Risk Alert from CUNA Mutual about the Zelle Fraud Scam, below is how the scam works.
Here is how it works:
The fraudster sends test alerts to members, appearing to come from the credit union, warning members of suspicious debit card transactions.
Fraudsters call those members who respond to the text, spoofing the credit union’s phone number, and claim to be from the credit union’s fraud department.
To verify the identity of the member, the fraudster asks for the member’s online banking username and tells them they will receive a passcode via text or email and the member must provide it to the fraudster. In reality, the fraudster initiates a transaction, such as the forgot password feature, that generates a 2-step authentication passcode which is delivered to the member.
The member provides the passcode to the fraudster who uses it to log in to the member’s account using a device not recognized by the host system.
Upon logging into the accounts, fraudsters change the online banking passwords.
It seems pretty convincing, especially to those who don’t deal with it every day. A seemingly legitimate alert from your credit union about a debit card issue, followed by a call from the “fraud department”. Please do not fall for this scam. Call us if you have any questions about your account.
Thousands of people have lost millions of dollars and their personal information to tax scams. Scammers use regular mail, telephone, or email to set up individuals, businesses, payroll, and tax professionals. For more information, visit the IRS website.
If you receive a Service One Credit Union cashier's check, please call 270-796-8500 to verify it, there are counterfeit Service One cashier’s checks in circulation.
by David Ver Eecke, PSCU
Scammers are known for preying on victims’ vulnerabilities, such as financial hardship, fear, and confusion. Given the particularly challenging circumstances surrounding COVID-19, people who believe they are savvy enough to avoid scams may fall victim, nonetheless.
Proactive education is the best way to not only protect members but also help your credit union staff be prepared to assist members who have been targeted by scammers. In fact, a recent Javelin study found 80% of people in the U.S. who are informed about a scam will disengage from it.
Here are 10 common practices scammers keep in their arsenals to attempt to fool your members and commit fraud.
- Faking an emergency. Scammers pretend to represent an official organization (like the IRS) and call, text or email members to demand immediate money for bogus issues. They use threatening phrases such as, “Your 401k plan will be frozen,” “Your passport will be seized,” or “The maximum sentence for this crime is five years in prison and a $10,000 fine,” to catch victims off guard and create a sense of urgency.
- Expressing that resistance is ineffective. Once the scammer has created the emergency and instilled panic, they reinforce there is nothing the member can do to remedy the situation. In the case of an IRS scam, they often tell the member they must cooperate or face arrest or fines.
- Rewarding cooperation with encouraging comments. Scammers sometimes try to play the part of a trusted friend, offering help and a way out of the emergency that would provide relief to the member. They often tell the member they seem like a good person and offer to help them with the situation at hand.
- Not allowing victims to hang up until they pay up. Phone scammers say it is a one-time opportunity for the member to take action to avoid further consequences, and if the member hangs up the phone, he or she will not be offered another chance to resolve the problem.
- Using official-sounding titles and names for ordinary things. Scammers try to sound impressive to gain members’ trust. They use official-sounding titles and names for merchants and everyday items. Examples include referring to a gift card as an “electronic federal tax payment system,” or instead of using the name of a store, they call it a “government-affiliated payment processor.”
- Stating they are not asking for personal information up front. Scammers know asking for personal information could raise alarm bells for the member. Instead, they may say they are not looking to obtain this information, or they are not looking for an exchange of funds over the phone, which may cause members to let down their guard. This is why scammers often use gift cards to extract payment.
- Signaling to members they are being recorded. In an attempt to sound legitimate, scammers say the call is being recorded and monitored by the IRS.
- Threatening to alert the media. Scammers go to great lengths to keep suspicious or wary members on the phone, and even go so far as to threaten to contact the media on behalf of the IRS if the member does not comply with what is being asked. This is used as a last resort to salvage a conversation that might not be going well.
- Exploiting member engagement. Once scammers have members hooked, they may transfer the call to another fake agent in an attempt to further legitimize the call. Often, these scamming “call centers” employ multiple scammers who work together to make the initial call and then close the scam. Scammers are highly organized: some are responsible for getting members hooked, while others focus on closing the deal by extracting payment. They may say, “Please hold on the line, I am transferring the call to my senior treasury specialist,” or “Thanks for waiting, this is senior officer Matthews from the accounting department. My badge ID is…”
- Insisting members keep quiet about special offers. If a scammer offers a special tax break, for instance, they will often demand the member not discuss it with anyone, as it would prevent them from getting the settlement.
Members should report scams as soon as they occur, and visit USA.gov for information on reporting scams and fraud.
Members have received text messages telling them that their debit cards have been suspended. It lists an 800 number to call. This is not Service One. We do not text you stating your debit card has been suspended. Block the number texting you. It is s scammer trying to get access to your debit card.
Social Media Scams
With most of the US under orders to stay at home due to the COVID-19 pandemic, many people are turning to social media for a fun distraction. Taking a Facebook quiz may seem like a harmless way to pass the time while quarantined, but it could also give scammers your personal information.
How the Scam Works:
You see a fun quiz on Facebook or another social media platform. What’s the harm, you figure? You answer a few questions and prove how well you know a friend. Or you take a short personality test to match with a character from your favorite TV show.
These quizzes ask seemingly silly or meaningless questions, but scammers can use that information for nefarious purposes. For example, some quizzes collect personal information by asking questions like: “What is your mother's maiden name?” or “What is the name of the street you grew up on?” These are common security questions for banking and credit card accounts. Sharing this information can lead to your accounts being hacked, and your personal and financial information being stolen.
Not all social media quizzes are data collection scams, but BBB cautions users to be careful about what they share online. Social media data and quiz answers can be used to steal your identity or enable a scammer to impersonate you to your friends and family.
Tips to avoid social media scams:
- Be skeptical: Before you take a quiz, figure out who created it. Is it a brand you trust? Just because something appears to be fun and innocent, doesn’t mean there isn’t an inherent risk.
- Adjust privacy settings: Review your social media account’s privacy settings and be strict about what information you share - and be mindful of who you are sharing it with.
- Remove personal details from your profile: Don’t share information like your phone number or home address on social media accounts.
- Don't give answers to common security questions: Be cautious if the questions in a quiz ask for things like your mother's maiden name, street you grew up on, or the name of your high school.
- Monitor Friend Requests. Don't accept friend requests from people you don’t know. Also, be wary of a second friend request from someone you are already connected with; the second profile may be an imposter trying to access your data and your Friends list.
Be Aware of Relief Check Scams: Click Here for More Info
Federal and State agencies are alerting Americans that any phone call, text, or email asking for personal or financial information to receive the $1,200 federal payment through the CARES Act is NOT legitimate.
Taxpayers will NOT have to sign up to receive their payment.
DO NOT give out any personal information such as social security or account numbers, PayPal information, address, etc.! If someone claims it is essential for a stimulus check relating to the Conoronavirus pandemic, they are trying to scam you.
A recent FBI alert warns consumers and businesses about coronavirus (COVID-19)-related schemes to steal money and personal information.
The agency cites three of the most prevalent scams and how to avoid them:
1. Fake CDC emails
Watch out for emails claiming to be from the Centers for Disease Control and Prevention (CDC) or other organizations offering information about the virus.
Don’t click links or open attachments you do not recognize. Fraudsters can use links in emails to deliver malware to your computer to steal personal information or to lock your computer and demand payment.
Be wary of websites and apps claiming to track COVID-19 cases worldwide. Criminals are using malicious websites to infect and lock devices until they receive payment.
2. Phishing emails
Beware phishing emails asking you to verify your personal information to receive an economic stimulus check from the government. Government agencies are not sending unsolicited emails seeking your private information to send you money.
Phishing emails may also claim to be related to charitable contributions, general financial relief, airline carrier refunds, fake cures and vaccines, and fake testing kits.
3. Counterfeit treatments or equipment
Be cautious of anyone selling products that claim to prevent, treat, diagnose, or cure COVID-19. Be alert to counterfeit products such as sanitizing products and personal protective equipment (PPE), including N95 respirator masks, goggles, full-face shields, protective gowns, and gloves.
The FBI advises several ways to practice good “cyber hygiene” and security measures:
- Don’t open attachments or click links within emails from senders you don't recognize.
- Don’t provide your username, password, date of birth, social security number, financial data, or other personal information in response to an email or robocall.
- Verify web addresses of legitimate websites and manually type them into your browser.
- Check for misspellings or wrong domains within a link (i.e., an address that should end in .gov ends in .com instead).
Beware of the following:
Testing kits. Whether it’s someone going door-to-door offering a COVID-19 testing kit or someone selling them online, don’t fall for this con. Currently, real testing kits cannot be purchased or performed at home.
Miracle cures, vaccines, or supplements. When you see an advertisement promoting a miracle cure, vaccine, or supplement to help you fight the coronavirus, just ignore it. False claims like this should be reported to BBB at bbb.org/adtruth.
Mask sales. While many people are on the hunt for medical-grade masks, scammers are posting fake websites. While the site may look legitimate, consumers are purchasing masks only to never receive the product or have their financial information compromised. Always check with BBB at bbb.org before making any online purchase.
Government checks. If you receive a phone call from a “government representative” saying they need your social security number, banking account number, or other personal information in order to give your relief check, hang up! Anytime funds like this are distributed, the government will NEVER call and ask for personal information.
Errand assistance. Be wary of strangers who offer to run errands for you. While there are legitimate groups who are offering assistance to those that are in need, there are scammers who are looking to take your prescription medications or your money. Do your research and check references first.
Free gift cards. Some businesses are providing discounts during this time, but if you see an offer for a free gift card, proceed with caution. These offers are often “too good to be true” and lead you to a phishing site that asks for personal information. Always contact the company directly to see if any promotion is real.
Charity and giving. If you are looking to donate, make sure you are donating to legitimate charities. You can verify the trustworthiness of a charity by visiting give.org for free reports to see if the charity meets BBB’s Standards for Charity Accountability. If you are giving to a crowdfunding cause, it’s best to give to someone you personally know and to be wary of vague requests.
Tracking apps. With COVID-19 spreading rapidly, you may want to know if the virus has spread to your area. While there are legitimate coronavirus “map apps” available, there are also ones that download malware and spyware onto your phone instead.
For more tips and information, visit bbb.org/coronavirus.
If you need assistance, please call our Member Solutions Center immediately at (800)759-8500.
A common technique among internet and email scammers is to take advantage of public concerns and fears. Today, that means that scammers are capitalizing on the fear surrounding the emergence of the coronavirus (COVID-19) from health and safety concerns to apprehension around financial market impacts. During this critical time, focus on anything that sounds too good to be true! Below are a few examples of the scams circulating:
Beware of Bogus Products and Investments
As scammers prey on coronavirus fears, there is an uptick in the sale of bogus products like masks, immune system boosters, and sanitizers. If you aren’t able to find a hand sanitizer at your local store, it doesn’t make sense that a random source on the internet would have an unlimited supply for sale. When an offer sounds “too good to be true,” verifying product credibility thorough research is key.
Also, be wary of “investment opportunities” related to the coronavirus. The U.S. Securities and Exchange Commission (SEC) is warning people about online promotions, including through social media, claiming that the products or services of publicly-traded companies can prevent, detect or cure coronavirus. Don’t get caught in a stock scam; always seek professional advice.
Know Your Charities
Another path that scammers are taking is soliciting for bogus charities. We all want to help; the scammers know that if they tug on our heartstrings, our wallets will usually open. The scams often look like they are helping locally or for specific groups you support. Before you contribute, be sure to research new charities thoroughly. Check with the Better Business Bureau for complaints.
Watch Out for Phishing
The third foundational scam to be aware of is the use of phishing emails to take your money and get your personal information. As always, never click on an embedded link in an unsolicited email. It may download malware onto your computer. Protect yourself by making sure anti-virus software is on your computer and up-to-date.
Be suspicious of emails claiming to be from the Centers for Disease Control and Prevention (CDC) or “experts” saying that they have new, critical information about the virus. For the most up-to-date information, go right to the authoritative source. Go to the CDC and the World Health Organization (WHO) websites for current information. If you come across any suspicious claims, report them to the Report Fraud.
You already know to go to Coronavirus.gov for medical information and usa.gov/coronavirus to see what the federal government is doing. Your local government and health department have the best information about what people in your area can (and can't) do. And the Federal Trade Commission has great information on the wide variety of Coronavirus scams.
We are here for you, if you think something does not feel right, someone may be trying to get your financial information, please call our Member Solutions Center at 270-796-8500.Go to main navigation