Advice & Planning

Articles

Six Ways to Avoid an Email Scam

Email scams are on the rise. Last year the IRS reported a 60 percent increase in bogus email schemes that target victims for their money or sensitive data. As consumers have become smarter about identifying fraud, thieves have too, as they are constantly changing up their strategies to confuse and distract you.

The first step to protecting yourself and your finances is to stay informed and alert. Check out our tips on how to spot red flags and steer clear of email scams.

1. Don’t trust unsolicited emails.

This is one rule of thumb that is both effective and easy to follow. Always be wary of unsolicited communications, especially when it’s from an organization or person you’ve never worked with before. The internet offers scammers a cloak of anonymity. They may use convincing images and language to gain your trust, but you can never be 100 percent sure.

2. Never provide your personal information.

And we mean, never. Most commonly, scammers like to put their victims in emotional situations that could dull their reasoning skills. These scams may look like the following:


  • a. A financial institution, government agency, or other authoritative organization looking to confirm or collect your information. These emails may even contain portions of your personal information that they already have such as your mailing address or phone number to appear legitimate.

    b. A utility or credit card account in your name is in default and you need to make a payment immediately, or provide your bank account information. If you fail to comply immediately, you will face legal action.

    c. A sweepstakes or competition notifying you that you’ve won a large sum of money. The organization needs your bank account number in order to make a deposit, or you need to make a deposit payment before your winnings can be released to you.

Don’t take the bait. Remember that a government organization or financial institution will never contact you unsolicited to ask for your personal or financial information, even if they are claiming an error on your part. They will also never make legal threats or use threatening language. Similarly, a legitimate sweepstakes will never require you to make a payment to receive your prize.

3. Look for errors and misspellings.

Always read emails very carefully. One of the most telling and common signs of a scam is when there are misspellings, punctuation errors, or poorly worded phrases riddled throughout the copy.

Another telltale indicator of a fraudulent email can be found in the logo and images used. Compare the logo in the email to the one on the company’s website or on a piece of mail that you’ve received from them. While companies may use different versions of their logo for different types of communications, you can check inconsistencies in the color or if the image is stretched or warped.

4. Pay close attention to links.

No matter how tempting an offer is, never click on a link sent by a person or business you don’t recognize or trust. It could open dangerous malware that will compromise all of the information on your device, including login usernames and passwords and financial accounts.

If you’re using a laptop or desktop, check each link and hyperlink by hovering your mouse over it. This will reveal the actual URL attached to the copy. If you don’t recognize the website or if it is unsecured (does not have an “https” in the address bar), don’t click on it and delete the email immediately.

5. If it seems too good to be true, it is.

Some scammers aren’t looking to steal your identity or gain access to your bank accounts – they just want to make a quick (and dishonest) buck. To do this, they’ll often send victims misleading offers for cheap travel deals, discounted concert tickets or tempting retail offers. In some instances, you’ll make a payment in full upfront only to never receive the goods you were promised. In other scenarios, you may actually receive the items bought, but then find yourself hit with massive fees and surcharges hidden in the fine print.

Either way, stay smart about all offers on the internet. If a deal seems too good to be true, assume that it is and walk away.

6. When in doubt, make a phone call.

If you’re seeing potential signs of fraud in an email that you’ve received, but you’re still feeling unsure about whether to respond or not, play it safe and call the organization or agency. Do not contact them through the email address you received the correspondence from or call them using a phone number featured in the email.

Instead, call the phone number listed on the official website of the organization. Speaking with a representative won’t just give you piece of mind or clarity, it can also potentially alert the company or organization to a scam targeting its clients or customers.

Hang up on Social Security Administration Spoofing Calls

Telephone scams are on the rise and they’re victimizing more New Yorkers than ever before.

Most recently, the NYPD has been warning consumers to stay on the alert for phone scams claiming to be from the Social Security Administration and other trusted government agencies. These scams are simple, sophisticated, and highly effective. In the early months of 2019 alone, New Yorkers have reported losses totaling $2 million!

Staying informed is the key to protecting your personal and financial information. Learn more about how to spot and avoid these scams below.

How It Works:

Thieves posing as representatives from the Social Security Administration (SSA) and other agencies are calling and threatening victims with arrest or legal action, claiming improper or illegal activity on their Social Security account, unpaid back taxes or other legal and financial trouble. These callers are known to be aggressive and will intimidate their victims into providing personal and financial information in order to resolve the alleged issue.

In many of these cases, scammers will claim to be a police officer or law enforcement official threatening legal action. Victims are told that they will be arrested and/or their assets will be frozen if they don’t comply with certain demands. To reinforce these threats, they may even hang up and call again from a different number claiming to be NYPD, FBI, or New York State Police personnel.

In other incidents, scammers switch tactics and say that they want to help an individual activate a suspended Social Security number.

In the past, savvy consumers may have been able to easily spot these schemes just by looking at their caller ID and spotting a restricted or suspicious phone number. Not anymore. More and more phone scammers are reported to now engineer phone calls so that they now appear to be coming from the actual Social Security hotline or other agency’s number. This is known as spoofing.

What You Should Do

Receiving one of these phone calls can be frightening – don’t panic! The following steps can help you steer clear of a phone scam:

  • • Know that while SSA employees do contact citizens by phone for customer-service purposes, they will never threaten you with legal actions if you fail to provide information.


  • • If you receive one of these calls, hang up immediately. If you have concerns and want to verify whether you have any ongoing business with the SSA, call the agency directly at (800) 772-1213


  • • Report suspicious calls to the SSA Office of the Inspector General by calling (800) 269-0271 or submit a report on the OIG website. Victims are also encouraged to report the incident with their local NYPD precinct.

Protecting Your Kids from Identity Theft

As a consumer, you’re likely keeping your eyes peeled for scams and schemes that could lead to identity theft and all of the trouble that comes with it. But have you thought about protecting your kids too? If not, it’s time to start. According to a Javelin Strategy & Research report, more than one million children in the United States became victims of identity theft in 2017. Two-thirds of these victims were under the age of eight.

Children are especially vulnerable victims too. Because identity theft of a child can easily go on for years without detection, this type of fraud is also especially damaging. It can affect a child’s ability to get off on the right financial foot when they’re ready, obtain certain types of financial help for college and even hurt their chances of obtaining certain jobs in the future.

Staying informed is key. Check out our tips for protecting your child from identity theft below!

1.Know how your child’s information is being protected.

Daycare facilities, schools, doctors’ officers and extracurricular programs will require varying degrees of your child’s personal information to be kept on file. For example, these databases may include home addresses, directories with contact information, birthdates and even medical information.

Don’t feel shy to ask about how this information is stored and safeguarded, especially when it comes to your child’s school – the Family Educational Rights and Privacy Act (FERPA) lays out strict guidelines that protect the privacy of student education records.

2. Safeguard sensitive documents.

Protecting your child’s personal information can be as easy as simply minding your household’s paper pileup. When you’re ready to dispose of old documents (typically five years-old or older) that contain sensitive information, it’s important to do it the right way. Be sure to shred (twice if possible) any papers that contain Social Security numbers or sensitive financial, academic, legal or medical information. Before disposing of these shreddings, be sure to put them in a tightly sealed garbage bag.

To help prevent and mitigate any future risk, we recommend opting into eStatements for any bank accounts or policies in your child’s name when possible.

3. Teach computer and internet safety early on.

Kids are gaining access to the internet at younger and younger ages – sometimes as early as two or three years old. And once they’re “plugged in”, they’re sure to stay that way. Because of this, it’s important that parents take time to teach their children about computer and internet safety as early as possible to help them build habits that will help them protect their personal information (and even yours if your family shares a device).

This includes talking about the important of strong passwords, identifying secure websites, spotting online scammers or predators, avoiding phishing scams and using caution on social media.

It may feel like a lot to impart on your kids, but these conversations should develop and change as they become older, gain access to their own devices and begin utilizing the different functions of the web.

4. Pull your child’s credit report annually.

While most consumers know that they’re entitled to a free official credit report from each of the three credit reporting bureaus (Equifax, Experian and Transunion), many don’t realize that they can pull their child’s report as well.

Doing this takes a bit of legwork all parents and guardians should be ready to take on. Credit bureaus will likely require your child’s birth or adoption certificate and social security number. Parent and guardians should also be ready to provide a government-issued ID or documents proving the relationship between the child and official documents with proof of address.

Once you receive this report, review the included information carefully. If anything seems wrong, always report errors with each credit bureau. These errors will affect your child’s future creditworthiness or worse, it indicates potential identity theft.

5. Know the warning signs and stay vigilant.

There may not be any obvious warning signs on your child’s credit report, but they (and you) aren’t in the clear just yet. To help keep your child’s identity safe, and to head off any threats early on, he Federal Trade Commission (FTC) advices parents to keep an eye out for tell-tale warning signs:

  • • Your child receives an influx of credit card and loan offers

  • • Your child is turned down for Being turned down for Medicaid or other government benefits because the Social Security number has already been used

  • • Your child received a notice from the Internal Revenue Service stating that they didn’t pay income taxes or was claimed as a dependent on another tax return

  • • Your child receives calls or mailed statements regarding missed payments or debts owed

  • • Your child is denied a bank account or driver’s license

MCU Scam Roundup: Fall 2018

Identity theft is on the rise. According to the recently released 2018 Identity Fraud Study by Javelin Strategy & Research, the number of identity fraud victims increased by eight percent last year, rising to 16.7 million U.S. consumers. And as identity thieves are becoming increasingly sophisticated, they’re combining old tricks with new technology and strategies to gain access to personal and financial information.

Staying informed is key. Check out some of the latest scams and schemes being used by identity thieves and scammers below!

1. Avoid the Trials (and Tribulations) of a Jury Duty Scam

Government and tax scams are nothing new to consumers. And while you’ve learned to recognize this kind of fraud, a similar but new scheme could have you letting your guard down. The culprit? Jury duty scams.

Here’s how it works. You get a text, call, or email from someone who says they’re with the government. They say you’ve been flagged for missing jury duty and that you’ll need to pay a fine. Scammers may even try to make this ploy seem legitimate by providing a badge number or some of your personal information, such as the four digits of your Social Security number.

Consider what your financial situation will look like if you’re not repaid and how it will affect both your long and short term goals.

Once they’ve convinced you of their credibility, the scammer will then resort to scaring their victims to act quickly by threatening you with repercussions including legal action, deportation, or arrest if you don’t pay up or give them your financial information.

What you should do:

  • • Never send money – especially by gift card or money transfer. Remember that no government agency will threaten you or demand payment this way.

  • • Don’t give out your personal or financial information to anyone who calls, texts, or emails.

  • • If you have sent money to a scammer, contact the company you used to send the money (gift card company, cash reload card company, or wire transfer service) and tell them it was a fraudulent transaction. Ask to have the transaction reversed if possible.

  • • Report this incident to the Federal Trade Comission (FTC) at FTC.gov/complaint and to the real utility company.

2. Don’t get Burned by Utility Scams

Life can get really busy at times so getting a call from a utility company informing you that you’ve missed a bill payment may not seem out of the realm of possibility. That’s why utility scams are reportedly on the rise.

You may get a call saying that your electricity or water will be shut off unless you pay a past due bill. And even if you believe that you’re up-to-date on all of your bills, the caller may sound convincing enough to have you thinking otherwise. Plus, the prospect of losing your electricity could scare you into reacting quickly.

What you should do:

  • • Know that utility companies don’t demand banking information by email or phone. They also won’t insist that you need to make a payment by phone as your only option.

  • • Never send money – especially by gift card, cash reload card, or money transfer. Remember that no utility company will threaten you or demand payment this way.

  • • Contact the utility company directly using the number on your paper bill or on the company’s official website to confirm your overdue payment. Don’t call any number the caller gave you.

  • • Report this incident to the FTC at FTC.gov/complaint and to the real utility company.

3. Hang Up on Medicare Card Scammers

In recent months, Medicare announced that they will be sending new cards to everyone who gets Medicare benefits, replacing your Social Security number with a new identification number. And as expected, scammers are taking advantage of the opportunity to victimize innocent people.

These thieves are reaching out by phone and have tried a few different tactics in order to gain access to your personal and financial information. In some instances, they claim to be a Medicare representative looking to verify your sensitive information. In other scenarios, they may try to persuade you to pay an upfront fee (which does not exist) for your new card. Others scammers may claim that your Medicare card was compromised and that you need to move your money from your bank into “safer accounts”.

What you should do:

  • • Never give out personal information to get your new Medicare card. If someone calls claiming to be from Medicare, requesting any financial and/or sensitive information, you can be sure it’s a scam.

  • • Know that your new Medicare card is free and that under no circumstances should you have to pay to receive a new one. If anyone calls and says you need to pay for it, that’s a scam. Hang up.

  • • If you’ve already given out your bank account information over the phone, talk to your bank immediately. You’ll want to deal with any unauthorized activity on your account as soon as possible.

  • • For more information about the new Medicare card rollout, visit go.medicare.gov/newcard.

MCU Scam Roundup – Summer 2018

Identity theft is on the rise. According to the recently released 2018 Identity Fraud Study by Javelin Strategy & Research, the number of identity fraud victims increased by eight percent last year, rising to 16.7 million U.S. consumers. And as identity thieves are becoming increasingly sophisticated, they’re combining old tricks with new technology and strategies to gain access to personal and financial information.

Knowledge is power. Learn more about the recent scams currently affecting consumers below:

1. Don’t play the odds on lottery winner notices.

Recent reports are warning consumers to keep an eye out for lottery and sweepstakes scams. Here’s how they works: potential victims receive a notice (through email, mail and phone calls) telling them that they have won a lottery or sweepstakes worth a considerable amount of money. However, warning signs will appear quickly. In order to claim their winnings, winners must wire money, provide their bank account (or credit card) information or send gift cards to cover supposed fees or taxes before they can collect their winnings.

The promise of a large financial payout can be an emotional experience for many individuals, which can inhibit them from thinking clearly and acting cautiously. This is why lottery and sweepstakes scams are one of the most common consumer frauds operating today. In fact, according to the Federal Trade Commission (FTC), these scams were the third-most common type of fraud reported to the agency last year.

To help protect your personal and financial information remember to follow these important steps:

  • • Remember that a legitimate contest or sweepstakes will never ask you to provide sensitive financial information.


  • • Never wire money to or share gift card numbers with anyone who asks. This is a sure sign of fraud.


  • • Report all suspicious contests, sweepstakes or giveaways to the FTC.

2. Don’t take a vacation from protecting your timeshare.

Timeshare owners looking to sell their properties this summer may be at risk of encountering scammers. Recent reports have shared that thieves pretending to be timeshare resale companies are scamming (typically older) victims. The fake company will promise the seller that they already have a promising potential buyer and that the sale will go through quickly and easily. Once the timeshare owner agrees, the company will charge them an upfront fee, which can amount to thousands of dollars. The owners pay the fee and the scammers disappear.

In some instances, similar schemes aren’t exactly scams but shoddy business practices. Timeshare resale companies may promise a quick sale for an expensive upfront fee and then fail to deliver entirely.

To protect yourself and your timeshare, we recommend following these important steps:

  • • Be sure to research any company you are looking to hire. Look for a legitimate website, social media presence and third-party consumer reviews. You can also check the Better Business Bureau to check a company’s legitimacy.


  • • Negotiate fee payments. Sellers would do best to negotiate that all fees and expenses be paid after their timeshare is sold. with a reseller that takes fees after the timeshare is sold. If fees must be paid in advance, always get a refund policy outlined in writing.


  • • Carefully review the contract and make sure it fulfills verbal promises made by the timeshare resale company.

3. There’s something phishy about cryptojacking…

As cryptocurrency continues to gain popularity, so do the efforts from identity thieves and scammers to steal it from innocent consumers. This is known as cryptojacking or cryptocurrency mining.

While these scams have been around for several years, they also continue to evolve. Most recently, cryptojackers have been reported to mimic phishing scams, as they now install sophisticated code onto websites, pop-ups or digital advertisement that will infect your computer with malware. Victims may notice changes to the way their device is operating, is it may slow down or crash.

To protect yourself from phishing and cryptojacking, consumers can protect themselves through the following steps:

  • • Always use and update antivirus software. Many of these programs can be set to update automatically.


  • • Don’t click on links without knowing where they lead. Oftentimes users can hover their mouse over a link to see the true URL before clicking on a link or hyperlink. This will help you to feel confident about the site you are about to visit.


  • • Consider closing sites or uninstalling apps that slow your device or drain your battery. This is a key indicator of a phishing or cryptojacking software.

4. Don’t open your door to work-from-home scams.

Earning money while working from home is an enticing offer but job-seekers should be skeptical. Scammers have been reported to post fake, but convincing-looking, job postings that promise high earnings (more than $5,000 every month) for following a multi-step work-from-home program. To get started, you’ll just need to buy into the program or entry-level package.

Don’t be so quick to take the bait though! Despite the promises, most people who paid for the online business program made little or no money. On the other hand, fake businesses have made off with millions of dollars.

Recognize the Signs of an online scam is important when it comes to avoiding fake job offers. jobseekers should steer clear of offers that:

  • • Guarantee that you can make a lot of money.

  • • Promise that you can make money quickly and easily.


  • • Ask applicants to purchase a software or buy into a program.


  • • Use high-pressure sales tactics, like saying you’ll miss out if you don’t buy in now.

MCU’s Identity Protection Travel Tips

Whether you’re planning to sightsee in a busy city or relax on a quiet beach this summer, protecting your personal and financial information is an important step to a stress-free and safe vacation.

Check out our easy tips below:

1. Avoid unsecured Wi-Fi hotspots

Free public Wi-Fi networks found in coffee shops, restaurants and airports can be convenient when you’re away from home but travelers should avoid them if possible. While these hotspots are handy, they should be used cautiously, especially when it comes to accessing personal information. Unsecured Wi-Fi networks don’t require passwords and can be easily hacked by thieves who can gather all of the sites you accessed and all of the personal information you entered while on the network.

Stick to a secure Wi-Fi hotspot that requires a password or use your phone’s network data.

2. Safeguard your wallet.

Some vacation hotspots are notorious for pickpockets that target tourists. To help protect your financial and personal information, leave your passport and any credit or debit cards you don’t plan to use in a hotel safe at all times if possible. To deter theft, travelers are encouraged to keep their wallet in a front pocket or to carry it in a cross body bag that can be securely closed. Avoid using backpacks and stay alert at all times.

If your wallet is lost or stolen while traveling, immediately place a fraud alert on your credit and notify card issuers. You’ll also need to report any stolen credit cards to your financial institution(s) and contact the nearest DMV branch to report your lost driver’s license. This will help to flag your license number to law enforcement officers if a criminal presents your driver’s license as their own if they get pulled over.

3. Make copies of your passport (but not your credit cards).

If your passport is lost or stolen on a trip, you could both find yourself stuck at the border and at risk of identity theft. To avoid this issue, it’s recommended to make two copies of your passport ID page. Give one copy to someone you trust such as a friend or family member and keep one copy in safe place, such as a hotel safe. Having a copy of your passport handy will make sure you have all of the information you’ll need to make a report and get a replacement.

It may seem natural to want to duplicate this process with your credit cards but instead, it’s recommended to write down your credit card numbers and details in a discrete manner. This will make it easy to make a report with your card provider if you have to, while adding an extra element of security.

4. Stop your mail while on vacation.

Your mail can include sensitive documents such as bank statements and medical bills. Because of this, mail theft is still common throughout the United States. To help protect yourself from this kind of identity theft while you’re away, you can request the United States Postal Service to temporarily stop delivering your mail through the USPS Hold Mail Service.

5. Let us know you’re traveling!

The priority of your financial institution is to protect your money and personal information. This is done by keeping an eye on card transactions in order to spot irregular activity and detect fraud.

While many travelers will contact their financial institution to let them know where they will be and that their card transactions may look abnormal, they are also providing helpful information that will help us to identify fraud quickly. For example, if you notify your credit union or bank that you will be in Florida for two weeks, your financial institution will know something is wrong if there is activity on your credit card in your local neighborhood or somewhere else during that timeframe.

Let us know your plans to travel! Give us a call at (212) 693-4900 or visit your local MCU Branch to speak with a member of our team. We recommend giving us at least two days’ worth of notice before you begin your trip.

Scam Round-Up: Spring 2018

Identity theft is on the rise. According to the recently released 2018 Identity Fraud Study today by Javelin Strategy & Research, the number of identity fraud victims increased by eight percent last year, rising to 16.7 million U.S. consumers. And as identity thieves are becoming increasingly sophisticated, they’re combining old tricks with new technology and strategies to gain access to personal and financial information.

As we work hard to keep our members’ information safe, consumers can do their part by staying up-to-date on some of the scams and fraudulent activity that could put them at risk. To get started, check out our scam round-up below:

1. Be Smart about Student Loan Scams.

Americans are no strangers to student debt. If you’re one of the more than 40 million people in the United States who are currently working to pay off your student loans, you’ll need to keep an eye out for a growing trend in which scammers are posing to be loan repayment assistance agencies. These identity thieves will contact you via phone, email or letter claiming to be able to resolve any repayment issues you may be having. They may offer to eliminate a portion of your debt or create a more advantageous and affordable repayment plan. However, as soon as you provide money upfront on sensitive personal information, these scammers disappear.

While there are some loan assistance agencies that do help a lot consumers repay student loans (and other kinds of debt), you can protect yourself from scammers by following these simple steps:


  • • Never pay an upfront fee. A legitimate loan assistance program will never ask for an upfront payment or fee before beginning to work on your case.
  • • Research the company carefully. A Department of Education seal featured on a letter or email doesn’t mean a company is real. Scammers will often use official-looking names and logos to gain their victims’ trust. The only sure way to be sure you’re working with a legitimate company is to do your research.
  • • Don’t share your Federal Student Aid (FSA) ID. Along with cash, scammers could be after your personal information. This includes your FSA ID, which identity thieves can use to take control of your personal financial aid information on U.S. Department of Education websites.
  • .
2. Don’t Fall for an Employment Overpayment Scam.

Overpayment scams have been affecting consumers for years. But as technology changes, this old scam is certainly taking on new forms. Most versions of this scam involve a scammer sending victims a convincing-looking, but fake, check or money order for more than the asking price of something they are selling. The buyer will then ask you to send the remainder back at some point. So when the check you’ve received doesn’t clear, you’ll lose the money you sent back to the thief, as well as the object you shipped to them.

Today, these scams have evolved to include job offers and consumers who post their resumes on job websites could be at risk. If you’re being targeted, you’ll receive what is supposed to be a job offer to become a “financial representative” of an international company. The reason for the position? The hiring company has problems accepting money from U.S. customers and is looking for financial representatives to handle the payments. In exchange, you’ll receive a five-to-15 percent cut of the transaction you handle.

Searching for a job can be stressful but never take a position that requires you to make financial transactions. Falling for a scam like this may result in identity theft and money stolen from your account.

3. Don’t let Fraudsters “Getaway” with a Vacation Rental Scam.

Planning for a vacation? Travelers are being warned to shop carefully for rental properties. Scammers have taken to posting fake rental properties online, most notably through Airbnb. Once a victim books the rental, the scammers will email him or her stating that the property is no long available but will then send a link to a similar rental nearby.

Oftentimes, victims don’t realize that the link they’ve been sent is not actually on the official rental property website, but a similar looking duplicate. These sites may even be indistinguishable from the original, with the exception of the URL. Victims then unknowingly submit their personal and financial information to the fake website, putting them at risk of theft.

To make sure you don't get tricked, always stick to links you can access after typing in the website's legitimate address into your browser. And, if you're asked to send money outside of Airbnb's system, immediately cut off all contact. For your protection, this practice isn't allowed under the site's terms and conditions.

4. Combat Mobile Phone Port-Out Scams.

Switching your phone carrier and keeping your original phone number is called porting and may be an extremely convenient feature for mobile phone owners. However, it can also be the key for identity thieves to steal your personal and financial information. Fraudsters are reportedly exploiting this capability by impersonating consumers with the purpose of having their victims’ mobile phones ported to a different carrier.

So how does this put your information and financials at risk? A fraudster will often port a victim’s phone to a different carrier after they have already obtained their online banking username. Many financial institutions will allow their members or customers a one-time passcode, which is text messaged to their phone, to login to their online and mobile banking account if they’ve forgotten their password. By transferring a victim’s mobile phone, the thief can then receive the passcode and then easily gain access to their accounts.

Luckily, this new scheme is easy to avoid. Phone carrier are recommending that their customers place a “port validation password” on their accounts. This means that before your phone is switched to a new carrier is made, the existing carrier must receive your password, validating your identity.

Five Things to Know: Protecting Yourself Against Card Skimming

Using your debit or credit card at an ATM or gas pump may seem harmless enough but consumers need to beware of the increasing popularity of card skimming scams on devices just like these. A card skimming scam occurs when an identity thief or criminal attaches a small, discrete device to a card reader in order to collect personal and financial information from your card. Most importantly, it reads your card number, which can be used later to print fake cards or for online payments.

These devices can be difficult to detect but taking a few simple steps can help keep your information safe.

1. Check Your Surroundings

As a rule of thumb, consumers should avoid freestanding ATMs and self-serve gas stations in less trafficked, poorly lit areas. However, you should always be aware of your surroundings before using your card, no matter where you are. Always take a look around to see if any sings on or near the machine have been disturbed, cameras appear to be moved or tampered with, or there are any individuals lingering near the machine and acting suspiciously. When in doubt, don’t use the machine.

2. Inspect the Machine

As criminals become more sophisticated, skimming devices will as well. However, consumers should always pay careful attention to what the card reader and keypad normally look like on the ATMs you use most frequently. If anything seems loose or out of place, don’t insert your card. It’s also important to check for small cameras that may also be tacked onto the machine near the key pad.

3. Turn on Your Bluetooth

Your phone can do more than help you send text messages and check your email – it can alert you to skimming devices. If your phone has Bluetooth scanning abilities, turning on your Bluetooth may help you to identify the connection used to remotely send information from the device to the criminal. If you do activate your Bluetooth near an ATM or gas pump and you see a random series of numbers and letters pops up, it could mean a skimmer is present. Never connect to the Bluetooth device and immediately notify a branch employee, shop owner or gas station attendant.

4. Cover Your PIN

As mentioned above, small cameras may be placed on the device in order to collect your PIN. While everything may seem in order and a keypad cover is in place, it’s always a good practice to use your hand as a cover the keypad as you enter your PIN just in case because in some scenarios identity thieves will stick a camera directly on the underside of the keypad cover.

5. Check Your Statements

Regularly checking account statements is the best way to detect fraud and mitigate damages. Consumers have limited time to report unauthorized activity on their checking account. However, if you report unauthorized activity within two days of that unauthorized activity, your financial institution will reimburse you for anything over $50. Additionally, letting us know about suspicious activity soon after it occurs could help your financial institution save others from the same kind of fraud.

An MCU Scam Alert – January 2018

It may be a New Year but millions of Americans continue to face an old problem – identity theft. And while consumers are getting smarter about protecting their personal and financial information, scammers are too by combining classic tactics with new technology. Staying informed is the key to getting ahead. Check out these recently reported scams that are currently affecting hardworking people everywhere.

1. Don’t Get Caught in a “Confirm Your Account” Email Phishing Scam

An email from a retailer or utility asking you to verify your account information may seem harmless but consumers should be wary. Recent reports of fraudulent emails posing as companies like Amazon and AT&T are leaving many the victims of a phishing scam.

The emails look legitimate with subject lines that read similarly, to “We could not confirm the address associated with your account” and use official company brands and colors. However, once users click on the enclosed link, identity thieves are able to gain access to their victims’ personal and financial information stored on their devices and even saved on certain browsers.

How to Avoid an Email Phishing Scam

While identity thieves have gotten good at disguising email phishing scams, consumers can protect themselves by taking a few easy steps. These include:

• Check the URL: By hovering your mouse over the top of the URL, you should be able to see if the actual hyperlinked address is different from the one that is displayed. If it is, the message is likely fraudulent and clicking the link could leave your information compromised.

• Look for poor spelling and grammar: If a message is sent from a large company, it won’t be filled with poor grammar or spelling mistakes. If you see any of these errors or notice strange formatting in the email, disregard it immediately.

• Never share personal information or send money: No matter how official an email may seem, a reputable company will never send an email asking for password, credit card or security information. Similarly, any request or demand for a payment to cover expenses, taxes or fees is a strong indicator of a scam.

• When in doubt, make a phone call: Sometimes there won’t be anything particularly wrong about an email or the request a company is making. However, if you feel uneasy, trust your gut and call the organization to confirm the email is legitimate. Always use the phone number on the official website, not one provided within the email.

2. Don’t be Tempted by a TAP Tax Return

IRS scams aren’t new but as tax season continues to leave many feeling stressed and overwhelmed, some taxpayers may become vulnerable to fraud. A second phishing scam consumers should watch out for this season is one sent by identity thieves posing to be the Taxpayer Advocacy Panel (TAP) informing victims that they are eligible for a tax refund. Once they click on the link provided, their information will become at risk of theft.

Do not respond to the email, click on any link and delete the email immediately. TAP is a volunteer board that advises the IRS on systemic issues affecting taxpayers. It will never request, and does not have access to, any taxpayer’s personal or financial information.

It’s important to note that according to the IRS, thousands of people have lost millions of dollars in tax scams. As the tax season continues through April, some warning signs that your may have been victimized by one of these scams include:

• A delay or denial of your tax refund

• Loss of unemployment or disability benefits

• Damage to your credit history or score

• A notice from the IRS that your taxes have already been prepared and submitted

3. The “Easy Money” Scam Could be a Hard Lesson

The recent Mobile Money Code scam reported by the Federal Trade Commission (FTC) has cost victims $7 million and could be paving the way for similar “Easy Money Schemes” consumers will need to watch out for. The scam works by offering victims a chance to pay for a “secret code” to make huge sums of money automatically. Scammers are even taking extra steps to make their offers look convincing by using fake testimonials and high-pressure upselling.

Despite a convincing façade and an offer that will surely appeal to your emotions, consumers should remember that if a deal ever seems too good to be, you should always assume that it is. It is also important to never provide your credit card information or send a money order in exchange for prizes or returns that are promised to arrive in the future.

Holiday Scams to Avoid this Season

To many, the holidays mean gift giving and family. Unfortunately, this time of year is also a time when fraud and identity theft affect consumers at alarming rates. While consumers are getting smarter, identity thieves are using new tricks and schemes to get their hands on financial and personal information. In fact, according to ACI Worldwide, fraud attempts are expected to increase by 30 percent this peak holiday season, compared to last year!

From gift card scams to fake charities, check out the common holiday scams consumers will need to watch out for this year!

1. Charity Cons

The holidays are a great time to give back to your community and donate to charitable organizations. However, an intended good deed could put leave you a victim of scammers or identity thieves. Recently, scammers have been found to send emails posing as popular or seemingly legitimate charities and asking for you to make a donation via your credit card. Once you make a payment, thieves will have access to your personal and financial information.

If you receive an email asking for a donation, it’s best to be skeptical and to go straight to the charity’s website and make a donation there. If you’re unsure if the charity is legitimate, check out charities at give.org before donating, or contact the charity directly to make sure they sent the donation request.

2. Gift Card Fraud

Gift cards can be great gifts for loved ones during the holidays. However, consumers should be aware of the following gift card schemes that could sour the Season of Giving. For example, scammers are increasingly selling counterfeit and fraudulent gift cards on auction websites and sellers have been found to overstate the value of real gift cards they are selling so buyers will overpay.

To make sure you’re getting a fair deal on your purchase, avoid purchasing gift cards from third-party vendors.

3. Holiday eCard Phishing Scams

It’s not uncommon to receive a holiday eCard but don’t let a subject line like “Merry Christmas” distract you from always being alert and cautious before opening an email. Fake notifications for eCards have become an increasingly common and an often-successful way for scammers to trick you into letting down your defenses. You click on a link that will supposedly take you to a greeting, but instead the link unleashes a malicious program that will give cyber-crooks remote access to your online bank accounts and passwords.

To help combat this scam, always check to see if you recognize the email address from which the e-card was sent and keep an eye out for grammatical or spelling errors within the email’s content. If it seems suspicious, do not click on any links within the email and delete it immediately.

4. Fraudulent Shopping Apps

Shopping on your smartphone or tablet? You’re definitely not alone. eCommerce statistics show that in 2017, 62 percent of smartphone users have made a purchase online using their mobile device in the last 6 months.

To help protect your information this holiday season, look twice before you download a shopping app. In 2016 alone, hundreds of fake retail and product apps were reported in the Apple App Store in the weeks leading up to the holidays. Oftentimes, these counterfeit apps look strikingly similar to those belonging to popular retail chain stores and luxury-goods makers.

While many of them may be relatively harmless knockoff apps that serve for popup ads, accidentally entering any card or personal information can lead to potential fraud.

An MCU Scam Roundup - Fall 2017

You may be working hard to protect your personal and financial information but criminals are still defrauding many victims by combining new technology with old tricks. Staying informed is key in avoiding being victimized by these new and advanced scams. Check out these recent scams reported by the Better Business Bureau that are currently affecting hardworking people everywhere.

1. Stay Smart and Steer Clear of the College Fund Scam

The New York Department of State, Division of Consumer Protection is warning consumers of a phishing scam targeting college students. Identity thieves are posing as representatives of government agencies and contacting students, claiming they are eligible for state government funds available for higher education. Victims of this scam are then told they will need to provide their financial information in order for said funds to be deposited into their checking account directly. They’re then asked to click on a link for more information. These links will expose your computer and personal information to scammers.

If you receive an email like this or one of a similar suspicious nature, it’s important to know the following:

• Do not click on links or open attachments in any email that is from an unknown source.

• Know that the only financial aid information you can trust will come directly from the federal government or the college itself, unless you have requested information from private financial institutions. Solicitation offers are highly suspicious.

• Pay attention to the details within messages you received. Phishing emails often include grammatical errors and may address the recipient incorrectly.

• Only use built-in spam filters from your mailbox to report spams. Do not click on any link from the message you received even though it says “report as spam”. Do not click on any “unsubscribe” link from unknown senders.

• Never share your personal information, such as bank account number, full name, home address or social security number.

2. No, Equifax isn’t Calling

Scammers are reportedly taking advantage of nervous consumers in the wake of the highly publicized Equifax data breach. Most notably, identity thieves are posing as the credit reporting agency and asking consumers to verify account information and provide additional details. It’s important to know that Equifax or similar organizations like financial institutions will never contact you by phone requesting information like this for any reason. If you receive a phone call like this, the following steps can help protect your personal and financial information:

• Never provide any personal or financial information unless you’ve initiated the call and it’s to a phone number you know is correct

• Don’t trust caller ID. Scammers can spoof their numbers so it looks like they are calling from a particular company, even when they’re not.

• If you get an automated call, hang up. Don't press any number on your keypad in attempt to speak with a representative or take your phone number off the list. This will likely just lead to more calls.

According to the Better Business Bureau, If you’ve already received a call that you think is fake, report it to the FTC. If you gave your personal information to an imposter, you’ll need to change compromised passwords, account numbers or security questions.

3. Phony Employment Offers

Employment scams may be little known to many consumers but are becoming increasingly common. Victims may see an ad on a poster or even be contacted directly through a job or employment website by an identity thief posing as head hunters or potential employers.

These scammers may offer their victims a brief interview over the phone, web chat, or through email before offering the job to their victims. The victim is then told that before they can begin working, they’ll have to provide personal information like their bank account information and even pay money up front for work provisions, supplies or certificates.

Once the scammers have what they want, they’ll be sure to disappear.

Luckily, employment scams can be easy to recognize and avoid. Here are some things to watch out for:

• Some listed job opportunities are more likely to be scams than others. Work-from-home; secret shopper positions or any job with a generic job title, such as caregiver, can be a red flag for fraud. Because these positions often don't require special training or licensing, they appeal to a wide range of applicants, bringing in more potential victims for the scammers.

• Search the web for similar job postings. If identical job listings appear in other cities with the exact same job post, it is likely a scam. Also, check the real company's job page to make sure the position is listed there.

• Beware of on-the-spot job offers. You may be an excellent candidate for the job, but know that offers made without an interview uncommon and suspicious. A real company will want to talk to a candidate before hiring him or her.

• Don't fall for an overpayment scam. No legitimate job would ever overpay an employee and ask him/her wire the money elsewhere. This is a common trick used by scammers.

• Avoid any job that asks you to share personal information or hand over money. Scammers will often use the guise of running a credit check, setting up direct deposit or paying for training. This information can then be used for identity theft, so be absolutely certain before you share.

ATM and Debit Card Fraud PreventionTips

Your debit card is a convenient and smart way to make purchases, manage your money and keep a budget. However, a recent increase in fraudulent schemes and theft means that card and ATM safety is more important than ever when it comes to protecting your money and personal information. To help safeguard your account and personal information, check out these useful ATM and Debit fraud prevention tips.

1.Location, location, location

Protecting yourself from ATM fraud can be as easy as avoiding certain remote ATMs and point of sale devices. These free-standing ATMs, which are often found in low-trafficked and poorly lit areas outside of grocery stores and bodegas, are most vulnerable to being tampered with by thieves. Similarly, self-serve gas pumps that accept credit cards at stations are known to have high instances of tampering.

It may be a bit out of the way when you’re out and about, but the safest ATMs you can use are always the ones located in the vestibules of a financial institutions that require a card to gain access.

2. Check the ATM for tampering

ATM skimming has become an increasing threat to cardholders. According to Bankrate.com, theft from ATM skimming is approaching $1 billion annually and Javelin estimates that one in five people have been hit by an ATM skimmer.

Before using an ATM or point-of-sale terminal, take a good look at the keypad and card slot and check to see if anything is loose or out of place. The New York City Department of Consumer Affairs additionally recommends checking for keypads that appear raised or have an unusual color. A thief could have placed an overlay on the keypad to record the personal identification number you punch in.

It’s important to also note that some gas pumps have security tape that forms a seal around the card reader. If the seal is broken, it could mean the reader has been compromised.

When in doubt, don’t use the device.

3. Protect your PIN

Always shield the screen and keypad when entering your PIN or transaction amount. In addition to threat of “shoulder surfers”, or individuals trying to get a glimpse of your personal information from over your shoulder, thieves are increasingly installing pinhole cameras on or near ATMs and point-of-sale devices to record the information input.

Cardholders can also easily protect their PIN information by memorizing it so that they never have to write it down. When selecting a PIN, it’s strongly recommended to avoid numbers and letters that relate to your personal information and can be easily guessed. For example, don't use your initials, birthday, telephone or Social Security number.

4. Stay vigilant to those around you

It’s important to stay mindful of the people around you before beginning an ATM transaction. In addition to traditional thieves, shoulder surfers may hang around ATMs with the intention of stealing your personal information. If you see anyone or anything suspicious, cancel your transaction and leave immediately. As an extra precaution when using an enclosed ATM that requires your card to open the door, avoid letting strangers follow you inside.

If anyone does follow you after you’ve completed a transaction, go to a crowded, well-lit area and call the police.

5. Check your transactions

Take time to regularly examine your bank account activity online to see whether funds have been withdrawn that you didn't authorize. As an additional precaution, you should hold on to your ATM receipts and check them against your monthly statement. You can also set up alerts so that you're notified when funds are withdrawn.

6. Immediately report a lost or stolen card to your financial institution

If your ATM or debit card is lost or stolen, be sure to contact your financial institution and report it immediately. Acting fast limits your liability for charges you didn’t authorize. Once you report the loss of your ATM or debit card, federal law says you cannot be held liable for unauthorized transfers that occur after that time.

MCU’s Tips for Consumers Affected by Identity Theft

While you may be taking active steps to protect your personal and account information, new scams and recent data breaches have left millions of Americans vulnerable. To stay proactive in protecting your information, consumers can stay vigilant by keeping an eye out for the following warning signs:

  • Receiving a credit card that you didn’t apply for
  • Being denied credit or being offered less favorable credit terms like a high interest rate, for no apparent reason
  • Getting calls or letters from debt collectors or businesses about merchandise or services you didn’t buy

1. Notify Financial Institutions and Credit Card Companies

If an account or existing credit line has been affected, notifying your financial institution or credit card company should be your first priority and can save you money and a lot of trouble down the road. For example, the Fair Credit Billing Act specifies that your maximum liability for unauthorized charges is $50. However because most credit cards have zero-liability policies, consumers are often protected from having to take on any liability at all.

Consumers can then work with their financial institution or card company to determine the best course of action. This may be as easy as changing login information, passwords or PINs or may require closing accounts or placing a freeze on accounts so changes or charges cannot be made until you agree to them.

2. Monitor all Statements for Suspicious Activity

If you’ve noticed fraud or suspicious activity on one account, it’s very important to check other statements and financial records for other charges or activity you don’t recognize. This includes dormant or infrequently used accounts.

If you find unknown charges, call the financial institutions to alert them of the problem and request the account be locked or closed.

3. Place a Fraud Alert on Your Credit Report

As a consumer, you’re entitled to at least one free credit report from each agency each year, which you can receive through one of the three credit reporting agencies, Experian, Equifax or TransUnion.

In addition to this report, consumers who believe they may be as risk of fraud can place a fraud alert on their credit report. Placing an alert is not only free but will also make it more difficult for new accounts to be opened in your name. To place an alert you’ll only have to contact one of the three reporting agencies (Experian, Equifax or TransUnion). That company will alert the other two.

A fraud alert can be extended for up to seven years if a consumer provides proof to the credit reporting agencies that they are a victim of identity theft. A fraud alert will notify any institution that pulls your credit report to the fact your identity may be compromised. This will also prompt creditors to take additional steps in verifying your identity should you open any new accounts.

4. Consider Freezing Your Credit

For an extra layer of protection, consumers can also initiate a credit freeze. Like a fraud alert, a credit freeze also typically free for victims of identity theft. And while a credit freeze can be a good way to prevent ongoing fraud, it will likely also make it difficult receive approval for loans or credit cards.

It’s important to note that consumers will have to reach out to credit reporting agency individually to place the freeze.

5. File a report with the Federal Trade Commission

Once you have determined the extent of the fraud, consumers should file a report with the Federal Trade Commission (FTC).

Simply visit IdentityTheft.gov, create an account and Include as many details as possible. Based on the information provided, the FTC will create an identity theft report and recovery and track your progress, and pre-fill forms and letters for you. Your Identity Theft Report is important because it provides evidence of fraud, making it easier to correct discrepancies.

6. File a Police Report

Filing a police report helps identity theft victims gain access to the legal benefits. As a victim of identity theft, you should obtain a detailed police report about your situation. It is important to file detailed reports both locally as well as in the jurisdiction where the fraud occurred.

To file a police report it’s important to provide a copy of your FTC Identity Theft Report, a government-issued ID with a photo, proof of your address (mortgage statement, rental agreement, or utilities bill) and any other proof of theft ( bills, Internal Revenue Service (IRS) notices, etc.).

An MCU Scam Roundup – Summer 2017

While many consumers are taking action to protect their personal information, identity theft is still affecting Americans in alarming numbers. According to the Identity Theft and Scam Prevention Services, approximately 15 million United States residents have their identities used fraudulently each year with financial losses totaling upwards of $50 billion.

On a case-by-case basis, that means approximately 7% of all adults have their identities misused with each instance resulting in approximately $3,500 in losses.

Criminals are defrauding many victims by combining new technology with old tricks to gain access to their money and personal information. Being informed is the first step to keeping your money and personal information safe. Check out these recent scams reported by the Better Business Bureau that are currently plaguing hardworking people everywhere.

1. “You're a winner!” Don’t take the bait with giveaway scams.

Popups scams aren’t new but identity thieves have learned to become even more convincing to those surfing the web. Most recently, consumers have reported browsing online when receiving a popup that reads, “Congratulations, you’re today’s lucky visitor.” The prize has been reported as $1,000 gift card, and you can select from a list of famous stores. Consumers are also told they need to act fast, as they only have two minutes to claim their prize.

The website is convincingly designed to look like the popular social media platform Facebook, including the site’s colors, font, and blue navigation bar. The scam becomes increasingly convincing to many as scammers use a technology to insert the model of phone you are using to browse online. For example, the target may be identified as a “loyal Apple customer.”

According to the Better Business Bureau, consumers can spot a giveaway scam several ways:

  • Legitimate businesses do not ask for credit card numbers or banking information for coupons or giveaways. If they do ask for personal information, like an address or email, be sure there's a link to their privacy policy.
  • When in doubt, do a quick web search. If the giveaway is a scam, this is likely to reveal an alert or bring you to the organization's real website, where they may have posted further information.
  • Watch out for a reward that's too good to be true. Businesses typically give out small discounts to entice customers. If the offer seems too good to be true (a $100 voucher or 50% discount) it may be a scam.
  • Look for a mismatched subject line and email body. Many of these scams have an email subject line promising one thing, but the content of the email is something completely different.

2. Avoid Bogus Connection Requests on LinkedIn.

If you have a LinkedIn account, it’s important to keep an eye out for suspicious users claiming to be recruiters with promising job offers. LinkedIn users have reported receiving messages from seemingly legitimate accounts asking them to apply for a job.

The request will look convincing enough for users to follow the steps needed to apply. In some cases, applicants will then be asked to upload resume and provide personal information, which may range from their mailing address to Social Security/Social Insurance number. In other instances, users will be informed that they have been "hired" for the job and must pay upfront for training and others expenses.

No matter the details of the scam, the job never materializes. The scammer takes the money or information and disappears.

According to the Better Business Bureau, tips for dealing with job scams on LinkedIn include:

  • Set your LinkedIn privacy settings. You can limit which LinkedIn users can send you messages or connection requests. Go here to make adjustments.
  • Don't accept every request you get. Check out the user's profile for completeness and correct grammar. Just because you have several connections in common, does not mean they are real. Scammers frequently create a large network to look more legitimate.
  • Ask to talk on the phone. If a recruiter contacts you through email, ask to speak by phone. Scammers will try to dodge this with excuses, such as being out the country.

3. Watch Out for "Free Wi-Fi" Scams.

For many traveling this summer, free Wi-Fi hotspots will be a much appreciated resource found in locations such as coffee shops and hotel lobbies. However, scammers have been known to use fake Wi-Fi hotspots to steal personal information and/or gain access to your device and it’s very important to double check the network before connecting your laptop, tablet, or smartphone.

These hotspots may be labeled something generic like "Free Public Wi-Fi" but they may be hazard to both your device and your personal information. In some instances, after a user connects, they are prompted to enter credit card information. Of course, this info is shared with the scammer.

In other scenarios, a hacker inserts him or herself between your computer and the Wi-Fi connection. Everything you do online – such as make a purchase or log into an account – is now transmitted through the scammer's computer. This means they can now access any passwords, credit card information, and other data you've entered online.

According to the Better Business Bureau, consumers can stay safe on public Wi-Fi connections in many ways, including:

  • Legitimate businesses do not ask for credit card numbers or banking information for coupons or giveaways. If they do ask for personal information, like an address or email, be sure there's a link to their privacy policy.
  • Be sure you are using the correct Wi-Fi connection: If you are in a place that offers free Wi-Fi, verify the name of the connection before joining. Scammers often set up fake hotspots next to real ones.
  • Be careful how you use public Wi-Fi: When using a hotspot to log into an account or make a purchase, be sure the site is fully encrypted (Use "https").
  • Consider using a VPN: If you regularly access public Wi-Fi, use a virtual private network (VPN). VPNs encrypt traffic between your computer and the Internet, even on unsecured networks.
  • Always use antivirus software and a firewall. Protect your computer (and some cell phones) by using anti-virus software and a firewall from a reputable company.
  • Use good password sense: Protect yourself from hacking by using strong passwords and creating a different password for each account.
An MCU Scam Roundup - Spring 2017

Consumers are getting smarter about fraud, but unfortunately thieves are too. According to a recent study released by Javelin Strategy & Research, found that $16 billion was stolen from 15.4 million U.S. consumers in 2016, compared with $15.3 billion and 13.1 million victims a year earlier. Additionally, In the past six years, identity thieves have stolen over $107 billion.

Criminals are defrauding many victims by combining new technology with old tricks to gain access to their money and personal information. Being informed is the first step to keeping your money and personal information safe. Check out these recent scams reported by the Better Business Bureau that are currently plaguing hardworking people everywhere.

1. The “You’ve Reached Your Storage Limit” Phishing Scam

This scam looks like just another email message from your company’s IT department. It’s so mundane or routine, these messages are easy to click on without thinking. However, a new scam should have you checking your email twice.

The reported version of this scam reads: “[name]@[company.com] update required” and appears to come from info@webmaster.com. According to the message, your email has reached the storage limit, and “you will be blocked from sending and receiving messages.” The message instructs you to click a link to validate your account and add storage. In a clever move, the scammers even made the link look like your email address. But in the version Better Business Bureau received, the link really points to a website with an overseas domain name.

Clicking the link takes you to a login form that asks you to enter your email address and password. But don’t believe it or fill it out! The form is a fraud and a phishing scam. It’s really a way to steal your email password, which opens you up to identify theft.

No matter what format it comes in, the Better Business Bureau recommends these tips to identify a phishing scam:

• Be wary of unexpected emails that contain links or attachments. Do not click on links or open files in unfamiliar emails.

• Don't believe what you see. Just because an email looks real, doesn't mean it is. Scammers can fake anything from a company logo to the "Sent" email address.

• Check your company's IT department or internet service provider. If something sounds suspicious, confirm it first. Contact them directly from a number you know is accurate. DON'T click on any links in the message you suspect is a scam.

• Be cautious of generic emails. Scammers try to cast a wide net by including little or no specific information in their fake emails. Always be wary of messages that don't contain your name, last digits of your account number, or other personalizing information. Pay attention to the ways in which your IT department normally addresses concerns and be cautious of any new method.

•Use unique passwords: Use different passwords for each account you create. This is the simple way to reduce your risk if one password falls into the hands of scammers.

2. Beware of Video Game Account Scams

Gaming is a multibillion dollar industry but it isn’t immune to scammers. If you’re a gamer currently stuck on certain level, buying an account from another player may seem like a fast, easy way to move forward in a game. However, not only is this practice forbidden by most game manufacturers, it leaves you vulnerable to scammers.

Scammers will often log into message boards and post they have an account to sell. Once they find a buyer, the transaction seems easy. The victim will pay the seller, and in exchange, the scammer provides the account information.

It all seems legitimate but these transactions often don’t go as planned when the seller/scammer provides incomplete or fake account details. Before the buyer notices, the scammer files a support ticket with the game manufacturer to change the account details. Other times, the scammer sells the account to multiple players and provides them all with the correct account information. However, when multiple users attempt to change the credentials at the same time, the manufacture realizes the account has been compromised and shuts it down.

While this practice is already forbidden among gaming companies, gamers can use these additional practices to keep their keep their online game account secure:

• Don’t share account information with others. Choose a secure password and don’t share your account information with anyone, including friends.

• Don’t pay users to play for you: Ignore offers from users who play for pay, putting in the hours you need to level up. You will need to share your username and password with these players, compromising your account. If your credit card is attached to your account, these users can go on a shopping spree.

• Don't share personal details in games. Other players may ask you about yourself, but sharing personal details such as your full name, address, birthday, etc. can open you up to the risk of identity theft.

• Use unique passwords: Use different passwords for each account you create. If your password falls into the hands of scammers, your other accounts won’t be compromised.

3. The Hazard of Online Cigarette Sales Ploys

As if you didn’t need another reason to quit smoking, new scams have been popping up encouraging consumers to purchase cigarettes from online international sellers.

While the vendor website may look legitimate and includes big brand names with great pricing, consumers can easily spot trouble when they go to check-out, the seller will not accept credit cards and insists on payment via wire transfer or prepaid debit card.

Don’t do it! The seller will take your money and confirm the order shipped - but the cigarettes will never arrive.

This scam is a cautionary tale for many other fraudulent retail operations. To spot an online sales scam, keep an eye out for the following before making a purchase:

• Be wary if the price is significantly lower than on similar sites. If a deal seems too good to be true, it almost certainly is.

• Avoid all retail websites that insist on a wire transfer or prepaid debit card transaction as a form of payment.

• Check for contact information and social media presence: Look for a real address and telephone number in the site’s contact information. Check out the company’s social media presence to verify their activity and search verifiable websites for consumer reviews.

• Use Whois.com. This website can help you check the domain name to see if it is registered in the country where the business claims to be located.

• Make sure websites are secure and authenticated: Before you purchase an item online. Look for "https" before the web address and online seals that ensure your credit card and/or banking information is secure.

An MCU Scam Alert Update

An estimated 11 percent of adults in the United States lose money each year because of criminal activity – that’s 25.6 million people! Consumers are getting smarter about fraud, but unfortunately thieves are too. Criminals are defrauding many victims by combining new technology with old tricks to gain access to their money and personal information.

Being informed is the first step to keeping your money and personal information safe. Check out these recent scams plaguing hardworking people everywhere.

1. Don’t Get Hooked by Text Phishing

Consumers have become accustomed to phishing scams via email so thieves have switched it up by using text messages or SMS. Usually posing as a government agency or financial institution, identity thieves and scam artists will panic victims with a message that implies a sense of urgency and a immediate response in order for them to quickly turn over personal and account information. Text phishing – or smishing – scams typically ask consumers to provide usernames and passwords, credit and debit card numbers, PINs, or other sensitive information that scam artists can use to commit fraud. However, it is important to remember that credit unions, banks and government agencies will never reach out for sensitive information through these means.

Never open links in unsolicited text messages, as they may infect your mobile device with malware that will steal the financial information stored on the device. It is also important to not call any phone numbers provided in suspicious text messages. Instead, be sure to contact any financial information, government, agency, or company identified in the text message by using the information in your records or listed on the official website.

2. Download Apps with Caution

Because of the recent holiday season, new phony retail apps have popped up in both Apple and Android app stores. It’s important to keep an eye out for these apps, which typically have names and logos very similar to those of legitimate companies and popular digital shopping platforms.

It’s good practice to always be careful when downloading any new apps. While most fake apps are fairly harmless and are used to simply delivery spam-like advertising, others may require the user to enter their credit card information or personal information. If this information is shared, it could leave users at risk of fraud.

To help ensure that an app is secure and user-friendly, check to see how often and well the app has been reviewed.

3. There’s a New Tax Bill Scam on the Block

While consumers are becoming increasingly savvy in recognizing tax bills scams, fraudsters aren’t giving up. The IRS has recently reported that fake documents designed to look like real CP2000 notices have come into circulation. CP2000 notices are typically sent out by the IRS to notify a person that information it receives about their income doesn’t match the information reported on their tax return. In this instance, the counterfeit document are targeting victims be claiming that taxpayers owe money for the previous tax year under the Affordable Care Act.

The idea of getting a letter from the IRS can cause people to panic and act quickly without realizing they they’ve been scammed. Luckily, there are some easy to spot warnings that can help you avoid becoming a victim.

For example, the IRS will never:

• Initiate contact with you by email or through social media.

• Ask you to pay using a gift card, pre-paid debit card, or wire transfer.

• Request personal or financial information by email, texts, or social media.

• Threaten to immediately have you arrested or deported for not paying.

MCU’s Identity Protection Tips for Online Holiday Shopping

With crowded stores and long lines, it’s no secret why millions of Americans are ditching their shopping carts in favor of the internet during the holidays. In fact, according to the National Retail Federation, nearly half of all holiday shopping was done online in 2015 – and more people are expected to take to their laptops and smartphones to check off items on their shopping lists this year.

While online shopping is a great way to save time and find great deals, it can also make your personal and card information more vulnerable to hackers and identity thieves. To help keep the happy in “Happy Holidays,” check out these easy ways to stay safe while online shopping this season.

1. Stick to Just One Credit Card

When it comes to shopping online, your credit card can be a safer way to make online purchases, compared to other means of payment. Credit Cards provide valuable protection when doing holiday shopping since they have systems in place to handle fraud issues more expediently and don't leave you waiting for lost funds to be reclaimed.

Additionally, sticking to just one credit card can be beneficial while shopping during the holiday season both on and offline. Doing this will not only help you to stay on budget but will also help you to more easily keep an eye out for potential identity theft or fraud.

2. Be Wary of Public WiFi hotspots

Saving your data is great but think twice before logging into a public WiFi hotspot to shop online –your information may not be safe. These networks are unsecured connections that hackers can easily access and steal any personal information you may be putting out during the time you are connected.

3. Stick to Secure Sites

When visiting a website that asks for sensitive information such as credit card numbers, it’s important to make sure that the website is encrypted over a secure connection. Otherwise, your information could easily fall into the hands of hackers.

To ensure that you’re using a secured website, check out the URL – it should begin with “https” rather than “http”. The “s” at the end of “http” stands for secure and is using an SSL (Secure Sockets Layer) connection. You can also check for the “Lock” icon that is displayed somewhere in the window of your web browser.

MCU’s Tips for Recognizing Identity Theft

If you’re not concerned about being at risk for identity theft, it’s time to think again. According to a recent study conducted by the Harris Poll, nearly 60 million American have been affected by identity theft. And as consumers become more sophisticated about protecting themselves, criminals have learned to adapt.

Once stolen, an identity thief can use your personal information to empty your bank accounts, make purchases online, use your medical insurance and open new credit card and utility accounts. While consumers are exposed to a lot of great information about the steps they should take to protect themselves against identity theft, it’s equally important to know the signs that you’ve become a victim. This will help you to take the necessary steps as soon as possible.

Your security is important to MCU and your other financial institutions. As we continue to monitor your accounts for fraud, you should keep an eye out as well. According to the Federal Trade Commission, key warning signs of identity theft include:

  • • Unexplained withdrawals from your bank account
  • • Missing bills or other pieces of sensitive mail
  • • Bounced checks
  • • Calls from debt collectors about debts that aren’t yours
  • • Unfamiliar accounts or charges on your credit report.
  • • Medical bills for services you didn’t use
  • • Your health plan rejects a legitimate medical claim because the records show you’ve reached your benefits limit
  • • A health plan won’t cover you because your medical records show a condition you don’t have
  • • The IRS notifies you that more than one tax return was filed in your name, or that you have income from an employer you don’t work for
  • • You get a notice that your information was compromised by a data breach at a company where you do business or have an account

If you notice any of these warning signs and believe that you’ve been affected by identity theft, learn more about the steps you can take here.

Five Things to Know: Protecting Your Online Security

According to a 2018 online survey conducted by the Harris Poll, approximately 60 million Americans have been affected by identity theft – that’s nearly one in five people living in the United States!

Protecting your personal and financial information on the web is one of the most important steps any consumer can take to prevent identity theft.

Check out our tips below to get started today.

1. Frequently change and diversify your passwords. This is one of the easiest ways to keep hackers from accessing your online banking accounts and other important web portals with information stolen from less secure sites, such as social media platforms. As you frequently update your passwords, it’s also important to avoid using sensitive information, including your Social Security number, birthdate, user ID or personal identification number (PIN). If someone gains access to this information, it may be among the first things used to try to get into your account.

2. Install and maintain antivirus software. Failing to download antivirus software will almost certainly leave your device vulnerable to cyber attacks and malicious software that can be accidentally installed while trying to download an attachment or open a new link. These programs can corrupt your device and steal sensitive information.

Antivirus software acts as a gatekeeper for these attacks and protects the device from both incoming potential threats. New viruses are coming out all the time. Because of this, it’s important for users to update their antivirus software as often as possible and to make sure not to let annual subscriptions lapse.

3. Beware of unsecured Wi-Fi networks. Free public Wi-Fi networks found in coffee shops, restaurants and airports can be convenient when you’re out and about but they should be used cautiously. While these hotspots are handy, they should be used cautiously, especially when it comes to accessing personal information. Unsecured Wi-Fi networks don’t require passwords and can be easily hacked by thieves who can gather all of the sites you accessed and all of the personal information you entered while on the network.

4. Secure your email account by using a two-step verification process. If you use your email to store sensitive information, enabling a two-step verification process will help you to feel confident that your financial and personal information is safe. This process means you need to pass another layer of authentication, not just a username and password, to get into your accounts. You might be asked to enter a code sent via text, or tap a confirmation button on a mobile app. It may feel like a bit of an inconvenience at times, but enabling a two-step verification process will help to secure your email account even if your password has been discovered or compromised.

5. Think before you click. . Be sure to check for an encrypted connection, especially for emails, banking and online payments. A secure website is indicated by 'https' before the URL, rather than 'http'. A padlock symbol on the top or bottom of the screen is also a good sign.

And if you’re shopping on your smartphone or tablet, you can help protect your personal information by double-checking the apps that your download to your device. Oftentimes, counterfeit apps look strikingly similar to those belonging to popular retail chain stores and luxury-goods makers. While many of them may be relatively harmless knockoff apps that serve for popup ads, accidentally entering any card or personal information can lead to potential fraud.

Today’s Rates

Rates As Low As:
LOANSAPR
Auto Loan*4.00%
Personal Loan**7.95%
  1. APPLY NOW
  2. VIEW ALL
MORTGAGESAPR
30 Year Fixed6.540%
HELOC2.99%
  1. APPLY NOW
  2. VIEW ALL
SAVINGSAPY***
IRA 18-Month Variable3.30%
Share Certificate 36-Month3.82%
  1. APPLY NOW
  2. VIEW ALL

* This is a discounted rate. The APR for auto loans will increase by .50% after consummation if automatic transfer from your MCU primary share (savings)/share draft (checking)account is cancelled or the transfer is unsuccessful for 3 consecutive payments.


** The APR for personal loans will increase by .50% after consummation if automatic transfer from your MCU primary share (savings)/share draft (checking) account is cancelled or the transfer is unsuccessful for 3 consecutive payments.


*** Annual Percentage Yield
Visit our Rates page for more information

  • youtube facebook
    twitter instagram

Routing Number: 226078036

NMLS #:184286

  • ncua Federally insured by NCUA. Your savings federally insured to at least $250,000 and backed by the full faith and credit of the United States Government. National Credit Union Administration, a U.S. Government Agency.