Current Fraud Alerts
Phishing emails and text messages may look like they’re from a company you know or trust. They may look like they’re from a financial institution you know or do business with, a credit card company, a social networking site, an online payment website or app, or an online store or retail store you know of and frequent.
Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. They may:
- say they’ve noticed some suspicious activity or log-in attempts
- claim there’s a problem with your account or your payment information
- say you must confirm some personal information
- include a fake invoice
- want you to click on a link to make a payment
- say you’re eligible to register for a government refund
Don’t take action via the method sent to you. Contact the ‘sender’ the way you normally would. If you would not normally have reason to contact them, contact the company or organization directly, using a phone number or website you know is real. Do not use the contact information sent to you in the questionable email, text, etc.
Four Steps to Protect Yourself From Phishing
- Protect your computer by using security software. Set the software to update automatically so it can deal with any new security threats.
- Protect your mobile phone by setting software to update automatically. These updates could give you critical protection against security threats.
- Protect your accounts by using multi-factor authentication. Some accounts offer extra security by requiring two or more credentials to log in to your account. This is called multi-factor authentication. The additional credentials you need to log in to your account fall into two categories:
- Something you have — like a passcode you get via text message or an authentication app.
- Something you are — like a scan of your fingerprint, your retina, or your face. Multi-factor authentication makes it harder for scammers to log in to your accounts if they do get your username and password.
- Protect your data by backing it up. Back up your data and make sure those backups aren’t connected to your home network. You can copy your computer files to an external hard drive or cloud storage. Back up the data on your phone, too.
What to Do If You Suspect a Phishing Attack
If you get an email or a text message that asks you to click on a link or open an attachment, answer this question: Do I have an account with the company or know the person that contacted me?
If the answer is “No,” it could be a phishing scam. Go back and review the tips in How to recognize phishing and look for signs of a phishing scam. If you see them, report the message and then delete it.
If the answer is “Yes,” contact the company using a phone number or website you know is real. Not the information in the email. Attachments and links can install harmful malware.
What to Do If You Responded to a Phishing Email
If you think a scammer has your information, like your Social Security, credit card, or bank account number, go to IdentityTheft.gov. There you’ll see the specific steps to take based on the information that you lost.
If you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer’s security software. Then run a scan.
If you receive a call, call them back at the number they called you from. Beware of fake government agencies promoted by fraudsters. The only official list of all U.S. federal grant-making agencies can be found at www.grants.gov
If you have any questions or concerns, please contact any one of us at Worcester Credit Union at 508-853-9966 for assistance and guidance.
Phishing Scams & More
BEWARE OF SCAMS – Learn How to Stay Protected
Protect yourself against banking security threats – wherever they come from!
At Worcester Credit Union we value the security of your personal information. In today’s information era, the sad reality is that it’s easier than ever before to have your information stolen. Worcester Credit Union is committed to keeping our members’ financial information safe. One of the best ways to maintain that financial security is through education. Remember:
- Worcester Credit Union will NEVER contact its members requesting private information such as Social Security numbers, passwords, account information, and debit or credit card numbers.
- Worcester Credit Union will NEVER solicit its members for private information. We have the information we require and you should consider any attempt to obtain your personal account data to be suspicious and possibly for an illegal purpose.
If you are unsure and would like to VERIFY ANY REQUEST, simply call Worcester Credit Union at 508-853-9966.
Common SCAMS Include:
- Phishing Scams involve Internet fraudsters who impersonate a business by email to trick you into giving personal information by clicking on links that ask for personal information. Don’t ever reply to an email, text, or pop-up message that asks for your personal information. NEVER open unexpected attachments or links even if they appear to come from an organization or person you trust. Delete all suspicious messages even if you know the source. Legitimate organizations never ask for personal information through unsecure channels.
- Debit/Credit Card Scams involve cardholders being called and told their cards have been deactivated. The cardholder is then asked to press “1” and provide personal information. Remember: Worcester Credit Union will NEVER call you asking for your personal information.
- Vishing Scams are similar in nature to phishing scams; however, the fraudster calls you and impersonates a business such as Worcester Credit Union or a credit card company. Do not ever give out personal information! Call Worcester Credit Union to verify any suspicious or unusual call you receive or call the number printed on the back of your credit or debit card.
- Smishing Scams use cell phone text messages to deliver a message in order to get you to divulge personal information. Again, NEVER give your personal information. Text messages are also sent asking the respondent to call the number provided in the text regarding discrepancies in their account. They may even include a link to a bogus bank website that may appear to be legitimate. Never open these links, or download anything from these messages. Be wary of all unsolicited text messages. Delete all information from the text messages and make sure all deleted text messages are removed, as these fraudsters have been known to use Spyware in conjunction with their text message solicitation.
- Fraudulent Check Scams are when someone will send you a fraudulent check and have you deposit it in your account. They will then try to have you wire money to them with a promise that they will send you prize money back. They usually say that the money you send them is for processing fees and taxes. This is ALWAYS a scam! Once you wire the money out to somewhere, you cannot get it back and you become responsible for the repayment of the fraudulent check.
Recommendations for protecting your private financial information:
- Never give out your pin, card, or three-digit code on the back of any ATM or Debit or Credit card
- Use Strong Passwords – don’t use your name or date of birth, include both letters and numbers, and add special characters
- Protect your Computers and Mobile devices with antivirus software and firewalls
- Practice safe online habits such as always “Logging Out” when you stop using a computer or device
- Try not to use publicly accessible computers for your personal business
- Pay attention to "Date & Time of last access" when using online banking sites
- Password protect your Mobile devices (phones and tablets)
Report Identity Theft
It’s important to be vigilant. If you do suspect identity theft, contact Worcester Credit Union as soon as possible. You may additionally report suspected identity fraud to the FTC at https://www.identitytheft.gov/, or call the Identity Theft Hotline toll-free at 1-877-ID-THEFT (438-4338).
For more information on the latest frauds and scams, visit www.mycreditunion.gov.