November 15 – FMFCU has received recent reports of fraudsters using certain scams that are including the FMFCU logo and/or name to solicit bank account or other personal information. Please think before you act on any suspicious communication from any financial institution including FMFCU. Emails always come from fmfcu.org domains, and we will never ask for any personal or financial information from you via text, email or phone calls unless initiated in a branch or our Member Service Center.
October 29 – If you get a call that looks like it’s from the Social Security Administration (SSA), think twice. Scammers are spoofing SSA’s 1-800 customer service number to try to get your personal information. Spoofing means that scammers can call from anywhere, but they make your caller ID show a different number – often one that looks legit. Read the complete article from the Federal Trade Commission (FTC).
‘ZipperDown’ Flaw Might Expose Up To 100 Million Apple iPhones – 6/7/18. Apple iPhone users take note: A vulnerability that might affect tens of millions of users leaves devices open to dangerous attacks, China-based researchers have warned. The flaw, dubbed ZipperDown, resides in 15,978 iOS apps that have been downloaded 100 million times, according to famous iPhone jailbreakers Pangu Team. Read more
Half of phishing sites trick you into thinking they’re ‘secure’ – 11/27/18
You can’t assume that a site is honest because it has that “secure” padlock in the address bar, and PhishLabs just illustrated why. The anti-phishing company has determined that 49 percent of all known phishing sites used Secure Sockets Layer protection (and thus displayed the padlock) as of the third quarter of 2018. Read more about this from Engadget.com.
Call forwarding phishing attacks
Be on the lookout for Call Forwarding phishing attacks. How it works: the fraudster calls a person and asks him/her to activate their credit card. Then they ask you to call a phone number to activate the card. The phone number contains *72 which activates call forwarding, giving them control of the person’s phone number allowing international calls, etc. NEVER give out your personal information to anyone calling you and when it doubt, hang up and call them using official corporate phone numbers.
Avoid tech support phone scams
Cybercriminals don’t just send fraudulent email messages and set up fake websites. They might also call you on the telephone and claim to be from Microsoft. Read what you need to know and how to protect yourself. Read what you need to know and how to protect yourself.
Phishing scam targets taxpayers who use tax software
The growing popularity of tax preparation software has led to a rise in e-mail scams targeted at do-it-yourself taxpayers. Read the article.
NCUA Says Lookout for Fake Checks
Be on the lookout for fake checks. They may look legitimate, but can be easily faked. Don’t be pressured into wiring or sending money after depositing a check. If you send money to a scammer, the funds may be impossible to recover. You may be responsible for repaying the funds if you deposit a fake check and withdraw money, even if you were scammed. Fraud Prevention Center
NCUA Fraud Prevention Center
Consumers now have an information resource to help learn about and protect themselves against fraud with the National Credit Union Administration’s Fraud Prevention Center.
5 Tips for Protecting Your Checking Account
A nice brief article from the Federal Reserve Board. Read the article
October 11, 2018 – Inspector General Warns Public About OIG Impersonation Schemes
The Acting Inspector General of Social Security, Gale Stallworth Stone, is warning citizens about an ongoing Office of the Inspector General (OIG) impersonation scheme. The OIG has recently received reports from citizens about suspicious phone calls claiming to be from the Acting Inspector General. Read more from the Social Security Administration site.
April 24, 2018 – Be wary of home warranty scams
Home warranty scams are common, but if you get one in the mail and you’ve never had one, don’t be fooled. These mail pieces seem very serious and claim to be time sensitive. They may even reference your loan from your financial institution. Why do they have that information? Because it’s public information at the court house.
Bottom line…throw them in the trash.
April 3, 2018 – Combat Mobile Phone Port-Out Scams
The CUNA Mutual Group reports that fraudsters are impersonating mobile phone users to have phones transferred to a different carrier – effectively stealing the users’ mobile phone number. This is being coined as a port-out scam. Once transferred to a different carrier, the fraudster receives all calls and texts that were intended for the user – including those that can be used to takeover a member’s account via online banking. Fraudsters have successfully intercepted one-time passcodes used to authenticate members logging into their account or to initiate transactions within online banking.
This scam could also result in fraudulent transactions using credit and debit cards. A fraudster, who has ported a cardholder’s mobile phone to a new carrier, could use a counterfeit or stolen credit or debit card belonging to the cardholder to conduct fraudulent transactions.
Major mobile phone carriers, such as T-Mobile and AT&T, are recommending to their customers to place a “port validation password” on their accounts. If a user wishes to port their mobile phone to a different carrier, the new carrier would have to provide the “port validation password” to the existing carrier before the switch can take place.
The information above are excerpts from CUNA Mutual Group’s risk alerts based on their experience in the credit union, insurance, and risk management marketplace. It is intended to be used only as a guide, not as legal advice. Any examples provided have been simplified to give you an overview of the importance of selecting appropriate coverage limits, insuring-to-value, and implementing loss prevention techniques. No coverage is provided by this resource, nor does it replace any provisions of any insurance policy or bond.
March 12, 2018 – Watch out for tax scams
They’re at it again… tax scammers scheming new ways to steal personal information and money.
In the first scenario, identity thieves file a fake tax return and have the refund deposited into your bank account. The thieves then contact you, often by phone, and — posing as the IRS or debt collectors for the IRS — demand you return the money to the IRS. But following the thieves’ instructions actually sends the money to them.
In another version, after you get that erroneous refund, you get an automated call, allegedly from the IRS, threatening you with criminal fraud charges, an arrest warrant, and “blacklisting” of your Social Security number. The caller gives you a case number and a telephone number to call to return the refund.
March 7, 2018 – Tax-related identity theft still a concern
Even though reports of tax-related identity theft have declined markedly in recent years, the Internal Revenue Service warns that this practice is still widespread and remains a serious threat. The IRS reminds everyone should:
- Always use security software with firewall and anti-virus protections. Make sure the security software is always turned on and can automatically update. Encrypt sensitive files such as tax records stored on the computer. Use strong passwords.
- Learn to recognize and avoid phishing emails, threatening phone calls and texts from thieves posing as legitimate organizations such as banks, credit card companies and government organizations, including the IRS. Do not click on links or download attachments from unknown or suspicious emails.
- Protect personal data. Don’t routinely carry a Social Security card, and make sure tax records are secure. Treat personal information like cash; don’t leave it lying around.
To read the full article, visit the IRS Newsroom article here.