Protecting Your Credit Union Account
Fraudsters want your personal information, cards, and checks to use this information to gain access to your funds. By following these simple guidelines you can greatly reduce your risk of becoming a victim.
- Always safeguard your account number, passwords, and online login information. If possible, do not carry your account number with you in your wallet/purse and use extreme caution when providing account information to individuals or companies.
- Online/mobile logins or passwords should never be given to anyone unless they are listed as an owner on the account. Never provide this information to businesses or individuals claiming to need it in order to deposit funds or for payment.
- Go Paperless-This free option is safer than receiving documents through the mail, especially if your mailbox does not lock and is easily accessible from the street.
- Be cautious and mindful of phone calls, emails, or text messages asking you for account information. USU Credit Union will never contact you to ask for personal information, account numbers, card numbers, passwords, PINs, or other similar information via phone, email, or text.
- Always safeguard your checks. Do not leave your checks out in an open area. Never leave your checks in your car or out on your desk at the office.
- Keep your blank and cancelled checks in a safe place. Put them in a vault or other secure location. Destroy old blank checks if you are not going to use them.
- Limit the amount of personal information printed on the checks to your name and address. Useful information for thieves includes not only your account numbers, but information used to verify your identity, such as your driver's license number, social security number, and other secure personal information. Never have this information printed on your checks.
- Don't leave your bill payments sitting in an unlocked mailbox for pickup. Many thieves will steal bills from mailboxes so they can get your account information, checking information, or your physical checks. Go to the Post Office directly or use a curbside USPS mailbox (the blue metal boxes) and drop your bills in the slot rather than using less secure street mailboxes.
- Be discreet when writing checks in public places. Write your checks carefully and leave no space in which figures or words can be inserted.
- When you make an error writing a check, be sure to destroy the check or write "cancelled" across it and store it in a very secure location with your other cancelled checks.
- If your checks are lost or stolen, immediately report it to your financial institution.
- Reconcile your monthly statements as soon as you can to ensure all transactions are accurate. Contact USU Credit Union immediately if you find a transaction you do not recognize.
- When you reorder checks, mark your calendar. If you don’t receive your checks within 15 working days, contact your financial institution immediately to inquire as to the status of your order.
- Consider alternatives to check writing. For instance, paying by phone, online, setting up automatic payments or signing up for online Bill Pay with USUCU. All of these methods are safer, and often times more efficient options. Fewer checks mean fewer theft opportunities.
- Keep an eye on your accounts. Checking your balances regularly will alert you to fraudulent activity much sooner and could prevent additional fraudulent activity.
- Review your debit/credit card statement as soon as possible. Match charges with your receipts to ensure all charges are yours and are for the correct amount.
- Use the online banking service from your card issuer so you can check charges between receiving mailed statements.
- If fraudulent activity is suspected, use Card Controls within the USU Credit Union mobile app to turn off the compromised card(s) until you can contact the credit union to report the activity.
- Inform USU Credit Union right away of transactions on your account that you do not recognize or were not authorized by you.
- Inform USU Credit Union and any other financial institutions you do business with immediately if your card has been lost or stolen. As a cardholder, you may be held liable for any fraudulent charges that occurred on your card after you realized your card was lost or stolen, if not reported in a timely manner.
- Never give your debit/credit card number over the phone unless you initiate the call.
- Use well-lit ATMs, gas pumps, or other unmanned card terminals and only if they appear to be in good working condition.
- Look for foreign materials, loose pieces, or objects that do not belong before swiping/inserting your card at a terminal and avoid using a card terminal if anything seems out of place.
- When possible, use ATM's inside of a financial institution.
- When paying for gas, choose to pay inside the store or at the self-service gas pumps closest to the building, whenever possible. Avoid gas pumps furthest from the building or in dimly lit areas, as these terminals are more likely to be tampered with.
- Never write your PIN on your card or in your wallet. Memorize your PIN as soon as possible. Do not reveal your PIN to anyone not authorized to use the account.
- Never use your date of birth, social security number, license number, or street address as a PIN – those are the first numbers a crook will try.
- Avoid using the PIN with your card as much as possible, as if this information is compromised, it is easier for fraudulent individuals to withdraw funds directly from your account. Most merchants allow you to run your debit card through the credit network, which bypasses the need for a PIN and safeguards that information.
- Don't throw away your ATM receipt at the ATM location. Keep them to reconcile your account, then dispose of them properly when you get home.
- Destroy old cards immediately after receiving your replacement cards.
- Respond to calls from your financial institution. We are constantly on the lookout for strange charges on your account and often notice a problem before you do.
- Keep a list of all of your credit cards including the account number and phone number to the issuing company. Keep this information in a safe place so that if you need to report a card is lost or stolen you have all of the information you need to do so.
- Always sign a new card immediately.
- When making a purchase with your debit/credit card, make sure you get back the card and receipt. Check the receipt for accuracy.
- When using a debit/credit card at a restaurant or store, make sure that all blank lines are marked through so that no one can change the final amount.
- Only travel with debit/credit cards you plan on using.
- Inform your financial institution of any travel you will be doing to avoid interruptions in card activity and to ensure that proper fraud monitoring is in place.
Protecting Your Identity
Identity theft occurs when someone uses your name, address, social security number (SSN), bank or credit card account number, or any other identifying information to commit fraud or other crimes. Thieves may use a variety of techniques to capture your information, both low and high tech. Whatever the method, there are steps that can be taken to help minimize your risk.
- Never respond to emails or text messages asking you for your personal banking or credit card information. Legitimate organizations/companies will never reach out to you to ask for personal information via phone, email, or text.
- Only enter personal information on secure websites. Look for a "lock" on the browser or "https" at the beginning of the website address to ensure the site is secure.
- Never use email to send your confidential information because email is not secure. To send us a secure message, use the Contact Us section of the USU Credit Union website.
- Do not open emails or text messages if you don't recognize the sender's name. When in doubt, delete!
- Limit the information you share on social networking sites. Fraudsters can obtain a startling amount of information about a person from social media websites such as Facebook, Instagram, and Twitter. This includes: birthdays, mother's maiden name, children's and pet's names, and employment information. Be cautious about posting this type of information and make sure that information of this nature is limited—check settings to ensure it is not public for everyone to view.
- Change passwords regularly using a mixture of upper and lower case characters and numbers. Use passwords that are not easily guessed. Do not share password information with anyone. Do not use the same passwords for multiple websites, especially for logins to bank accounts or other similar sites. See below for more tips on avoiding easily deciphered emails and creating strong passwords.
- Be wary of promotional scams. Identity thieves may use phony offers over-the-phone, through email, via text message, etc., to get you to give them your personal information.
- Update anti-virus software and security patches to your system software regularly. Also, be sure and perform software updates to your mobile devices, too, to avoid malware specifically targeting smartphones, tablets and other similar electronics.
- Review your credit report once a year.
- Tear up or shred any pre-approved credit card offers that you do not want.
- Check your monthly statements to verify all transactions and notify your financial institution of any suspicious transactions.
- Be cautious about giving confidential information over the phone, or through email/text message, to callers you don’t know.
- Limit the amount of identification and the credit cards you carry.
- Identity thieves may steal mail. Consider locking your mailbox.
- Report lost or stolen checks and credit cards immediately. In addition, report identity theft incidents to the credit bureaus (Experian, TransUnion and Equifax). Consider placing alerts or taking other actions suggested by the bureaus to protect your credit. (Please contact the bureaus directly for more information.)
- Do not provide debit or credit card numbers or PINs in response to unsolicited emails, text, phone calls.
- You see withdrawals from your bank account that you can't explain.
- You don't receive bills or other mail.
- Merchants refuse your checks.
- Debt collectors call you about debts that aren't yours.
- You find unfamiliar accounts or charges on your credit report.
- Statements show up for an unknown credit card account.
- You have good credit, but an application for credit is denied.
- Your health plan rejects your legitimate medical claim because the records show you’ve reached your benefits limit.
- The IRS notifies you that more than one tax return was filed in your name, or that you have income from an employer you don't work for.
- You get notice that your information was compromised by a data breach where you do business or have an account.
Already a Victim of Identity Theft?
Visit www.identitytheft.gov to get a detailed and customized recovery plan for your particular situation. This will often involve:
- Calling the credit bureaus.
- Contacting creditors where fraudulent accounts were opened.
- Filing a police report with your local police department.
- If mail was involved, contacting the US Postal Service to correct any issues and report the crime.
- Reporting the fraudulent use of a social security number to the Social Security Administration.
- Contacting the Department of Motor Vehicles (DMV) to determine if any additional licenses were issued in your name.
- Contacting your financial institution to report unauthorized activity.
You can also visit www.ftc.gov for more information on identity theft and other helpful resources.
Scams and Potentional Fraud Schemes
Fraud schemes come in many different forms – so stay alert and remember the old saying – "If it sounds too good to be true, it probably is."
The most common check fraud involves receiving a generous check with an explanation that you've just won an award, a prize, a lottery, or some other windfall. You’re instructed to deposit the check and wire a portion back to pay fees, taxes, etc. If you fall for this scheme, you could be out of luck. Wired funds can't be retrieved, and by law you're responsible for the deposited check even though you didn't realize it was counterfeit.
Dating apps and websites are becoming more and more popular, which has unfortunately attracted criminals that target unsuspecting men and women who are trying to make a connection online. These criminals use stolen pictures and made up information to reel in their victims. They work to cultivate the relationship but will make excuses to avoid meeting in person. Eventually, the criminal will ask the victim for their bank account information so that they can make deposits into their account. The reasons for these deposits vary, including that they are currently out of the country and can't access their own accounts, they moved to a new area and can't get to a bank, or that their own account has been frozen due to a misunderstanding. The criminal will then ask the victim to deposit the funds into the account of a friend or family member, send the funds via Western Union, or use the funds to purchase iTunes gift cards. When it turns out the initial deposit was fraudulent, the victim is then liable for all money sent.
Many people going through tough financial times look to apply for loans to get them through. Be wary, however, because criminals create convincing websites stating they are a legitimate lender. Once someone applies for a loan, they tell the applicant that due to poor credit, they will need to allow the lender to deposit money directly into their account, and the applicant will have to immediately pay it back via Western Union or MoneyGram to "boost" their credit score. Once the applicant does this a few times, the lender states they will then send funds the applicant can keep. However, before this can happen the funds are determined to be fraudulent and not only does the victim not receive a loan – they are also out the money they already sent to the criminal.
Don't accept a check for more than your selling price, no matter how tempting the offer or how convincing the story. Ask the buyer to write the check for the correct amount. Be especially cautious of out-of-state checks. They can be hard to verify and it can take weeks for your financial institution to determine a check is fake.
Be cautious when accepting a money order or cashier's check from someone you don't know. If the denomination area is discolored or if the item includes different fonts/inconsistent print, it could mean the money order or cashiers check has been altered. Hold it up to the light to make sure the watermark and security thread are visible. If in doubt, contact the issuer of the check to verify the validity of the item.
Fraudsters typically find victims by searching websites where job seekers post resumes. Money mules are most often recruited through bogus job offers for payment processors, financial managers, or overseas representatives with the ability to work from home. Upon accepting the job, the victims are notified they will receive deposits into their accounts via ACH, wire transfer, or check. Then they are instructed to either wire the funds to an account at another financial institution or send the funds to individuals via Western Union. The money mules keep a portion of the funds deposited to their account as wages. Through this process, the criminal receives the funds while hiding their involvement, and the victim may be complicit in moving illegal funds.
Shoppers may be told that their first assignment is to evaluate a money transfer service, like Western Union or MoneyGram. The shopper receives a check with instructions to deposit it in a personal bank account, withdraw the amount in cash and wire it to a third party – but the check is fake, and your money is gone. With these schemes, websites are often created where you pay a fee to register to become a mystery shopper and receive information about a certification program, a directory of mystery shopping companies, or a guarantee of a mystery shopping job. Remember, it’s unnecessary to pay anyone to get into the mystery shopping business. The certification offered is almost always worthless, and legitimate mystery shopper jobs are listed on the internet for free.
As the rise of social media website popularity increases, so has the use of these websites for the purpose of committing fraud. Fraudsters can use these social media platforms to pose as friends and acquaintances in order to solicit information, push fraud schemes, and send links to fraudulent websites. These types of solicitations are usually done through the compromised account of a friend and involve money making opportunities that seem too good to be true. The fraudster uses the victim's implied trust of the person they are posing as to obtain account numbers, personal information, or bank login credentials. Be cautious of any social media interaction which advertises or presents a money-making opportunity, including but not limited to online loan companies, grant opportunities, employment opportunities, and inheritance payments.
This is not an exhaustive list of the numerous fraud scams that exist. If you have any questions about a transaction or interaction that you received, please contact the Credit Union at (800) 283-4550 to discuss your specific situation. You can also visit the FBI’s Internet Crime Complaint Center at www.ic3.gov for a more detailed list of common fraud schemes.
USU Credit Union and our affiliates will never ask you to verify your account number, Social Security number, debit or credit card number, PIN, one-time security codes, or any other sensitive personal financial information via email, pop-up window, text message, or unsolicited phone call. If you receive a request for this information please call us at (800) 283-4550.