saying you need to click a link to fix the problem, do not click that link. If it gives you a tech support phone number, do not call that number. The phone number is provided to make you think, “They gave me tech support’s number and tech support answered. This sounds real to me.” Do not fall for this. Above all, do not give anyone access to your computer, do not give them any personal information, and do not pay them anything.

Report it. – Let us know if someone has tried to scam you this way so that we can ask some questions about any information exchanged and assess what kind of risk you might be in. If the scammer succeeded in getting some of your personal information, we may need to take steps with your account to ensure it stays secure. Also, reach out to any other financial institutions you bank with. It is a good idea to consult a real tech specialist after this happens as well to make sure your computer hasn’t been compromised.

Finally, you can report this activity to the Federal Trade Commission to assist them in their investigations of these crimes. https://reportfraud.ftc.gov/#/

The FTC also has a lot of helpful information on their website to help you spot these and other common scams.

Article by Robbie Boswell, Branch Manger Public Service Credit Union

TEXT SMISHING SCAM

Beware of scammers sending texts saying your Visa card has been locked with a phone number to call or link to click. The scammers will attempt to gain your personal information including banking or credit card info. Please call PSCU at 260-432-3433 if you get any suspicious texts, emails or phone calls.

FOR CREDIT & DEBIT CARDS

  • PIN CHANGE: 866-762-0558
  • DURING BUSINESS HOURS: 260-432-3433 or 888-432-3433 (toll free)
  • AFTER BUSINESS HOURS: 888-241-2510 or 909-941-1398 (outside US)

Beware of new scam targeting PSCU members

Please be aware of fraudsters who are spoofing the Public Service Credit Union name and phone number to make calls pretending to be employees from the ‘main office’.  The scammers are claiming that a large charge is trying to clear the account and they ask to verify items such as:

  • Card Number or last 4 digits of card
  • CVV code
  • Expiration Date
  • Card Balance
  • Card Limit

These scammers are using scare tactics saying the transaction will be charged to the account if you don’t give them the information they’re requesting.  If you receive one of these calls, please hang up immediately.  If you’ve given out any of your information, please contact PSCU at 260-432-3433 or 888-432-3433.

It’s important to always keep your personal information, card numbers, usernames, and passwords safe, secure, and private.  Remember PSCU will NEVER contact you directly and request your personal information including:

  • Social Security Number
  • Credit or Debit Card numbers
  • Security Code or CVV
  • PIN – Personal Identification Number
  • Online Banking Login Information
  • Passwords

If you believe you may be speaking with a scammer, hang up the phone and call us at 260-432-3433 or 888-432-3433.  We’d rather you hang up the phone if you’re suspicious, than give your personal information to someone attempting to steal your identity.   Finally, please share this information with friends and family members who may be more susceptible and vulnerable to fraud… we can out smart the scammers by staying informed.

Text Scams

Watch out for fraudulent texts like these. They are NOT legitimate texts. When people have called the number in the text, they are enrolled in Samsung Pay and gift cards are immediately being purchased at Kroger and Walmart. Remember to verify any number before you call it.  PSCU’s numbers are 260-432-3433 or 888-432-3433. Feel free to contact the credit union if you believe a text or email you received about your account is suspicious.

Common Elder Fraud Schemes

Every year, millions of seniors become victims of scammers.  June 15th is World Elder Abuse Awareness day.  Below are a few scams identified by the FBI that commonly are targeted to seniors.  Take a few minutes and talk to your loved ones about these fraud schemes to help them avoid getting scammed.

  • Romance scam: Criminals pose as interested romantic partners on social media or dating websites to capitalize on their elderly victims’ desire to find companions.
  • Tech support scam: Criminals pose as technology support representatives and offer to fix non-existent computer issues. The scammers gain remote access to victims’ devices and sensitive information.
  • Grandparent scam: Criminals pose as a relative—usually a child or grandchild—claiming to be in immediate financial need.
  • Government impersonation scam: Criminals pose as government employees and threaten to arrest or prosecute victims unless they agree to provide funds or other payments.
  • Sweepstakes/charity/lottery scam: Criminals claim to work for legitimate charitable organizations to gain victims’ trust. Or they claim their targets have won a foreign lottery or sweepstake, which they can collect for a “fee.”
  • Home repair scam: Criminals appear in person and charge homeowners in advance for home improvement services that they never provide.
  • TV/radio scam: Criminals target potential victims using illegitimate advertisements about legitimate services, such as reverse mortgages or credit repair.
  • Family/caregiver scam: Relatives or acquaintances of the elderly victims take advantage of them or otherwise get their money.

For more info and ways to protect yourself and your loved ones visit https://www.fbi.gov/scams-and-safety/common-scams-and-crimes/elder-fraud

American Rescue Plan Act

The Federal Trade Commission has published the following article warning of possible future fraudulent activity to be expected once monthly payments start being disbursed to families as part of the American Rescue Plan Act:

As part of the American Rescue Plan Act, eligible families will get monthly payments from the government from July 15 through December 2021. The Internal Revenue Service (IRS) will send these monthly payments directly to people through direct deposit, paper checks, or debit cards. Unlike economic impact payments, these payments are an advance on families’ child tax credit. People who are eligible will get up to half of their child tax credit in these monthly payments and the other half when they file their 2021 taxes.

If you qualify for payments — which depends, in part, on how much you make — you’ll get them on about the 15th of each month, automatically, without having to do anything. The IRS is working to get online systems set up on its webpage and make sure all questions get answered. Go to IRS.gov for the latest info on who qualifies, how much you’ll get, and how to address any problems you might run into.

When money from the government is in the news, we know scammers are about to run their standard playbook. They may call, email, text, or DM you. They’ll say they can help you get your payments earlier (they can’t), get you more money (also no), or tell you other lies (for sure). Here’s the real deal:

  • Only the IRS will be sending these payments. Anyone trying to “help” you get your child tax credit is really after your money.
  • The government will NEVER call, text, email, or DM you out of the blue, asking for money or information. Keep your money — and your Social Security, bank account, debit and credit card numbers — to yourself.
  • Nobody legit will ever demand that you pay by gift card, wire transfer through companies like Money Gram or Western Union, or cryptocurrency. That’s a scam, every time.

If someone tries to scam you out of these payments or anything else, report it to the FTC at ReportFraud.ftc.gov.

Secret Shopper Scam

The Secret Shopper Scam has become very common again.  Here’s how it works:

  • You get an offer in the mail or email from a well known company inviting you to participate in a research project as a secret shopper.
  • You will usually receive a check or multiple checks where you keep a portion for yourself and purchase gift cards with the rest.
  • You’re instructed to do it quickly and not tell anyone about it. This is a big red flag.
  • They ask you to go to a store, buy the gift cards then scratch off the silver on the back and text them a picture of the numbers.  This gives them immediate access to the funds on the cards.

The scammers give you a sense of urgency to get it done quickly and sometimes say you’ll get paid more if you do.  They will have the money off the gift cards before the bad check they gave you is returned and you’re out all of the money.  Click to learn more about this scam or report a scam with the Federal Trade Commission.

Fraudsters Targeting Cash Transfer Apps

Cash App, Venmo, Zelle and other cash transfer apps have been a big target for fraudsters lately. Make sure you are protecting your money and your personal information!
Keep these best practices in mind:
  • Only send payments to people you know and trust.
  • Verify and double check the recipient before sending money.
  • Don’t send money to anyone promising something in the future.
  • Protect your login information and use a secure password.
Cash transfer app payments are instant and usually can’t be cancelled.  Remember, if it sounds to good to be true, it is most likely a scam.

Common Coronavirus Fraud

With so many staying home and dealing with financial hardship since the advent of the global COVID-19 pandemic, scammers have more opportunity than ever to take advantage of people and try to steal their information. We care about your safety and would like to share some information about the most common scams happening right now.

  1. IRS Imposters & Social Security Swindlers

Making ends meet has been stressful for many. That stress is only magnified when you get a call from the IRS or Social Security stating you owe them money and have a warrant out for your arrest. They need you to comply by giving them all of your personal and banking info.

This sounds scary, but it’s all a lie. Scammers know that the easiest way to get someone to comply is to threaten legal action if they don’t. The IRS & Social Security would never call you directly, nor would they EVER ask you for your social security number or banking information.

  1. Stimulus Scammers

With the first round of stimulus money starting to dry up, a lot of us are left wondering, “Are we going to get any more?” Fraudsters are aware of this anticipation and are taking advantage.

You may receive a check in the mail with instructions to send part of it back for taxes. Be aware that this is a common scam currently. Notify us or submit a complaint to the FTC if anyone claiming to work with stimulus checks asks you for money or information.

As of the time of this article, there is still no report of another approved stimulus check. The Federal Trade Commission has assembled some guidelines here for how to spot these scams.

  1. Remote Deposit Rip-offs

Scammers have conned members into giving away their information by offering a check they can deposit directly into their account. They may say it’s for a loan or a free assistance check.

Once you’re properly enticed by their offer of extra funds, they will then ask for one small thing in return: Your online banking information. They explain the fastest and most effective way to send the check is electronically, using Mobile Check Deposit in your online banking.

In truth, no legitimate company would ever ask to personally log into your online banking.

  1. Sweepstakes Shakedowns

Say you receive a phone call or email stating that you have won a large sum of prize money from a sweepstakes. You might believe things are finally turning around for you during a difficult time, but be wary of anyone reaching out to you claiming that you’ve won something.

Scammers commonly use promises of reward to persuade you to follow instructions that are ultimately designed to steal your money and information. If anyone asks you for your banking information or money in advance, they are a scammer. If someone claims they are sending a check and they need you to cash it and send a portion back, they are a scammer.

  1. Romance Racket

Some scammers have figured out how to turn the distant communication of online dating into cash. Online romance scams are nothing new, but they have seemed to accelerate, as now it’s more acceptable than ever to avoid meeting in person.

If someone says that they live abroad and are asking for gifts or money (scammers will often ask for wired funds or gift cards), even if they say it’s for moving expenses to be closer to you and take the relationship offline, they may not be who they say they are. For more information, read this article about how romance scams operate.

  1. Collection Deception

Some members have received calls from “collections agencies” claiming the member owes money on a payday loan they don’t remember taking out. As with every other situation, if something seems fishy DO NOT give away personal info or agree to send money.

  1. Smishing, Phishing, Vishing

Many of the scams listed above are a type of phishing, or an attempt to gain information through fraudulent means. The act can be attempted via emails, phone calls (also known as “vishing”), or SMS text messages (“smishing”).

If something seems too good to be true, it probably is. The key is to always remain skeptical. Do not click any links you don’t recognize or give info to someone you don’t know.

You may even receive a message that states they are a representative of the credit union. While we do occasionally reach out to our members via text, we will not ask for personal information such as account numbers, pins, or online banking credentials. If you receive texts or calls that do ask for that, please call our main line at (260)432-3433 and select option 3 to speak with our fraud specialists.

More Scams to Avoid

Check out Preferred IT Group’s recent newsletter which features a couple of articles that highlight some scams going around now including Smishing.

September 2020 Preferred IT Group’s Newsletter

Avoiding scams between stimulus packages:

Even if a second stimulus package has not yet been finalized by Congress, there needs to be some precautions when it comes to the second waive of the Stimulus Package payments and the current job market conditions.  Follow the link below for an article from the Federal Trade Commission.

Scams in between stimulus packages

Avoid scams related to economic payments, COVID-19:

The IRS urges taxpayers to be on the lookout for scam artists trying to use the economic impact payments as cover for schemes to steal personal information and money. Remember, the IRS will not call , text you, email you or contact you on social media  asking for personal or bank account information – even related to the economic impact payments. Also, watch out for emails with attachments or links claiming to have special information about economic impact payments or refunds.

New Scam Targeting Indiana Credit Unions:

Two Indiana Credit Unions have reported that their members are the target of a new text and phone call scam.  Both credit unions (located in Indianapolis and Muncie) say that a fraud ring is sending out fake “FREE TEXT” messages that look like they are being sent from the credit union.  The phone number being used is 801-901-2668.  The texts are followed up by a phone call to the member shortly after the text is sent.  The caller claims to be an agent of the credit union and attempts to obtain information.  The fraudsters are then going to stores and appear to be purchasing gift cards or reload-able debit cards.

Best Practices for Avoiding Scams:

  • Beware of scams. Be cautious when responding to text messages as well as voice calls, even if they appear to come from the credit union.
  • Call the credit union using a reliable phone number (260-432-3433 option 3) to question any text messages or voice calls purportedly from the credit union.
  • Never provide personal information in response to text messages and phone calls purportedly from the credit union.
  • Do not click on links included in text messages from unknown sources. Legitimate requests to validate card activity will request a simple response of YES or NO. They will not include hyperlinks to other websites or ask for any personal info.

New COVID-19 Scams:

Beware of scams and protect your personal data.  Scammers will try to attack during this uncertain time. Make sure to follow these easy guidelines from the Credit Union National Association to keep yourself and your money safe: https://news.cuna.org/articles/117437-ftc-issues-warning-about-covid-19-money-scams

At Public Service Credit Union, we want to make sure you’re protected from scammers during the #coronavirus emergency. When the credit union reaches out to you, we won’t ask for your social security number, account number or credit card number over the phone or via email.

SMishing & Vishing Scams:

Criminals who have credit or debit card details are spoofing credit union phone numbers in an effort to fool credit union members into thinking that text messages are actually from the fraud department of the credit union. Fraudsters are sending text messages under the guise of trying to validate recent card activity and are including hyperlinks within some text messages.

Attacks to obtain personal information from credit union members are known as SMishing (SMS text phishing) and Vishing (Voice phishing). A typical SMishing occurrence can begin with a member receiving a text message inquiring about a suspicious transaction on an account. In reality, the fraudster is looking to obtain other information from members such as debit card numbers, CV2 codes, expiration dates, PINs and other web login credentials.

Suggested Best Practices

· Beware of SMiShing and Vishing scams. Be cautious when responding to SMS text messages as well as voice calls, even if they appear to come from the credit union.

· Call the credit union using a reliable phone number (260-432-3433 option 3) to question any SMS text messages or voice calls purportedly from the credit union.

· Never provide personal information in response to SMS text messages and phone calls purportedly from the credit union.

· Do not click on links included in text messages from unknown sources. Legitimate requests to validate card activity will request a simple response of YES or NO. They will not include hyperlinks to other websites or ask for any personal info.

Phishing Scams:

Amazon customers are being targeted by scammers trying to obtain their account credentials.  The phishing scam sends emails that appear to be from Amazon saying customers need to update their information within 24 hours or their account will be disabled.  When the victim clicks “Update Now” they are re-directed to an imitation page where they are prompted to enter their login credentials, personal information and payment details.   Remember, to protect yourself from scams like these, it’s a good idea to visit the website yourself instead of clicking a link within an email.

Are you a Netflix customer?  Netflix, like Amazon, is a well-known popular brand which makes them an easy company for fraudsters to target.  Watch out for scam emails from Netflix claiming your subscription has been cancelled.  Some fraudulent emails contain a link to re-activate the subscription.  When victims click on this link, they are taken to a fraudulent site that is designed to look very similar to Netflix’s official site.  They are prompted to enter their login credentials and bank account information for payment.  To protect yourself from these types of scams, do not click links within emails.  If you are not expecting to hear from a company, they ask you to click a link, or you notice grammatical errors; these are warning signs that the email may be fraudulent.

Older Fraud Alerts:

Equifax had a security breach that may have effected 143 million Americans.  At Public Service Credit Union, we do not report any of your information to Equifax. We use TransUnion for all of our credit reporting.  To learn more about the breach and what Equifax is doing for consumers please visit their website.  As a precaution we recommend enrolling in credit monitoring or placing a freeze on your credit report.

We were informed that Arby’s had a security breach that affected customers using their debit or credit cards at several of their locations nationwide.  VISA has provided us with a list of our members’ that were affected by Arby’s security breach.  In an effort to protect your accounts and the money in it, we have blocked and re-ordered any cards that were listed as compromised.  If your debit or credit card is not working, this may be the reason why.  We have attempted to call everyone whose card was blocked.  Please contact us if you are concerned that your card may have been affected.