It's sad to say there are too many people in this country and around the world willing to steal your money, your information, and your identity for personal gain or even for kicks. And while there are regulations that may limit your financial liability from fraudulent activity, clearing up problems can be frustrating, time consuming, and expensive. 

There's not much any of us can do to prevent the existence of dishonest people – they've been around forever. However, there are steps you can take to prevent criminal activity and cyber vandalism from affecting you, your family, and your business. Here, we will expand as we uncover more scams and ways to protect yourself. Read the articles provided below to learn more!

ATM and Debit Card Security

Debit Cards and ATMs are a remarkable convenience that more and more people use. But, as with credit cards, criminals have found ways to victimize people who use them. We don't want you to become a victim. 


Safety at the ATM

  • Observe the area for anything suspicious before you approach the ATM. When in doubt, leave the area. Lock your vehicle when you leave it. Someone seeing you approach the ATM may enter your car behind your back and wait for you to return.
  • Have your Debit Card or ATM card in hand as you approach the machine.
  • Avoid reaching into your wallet or purse in front of the machine. Someone could snatch it while you are distracted.
  • Avoid counting cash while at the ATM.
  • When using a drive-up ATM, lock your doors and roll up all but the driver's window. Pull up close to the ATM so no one can walk on that side of your car.
  • If using an ATM after dark, make sure the ATM is extremely well-lit and in a busy area. If someone else is using the machine, wait in your car with the doors locked until they are finished.
  • When waiting in line at an ATM, stand at least six feet away from the person using the machine. Be considerate of their security and privacy concerns.

Protecting your Debit Card and your account

Debit Cards can be used three ways – for purchases at most merchants that accept MasterCard cards, for purchases through electronic Point-of-Sale (POS) terminals, and at an ATM. That means you should take the same precautions as you would for a Worcester CU MasterCard Credit Card:

  • Sign the back of your card as soon as it arrives. Worcester CU's card activation feature helps prevent unauthorized use before your card arrives.
  • Remember your PIN (Personal Identification Number). Don't write it on your card or keep it in your wallet. Without the PIN, a stolen card cannot be used to get cash at an ATM or be used to make purchases at electronic POS terminals through ATM networks.
  • Carry your card separately from your wallet, such as in a zippered compartment or business card holder. This prevents loss of your card if your wallet is stolen or tampered with.
  • Keep your Debit Card number concealed in a check-out line. If merchants are still using charge slips with separate carbons, take the copies and destroy them.
  • Only use your card at merchants you know and trust. A large number of Debit Card disputes involve online businesses without adequate internal controls.
  • Reduce the number of Debit Cards and ATM cards you carry. Keep an emergency phone list of Debit Card companies to contact in case your Debit Cards are lost or stolen.
  • Do not give your Debit Card number out over the phone unless you initiated the call. No financial institution personnel will ever ask you for your Debit Card number. The financial institution already has it.
  • Store your receipts in a safe place and compare them with your account statement each month.
  • Open your monthly account statement (by mail or eStatement) immediately every month and skim the transactions for ones you didn't make. The faster you spot a problem, the sooner we can stop the loss, give you provisional credit, and investigate the problem. Report problems to Worcester CU in writing (see below).
  • Do not give out your card number online unless the site is secure (look for a closed lock at the bottom of your browser).
  • After you activate your new cards, make sure you completely cut up your old cards before throwing them away. Cut them through the magnetic strip and through the numbers in two directions.
  • Notify us in advance of your change of address in writing. You can do this quickly online by logging into Online Banking and updating your address under your Profile. Your login authenticates your identity.
  • Report loss, theft, or fraudulent activity immediately (see below).
  • Please note that there have been some misleading stories circulating the internet regarding PIN reversal to signal duress. PIN reversal is not a valid security option at the ATM.

If you detect fraud or lose your card

If you detect loss, theft, or unauthorized use on your Worcester CU Debit Card or ATM Card, report it immediately by calling 833-337-6075 within US and international is +1-614-564-5105. The faster you report it, the faster we can shut off the card number, stop the losses, and order you a replacement card(s).

For disputed transaction amounts or problems with merchants, the procedure is different. For these, you would notify us in writing as soon as possible. The fastest way is to log into Online Banking and chose the Membership tab. Under Services header, select Dispute a Transaction for the type of transaction you wish to dispute, i.e. ACH, ATM or MasterCard®. There is also information on handling card disputes contained with your statement every month.

Security measures Worcester CU takes

At Worcester CU, we use every tool available to keep your Debit Card and the accounts it can access secure. Here are just some of the measures we take:

  • Card activation – When you get a new or replacement Debit Card in the mail, you'll see a sticker on the front with a telephone number. Your Debit Card cannot function until you call this number and provide confirmation of your identity. This prevents the card from being used if it's stolen from your mailbox or while in transit to you.
  • Neural networks – These highly sophisticated programs monitor your transaction activity for anything unusual so we can contact you about it. Neural networks might pick up that your card is being used in Mexico and New York City on the same day.
  • Expiration date confirmation – As almost all Debit Card transactions through the MasterCard network are made, there is an electronic confirmation made through MasterCard International that the card is valid, the credit limit is available, and it hasn't been stolen. In addition, on Worcester CU MasterCard Debit Card transactions, the expiration date supplied must be correct. The one inconvenience of this security measure is that you must update the expiration date with vendors who make regular automatic charges to your card (such as online services, newspaper subscriptions, etc.).
  • Block on Internet gambling – MasterCard instituted this block on cards for two reasons – (1) in most states, it is illegal to gamble across state lines, and (2) off-shore gambling has resulted in a variety of fraud claims and financial hardship for people with compulsive gambling problems.

Phishing and Pharming Scams: Don’t Get Hooked

Scammers use a variety of tactics to trick you into clicking on malicious links or revealing your personal information. Be alert to phishing and pharming scams so you can keep your information and your identity safe. 

Phishing

Phishing is a scam where you receive fraudulent emails that look like they’re from a familiar organization or company. You might be asked to make a payment or verify personal information, such as your Social Security number, passwords, or credit card information. If you share personal data, scammers may attempt to access your accounts, run up charges on credit cards, or use your identity to apply for new loans, services, or benefits.
Watch out: You get an official-looking email that seems to be from your cellphone carrier. The email claims there’s a problem with your account or payment information. You must follow a link to update your account to avoid a disruption in service.

Protect yourself:

  • Never provide your personal information online or over the phone unless you initiated the contact and you know it’s a trustworthy company.
  • Contact the company using a phone number or website you know is real instead of following the links in an email.
  • Report a phishing attack to the Federal Trade Commission at ftc.gov/complaint.


Pharming

Pharming is a cyberattack involving a virus or malicious code installed on your computer. When you use your browser, the code redirects to a fraudulent website without your knowledge, and the scammer tries to capture any data you enter on this site.

Watch out: You receive an email from someone who claims to have important documents you requested. If you download the file or click the link, your computer could be infected with a malicious virus designed to steal your information.

Protect yourself:

  • Don’t open attachments or click on links if you don’t know the sender or you didn’t request the information.
  • Use the latest operating system and install computer anti-virus protection.
  • Look for the “s” in https and the key and lock icon in your browser window.
  • Report concerns about malicious viruses to the Federal Trade Commission at ftc.gov/complaint.

What to Do If Your Identity Is Stolen

If you realize that someone has stolen your identity, it can be overwhelming. This guide can help you take things step by step and feel more in control. 

What to Do Immediately

As soon as you recognize that your identity has been stolen you should act to stop any further damage from occurring.

  1. Begin by contacting the fraud departments at companies and financial institutions where you know fraud has occurred or has the potential to occur. Tell them that your identity has been stolen and they can help you close or freeze your accounts. Change logins, passwords, and PINs for these accounts.
  2. Place a fraud alert with one of the main credit reporting companies – they will report the fraud to the other two agencies. This is a free service that will make it more difficult for someone to open new accounts with your information. The three main credit reporting agencies are:
    ·         Equifax
    ·         Experian
    ·         TransUnion
  3. Report the theft to the Federal Trade Commission (FTC) through an online form or by calling 1-877-438-4338. Filing the report will help you dispute fraudulent accounts or charges in the future.

Repairing the Damage Over Time

Now that you have taken some immediate steps to minimize the damage to your credit and finances, make plans to protect yourself in the long term. You may not realize all the ways your identity has been affected right away.

  • Visit IdentityTheft.gov and check their resources for specific types of identity theft including tax, child, and medical. The site also provides very specific instructions for different accounts such as checking account, phone or utility accounts, investment, and more.
  • Keep a record of conversations and start a file (electronic, paper, or both) for documents having to do with the identity theft.
  • You may choose to file a report with your local police department to provide to creditors seeking proof of the crime.
  • If your passport, driver’s license, or Social Security card were stolen, you will need to report them as stolen and replace them.
  • If new accounts have been opened in your name, close them as soon as possible. Your FTC Identity Theft Report may be required to prove that you did not open the account and are not responsible for charges.

Over time, you may need to dispute new, fraudulent charges to accounts with companies and even debt collectors. It’s important to dispute all fraudulent charges because they may affect your credit record.

Identity theft takes time to recover from, but by focusing on staying calm and organized, you can regain your identity and financial well-being again.


Protect Yourself from Credit Card Fraud

Credit card fraud is a crime. And when you're the victim, it's disturbing. Credit card fraud costs cardholders and issuers hundreds of millions of dollars each year. Even though you are not liable for any part of fraudulent activity on your MasterCard® by others, you still pay for it in terms of higher interest rates, higher costs on goods and services, and inconvenience. 

Precautions you can take

  • Sign the back of your card as soon as it arrives. Worcester CU's card activation feature helps prevent unauthorized use before your card arrives.
  • Carry your card separately from your wallet, such as in a zippered compartment or business card holder. This prevents loss of your card if your wallet is stolen or tampered with.
  • Keep your credit card number concealed in a check-out line. If merchants are still using charge slips with separate carbons (very rare now), take the copies and destroy them.
  • Only use your card at merchants you know and trust. A large number of credit card disputes involve online businesses without adequate internal controls.
  • Reduce the number of credit cards you carry. Keep an emergency phone list of credit card companies to contact in case your credit cards are lost or stolen.
  • Do not give your credit card number out over the phone unless you initiated the call. No financial institution personnel will ever ask you for your credit card number. The financial institution already has it.
  • Store your receipts in a safe place and compare them with your MasterCard statement each month.
  • Open your monthly Worcester CU MasterCard statement (by mail or eStatement) immediately every month and skim the transactions for ones you didn't make. The faster you spot a problem, the sooner we can stop the loss, give you provisional credit, and investigate the problem. Report problems to Worcester CU by logging into Online Banking (see below).
  • Do not give out your card number online unless the site is secure (look for a closed lock at the bottom of your browser).
  • After you activate your new cards, make sure you completely cut up your old cards before throwing them away. Cut them through the magnetic strip and through the numbers in two directions.
  • Notify us in advance of your change of address in writing. You can do this quickly online by logging into Online Banking and updating your address under your Profile. Your login authenticates your identity.
  • Report loss, theft, or fraudulent activity immediately (see below).

If you detect fraud or lose your card

If you detect loss, theft, or unauthorized use on your Worcester CU credit card card, report it immediately by calling 800-449-7728. The faster you report it, the faster we can shut off the card number, stop the losses, and order you a replacement card(s).

For disputed transaction amounts or problems with merchants, the procedure is different. For these, you would notify us in writing as soon as possible. The fastest way is to log into Online Banking. Select Dispute a Transaction for the type of transaction you wish to dispute, i.e. ACH, ATM or MasterCard®. There is also information on handling card disputes contained with your statement every month.

Security measures Worcester CU takes

At Worcester CU, we use every tool available to keep your Credit Card and the accounts it can access secure. Here are just some of the measures we take:

  • Card activation – When you get a new or replacement Credit Card in the mail, you'll see a sticker on the front with a telephone number. Your Credit Card cannot function until you call this number and provide confirmation of your identity. This prevents the card from being used if it's stolen from your mailbox or while in transit to you.
  • Neural networks – These highly sophisticated programs monitor your transaction activity for anything unusual so we can contact you about it. Neural networks might pick up that your card is being used in Mexico and New York City on the same day.
  • Expiration date confirmation – As almost all Credit Card transactions through the MasterCard network are made, there is an electronic confirmation made through MasterCard International that the card is valid, the credit limit is available, and it hasn't been stolen. In addition, on Worcester CU MasterCard Credit Card transactions, the expiration date supplied must be correct. The one inconvenience of this security measure is that you must update the expiration date with vendors who make regular automatic charges to your card (such as online services, newspaper subscriptions, etc.).
  • Block on Internet gambling – MasterCard instituted this block on cards for two reasons – (1) in most states, it is illegal to gamble across state lines, and (2) off-shore gambling has resulted in a variety of fraud claims and financial hardship for people with compulsive gambling problems.

 


FRAUD WARNING

These crimes are happening EVERY DAY in EVERY STATE involving MILLIONS OF DOLLARS

IF ANYONE OFFERS TO SEND YOU MONEY AND ASKS YOU TO SEND ANY OF IT TO SOMEONE ELSE, END THE COMMUNICATION RIGHT AWAY. OTHERWISE YOU COULD BECOME WHAT IS KNOWN AS A “MONEY MULE”, A PERSON SCAMMERS USE TO TRANSER OR LAUNDER STOLEN OR ILLEGAL FUNDS.

There are many ways these scammers find their victims and many different stories they use to steal and/ or launder money. They may reach out to you through online job ads, Facebook, Craigslist, Online dating sites, and also through phony ‘prize’ offers. Don’t be fooled.

If at any time you are asked to:

  • Send money to someone they tell you to send it to that you have never met in person. They could instruct you to open a bank account and provide them with the bank information or set up a transfer, or ask you to mail, wire or western union, or electronically transfer money or buy gift cards and provide the gift card numbers to them.  
  • Many scammers will give you a check to cover the money they want you to send (less the little bit they tell you to keep for your ‘trouble”– Trouble is key, because by the time the check “bounces” and returned to your bank, you will have already sent the money back to them in some fashion and when the fraudulent check is deducted from your account, your own money is used to reverse that check. Or worse, the check overdraws your account and you are left owing the bank for the money you willingly sent to the scammer
  • You are asked to send the money in the form of an untraceable payment method such as gift cards, postal order, etc.
  • Send money to ‘claim your prize’ or provide bank information. Never provide your credit card or bank information to ‘win’ something.

SOME OF THE MANY FAKE STORIES USED TO SCAM PEOPLE OUT OF MONEY

  • Work-from-home scams: Job offers that seem ‘easy’ until they ask you to send them back money from your ‘start up’ pay. These can include Secret Mystery Shopper jobs, personal assistant to someone you never met in person, store security to ‘check’ on the employees of big retailers like Walmart, Target, BestBuy and Western Union for examples.  
  • Computer Virus Help: Scammers pretend to represent Microsoft or Apple and gain access to your computer and then infiltrate your personal information and access to your bank and credit card accounts. Never give anyone access to you computer over the phone if they call you.  
  • Confidence scams: A person or business you “meet” on social media (often Facebook and Instagram) offers a commission if you transfer money for them.
  • Lottery scams: A person asks you to transfer or accept money in order to collect a prize or inheritance.
  • Romance scams: A person you’ve met online or on an app who expressing caring and romantic feelings for you and gains your affections but asks or sometimes you even offer to ‘help’ them with an unexpected financial issue and asks you to transfer money or send packages for them.
  • Use of stolen account information scams: A person uses deception or ‘social engineering’ to access your personal information to commit fraud and steal your information and/ or money. Remember, Worcester Credit Union WILL NEVER ask you for your bank information, password or PIN number. You should Never divulge your bank account number, personal identification number (PIN), debit card number, online banking username or password, etc., with anyone either verbally or online. Do not download applications, apps or programs from companies or online retailers you are unfamiliar with. If you are called by a representative from a company you do business with, call them back at the number on your statement not the number they tell you to call. Be certain you know who you are dealing with.
  • Credit Repair Companies- or anyone claiming they can “erase your bad debts and clean up your credit” including IRS debts. These companies will pretend to help and do it all ‘over the phone or direct you to a website and then will ask for payment that cannot be traced or retrieved such as gift cards. Remember, It is not possible to pay to change your credit information.

Unfortunately, scammers come up with new schemes everyday, so this list is not all inclusive but the overall message is. Protect yourself, don’t give any information to anyone you don’t for certain know you should, especially anything related to your financial wellness.

If you believe you may be a victim of fraud, please contact Worcester Credit Union at

508-853-9966 for assistance. Our knowledgeable team is happy to help you.

Also, for more information about scams, visit uspis.gov/money-mule and https://www.consumer.ftc.gov/articles/how-spot-avoid-and-report-fake-check-scams

Other Current Fraud Alerts

Phishing Emails and Text Messages

Phishing emails and text messages may look like they’re from a company you know or trust. They may look like they’re from a financial institution you know or do business with, a credit card company, a social networking site, an online payment website or app, or an online store or retail store you know of and frequent.

Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. They may:

  • say they’ve noticed some suspicious activity or log-in attempts
  • claim there’s a problem with your account or your payment information
  • say you must confirm some personal information
  • include a fake invoice
  • want you to click on a link to make a payment
  • say you’re eligible to register for a government refund

Don’t take action via the method sent to you. Contact the ‘sender’ the way you normally would. If you would not normally have reason to contact them, contact the company or organization directly, using a phone number or website you know is real. Do not use the contact information sent to you in the questionable email, text, etc.

Four Steps to Protect Yourself From Phishing

  1. Protect your computer by using security software. Set the software to update automatically so it can deal with any new security threats.
  2. Protect your mobile phone by setting software to update automatically. These updates could give you critical protection against security threats.
  3. Protect your accounts by using multi-factor authentication. Some accounts offer extra security by requiring two or more credentials to log in to your account. This is called multi-factor authentication. The additional credentials you need to log in to your account fall into two categories:
    • Something you have — like a passcode you get via text message or an authentication app.
    • Something you are — like a scan of your fingerprint, your retina, or your face. Multi-factor authentication makes it harder for scammers to log in to your accounts if they do get your username and password.
  4. Protect your data by backing it up. Back up your data and make sure those backups aren’t connected to your home network. You can copy your computer files to an external hard drive or cloud storage. Back up the data on your phone, too.

What to Do If You Suspect a Phishing Attack

If you get an email or a text message that asks you to click on a link or open an attachment, answer this question: Do I have an account with the company or know the person that contacted me?

If the answer is “No,” it could be a phishing scam. Go back and review the tips in How to recognize phishing and look for signs of a phishing scam. If you see them, report the message and then delete it.

If the answer is “Yes,” contact the company using a phone number or website you know is real. Not the information in the email. Attachments and links can install harmful malware.

What to Do If You Responded to a Phishing Email

If you think a scammer has your information, like your Social Security, credit card, or bank account number, go to IdentityTheft.gov. There you’ll see the specific steps to take based on the information that you lost.

If you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer’s security software. Then run a scan.

If you receive a call, call them back at the number they called you from. Beware of fake government agencies promoted by fraudsters. The only official list of all U.S. federal grant-making agencies can be found at www.grants.gov

If you have any questions or concerns, please contact any one of us at Worcester Credit Union at 508-853-9966 for assistance and guidance.

Phishing Scams & More

BEWARE OF SCAMS – Learn How to Stay Protected

Protect yourself against banking security threats – wherever they come from!

At Worcester Credit Union we value the security of your personal information. In today’s information era, the sad reality is that it’s easier than ever before to have your information stolen. Worcester Credit Union is committed to keeping our members’ financial information safe. One of the best ways to maintain that financial security is through education. Remember:

  • Worcester Credit Union will NEVER contact its members requesting private information such as Social Security numbers, passwords, account information, and debit or credit card numbers.
  • Worcester Credit Union will NEVER solicit its members for private information. We have the information we require and you should consider any attempt to obtain your personal account data to be suspicious and possibly for an illegal purpose.

If you are unsure and would like to VERIFY ANY REQUEST, simply call Worcester Credit Union at 508-853-9966.

Common SCAMS Include:

  • Phishing Scams involve Internet fraudsters who impersonate a business by email to trick you into giving personal information by clicking on links that ask for personal information. Don’t ever reply to an email, text, or pop-up message that asks for your personal information. NEVER open unexpected attachments or links even if they appear to come from an organization or person you trust. Delete all suspicious messages even if you know the source. Legitimate organizations never ask for personal information through unsecure channels.
  • Debit/Credit Card Scams involve cardholders being called and told their cards have been deactivated. The cardholder is then asked to press “1” and provide personal information. Remember: Worcester Credit Union will NEVER call you asking for your personal information.
  • Vishing Scams are similar in nature to phishing scams; however, the fraudster calls you and impersonates a business such as Worcester Credit Union or a credit card company. Do not ever give out personal information! Call Worcester Credit Union to verify any suspicious or unusual call you receive or call the number printed on the back of your credit or debit card.
  • Smishing Scams use cell phone text messages to deliver a message in order to get you to divulge personal information. Again, NEVER give your personal information. Text messages are also sent asking the respondent to call the number provided in the text regarding discrepancies in their account. They may even include a link to a bogus bank website that may appear to be legitimate. Never open these links, or download anything from these messages. Be wary of all unsolicited text messages. Delete all information from the text messages and make sure all deleted text messages are removed, as these fraudsters have been known to use Spyware in conjunction with their text message solicitation.
  • Fraudulent Check Scams are when someone will send you a fraudulent check and have you deposit it in your account. They will then try to have you wire money to them with a promise that they will send you prize money back. They usually say that the money you send them is for processing fees and taxes. This is ALWAYS a scam! Once you wire the money out to somewhere, you cannot get it back and you become responsible for the repayment of the fraudulent check.

Recommendations for protecting your private financial information:

  • Never give out your pin, card, or three-digit code on the back of any ATM or Debit or Credit card
  • Use Strong Passwords – don’t use your name or date of birth, include both letters and numbers, and add special characters
  • Protect your Computers and Mobile devices with antivirus software and firewalls
  • Practice safe online habits such as always “Logging Out” when you stop using a computer or device
  • Try not to use publicly accessible computers for your personal business
  • Pay attention to "Date & Time of last access" when using online banking sites
  • Password protect your Mobile devices (phones and tablets)

Report Identity Theft

It’s important to be vigilant. If you do suspect identity theft, contact Worcester Credit Union as soon as possible. You may additionally report suspected identity fraud to the FTC at https://www.identitytheft.gov/, or call the Identity Theft Hotline toll-free at 1-877-ID-THEFT (438-4338).

For more information on the latest frauds and scams, visit www.mycreditunion.gov.

Bank Your Way 24/7/365
Telephone Teller • Online Banking • Mobile Banking

Electronic Banking

Worcester Credit Union is insured by both National Credit Union Administration (NCUA) and Massachusetts Credit Union Share Insurance Corporations (MSIC). The NCUA insures all deposits up to $250,000 per account owners. All deposits above the NCUA limits are fully insured by the MSIC.