New scams
Beware of census scams
As U.S. Census forms are hitting neighborhoods across the country, so are scams related to it. While they vary in form and message, in general, like most scams, they are attempts to get your personal information and/or your money.
You may receive an e-mail claiming that you didn't fill out your census form correctly and asking for your Social Security number, financial account number, or user name and password, but the Census Bureau will not contact citizens via e-mail, and the form cannot be filled out online.
Someone claiming to work for the Census Bureau may call and ask you for personal information, but only on rare occassions will someone call to verify information you've already provided. Even if your caller ID reads "U.S. Census," it could still be a fraudulent call; criminals can manipulate what appears on caller ID boxes.
If you receive a survey in the mail that asks for personal information, compare it to the form online; if it doesn't match, don't fill it out.
While official Census Bureau workers will be visiting households that have not completed the form beginning on May 1, they will have official badges, should provide additional photo IDs, and will only ask for the same information that you would fill out on the form. If they ask for your Social Security number, account numbers, or any other private information, even if they seem official, shut your door and do not provide the information.
For more information about the 2010 U.S. Census, go to http://2010.census.gov.
ATM skimming gets more sophisticated
Skimming has been around for years; thieves attach a device to an ATM that captures your ATM/debit card information and personal ID number to gain access to your account long after you've left the machine. The device may keep your card only to be retrieved by the thieves later with your PIN, or the transaction may go through without any problems but the thieves use information obtained from your card to create a new one.
Now, some of the latest skimmers sold via criminal forums are extremely sophisticated, incorporating features such as the ability to send an SMS text message to the thieves’ mobile phone whenever a new card is swiped. One thing to look for when you visit an ATM is an additional flap below the card acceptance slot, which holds the electronics used to capture the card data. If you see something that doesn’t look right – such as an odd protrusion or off-color component on an ATM – you should strongly consider going to another machine.
Tax refund fraud is among latest scams
Tax-filing season brings out tax-preparation fraud. The latest scheme involves tax refunds transmitted as a direct deposit or automated clearing house (ACH) credit.
Consumers are being drawn in to fraud schemes by individuals claiming to be tax preparers. Victims unwittingly provide the bogus tax preparers with personal information such as their name, Social Security number, bank/credit union account numbers, investment information and more so the "preparers" can complete the tax forms. The tax preparer inflates the information with fraudulent information to obtain a larger refund. Some victims have found these tax preparers have claimed children they don't have, day care expenses and so on.
The tax refunds are transmitted as a direct deposit (ACH credit) to a newly created account or to an existing account with an impersonator added as a joint owner. These accounts are established by an impersonator or a recruiter. Once the tax refund is deposited into the account, the impersonator or recruiter withdraws the tax preparation fee. The remainder of the ACH credit goes to the refund recipient.
In 2009, the IRS prosecuted more than 200 people as phony tax preparers (Public News Service, Feb. 17). The agency warns consumers about tax fraud scams every year. Richard Panick, field media relations specialist with the IRS, warned consumers to be extra careful when a preparer bases the fee on a percentage of promised refund.
Consumers should also avoid preparers who claim to know something special or that they can get more money than anyone else, Panick told the news service. Also plan to sit with the preparers as they fill out the tax forms. Never just sign a blank form and trust them to file it, he said.
Also be leary of any phone calls or e-mails you receive claiming to be from the IRS; it's likely a tax rebate scam.
E-mail scam tries to lure ACU members
As of Nov. 18, there is a new phishing e-mail circulating that claims to be from Arsenal Credit Union. It has an attachment that mirrors ACU's Web site and states that "your Arsenal Credit Union account has been suspended" and "please fill out and submit this form to restore it." (A similar text message has also gone out.) Arsenal did not send this message and would never ask for sensitive information via e-mail, text message, or unsolicited phone call. Do not submit the form or even open the attachment. These e-mails are sent at random and are attempts to get your personal information for fraudulent purposes. Our members' information is not at risk. However, if you provided your information as a result of the e-mail, contact us immediately at 314.962.6363 and say or press 6. (If you provided your credit card number, you can call 866.820.3035 before/after business hours; if you provided your debit card number, call 888.918.7744 before/after hours.)
Phishing scam targets online banking users
Fraudulent e-mails are circulating that claim to be from Intuit, the parent company of our Web site host, and advise recipients to update account information by clicking a link that goes to a fraudulent web site. Intuit did not send these e-mails. Intuit does not use e-mails to request personal information or update security tools.
Example phishing e-mail (some versions may vary):
Subject: NECESSARY SECURITY TOOL
Due to increased security measures our organization developed a tool for secured access to the web-site. You should follow these steps:
- download the tool
- install it on your PC
In case you don't install this tool within two weeks from the moment of receiving this notification you will be denied access to services provided by our organization.
We are here to support. We want to do everything we can to get you up and running. To contact us, or to view Frequently Asked Questions, please
Best regards,
The Intuit Online team
________________________________________
This email is sent to confirm you have signed up for Intuit Online. If you have chosen to opt out of Intuit marketing, that preference only applies to marketing email and not notices regarding your subscription or trial.
© 2008 Intuit Inc. All rights reserved. Intuit, the Intuit Logo, and QuickBooks are registered trademarks and/or registered service marks of Intuit Inc. in the United States and other countries. All other marks are the property of their respective owners, should be treated as such, and may be registered in various jurisdictions.
Intuit, Inc., Customer Communications 2800 E. Commerce Center Place, Tucson, AZ 85706
Arsenal members targeted in phone scam
Members and nonmembers of Arsenal Credit Union have received recorded phone messages claiming that they need to activate their debit or credit cards with Arsenal. Please disregard these or similar messages. They are attempts to steal your information and have not been sent by Arsenal. Your account is not at risk unless you have provided info in response to these messages. If you have, please contact us at 314.962.6363 and say or press 6.
Credit card processor breach
VISA USA has released information regarding a large-scale card compromise involving account data from all card brands. The compromised card processor is Heartland Payment Systems, which is a third party payment processing company based in Princeton, New Jersey. VISA is continuing to investigate the matter, but initial results indicate that the processor had magnetic stripe data compromised by malicious software between the dates of May 14, 2008 through November 13, 2008.
Although certain account data may have been compromised in the incident, it does not necessarily mean that your account data was involved or that fraud has occurred on your account. Please be assured that the credit union is monitoring all activity on all potentially compromised accounts. You will be notified if we determine that your card is at an elevated risk of fraud.
It is important that you review your account statements and report any unusual activity to us immediately. It is also important to note that if fraud should occur, as a VISA cardholder, you are protected with VISA's Zero Liability policy, which means that you will pay nothing for unauthorized activity on your account. Please contact us at 314.962.6363 or 1.800.719.6363 and say or press 6 if you have any questions or if you notice an unusual activity on your account.
Phishing scam targets credit union members
A recent phishing scam (below) claims to be from PSCU Financial Services. It tells the recipient that his/her account has been blocked and that he/she must verify account information. This is a scam; do not click on the link or provide any information. While PSCU does provides services to credit unions, it would never contact credit union members directly, and neither PSCU nor any credit union would request account information via email. If you have provided any of your account information in response to this scam, contact us at 314.962.6363 and say or press 6.
Dear PSCU Financial Services customer,
This e-mail was sent to you because we have detected an error in your billing information on file with your Credit Union database, during our regular schedule account maintenance and verification. We had to block your account untill you will verify your information.
Click the link below and please follow the instructions:
[link removed for your safety]
© Copyright. All rights reserved. PSCU Financial Services.
“Anti-virus program” infects users’ computers
Pop-up windows promoting anti-virus or anti-malware programs may actually infect your computer with what they promise to protect you from. There are several known names for this fraudulent program, including WinAntiSpyware, Antivirus 2008 (recently updated to 2009), Antispyware Pro XP and AntiVirus Lab 2009, but there may be other copy-cat programs.
By clicking on a link in the pop-up window, instead of installing protective software, you are actually getting a Trojan virus. Once installed, you’ll get persistent messages warning that your computer has been infected with several viruses, that you only have a trial version of the anti-virus software, and that you must pay to upgrade for proper protection and remove all threats to your system.
Do not follow the link to install the program or to upgrade if you did unsuspectingly install the virus. The warning messages may open repeatedly, even if you click “no” or close the window when you’re asked to install the program. Your best option is to close all open browser (i.e. Internet Explorer) windows. You may even have to reboot your computer to stop the messages.
A screenshot of the fake Antivirus 2009 system scam is below.
Visa anti-fraud E-mail is fraudulent
An E-mail claiming to be from the Visa Anti-Fraud Team invites Visa cardholders to register their cards in the Visa database to protect them from fraud. However, the link in the E-mail is collecting your personal information for fraudulent purposes; do not follow the link or provide any information in response to the E-mail. You can protect yourself from fraudulent online purchases with Verified by Visa. You can register through Arsenal's credit card page.
E-mail phishes for online banking users
This scam targets users by sending e-mails that appear to be from an official Digital Insight source (for example, “Digital Insight Customer Care,” “Digital Insight Administration,” etc.). The e-mail states that the member's account is about to expire and recommends updating it through an online form, which asks the member for sensitive data, such as passwords or financial information. The e-mail is fraudulent and is not from Digital Insight. If you receive such a message, immediately delete it and do not follow its instructions. Online banking accounts do not "expire" and, while Digital Insight does host Arsenal Credit Union's online banking system, it would never contact online banking members directly.
It is also important to note that Digital Insight's systems have not been breached in any way; your information is still safe. Also, recipients of these e-mails are not specific to Digital Insight's online banking users; phishing emails can go to anyone that has an email address on the Internet.
If you have received this e-mail and provided your user ID, password, and/or financial information, contact us immediately.
Text message scam targets ACU members
Some Arsenal Credit Union members and many non-members reported that they received text messages on their cell phones beginning on Feb. 23 claiming to be from Arsenal Credit Union. The message states that their online bill pay service has expired and that they need to renew it ASAP by calling a “toll-free” number (801-704-0928). The text message came from members@arsenalcu.org. Those calling the number heard an automated message from “Arsenal Credit Union.” Members were asked to input their credit card or debit card number. It’s unknown if any other private information was asked for.
New phone numbers may surface, and the message itself may also change, but they are only different versions of the same scam. Arsenal Credit Union does not send text messages to its members and would never ask for sensitive information through an automated message. The e-mail address and phone number given do not belong to Arsenal Credit Union. If you have given out your personal information as a result of this or another scam, call us immediately at 314.962.6363.
Tax rebate scams
The Internal Revenue Service (IRS) warns taxpayers to beware of several current e-mail and telephone scams that use the IRS name as a lure. Taxpayers should especially be on the lookout for scams involving proposed advance payment checks, known informally as rebates.
The IRS expects such scams to continue through the end of tax return filing season and beyond. The most recent scams brought to IRS attention include phone calls offering a sizable rebate via direct deposit if the victim files his taxes early and inquiring about an uncashed IRS paper check and e-mails offering tax refunds, threatening audits, and providing downloads to tax law changes. Because they all claim to be from the IRS, they may seem legitimate, but here are a few tips to verify that they are all scams:
Phishing scam targets ACU members
Please be aware that there is an e-mail that began circulating on Feb. 15, 2008, that claims to be from Arsenal and requests personal information from "clients" to avoid having their account suspended. A link included in the e-mail, which looks like the same address as our online banking site, takes users to a replication of our home banking sign-on page, but please note that it is not safe to log in to this page. The URL at the top of the page that opens is different than what's what appears on our Web site. In addition, this page is not secure; ours carries a secure certificate (noted by the lock at the bottom of the browser window).
Your account information is not ask risk because you received the e-mail; spammers automatically generate addresses and even sent the e-mail to people who do not below to ACU. Your information would be at risk if you were to follow the link in the e-mail and enter your information on the fraudulent site.
Arsenal would never ask for your personal information via e-mail. If you ever receive an e-mail claiming to be from Arsenal that you feel is fraudulent, do not respond to the e-mail. Instead, contact us immediately at 314.962.6363. Always log into your ACU account or any secure site through a known link, not something you've received via e-mail.
The copy of the fraudulent e-mail is below.
Dear Arsenal Credit Union client,
You have received this email because you or someone had used your account from different locations. For security purpose, we are required to open an investigation into this matter.
In order to safeguard your account, we require that you confirm your banking details.
The help speeed up to this process, please access the following link so we ca complete the verification of your Arsenal Credit Union Online Banking Account registration information.
https://www.arsenalcu.org/onlineserv/HB/Signon.cgi [ACU removed this link for your safety.]
If we do no receive the appropriate account verification within 48 hours, then we will assume this Arsenal Credit Union account is fraudulent and will be suspended.
The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud from our community.
We appreciate your support and understanding and thank you for your prompt attention to this matter.
Computer virus affects bill pay users
Please be on the look out for a new virus that may be on your computer. This virus may cause a fraudulent screen to appear in the ACU online bill pay window. The screen posts messages that attempt to trick you into providing sensitive information such as your account number and passwords – information the bill pay system already knows and you should not provide again.
The fraudulent message is generated from outside of the ACU online banking system, but members may be impacted if they have unknowingly infected their computers with the new virus through activities such as illegally trading software, executing files sent via e-mail, or allowing scripts to execute while browsing the Internet.
If you question the validity of a screen in online banking, please call Arsenal Credit Union at 314.962.6363.
Jury duty telephone scam
Thieves posing as local court officials call potential victims and claim that a warrant has been issued for his or her arrest because the victim has failed to report for jury duty. After the victim states that he/she never received a jury duty notification, the thief asks for confidential information (i.e., Social Security number, birth date) for “verification” purposes or even payment information (i.e. credit card number, bank account details) for alleged fines.
Don’t be scared into giving out your personal information; court personnel will never ask for private information over the phone and typically only communicate via traditional mail.
So no matter how official it seems, never give out confidential or personal information when receiving unsolicited phone calls or e-mails. If you think the contact is legitimate, be sure to get the name of the company and its contact information then use directory assistance to verify and cross-reference the information given. Do not rely on the phone number the caller provides as a means of verifying the authenticity of the call. Scam artists will often have an accomplice answer the phone to appear legitimate in the event of a return call.
Credit card telephone scam
There is a new fraudulent attempt to capture card numbers through an automated telephone service. The system randomly calls phone numbers and states it is the credit union. It asks the member to enter their 16-digit debit or credit card number, expiration date and personal identification number (PIN).
Arsenal Credit Union would never call you to ask for this information. If you get an unsolicited call claiming to be from Arsenal CU asking for personal or account information, do not provide this information. Instead, verify the call and the request by calling our main number - 314.962.6363 (or 1.800.719.6363).
E-mail greeting cards
Be on the lookout for phishy online greeting cards. An E-greeting card sent over the Internet may say it is from a friend, family member, or secret admirer, but it may be from a phisher instead.
These fraudulent cards are sent year round but are more frequent around holidays, when your defenses are down.
A recent E-greeting card scheme was uncovered in Australia when a major cybercrime group used fake Yahoo! Greetings cards to infect computers with malicious software that tracked computer keystrokes. The keylogger then was used to collect credit card numbers, bank account user names, and passwords.
Use caution when you get an E-greeting in your in-box:
Phishing: educational e-mail
An e-mail (below) that was supposedly sent out by a credit union contains information warning members about phishing. Ironically, however, the message also encourages members to follow a link to log into the credit union's online banking system; the link does not go to the credit union's online banking site but to a fraudulent site that collects the member's information for fraud.
Avoid following links you receive in unsolicited e-mails, and do not enter any personal information on these sites. Instead, if you think the contact is valid, visit the Web site by typing the Web address, if you know it, directly into your browser you know (or you can get the correct address from valid communication from the institution).
Fraudulent e-mail
Dear Member,
At [the credit union], we are committed to protecting your financial interests with secure technology and educate you with “best practices” for staying secure on the Internet. As a [credit union] member, we want to make you aware of the increasing use of "phishing" and "spoofing" to obtain sensitive personal information.
"Phishing" is a type of fraud where an e-mail asks you, often with a sense of urgency, to click a link to update or confirm your sensitive personal information, such as your account numbers, card numbers, social security/tax identification numbers, passwords, or PINs.
To enhance the security when accessing your on-line accounts, [we have] implemented an additional layer to our on-line security system. You may be requested to answer security questions in order to complete your log in to the Online Teller system.
Click here to log in to the Online Teller system. Please do not reply to this message.Phishing: CUNA online survey
An e-mail claiming to be from the Credit Union National Association (CUNA) offers $50 for completing an online survey. After consumers finish the survey, they are asked to provide credit card information, allegedly so that they can be paid. In reality, the information is likely to be used for identity theft.
CUNA does not send unsolicated e-mails to credit union members - it primarily communicates with credit union staff - and would never ask members for credit card or account information.
Phishing: online banking dual authentication
Phishers are employing the dual-authentication signup process to lure credit union members and bank customers to bogus phishing websites.
Many credit unions have been implementing dual or multiple authentication steps to protect members' online banking activities from fraud. In October 2005, the Federal Financial Institutions Examination Council (FFIEC) issued guidelines requiring financial institutions to strengthen how online banking users authenticate who they are.
However, the latest phishing scam directs the institution's members, via an e-mail, to enter their account number and personal identification number (PIN) so they can register for the new "dual authentication code and phrase."
While Arsenal Credit Union does use multi-factor authentication, you will only be asked to setup or enter security information after you've logged into your online banking account. Do not respond to any unsolicited e-mails claiming to be from Arsenal Credit Union or any financial institution asking for this type of information.
Phishing: online survey
An e-mail claiming to be from Card Services for Credit Unions (CSCU) requests that cardholders click on the link in the e-mail to go to a site that looks like CSCU's Web site and complete a five-question survey. If they complete the survey, the e-mail states that they are eligible to win $50. The link also requests pertinent cardholder information, such as account numbers.
CSCU did not send any e-mails directly to cardholders. Please note that CSCU does not have cardholder data and never communicates directly with cardholders. Rather, it communicates only with its member credit unions. Click here to see a copy of the Web page to which the e-mail links.
Phishing: Banking accounts renewal
There is an e-mail circulating that claims to be from the Illinois Credit Union League Service Corporation (LSC) with subject line of "Banking Accounts Renewal." The fraudulent e-mail includes a link to a page that looks very realistically like the LSC Web site and attempts to persuade recipients to renew their accounts due to many supposed complaints about unusual account activity.
These messages are scams and should be deleted. The ICUL Service Corporation and the Illinois Credit Union League will never request sensitive credit union or member information through a mass mailing or email.
