Locations   |   What's New   |   Rates   |   About Us
 
Home Page  
Savings  
Youth  
Checking  
Lending  
Convenience  
Events  
Promotions  
Applications  
 
Employment  
Disclosures  

ScamWatch


NEWS     |     TIPS     |     LINKS     |     SCAMS     |     STEPS
NEWS

Vishing’ getting more use, report suggests

Jan. 14, 2008—Recent incidents point to a rise in vishing, or phishing utilizing voice-over-IP, in their efforts to trick people into providing personal account data, according to a Jan. 11 online report by CUInfoSecurity.com.

> MORE INFO IN NEWS
LINKS:

Social Security

FTC

OnGuard

Postal Inspection
TIPS

Where to get a real "free" credit report

Nov. 8, 2007 — Many members have gone to "freecreditreport.com" hoping to see just that - a free copy of their credit report.  This site, however, charges a fee.

The true "free" site is annualcreditreport.com - a site set up by the three credit reporting agencies to offer Americans a free copy of their credit report, as mandated by law.  You can view one copy of your credit report a year for free.  Just remember "annual," not "free."

> MORE TIPS
Did you know?

Last year alone, more than 9.9 million Americans were victims of identity theft.


  
   
   

NEWS, cont.
back to top



Vishing’ getting more use, report suggests

Jan. 14, 2008—Recent incidents point to a rise in vishing, or phishing utilizing voice-over-IP, in their efforts to trick people into providing personal account data, according to a Jan. 11 online report by CUInfoSecurity.com.

The online service noted recent attempts targeting account holders at Beneficial Bank (Philadelphia), Yakima Valley CU (Yakima, Wash.) and Catholic CU (also in Yakima). The instances involved a combination of phishing e-mails and voicemail directing consumers to another Web site or phone number to update account data (“Bank Credit Union Customers Struck by Fraud Attempts,” by Linda McGlasson).

In the voicemails, callers were given a toll-free number to call; when they did call, they were asked to provide account data.

Vishing is getting greater use as financial institutions beef up their online security, according to Avivah Litan of Gartner, the report says. Another analyst says that vishing could be the next “attack vector” as consumers become more savvy about phishing e-mail.



Secure your SSN online

January 3, 2008 — The Federal Trade Commission has estimated that 8.3 million Americans were victims of identity theft in 2005, the most recent data available. But the crown jewel in identity theft -- the Social Security number -- can be mined easily in the government's own records, creating a measure of social insecurity for millions, identity experts say.

> Read the Washington Post story

 


A1@home adds security features

Nov. 30, 2006—With identity theft on the rise, American 1 Federal Credit Union is continually looking for ways to protect our members. For this reason, username and access code security on A1@home is being strengthened.

You will now need to pick and use a username — not your account number — to sign on to home banking.  In addition, you will be asked to update the access code you use for A1@home to a minimum of six characters in length. To update your account, simply follow the directions given on the home banking sign-on screen.

American 1 also offers the following services to help protect your identity:

E-statements – a convenient electronic form of your monthly statement that you can access through a secured site at no cost to you!

Identity Theft Protection – insurance coverage to ensure that you are covered if you become a victim of identity theft.  Head to our Membership Discounts page for more information.

To sign up for A1@home, or if you have questions about the new password security or other identity theft products, please contact any branch location.  You can also learn more about our home banking services here.



  

TIPS, cont
back to top


Tips to keep in mind:

  • If it sounds too good to be true, it usually is.
  • Never provide your personal information in response to an unsolicited request.
  • Never believe someone who asks you to cash their check and send money back - it's a scam everytime.
  • If you believe the contact may be legitimate, contact the credit union yourself.
  • Never provide your password over the phone or in response to an unsolicited Internet request.
  • Review account statements regularly to ensure all charges are correct. 
  • Photocopy contents of your wallet
  • Do not list SS# on your checks
  • Use P.O. Box as your address when you can
  • Shred all sensitive mailings and documents with a diamond cross-cut shredder


  
LINKS, cont.
back to top

Handy links:

> OnGuard Online

> Federal Trade Commission

> Download FTC ID Theft Booklet

> United States Postal Inspection Service

> United States Secret Service

> Social Security Administration

> When Someone Misuses Your Number (SSA) 

 


  
SCAMS
back to top

"Credit Union" e-mail alert

Nov. 6, 2007 — There is a new, legitimate-looking fraud e-mail floating around that starts out:

Dear Credit Union customer,

We regret to inform you that we have received numerous fraudulent emails which ask for personal account information. The emails contained links to fraudulent pages that looked legit. Please remember that we will never ask for personal account information via email or web pages.

This e-mail comes from "Credit Union," and even gives NCUA credentials, a copyright symbol, and a legitimate-sounding e-mail address where you can "sign up" for identity theft protection.  But you are not a "Credit Union customer" - you're a member.

Then it says, for inquiries, "contact Customer Service," but doesn't give any contact information.  This is a scam.

American 1 would never contact you via e-mail about issues with your account, and if you did hear from us, we would put our full name (American 1 Federal Credit Union) on any correspondence.  And just to be sure, check the e-mail address: if it doesn't end with "@a1fcu.org," then it probably didn't come from us.




IRS warns of latest e-mail scam

Aug. 30, 2007 — The IRS alerted taxpayers on Monday about a new e-mail scam that purports to come from the agency and claims the recipient can receive $80 by filling out an online customer satisfaction survey.
 
As with previous scams the IRS has warned about this year, the e-mail is believed to contain a link and attachment that open a Trojan Horse program which takes over a person’s computer. The Trojan Horse enables the hacker to remotely access the victim’s computer. The IRS is urging people to not click on the link or open the attachment. Instead, they should forward suspicious e-mails to phishing@irs.gov and follow the instructions, the agency said.

Mark Hanson, an IRS media relations officer, said the latest scam appears to be aimed at “business taxpayers as well as individual taxpayers.”

In issuing its warning about the latest scam, the IRS reiterated that it does not send out unsolicited e-mails or ask for detailed personal and financial information.

Acting IRS Commissioner Kevin M. Brown said in a press release that people should “always exercise caution when you receive unsolicited e-mails or e-mails from senders you don’t know.”




Check washing gaining in popularity

June 18, 2007—  As reliance on technology increases, so does the complexity of scams. However, some scammers are reverting to more primitive methods (baltimoresun.com, May 29).

There's been a resurgence of check washing--the process of taking a legitimate check that has been filled out and signed, using a basic solvent available in drugstores or hardware stores to dissolve the dollar amount and recipient, and rewriting the check as the scammer chooses. The scammer obtain checks from a variety of methods, but mailbox theft still is one of the most popular (Forbes.com).

Protect yourself from check washing fraud:

  • Write checks with a gel pen--solvents can't dissolve them. A good option is the Uni-Ball 207, which sells for about $2.
  • Shred old checks and important documents you no longer need.
  • Don't put outgoing bills in the mailbox--take them to the post office or to a collection box. Also, don't put the flag up on your mailbox, particularly if you're mailing bills that contain account numbers.
  • Consider buying a mailbox with a lock (available at hardware stores) to protect incoming mail.
  • Buy checks with security features, and don't have them sent to you through the mail. Instead, pick them up at your credit union.
  • Fill out your checks completely, including a squiggly line in blank areas.
  • Inspect your statements thoroughly and report any suspicious activity immediately.


Amateur phishers on rise, aided by kits

July 10, 2007 —  Phishing “kits” that make it easier to launch phishing attacks have apparently been improved to allow faster deployment by those with little technical expertise, according to an article in American Banker newspaper.

Such kits have been around for awhile, the article notes, but they have required some technical skill to implement (“New Phishing Kits Ease Way for Amateurs,” by Daniel Wolfe). The article quotes experts from RSA Security describing the newer kits as particularly helpful to amateurs, which is considered a growing market.

The kits are self-extracting and can put up a phishing site in two seconds, according to Marc Gaffan, marketing director of RSA’s consumer solutions group, the paper reported. “The big difference is not in what it can do or how it does it … but in the level of simplicity in deploying phishing attacks,” he was quoted saying.

The article also quotes Avivah Litan, a vice president and research director at Gartner Inc., pointing out that the new phishers are younger, have the Internet access and the intent but lack the resources that larger fraud operations have. These individuals, she noted, are the persons who try to view others’ data in wireless hot spots but don’t have the experience yet to cause any real damage.

Litan further noted that newer phishing sites are running on botnets (networks of computers that have been compromised without their owners’ knowledge). These networks distribute the tasks so no one server is responsible for all the e-mails in a single attack, making it more difficult to halt them, the report notes. 





Foreign lotteries, checks are scams

May 10, 2007—  "It’s your lucky day! You just won a foreign lottery! The letter says so. And the cashier’s check to cover the taxes and fees is included. All you have to do to get your winnings is deposit the check and wire the money to the sender to pay the taxes and fees. You’re guaranteed that when they get your payment, you’ll get your prize.

There’s just one catch: this is a scam."

Go here to read more!




Common scams and how they work

April 20, 2007 How do you tell a scam?  Use this handy info sheet to check if a recent offer, often too good to be true, is the real deal or not.  Included are tips on picking out common phishing and pyramid schemes.
STEPS
back to top

What to do if your identity is stolen
  • File a police report immediately
  • Federal Trade Commission (1-877-382-4357)
  • Contact SS Admin. Fraud Line (1-800-269-0271)
  • Call Natl. Reporting Organizations
    • Equifax-1-800-525-6285
    • Experian-1-888-397-3742
    • Trans Union-1-800-680-7289  
  • Contact all credit card companies
  • Contact American 1 (1-888-213-2848)
  • Contact Federal Trade Commission (1-877-382-4357)
  • Contact SS Admin. Fraud Line (1-800-269-0271)

    		•  

    back to top


    		  









     


    American 1 FCU
    718 E. Michigan Avenue
    Jackson, Michigan 49201
    888.213.2848
    Fax: 517.787.3665
    a1responseteam@a1fcu.org