21 May

Top 5 Ways Fraudsters Can Steal Your Money

Phishing succeeds because it looks like the real thing, and when you’re not expecting it, it catches you off guard. Scammers are getting more and more creative in their attempts to get your money or personal information. Scams target people of all backgrounds, ages, and income levels across the United States. There is no one group of people who are more likely to be the victim of a scam, and at some point, all of us may be vulnerable to them.

You may be familiar with email phishing, but it’s not the only type of phishing you could experience. We’ve compiled the top five ways fraudsters can steal your money so you can identify and stop such scams. Be careful and protect yourself from being scammed by following these tips and safe practices.

Phone Call Phishing

Voice phishing is a form of criminal phone fraud that uses social engineering over the telephone system to gain access to private personal and financial information for financial reward purposes. It makes use of fraudulent phone calls to trick people into giving money or disclosing personal details.

Warning signs to look out for:

  1. A phone call from “your credit card company” or “financial institution”, typically from someone who works in the “Security and Fraud Department”
  2. You are told your card has been flagged for suspicious transactions and you need to prove that you have the card in your possession.
  3. You are asked to provide the three-digit security code on the back of your payment card, a one-time passcode that was just sent to you, or your PIN.

Email Phishing

Phishing emails might look like they’re from a company you know or trust. They may look like they’re from a bank, a credit card company, a social networking site, an online payment website, an app, or an online store.

Warning signs to look for:

  1. Spelling and grammar errors in the subject line or body of the email.
  2. Sometimes scammers will include a deadline and threaten account suspension to add urgency to override your normal sense of caution.
  3. The email address doesn’t match the organization.
  4. The email does not address you by your name.
  5. No contact information. If something feels suspicious, contact your financial institution directly using the phone number on the back of your card.
  6. Suspicious request. Visa, like other financial institutions, does not contact cardholders to request their personal account information.
  7. Suspicious hyperlinks. Avoid clicking on hyperlinks if possible. A single click can cause your computer to become infected with malware.

Text Message Phishing

Text message or SMS phishing happens when scam artists use misleading text messages to induce customers to include their personal or financial information. Scam artists who send text messages often impersonate a government agency, bank, or other company to lend legitimacy to their claims.

Warning Signs to Look Out For:

  1. There’s a link instead of a phone number to call.
  2. The text you receive may not contain the name of the bank or any other information.
  3. The text requests that you log in to your bank account to verify a transaction, enter your PIN, or provide your 3-digit CVV code.

Website Phishing

Phishers are getting more and more creative in creating their fake websites, take these steps if you think you’ve been phished. There’s no surefire way to know if you’re on a phishing site, but here are some tips that can help you discern a legitimate website from a phishing site:

  1. There’s something slightly off about the web address or the actual page. Look for misspelled words, substitutions, or dated logos.
  2. An unusual pop-up on the site that requests that you enter your account information.
  3. There are HTML links that don’t match their destination.

Social Media Phishing

There are multiple ways scammers use social media to get your personal information. Here are a few:

  1. Fake Profiles

Social media has changed the way customers interact with brands and tend to go directly to social media channels for customer support. Fraudsters were quick to take advantage of this online relationship to launch fake accounts that impersonate major brands.

  1. Fake Comments

A current news article or famous post appears to attract a lot of likes and comments. Fraudsters can make the most of this large audience by adding their own comments to the posts with links to other attention-grabbing headlines. As soon as users click the button, they will be directed to the phishing website or their device will be infected with malware.

  1. Fake Bargains

It’s hard to resist the lure of a cheap online deal, but these are usually too good to be true! The scammers often create a fake page that imitates a big brand name, then pretend to offer a real promotion. These scams are also explicitly designed for the collection of user data and may involve the input of personal information.

In-Branch Closures RMLEFCU Effective March 16th

How to Protect Yourself

Here are some ways you can protect yourself from phishing:

  1. Find imposters. Scammers often pretend to be someone you trust, like a government official, a family member, a charity, or a company that you do business with. Don’t send money or give out personal information in response to an unwelcome request — whether it’s text, phone call, or email.
  2. Perform web searches. Type a company or product name into your favorite search engine with terms such as “analysis,” “complaint” or “scam.” Or search for a term that fits your situation, such as “IRS call.” You can also search for phone numbers to see if other people have identified them as scams.
  3. Don’t trust your caller ID. Technology makes it easy for scammers to fake caller ID information, so the name and number you see aren’t always real. If someone calls asking for money or personal information, hang up. If you think the caller might be telling the truth, call back to a number you know is genuine.
  4. Don’t pay upfront. You might be asked to pay in advance for things like debt relief, credit and loan offerings, mortgage assistance, or a job. They might even say you won a prize, but you have to pay taxes or fees first. If you do, they ‘re just going to take the money and vanish.
  5. Consider how you pay. Credit cards have built-in significant fraud protection, but some methods of payment do not. Wiring money through services like Western Union or MoneyGram is risky because it’s almost impossible to get your money back. This is also valid for reloadable cards (like MoneyPak or Reloadit) and gift cards (like iTunes or Google Play). Government offices and honest companies will not require you to use these payment methods.
  6. Talk to someone. Speak to someone you trust before you give up your money or personal information. Con artists want you to make your decisions in a hurry. They might even be threatening you. Slow down, check out the plot, search online, consult an expert — or just tell a friend.
  7. Be skeptical about free trial offers. Some businesses use free trials to sign up for goods and charge you every month before you cancel. Before you agree to a free trial, research the company and read the cancellation policy. And always check your monthly statements for charges that you don’t recognize.
  8. Don’t deposit checks and wire money back. By law, banks must make deposited checks available within days, but uncovering a fake check can take weeks. If the check that you have deposited turns out to be a fake, you are liable for paying the bank back.

If you have any questions or concerns, please call RMLEFCU at 303-568-6660 or email us at members@rmlefcu.org.

02 Apr

Keep an Eye Out for COVID-19 Phishing

It’s no surprise that when there is a crisis, there are bad guys quick to swoop in and take advantage of a concerned public. COVID-19 scammers are on the prowl — so warn loved ones to be alert while on their phones and online. Phishing is already being reported: criminals disguised as charities seeking donations to help those in need.

Scammers and fraudsters are scrounging for card numbers, account numbers, and online banking information by communicating using text, phone, and email. In other words, little numbers that spell big disaster for the unsuspecting. Be scrupulous with your financial data and remember you, yourself may be savvy enough to spot these scams, but others are more susceptible, particularly the very young and the very old.

Remind them, as you remind yourself:

  • Never respond to or open any COVID-19 related emails or email links requesting financial or private information, unless you can confirm you know the individual who initiated the request.
  • Be vigilant and wary of opening an email or email link of any kind if it is from an unrecognized sender. Emphasize to elders in your family that watching out for bad guys does not make you a bad samaritan.
  • Never provide information when requested. Scammers succeed because their approach looks legitimate.
  • RMLEFCU will never call and ask for personal data. NO FINANCIAL INSTITUTION will do that.
  • If a caller claims to be your healthcare provider asking for financial assistance to combat COVID-19, do not take it on face value. Hang up and call your provider’s office number and they will confirm it.

Stay educated and alert by following news reports on phishing during this critical time. Take measures to protect the financial health of those around you, even as you protect their personal health. Ongoing education and awareness are key to keep the fraudsters away from you and your family. If you have any questions or concerns, please call us at 303-458-6660 or email us at members@rmlefcu.org. We want to keep you and your bank account safe.

04 Oct

How to Avoid Phishing Scams

How to Avoid Phishing Scams

In this day and age, most everyone is aware of phishing scams and does their best to avoid falling prey to their tricks. With such a high level of awareness, you might think that the volume of thieves out there creating phishing scams has decreased. The unfortunate truth though, is that innocent consumers still fall victim to scams every day, as criminals get better and better at their job of fooling every-day people. Fortunately for you, RMLEFCU has a policy to educate our members on these internet-related fraudulent schemes and how to avoid them.

Access Sites Directly

RMLEFCU advises that you not access the Credit Union’s webpage from a link on a third-party site, as it may not be authentic. Always access the site by typing the name or URL address into the browser or use a “bookmark” that directs you straight to the site. This will ensure that you are visiting the actual, secure website instead of a copy or lookalike page.

Beware of Emails Asking for Information

Nowadays, people get so many emails each day that it’s hard to keep track of them all. When going through your inbox, trying to decide which are important and which are spam, it’s easy to see the name of a trusted institution and immediately assume that it is a legitimate email. As a rule of thumb, RMLEFCU will never request confidential information such as account numbers, passwords, or personal identification numbers (PINs) via email. If you receive an email request requesting one or more of these examples, report it to the Credit Union and delete the email immediately.

Ensure Webpages are Secure

When visiting any site where you will be putting in sensitive personal information, always make sure to check that it is secure. You can check this by looking at the URL of the website. If it begins with “https” instead of ”http”, the site is secured using the SSL Certificate. This ensures that all of your data and information is secure when it is passed from your browser to the site’s server. RMLEFCU maintains current website security certificates that safeguard confidential transactions and information. Just make sure to authenticate the site pages before entering in any sensitive material.

How to Avoid Phishing Scams

Report Suspicious Activity

If you suspect that you have gotten a phishing scam via email, phone call, or other form of communication, reach out to the institution that the message was supposedly sent from at a phone number or email address that you know to be legitimate. This will not only validate whether or not the message was genuine, but, if it was a scam, will allow the institution to alert others and prevent further damage.

Everyone slips up now and then, but by following these precautions, you will drastically lower your chances of falling victim to a phishing scam. Just by getting into the habit of checking websites you visit for the SSL Certificate verification, the chances of your identity or personal information being stolen is significantly reduced.

If you have any questions about RMLEFCU’s policy regarding phishing scams, please visit our website or give us call at (303) 458-6660.

16 Apr

IRS Phishing Schemes and How to Protect Yourself

protect yourself from IRS phishing scams‘Twas the day before April 15th and tax bills were nigh and so the good people of the U.S. let out a collective sigh.

But the story doesn’t end there. Scammers are always trying out new methods to scare and intimidate Mr. and Mrs. Taxpayer. Phishing is a term that developed in the 1990’s where online thieves used a wide net to fish for potential victims. It was commonplace for computer hackers to deliberately misspell words and hence the term “phishing” was coined to describe their scam.

There are many different types of phishing scams and other schemes using the IRS name. We will explain a common telephone scheme in this article. Click here to see the full list from IRS.gov! Read More