Thank you for visiting Sharefax Credit Union’s Fraud Alerts. Sharefax Credit Union welcomes the responsibility of protecting our members’ privacy. In an effort to educate our members we have posted information on phishing and spoofing on our credit union website.
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports from consumers who received an e-mail that has the appearance of being sent from the FDIC. The e-mail informs the recipient that “in cooperation with the Department of Homeland Security, federal, state and local governments…” the FDIC has withdrawn deposit insurance from the recipient’s account “due to account activity that violates the Patriot Act.” It further states deposit insurance will remain suspended until identity and account information can be verified using a system called “IDVerify.”
If consumers go to the link provided in the e-mail, it is suspected they will be asked for personal or confidential information, or malicious software may be loaded onto the recipient’s computer.
This e-mail is fraudulent. It was not sent by the FDIC. It is an attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media.
The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to firstname.lastname@example.org.
Don’t Get Phished
Ohioans are receiving e-mails, cell phone text, and voice mail/answering machine messages informing them that their credit union accounts have been suspended. Recipients are given a phone number to call to re-instate their accounts (this is how the fraudsters steal their account information and potentially withdraw funds).
The following are known phishing messages being circulated:
- A phone message from the “Ohio Credit Union Security Department” saying your credit card has been suspended and to call (450) 988-2033.
- An auto dialer is calling Central Ohio phone numbers leaving a message stating that they are from “Credit Union of Ohio” and advising their credit card account has been compromised. They are directed to call 614-448-1303.
- Text and e-mail messages saying, “Your CME F-C-U services was suspended for suspicious activity, call us at 6197934823”.
- Text and e-mail messages from service1 @superior.com advising Superior FCU members that “we have been unable to contact them concerning a compromise of their VISA card” to call 800-466-1728.
- Text and e-mail messages saying, “Your Credit Union of Ohio services was suspended for suspicious activity, call us at 3054337563”
If you receive any of these messages, disregard them and do not call the phone number — Even if you have an account with CME Federal Credit Union, Credit Union of Ohio, or Superior Federal Credit Union. Report the message to your credit union or other financial institution. CME Federal Credit Union, Credit union of Ohio, and Superior FCU have posted information about the scams on their Web sites, www.cmefcu.org, www.cuofohio.org, and www.superiorfcu.com, for consumers.
Consumers that have submitted their account information need to immediately contact the bank or credit union that holds their accounts and ask them to place a hold on the accounts so they can’t be accessed by the fraudsters. Harry Trombitas, Special Agent for the Federal Bureau of Investigation, recommends that victims of the fraud go to the Federal Trade Commission’s Web site, www.ftc.gov/idtheft, and follow the steps provided to minimize their losses and help protect their good credit.
If you receive e-mails, cell phone text, and voice mail/answering machine messages informing you that your Sharefax Credit Union account(s) have been suspended or requesting information from you, please contact us at (513) 753-2440 immediately.
Sharefax has received a number of calls for verification of funds on a Sharefax Credit Union cashier’s checks. For example, Joe Member received a Sharefax Credit Union cashier’s check in the amount of $2,680, via FEDEX, from someone doing work at home for ABC Computer Technology Inc. Joe Member contacts Sharefax for verification of funds to find that the check was fraudulent.
If you receive a cashier’s check from Sharefax Credit Union and have concerns over the authenticity please do the following:
- Contact Rebecca Jester at (513) 753-2440.
- Do not deposit or cash it.
- Fax a copy of the check, along with a description of how you received it, and any details about the sender, to Rebecca Jester at (513) 943-8103.
New Online Banking Security Features
Phishing is the latest form of identity theft. It’s when thieves act as if they are representing an organization and try to hook the consumer into providing personal information. Once the consumer is hooked, the thieves can do lasting damage to a consumer’s financial accounts. They can dupe consumers into providing their Social Security numbers, financial account numbers, PINs, mothers’ maiden names and other personal information.
The thieves often pose as a:
- Financial institution
- Credit card company
- Online merchant
- Utility or other biller
- Internet service provider
- Government agency
- Prospective employer
Estimated to cost consumers $1.2 billion last year, according to research firm Gartner, Inc., phishing is perpetuated by both phone and e-mail, although email is more prevalent.
Here’s how it works: Consumers receive an email from an organization with which they do business. The email typically includes bogus appeals such as problems with an account or billing errors, and asks the consumer to confirm his/her personal information. Different approaches include things such as “We’re updating our records,” “We’ve identified fraudulent activity on your account,” or “Valuable account and personal information was lost due to a computer glitch.” To encourage people to act immediately, the email usually threatens that the account could be closed or canceled.
Most emails ask recipients to follow an embedded link that takes them to an exact replica of the victim company’s Web site. Graphics on the counterfeit site are so convincing that even experts often can have a hard time distinguishing the fake site from the real one.
Despite the convincing appeals, consumers should not respond to unsolicited emails that direct them to divulge personal identifying information. Reputable organizations that consumers legitimately do business with generally do not request account numbers or passwords unless the consumer initiated the transaction.
Unfortunately, by hijacking the trusted brands of well-known and reputable organizations nationwide, phishers are able to convince up to 5% of recipients to respond to them, according to the Anti-Phishing Working Group. Gartner, Inc. recently reported that more than 57 million Americans think they have received a phishing email, and the FBI has called phishing the “hottest, most troubling new scam on the Internet.”
As we all have heard through the FBI, NCUA and OCUL (Ohio Credit Union League); there have been several instances of unsolicited email and telephone scams that have attempted to glean personal and account information from the general public. These emails have the appearance of coming from one of the above mentioned agencies.
We want to assure our members that Sharefax Credit Union will NEVER send you any communications via email with a request for personal information such as account numbers, PINs, or other passwords.
NCUA, CUNA, VISA and Mastercard Phishing Scam Alert
Please be on the alert for a potential phishing email scam. The emails appear to be from NCUA (National Credit Union Administration), CUNA, Visa or Mastercard. The email claims that because of a recent phishing attack and identity theft, they are performing maintenance on their security measures. It then asks the recipient to “verify” their account information to eliminate any potential risk through a link provided that appears to be on their secure website. Of course, the link is to a false website that requests the member’s credit union account number and PIN, along with other personal information, which is a ploy to gather information that possibly could be used for identity theft or fraudulent transactions.
THESE EMAILS ARE FALSE. NCUA warns recipients that it would never send an email asking credit unions members for such personal information. Anyone who receives an e-mail that purports to be from NCUA and asks for account information should consider it to be a fraudulent attempt to obtain their personal account data for an illegal purpose and should not click on the links in the message, and the message should be deleted.
If you have any questions or concerns about this fraudulent email purportedly from NCUA please contact us by email at email@example.com* or phone (800) 733-1728 or (513) 753-2440.
*Internet e-mail is not a secure medium for personal information. Do not include your Social Security or member number in the email.
Below is a sample email – or you can see a SampleFraudEmail (notice the numeric web address when I put my mouse over the link – Don’t be fooled!)
FRAUDULENT EMAIL CONTENT – see notes added in brackets [ ]:
[*************START OF PHISHING EMAIL EXAMPLE*************]
Dear NAFCU member,
As part of our security measures, we regularly screen activity in Federal Credit Union network. We recently noticed the following issue on your account: A recent review of your transaction history determined that we require an update of your account in order to provide you with secure services. Case ID Number: PP-065-617-349
For your protection, we have limited your access, until additional security measures can be completed.
We apologize for any inconvenience this may cause.
Please restore your access as soon as possible.
You must click the link below and fill in the form on the following page to complete the verification process.
http://126.96.36.199/data/nafcu.org/ [this may be the fraudulent website link, though it’s actual address will likely be hidden from view. It may actually appear to be something like http://www.nafcunet.org/profile_verification/index.htm]
We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account.
We apologize for any inconvenience.
Nation Association of Federal Credit Unions Account Review Department
Please do not reply to this e-mail. Mail sent to this address cannot be answered.
[*************END PHISHING EMAIL EXAMPLE*************]
Above is a sample email – or you can see a picture of a fraudulent SampleFraudEmail (notice the numeric web address when I put my mouse over the link – Don’t be fooled!)
Credit Card Scam
Don’t be fooled into giving your 3 digit security number on the back of your card: Here’s how this scam works:
This one is pretty slick since they provide YOU with all the information, except the one piece: they want which is the 3 digit security numbers on the back of your Visa or MasterCard.
Note, the callers do not ask for your card number; they already have it. This information is worth reading. By understanding how the VISA &MasterCard Telephone Credit Card Scam works, you’ll be better prepared to protect yourself.
The scam works like this: Person calling says, “This is (name), and I’m calling from the Security and Fraud Department at VISA. My Badge number is 12460. Your card has been flagged for an unusual purchase pattern, and I’m calling to verify. This would be on your VISA card which was issued by (name of bank). Did you purchase an Anti-Telemarketing Device for $497.99 from a Marketing company based in Arizona ?”
When you say “No”, the caller continues with, “Then we will be issuing a credit to your account. This is a company we have been watching and the charges range from $297 to $497, just under the $500 purchase pattern that flags most cards. Before your next statement, the credit will be sent to (gives you your address), is that correct?”
You say “yes”. The caller continues – “I will be starting a Fraud investigation. If you have any questions, you should call the 1- 800 number listed on the back of your card (1-800-VISA) and ask for Security. You will need to refer to this Control Number. The caller then gives you a 6 digit number. “Do you need me to read it again?”
Here’s the IMPORTANT part on how the scam works. The caller then says, “I need to verify you are in possession of your card”. He’ll ask you to “turn your card over and look for some numbers”. There are 7 numbers; the first 4 are part of your card number, the next 3 are the security numbers that verify you are the possessor of the card. These are the numbers you sometimes use to make Internet purchases to prove you have the card. The caller will ask you to read the 3 numbers to him
After you tell the caller the 3 numbers, he’ll say, “That is correct, I just needed to verify that the card has not been lost or stolen, and that you still have your card. Do you have any other questions?” After you say No, the caller then thanks you and states, “Don’t hesitate to call back if you do”, and hangs up.
You actually say very little, and they never ask for or tell you the Card number But after some victims were called, they called back within 20 minutes to ask a question – and were glad they did!
The REAL VISA Security Department told us it was a scam and in the last 15 minutes a new purchase of $497.99 was charged to the victim’s card.
Long story made short – a real fraud report was filed and the victim’s VISA account was closed; with VISA reissuing a new number. What the scammers want is the 3-digit PIN number on the back of the card. Don’t give it to them. Instead, tell them you’ll call VISA or Master card directly for verification of their conversation.
Below are some security suggestions for Internet users:
- If you encounter an unsolicited email that asks you, either directly or through a website, for personal financial or identity information (such as social security number, passwords, account numbers or other identifiers), DO NOT RESPOND.
- If a web site address is not familiar to you, then it is probably not real. Only use the address that you have used before or start at your normal homepage.
- Always report fraudulent or suspicious email to your Internet Service Provider. Reporting instances of spoof web sites will help get those bogus websites shut down before they can do any more harm.
- Most companies require you to log in to a secure site. Look for the lock at the bottom of your browser and “https” in front of the website address.
- Take note of the header address on the website. Most legitimate sites will have a relatively short internet address that usually depicts the business followed by .com, .net or .org. Spoof sites are more likely to have an excessively long string of characters in the header with a legitimate business name somewhere in the string, or possibly not at all (such as http://188.8.131.52/www.WEBSITENAME.com). Often times you can tell where I link will direct you without even clicking on it. By putting your mouse over a link, the link address is displayed in the Status Bar (lower left hand corner) of most web browsers. Also, the link may display if you just move your mouse over the link and wait – the link should appear then.
- If you have any doubts about an email or website, contact the legitimate company directly. Make a copy of the questionable web site’s URL address, send it to the legitimate business and ask if the address is legitimate.
- If you’ve been victimized by a spoofed email or website, you should contact your local police or sheriff’s department and file a complaint with the FBI’s Internet Fraud Complaint Center.
- When creating your passwords, don’t use information that could easily be linked to you (i.e. phone number, your date of birth, address numbers).
- Change your password often. We suggest changing your password every 30 to 60 days.
- Do not share your passwords or PINs with anyone.
- Do not write your passwords or PINs down where they may easily be found by others.
- Do not send your full Account Numbers in an email. If you have several accounts and need to identify them individually, mask the numbers to that Acct Number 12345 looks like XXXXXXXX45.
- Do not send your passwords or PINs in an email.
- If someone comes to you selling investment opportunities – check to make sure they are licensed to sell such investments in your state.
- Other schemes can happen when selling or buying items thru online auctions.
- Always go thru a 3rd party settlement company when buying. This gives you added protection if you don’t receive the item you pay for. Be extra cautious if they are only able to take payment via Cashier’s Check, Cash or Western Union wire.
- When selling – a buyer might say, “Oh, here’s the check payment for the item, but I overpaid – can you please send me back the difference?” Most of the time the check they are paying with is bad & will come back to you – at which time you’ll be out the product you sold (b/c you’ve already sent it away), as well as the money you sent back to the buyer.
To learn more about email scam and what you can do to protect yourself online, the Federal Trade Commission has information on its web site at www.ftc.gov.
The FBI also has a number of great resources on telemarketing schemes, Nigerian letter frauds, lottery frauds, etc.
Don’t be a victim – Be Crime Smart – FBI
Lastly, the old saying, “If it sounds like it is too good to be true, it probably IS too good to be true.” is as important today, as when it was first coined.
Sharefax Credit Union always has your best financial interest in mind, and part of that is financial security and privacy. Sharefax Credit Union will NEVER send you any communications with a request for personal information such as account numbers, PINs, or other passwords. If you receive a questionable e-mail requesting personal information about your accounts that appears to be from Sharefax Credit Union, please contact us at (800) 733-1728 or (513) 753-2440.