Fraud Protection Center
Protecting Your Privacy, Your Identity, and Your Money
At the IDB-IIC Federal Credit Union, Security over Member Information and Accounts is fundamental. Our job and responsibility is not only keeping your assets and personal information safe, but also ensuring that you know how to protect them with everyday decisions.
It is more important than ever to understand the different types of fraud, and what you can do to prevent yourself from becoming a victim. The following is some essential information to help you protect yourself against multiple types of fraud.
Staying Safe online during tax season!
Now that W-2s are arriving, it’s time to consider how to stay safe from tax season scams. Every year while filling their returns, taxpayers are shocked to find that someone else has filed a fraudulent one in their name! Sadly, tax fraud has only become more widespread and digital communication has opened new ways for it to happen. In order to protect you from tax fraud, today we’ll be discussing how to identify tax scams, and techniques you can use to stay safe during tax season.
How is Tax Fraud Perpetrated
According to cisesecurity.org, a great deal of your personal information can be gathered from multiple locations online with almost no verification. Criminals know this, so they use this trick to get your personal information from a variety of websites and use the information to file a fraudulent tax refund request. If a criminal files a tax return in your name before you do, they will file it with false information to get a large refund, forcing you to go through the arduous process of proving that you did not file the return and subsequently correcting the return. While the Internal Revenue Service (IRS) reports on multiple tax-payer related scams, three scam variants are worth highlighting:
- Phishing and Malware Schemes
The goal of phishing and malware is to trick you into entering your login credentials, verifying sensitive personal information, or downloading malware. The criminals may send a phishing message indicating that a new copy of your tax form(s) is available. These convincing emails often impersonate state, local, tribal, and/or IT departments, and then direct you to websites that appear to be IRS, state government, tax software, or financial institutions. They might include a link to a phishing website that uses your organization’s logo with a convincing signature line in the email. If you fill out or attempt to login into the phishing website, the criminals will be able to see your login name and password, which they can then use to try to compromise your other accounts.
- Identity Theft and Falsely Filed Tax Returns
A popular scam from last year’s tax season involved impersonating an executive and using a compromised or spoofed email account to obtain W-2 information from an HR professional within the same organization. Individual taxpayers are targeted in these tax scams, but criminals have also evolved their tactics to focus on mass data thefts. The more information they gather about you, the easier it is for them to use the information to file a fake tax return in your name. Once criminals have your information, they can also continue to commit identity theft well beyond tax season.
- Impersonations Scams
Finally, criminals can perpetrate scams by impersonating the IRS or a tax official, such as a tax advocacy panel or tax preparer. They may say you owe money to the IRS or your state tax department or may represent themselves as a trusted tax authority and request information. This contact can occur through websites, emails, or threatening calls or text messages that seem official.
These tax fraudsters impersonating IRS officials may also threaten you with penalties if you do not make an immediate payment. Sometimes, criminals request their victims pay the “penalties” via strange methods such as gift cards or prepaid credit cards. If you are not expecting a call from the IRS, the person on the other side of the phone claiming to be an IRS officer is most likely a fraud. If you get such a call, it is important not to engage at all and resist the pressure to act quickly. Instead, go ahead and report the contact to TIGTA at http://www.treasury.gov/tigta by clicking on the red button, “IRS Impersonation Scam Reporting.” It is important to remember:
• The IRS will not initiate contact about payment with taxpayers by phone, email, text messages, or social media without sending an official letter in the mail first.
• The IRS will not call to demand immediate payment over the phone using a specific payment method such as a debit/credit card, a prepaid card, a gift card, or a wire transfer.
• The IRS will not threaten to immediately notify local police or other law-enforcement agencies to have you arrested for not paying.
• The IRS will not demand that you pay taxes without giving you the opportunity to question or appeal the amount you owe.
What Can You Do?
Here are some basic tips from cisecurity to help you minimize the chances of becoming a victim of a tax scam:
• File your tax return as soon as you get your W-2's and other tax information. Criminals cannot successfully file a fraudulent return if you have already filed with the IRS! If you are a member and you would like some assistance filing your taxes, you can access the award-winning platform Turbo Tax by login into your Online Banking account.
• Be aware of phone calls, emails, and websites that try to get your information, or pressure you to make a payment.
• Ignore emails and texts asking for personal or tax information.
• Be cautious as to whom you provide your information, including your Social Security Number and date of birth.
• Don’t click on unknown links or links from unsolicited messages.
• Don’t open attachments from unsolicited messages, as they may contain malware.
• Only conduct financial business over trusted ( ) websites. Don’t use public, guest, free, or insecure Wi-Fi networks while conducting transactions either.
• Keep your information secure and shred all unneeded or old documents containing confidential and financial information.
• Check your credit report regularly for unauthorized activity.
• Be cautious if you receive notification that you have somehow miraculously qualified for an immediate IRS tax relief. If it seems too good to be true, it probably isn’t true.
• If someone claiming to be from the IRS is on the phone demanding personal information such as your Social Security Number, just hang up. If you are concerned about an issue related to the IRS, you can contact them directly on a contact number listed on https://www.irs.gov/ or get in touch with a tax advisor.
• Avoid sharing your full SSN over the phone with anyone unless necessary and always keep all documents that have it, such as W2.
Another great way to remain financially secure during tax season is by downloading the MobiMoney mobile app for your debit cards. As the old saying goes: prevention is better than the cure; and these MobiMoney features will help you remain vigilant of any dubious financial activity.
Seeking Help and Reporting Scams
If you receive a tax-related phishing or suspicious email at work, report it according to your company’s policy. The IRS encourages taxpayers to send suspicious emails related to tax fraud to its firstname.lastname@example.org email account or to call the IRS at 800-908-4490.
If you suspect you have become a victim of tax fraud or identity theft, the Federal Trade Commission (FTC) Identity Theft website will provide a step-by-step recovery plan.
We at IDB-IIC FCU wish you and your family a wonderful -- fraud free -- tax season. It's our goal to make your financial life healthy and stress-free.
For the latest information on frauds and scams, visit the IDB-IIC FCU online fraud center at our website. And as always, if you have any questions about this or other topics, don't hesitate to contact us. We're here for you.
PROTECT YOURSELF FROM hOLIDAY sHOPPING FRAUD!
‘Tis the Season to be Merry, and Very, Very Wary...
...of Credit and Debit Card Scams when Shopping Online.
Here’s how to stay safe during the holidays.
If you’re like most Americans, you’ll do a lot of online shopping this holiday season with your credit or debit card. It’s convenient, easy, and saves time and gas. But here’s a bah humbug moment: it’s also peak season for scammers and hackers.
In fact, during last year’s holiday season, online shopping fraud increased by 22%, with a fraudulent attempt happening one out of every 85 transactions, according to the Business Wire.
But don’t close your laptop and gas up the car just yet. With a little awareness and caution, your online holiday shopping can be safe and convenient. Besides, you’ll never get parking at the mall this time of year, so follow these...
Seven Ways to Avoid Holiday Online Shopping Scams
1. Stick with Big, Familiar Brands: Amazon, Costco, Walmart, and other large well-known online retailers have invested heavily in online security. So sticking with these online merchants is a good way to protect yourself against online shopping fraud. Be very wary of sites that don’t end in .com or that have odd titles you’ve never heard of. These are major signs of scammers on the hunt for your debit or credit card information.
2. Look for an “HTTPS”: Legitimate, quality online shopping retailers care about your security. One clue that an online retailer has invested in protection from fraud is in its URL, or address bar. It should begin with “https,” not “http.” There should also be a padlock icon ( ) next to it. These are signs that your financial information will be protected during your purchase.
3. Saving Could Cost You: Saving money on your holiday shopping: good. Sites saving your financial information: not so much. Many sites will offer to save your credit or debit card information for future transactions. This might sound good: even more convenience when you return for Uncle Hal’s present! But remember, the more places your financial information is stored, the more chances you have to become a victim of the next headline-grabbing security breach.
4. Avoid Public WiFi Hotspots: These days, you can buy your significant other’s gift while waiting for a flight or ordering a Venti soy no-foam mocha latte! Isn’t the world of free WiFi wonderful? Well, yes, and no. The common-area WiFi spots in places such as cafes, airports, bookstores, etc. also make it easier for hackers to steal your financial and personal information. It’s much safer to stick with your secured home network for any online shopping.
5. Stay Up-to-Date on Your Statements: The holidays can be a busy time, so it’s easy to forget to check your debit and credit card statements carefully. With some consumers planning to spend an average of $846 on gifts this season, according to Experion, it can be easy to miss a fraudulent charge. But thieves count on this. So check your statements vigilantly and report any suspicious charges immediately.
6. Set Alerts: Your IDB-IIC FCU debit card comes with the MobiMoney mobile application free of charge. With the app, you can set instant alerts of any transactions; turn off your cards; limit card transactions based on location, amount or type; set merchant preferences; and more. As they say, knowledge is power, and these MobiMoney features give you a lot of fraud-stopping power.
7. Refuse Email and Other Requests for Financial or Personal Information: Legitimate online retailers create safe websites, with secure online forms for you to fill out. They will never ask for your credit or debit card information via email, text, or phone. But scammers will often contact you by email, phone or text. Never give your financial or personal information to a retailer you do not contact yourself.
If you do become a victim of credit or debit card fraud, there are important steps you should take:
● Report the crime to your credit or debit card issuer as soon as you become aware of it.
● Have your credit or debit cards canceled and replaced with cards with new numbers.
● Remember to give your new credit or debit card numbers to any entities with which you use auto-pay.
● Report the crime to the police, if necessary.
We at IDB-IIC FCU wish you and your family a wonderful -- fraud-free -- holiday season. It’s our goal to make your financial life healthy and stress-free.
Identity theft can occur when an individual obtains personal information, such as your social security number, date of birth, address, and financial account numbers. Once this information is obtained, the thieves will assume or take on your identity, allowing them to illegally purchase items or obtain credit.
Tips for protecting yourself from Identity Theft:
- Review your account activity regularly. Make sure to look over your account statements each month and check any unauthorized charges or suspicious activity.
- Set up alerts on your account so you can get notifications whenever certain transactions take place on your credit card.
- Share your Social Security Number sparingly. Make sure to keep your Social Security Card in a safe place, and only share it when absolutely necessary.
- Shred financial statements and other important documents to prevent thieves from gaining access to any of your personal information.
- Use strong passwords and be sure to change them regularly.
Who should you contact if you suspect Fraud:
- Credit Bureaus. Immediately call the fraud units of the three credit reporting companies -- Experian, Equifax and Trans Union. Ask that your account include a statement referencing the possibility of fraud.
- Creditors. Contact all creditors immediately with whom your name has been used fraudulently -- by phone and in writing. Monitor your accounts closely for any further fraudulent activity.
- Law Enforcement. Report the crime to police with jurisdiction in your case. Provide any documentation that you have collected. Get a copy of your police report. Keep the phone number of your fraud investigator handy and give it to creditors and others who require verification of your case.
- Financial Institutions. If you have checks stolen or bank accounts set up fraudulently, contact the institution to report the crime. Put stop payments on appropriate outstanding checks. Close your checking and savings accounts and open new accounts. If your ATM card is stolen or compromised, get a new card and PIN. When choosing a PIN, don't use common numbers like the last four digits of your Social Security number, your date of birth, license number or street address.
- U.S. Postal Service. Notify the local Postal Inspector if you suspect an identity thief has filed a change of your address with the post office or has used the mail to commit credit or bank fraud.
- Social Security Administration. Call to report fraudulent use of your Social Security number.
- Department of Motor Vehicles (DMV). Call to see if another license was issued in your name. Go to your local DMV to request a new number. Also, fill out the DMV's complaint form to begin the fraud investigation process. Send supporting documents with the completed form to the nearest DMV investigation office. Request a driver's license number different than your Social Security number if available in your state.
- Civil Courts. If a civil judgment has been entered in your name for actions taken by your impostor, contact the court where the judgment was entered and report that you are a victim of identity theft. If you are wrongfully prosecuted for criminal charges, contact the state Department of Justice and the FBI.
Credit Card Fraud
Credit card fraud generally occurs when cards or card numbers are compromised. By following these simple guidelines your potential for loss can be minimized.
Tips for protecting yourself against credit card fraud
- Keep a list of all your credit cards including the account number and phone number to the issuing company
- Review your credit card statement as soon as possible. Match charges with your receipts to ensure all charges are yours and are for the correct amount.
- Always sign a new credit card immediately.
- When making a purchase with a credit card, make sure you get the card back and the receipt. Check the receipt for accuracy.
- When using a credit card at a restaurant or store, make sure that all blank lines are marked through so that no one can change the final amount.
- Never sign blank credit card receipts.
- Only travel with the credit cards you plan on using.
- Never give your credit card number over the phone unless you initiate the call.
Check Cashing Fraud
Check cashing fraud occurs when individuals use information taken from your check to access your accounts and commit fraudulent acts. By following these simple guidelines, you can greatly reduce your risk of becoming a victim.
Tips for protecting yourself against check cashing fraud
- Always safeguard your checks. Make sure they are always put away somewhere safe.
- Keep your blank checks and canceled checks in a secure location; destroy old blank checks if you are not going to use them.
- Limit the amount of personal information printed on the checks to your name and address. Use plain designed checks. The fancier the check the easier it is to forge the signature. Useful information for thieves includes not only your account numbers, but information used to verify your identity, such as your driver's license number, or social security number.
- Do not leave your bill payments sitting in an unlocked mailbox for pickup. Go to the Post Office directly or use a curbside USPS mailbox (the blue metal ones) and drop your bills in the slot rather than using less secure street mailboxes.
- Be discreet when writing checks in public places. Write your checks carefully and leave no space in which figures or words can be inserted.
- When you make an error in writing a check, be sure to destroy the check or write "canceled" across it and store it with your other canceled checks.
- If your checks are lost or stolen, report it immediately to your financial institution.
- Reconcile your monthly statements as soon as you can to ensure all transactions are accurate. Contact us immediately if you do not receive it when expected.
- When you reorder checks, mark your calendar. If you don't receive your checks within 15 working days, contact your financial institution immediately to inquire as to the status of the order.
- Consider alternatives to writing checks. For instance, paying by phone, online, Bill Pay or setting up automatic payments.
Debit Card Fraud
Debit Card fraud can occur when individuals lose their card, give their card to someone else to use, or when their Personal Identification Number's confidentiality is compromised. By following these simple guidelines you can greatly reduce your exposure to Debit Card fraud.
Tips for protecting yourself against Debit Card fraud
- Never write your Personal Identification Number (PIN) on your card or in your wallet. Memorize your PIN as soon as possible and do not reveal your PIN to anyone not authorized to use the account.
- Never use your date of birth, social security number, license number or street address as a PIN -- those are the first numbers a crook will try.
- Don't throw away your ATM receipts at the ATM location. Keep them to reconcile your account, then dispose of them properly when you get home.
- Always be aware of your surroundings when using the ATM. If it is late at night, try to use a machine that is well lit and avoid dark, remote locations.
- Always make sure to retrieve your ATM card from the machine when the transaction is complete.
- Be aware of people waiting in line behind you. Make sure no one can see you entering your PIN or how much money you withdraw.
- Review your statement promptly to ensure all transactions are accurate. Report any discrepancies immediately.
- Destroy old ATM cards immediately after receiving your replacement cards.
In addition to the types ATM fraud that most of us are now aware of, there are two new types that can clean out your account quickly -- card withholding and skimming.
Card withholding occurs when thieves put something in the ATM slot to make the customers’ cards jam. Then, when someone uses the ATM the thieves can watch as you enter your PIN number over and over again. This is very common at drive-up ATMs where the user may not be paying attention to other people or cars nearby.
Skimming is done at businesses that offer Point-of-Sale (POS) devices for you to pay with your ATM card, such as gas stations. Thieves will typically convince an employee to allow them to connect a laptop computer to the POS machine. The laptop is usually stored under the counter where the POS device is located. When you swipe your card in the POS device to make a payment the information on the magnetic strip on your ATM card is copied and loaded onto a disk. Thieves may also install a hidden video camera that records you entering your PIN. They then match the magnetic information to the PIN and access your accounts.
Internet Security - Phishing Scams
Phishing is an internet scam in which e-mail spam or pop-up messages are used to deceive you into divulging personal or financial information over the internet. Phishers will send you an email or a pop-up message that appears to be from a company that you deal with – your credit card company, credit union or a government agency. The message usually requests that you update or validate account information and it will direct you to a website that looks just like the legitimate organization’s website, but it isn’t. The purpose of the bogus website is to deceive you into entering your personal information so the scammer’s can steal your identity and commit crimes in your name.
Tips to protect yourself against "Phishing Scams"
- If you get an email or pop-up message that asks for personal or financial information, do not reply. And don't click on the link in the message, either. Legitimate companies don't ask for this information via email. If you are concerned about your account, contact the organization mentioned in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company's correct Web address yourself. In any case, don't cut and paste the link from the message into your Internet browser — phishers can make links look like they go to one place, but that actually send you to a different sites.
- Never give your personal information via e-mail. IDB-IIC FCU will never request personal information via email.
- If you want to update your information, go directly to our website by opening a new browser window, and typing www.idbcreditu.org in the address.
Never go to our web site by clicking a link in an e-mail.
- When entering personal account information, verify that you are on a secure website. If the website is secure, you will find "https" in the address and a closed padlock in your browser's toolbar.
- Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files.
Phone Security - "Vishing" Scams
Vishing is a scam similar to Phishing, a scam involves sending a spam email or pop-up message telling you that your account has been compromised and will instruct you to call a phone number to verify your account information. An official sounding automated message will ask you to enter your personal financial information such as your 16 digit credit card number. Some of these scams involve a telephone call to the victim directly in which the caller already has your credit card number but asks you to verify the valuable three digit security code.
Tips to protect yourself against "Vishing" Scams
- Never give your personal information over the phone. If you feel a call is suspicious, call the company directly to verify the authenticity of the call.
- Beware of organizations asking for charitable donations. If you want to donate money, contact the organization yourself to make sure that your money is going to the appropriate place.
Text Message Security - "Smishing" Scams
Smishing is a scam similar to Vishing for Phishing, but gets its name from SMS text messaging. Smishing is when a scammer sends you a text message claiming that there is a problem with your bank account and asks you to text back n order to reactivate your account. Other Smishing scam text messages may include a link to a website you that you must click on to resolve the “problem.”
Tips for protecting yourself against "Smishing" Scams
1. Don’t respond in any way to Smishing messages, even if it is just to ask the sender to leave you alone. Responding will verify that your phone number is active, and will prompt the scammer to keep trying
2. Never click on any links or call phone numbers in an unsolicited text message. Simply delete the message from your phone
3. Report the message to your cell phone service’s scam text reporting number, or the general customer service number.
Protect Your Privacy
Fraud comes in many shapes and sizes and unfortunately, it will never go away. Nor will the money and time spent fixing it. That’s why it’s vital to ramp up your security arsenal.
While fraud operators are constantly developing new viruses, spyware and online fraud schemes, the good news is that you can take action to protect yourself against online fraud.