Member Alerts

How to spot a phishing scam

Phishing scams occur when a scam artist tries to convince you to give them your sensitive information. This could be your password, user name, credit union account information, credit card details, etc. These phishing scams usually come in the form of an email. They lure you into clicking on a malicious link. Take a look at the tips below on how to spot a phishing scam so you can avoid falling victim to these scammers.

Appealing to emotion
Phishing scams will attempt to elicit specific emotions such as:

• Greed: A phishing scam may tempt you with a monetary reward in return for clicking on a link or providing your personal information. If the offer seems too good to be true, it probably is.
• Curiosity: Phishing emails will take advantage of your natural curiosity by promising to show you something exciting in exchange for clicking on a link, or entering your personal information. This is often referred to as click-bait, and is very common on social networking sites.
• Urgency: A phishing scam may also try to place a sense of urgency on you to complete a certain action. This is a major red flag.
• Fear: Phishing scams will often times use threats as a way to get you to act. Don’t fall for this.

Strange email elements
Many phishing scams are carried out via email. Some signs of a suspicious email include:

• Odd Sender Address: If the sender’s email address does not match the sender’s name in his or her signature, or if the sender’s email address includes many random letters and symbols, approach with caution.
• Strange Tone: If the email content does not read well, and contains multiple misspellings and grammatical errors, do not click any links, open any attachments, or provide the sender with any personal information.

Unexpected attachments & requests for action:
Always be mindful of the actions you take online. Be highly skeptical of:

• Attachments: If you receive an attachment from someone you do not know, or from someone you were not expecting an attachment from, proceed with caution. If you’re unsure about the validity of an attachment do not open it, as doing so could infect your device if the attachment is malicious.
• Login Pages: Be highly skeptical of any email that asks you to click on a link and log in to one of your accounts. If you click the link in the email and enter your credentials, the scammer could gain access to your account.
• Links: Be careful of the links you click on from an email. Malicious links could infect your computer or mobile device. Before you click a link, place your cursor over it to inspect it. If you are unsure if it is valid, it’s better not to click and be safe rather than sorry.

7 ways to protect your identity

Taking proactive measures to protect your identity is crucial. Identities are stolen every day and people don't even know when it’s happened to them. Scammers know hundreds of ways to steal your identity so it’s important to know how to protect yourself, so you don't lose yours.

1. Keep your personal information personal
Know when and who you’re sharing any kind of personal information with. Whether it’s account information, a social security number, or hobbies/interests, make sure you’re sharing with the appropriate people. For instance, be careful of the information you’re sharing on social media. Things like your favorite pet’s name or a family member’s name can give scammers information they can use to hack your accounts.

• Stop oversharing on social media.
• Don’t answer calls/text messages from unknown numbers.
• Don’t sign up for services with personal information unless absolutely necessary.

2. Stay up-to-date on scams
Scams pop up everywhere from phones to social media, emails, and websites. Learn about what scams are popular and how to spot them.

• Visit the FTC website for scam alerts.
• Register your phone number on the National Do Not Call Registry.
• Avoid opening emails or text messages from unsolicited senders.

3. Use secure passwords
Passwords are the key to unlocking your personal information so it’s important you take the time to create a strong and unique one. We recommend use all four types of characters including: capital letters, lowercase letters, numbers and punctuation marks/special characters.

• Don’t use the same password for all accounts.
• Use a password manager to store your passwords.
• Utilize multi-factor authentication.

4. Keep an eye on your credit score
Your credit report contains important information you can use to monitor all types of accounts and loans you’ve opened and any fraudulent activity that may occur. If someone has stolen your identity, you may see a loan on your report that you definitely didn’t apply for. This can be an initial indicator that something isn’t right.

• Check your credit report quarterly.
• Use annualcreditreport.com for a FREE copy.

5. Keep your devices secured
A lot of us LIVE on our devices, including phones, tablets, and laptops making them a prime target for hackers. This is why it’s important to keep your devices updated with the latest software whether it’s Microsoft or Apple.

• Turn on automatic updates in your settings.
• Check and see which of your mobile apps have access to information on your phone. You can find this in your settings.
• Clear your browser history.
• Only visit sites with an https address.
• Don’t use unsecured WIFI networks.

6. Watch for credit card skimming
Card skimming is another sneaky way scammers are stealing people’s money. A card skimmer is a device that steals card information by reading your debit or credit card’s magnetic strip.

• Cover the keypad when you’re inputting your PIN.
• If you’re at a gas station, pay inside.
• Monitor your debit and credit card accounts regularly.

7. Protect personal documents
Fraudsters attack all fronts and scavenge for your information digitally and physically. If you have important physical documents, make sure to keep them locked up and out of sight. Fraudsters will even resort to taking mail from your mailbox so make sure you’re not leaving anything inside.

• Shred personal documents.
• Check your mailbox daily.

What is card skimming/shimming and how to avoid it

Card skimming is another sneaky way scammers are stealing people’s money. A card skimmer is a device that steals card information by reading your debit or credit card’s magnetic strip. Along similar lines, a card shimmer is used to capture information from chip-enabled cards and are much harder to detect because they are located inside of card readers. Card skimming/shimming is popular at places like gas stations, ATMs, parking meters, and other points of sale. These devices are attached to keypads, card readers, etc. Once your card is skimmed, scammers now have access to your card number, expiration date, and cardholder’s name.

What to look for
While card skimming devices can be hard to spot, there are a few things you can watch for.

• Try to tug/jiggle the gas station card reader. If it’s loose, there could potentially be a card skimmer installed.
• Look for tampering such as different coloring on the machine or keypad numbers not aligning.
• Check the feel of the keypad. If it feels too thick there may be a pin-snatching overlay on it.

What do scammers do with stolen information?
Scammers go back to the places they’ve installed the card skimmers and retrieve them to gather your information. From there, they can duplicate your card, use your information to make online purchases or sell your information on the dark web.

• Especially for shimming, wiggle your card as you slide it into the ATM slot. This will shield your information from the skimming device.
• Cover the keypad when you’re inputting your PIN.
• If you’re at a gas station, pay inside.
• Monitor your debit and credit card accounts regularly.
• Use contactless payment method when available.

Here is what you need to do if your card is skimmed:

• Notify us right away.
• Check your charges and record which ones are fraudulent
• Set up fraud alerts on your account so you’re notified right away.