Protect Your Identity
- Email and Texting Fraud
- View Examples of Recent Scams
- PIN Reversals - Not a Safety Option!
- Report Fraud
- Protect Your Computer
- Protecting Your Identity on the Internet
- Thwart Identity Theft
- What to Do if You Have Mistakenly Given Out Your Personal Information
- Visit OnGuardonline U.S. Government's Identity Protection Website
- Visit the Government's Identity Theft Website
Internet scams, email fraud or phishing (pronounced "fishing") are attempts to fraudulently acquire sensitive personal information (i.e. account numbers, passwords, social security numbers, credit card details, etc.). In a typical case, phishing involves the use of email messages impersonating your financial institution, a reputable company that you or we normally conduct business with or a government agency; including one of the federal institution regulatory agencies.
Phishing emails always have a sense of urgency. The email will probably warn you of a serious problem that requires your immediate attention to respond. It will then urge you to click on a "button" or link where you will be asked to enter or confirm your personal information. The website may look legitimate but it is NOT! Do not click on the requested link and submit your personal information.
It’s also important to be aware of “vishing,” a type of telephone fraud that is very similar to phishing but uses Voice Over Internet Protocol (VoIP), which allows people to talk over their computer lines, and can allow for multiple dialings of numbers at the same time. Scammers may work from a list of regional phone numbers, but what they mainly do is call everyone they can and leave an automated message saying the person’s credit card or bank account has been compromised, depleted or closed.
LBS Financial Credit Union will NEVER email or call to ask for your personal information.
March 25, 2015 - The National Credit Union Administration is alerting consumers that texts they receive from an agency telephone line, 703-518-6301, asking for personal information are not coming from NCUA.The texts may warn of a debit card reaching its limit or use some other trick to persuade individuals to provide personal information or go to a malicious website. Consumers should not click on links in the message, provide information to any websites referenced in the message nor attempt to conduct any financial transactions through those websites.
March 17, 2015 - The National Credit Union Administration has received reports of an online phishing scam that uses a website with a logo and a design similar to the agency’s own site in an attempt to convince unwary customers to provide information or send money.
December 20, 2013 - Multiple credit unions have recently reported a phishing scam they are experiencing. This fraudulent attempt to capture card number PINs is done with an automated telephone service from various phone numbers. One recent phone number reported is 877.277.3125, however there could be various numbers used. The message indicates the member’s debit card may have been compromised and has been placed on a hold status. In order to activate the card, the message asks the member to press 1 to unblock their card. There are so many ways for perpetrators to attempt to get personal information, including the use of auto-dialers and text messages. It is important to limit the release of personal information in order to protect yourself from fraud.
The Internet can often quickly spread “urban myth” stories but few stories gain such rapid appeal with so many potentially negative impacts on cardholder safety and confidence as the misleading stories circulating the Internet regarding PIN reversal to signal duress. PIN reversal technology is a concept based upon the possibility that a cardholder could remember (and reverse) his or her PIN (password) at an ATM to draw attention to a dangerous situation like a kidnapping or a robbery. Critics say that it is unlikely that anyone under duress could successfully employ this technique without compromising personal safety.
Financial institutions within the United States have not deployed this technique despite several well circulated email chain letters that have misstated this fact. If you have read information on the Internet to use PIN reversal as a safety method, it's important for you to know that LBS Financial does not have the capability to read a PIN reversal as a request for help. Digital cameras are still the best security available at the ATM.
Other reporting resources are:
- Report vishing calls to www.ftc.gov or call 888.382.1222. The FTC wants the number and name that appeared on the caller ID as well as the time of day and the information talked about or heard in a recorded message. If you received a phishing email you can forward it to the FTC at email@example.com, firstname.lastname@example.org or the Internet Crime Complaint Center at http://www.ic3.gov/default.aspx.
- If you think you’ve been tricked by a phishing email and have given out personal information, contact the Credit Union immediately (if it applies to your account here) to block your account. You may also file a report with the FTC at www.ftc.gov/complaint.
- Be suspicious of urgent emails requesting your financial information and threatening to terminate or suspend your account unless you respond electronically. Call us as your financial institution to verify if we sent you an email regarding your account or log onto our website directly by typing in our web address (www.lbsfcu.org) in your browser. Do not click on the link that was provided to you in the suspicious email.
- Never click on links in email messages that ask you to provide or confirm your private information. Links can easily conceal the true destination. The destination website may be programmed to automatically download and install software called "malware." If in doubt, call the financial institution or merchant to see if in fact there is a problem with your account.
- When providing private information on a website, make sure of the following:
1.) That your web session is encrypted and
2.) That you're really on the site you're on.
Sites that encrypt your session have addresses that start with "https" instead of "http." The "s" stands for "secure" which means your session is encrypted. Gold padlock or key icons at the bottom of the screen indicate a secure website but note that they too can be faked. Make sure the address is a valid one. An IP address as in http//184.108.40.206 is a dead giveaway. Others are not easy to spot. Clicking on the padlock or key will open a window with information about the website and who owns the digital certificate that enables the site security. The issuers of certificates do not issue them without first verifying the identity of the buyer. Newer browser versions and security programs like Symantec's Norton Security provide feedback regarding a site's authenticity by turning the address bar or a toolbar element green when a site is deemed safe.
- Consistently check your online accounts to ensure that all transactions are legitimate.
- Do not install unknown software on your computer. If you do so, you are potentially harming your computer's hard drive and putting your personal information at great risk. Verify that the software came from a legitimate website and not an email message. Be especially wary of "free" programs which are often infected with Spyware.
- Always protect your password. Do not share your password with anybody else or do not write down your password anyplace where it's accessible to another person. Change your password frequently and use one that is not easy for someone to guess.
- A lost or stolen wallet is a goldmine of information. Don't carry extra credit cards, checks, Social Security card and even health insurance cards. Be sure to photocopy everything that's left, being careful to record emergency phone numbers. Keep these copies in a very safe place. Hopefully, you will never need them.
- Use LBS Financial Direct Deposit for any checks that are mailed to you on a regular basis.
- Before revealing personal identifying information, find out how it will be used and if it will be shared with others. Does your local video store really need to know your social security number? How about your gym?
- Pay attention to your billing cycles. Follow up with creditors if bills do not arrive on time. Review them each month to identify any unusual charges. Thieves sometimes test you prior to making a large hit.
- Order a free copy of your credit report from the three credit reporting agencies every year. Make sure it's accurate and includes only those activities you've authorized. Visitwww.annualcreditreport.com to download your free annual reports.
- Use a cross-cut shredder to destroy charge receipts, credit applications and offers, insurance forms, bank checks and statements.
- Call us at 800.527.3328 immediately so we may flag your account(s) and contact you for any unusual activity or,
- Notify us immediately through our secure online form with a brief explanation about the email you received.
- Contact your other financial institution with which you have other accounts (i.e. credit cards, loans, savings, etc.) to alert them or cancel your existing accounts. Many companies have toll free numbers and 24-hour service to deal with such emergencies.
- Report the theft to the three major credit reporting agencies:
- Experian - http://www.experian.com or 888.397.3742
- Equifax - www.equifax.com or 800.525.6285
- Trans Union - www.transunion.com or 800.680.7289
- Contact your local police department to file a criminal report
- Call every company that has extended credit to you to report the problem
- Give a copy of the police report to your financial institution, credit card company and/or insurance company as proof of the crime.
- Contact the Social Security Administration's Fraud Hotline to report the unauthorized use of your personal identification information
- Notify the Department of Motor Vehicles of your identity theft
- File a complaint with the Internet Fraud Complaint Center (IFCC) at www.ic3.gov.
- Document the names and telephone numbers of everyone you speak to regarding the incident. Request that all the phone calls be followed by a letter. Keep copies of all correspondence for future reference.