![Logo](https://www.lcfcu.org/wph/workarea/wp-content/themes/ncr-child-theme/images/img-logo.png"){kind=logo}
![Logo](https://www.lcfcu.org/wph/workarea/wp-content/themes/ncr-child-theme/images/img-logo-icon.png"){kind=icon}
- Protect Yourself From Identity Theft >
- What You Need to Know About Phishing >
- What You Need to Know About Bank/Financial Institution Imposter (Spoofing) Scams >
- Read our BLOGs for additional Security/Scam Awareness >
Protect Yourself From Identity Theft
Identity theft can have serious consequences for your financial future. An identity thief can capture your data (such as social security number, bank account numbers, etc.) and use it to take out loans in your name; apply for and max out credit cards in your name; even steal your medical insurance data and receive treatment.
There is no single platform where fraudulent transactions can be corrected or deleted, making it difficult to untangle the web of deceit that is identity theft. Here are some tips to help you avoid becoming an identity theft victim.
The best way to protect yourself and your family is to protect your major forms of identity: social security number, birth date, passport number, home addresses, work history, etc. Even then, your information can be stolen in a data breach that was beyond your ability to prevent. Here are some basic rules to help protect your data
- You wouldn’t leave your front door key in the lock as you leave for vacation – protect your personal data the way you protect your home.
- Don’t leave computer or other system usernames and passwords next to your computer, cell phone, etc.
- Don’t provide personal information to anyone unless you initiated the contact.
- Don’t give a One-Time Passcode sent to your phone or email to anyone. Legitimate credit union staff would never ask you for this code. Scammers use it to bypass security.
- Shred personal information before discarding.
- Do not download third-party apps to your devices. Legitimate credit union staff would not ask you to do that.
- Protect PINs and passwords and don’t make them easy for others to figure out.
- Carry only cards and driver’s license you use routinely with you daily.
- Read account and billing statements carefully.
- Review your credit report annually from each of the three major bureaus
- You discover unexplained withdrawals from your bank.
- You are no longer receiving invoices, bank statements, credit card bills and other mail regarding your accounts.
- Debt collectors call you about debts that aren’t yours.
- Retailers reject your checks.
- Medical providers bill you for services you didn’t use.
- Your health plan notifies you that you’ve reached your benefits limit.
- A health plan won’t cover you because your medical records show a condition you don’t have.
- The IRS notifies you that more than one tax return was filed in your name, or they incorrectly show income from an employer.
- You get a notice that your information was compromised by a data breach at a company where you do business or have an account.
- You start receiving credit cards or billing statements for accounts you did not apply for.
If you worry you have been the victim of a scam, file a report with the FTC – ReportFraud.ftc.gov, as well as your local police or law enforcement agency. Additionally, stop by, call or email to let us know and we’ll do what we can to help.
Immediately contact your financial institutions, the three credit bureaus below and report it to the Consumer Financial Protection Bureau and Federal Trade Commission
- Equifax – 800-525-6285
- Experian – 888-397-3742
- Trans Union – 800-680-7289
- Federal Trade Commission hotline 1-877-ID-THEFT
- Complete an ID Theft Affidavit and include it with your written statement.
- Report identity theft to the Consumer Financial Protection Bureau by submitting a complaint. Your complaint helps law enforcement officials across the country in their investigations. Visit the CFPB’s website to find out more information on submitting an identity theft complaint.
- File a report with the FTC – ReportFraud.ftc.gov
You can order a free credit report once every 12 months directly from each of the three reporting agencies below or from www.annualcreditreport.com. In addition, every four months, you can order a report from a different agency to check in on your credit three times a year.
Equifax – 800-685-1111
Experian – 888-397-3742
Trans Union – 800-888-4213
Act FAST
- If you start receiving credit cards or billing statements for accounts you did not apply for, contact the businesses to let them know you are (or could be) an identity theft victim.
- Review a copy of your credit report — you can get one credit report free per year by visiting AnnualCreditReport.com or calling (877) 322-8228.
- Review your current account statements. Review each credit union and bank statement where you have an account.
- Go to the Federal Trade Commission Identity Theft Services, https://www.identitytheft.gov, for details on how to report Identity Theft, and how to start building a plan to manage it.
- File a police report.
- Contact the fraud departments at the credit bureau numbers listed above
- Contact all creditors to inform them, close accounts, and obtain new cards and security codes.
- Contact the security or fraud departments of each business where an account was opened or charged without your knowledge.
- Follow up in writing, with copies of supporting documents.
- Keep copies of documents and records of your conversations about the theft.
- Letters to send for Identity Theft to help sort out identity theft issues.
- Report identity theft to the Consumer Financial Protection Bureau by submitting a complaint. Your complaint helps law enforcement officials across the country in their investigations. Visit the CFPB’s website to find out more information on submitting an identity theft complaint.
What You Need to Know About Phishing
Phishing is an attempt, using fraudulent e-mail or website pop-ups, to get you to divulge sensitive financial information such as credit card numbers, account numbers, user names, passwords, or social security numbers. Phishing differs from virus or worm attacks in that e-mail or pop-up itself is innocuous, and cannot grab your personal information from your system without your knowing it. Instead, phishing relies on old-fashioned con artist tricks to get you to give up the information voluntarily. This information is used to steal your identity and run up bills in your name.
Generally the e-mail or pop-up will be cleverly crafted to look like it came from a financial institution, regulatory agency or other online company, such as PayPal or eBay that you trust. It will ask you to verify account information within the body of the email or direct you to a website that fakes the look of the company’s website. Often times these fakes are very good. Any information you enter will be sent to the perpetrators of the fraud.
The best protection against phishing scams is to be cautious in how you share sensitive financial or personal information. Be skeptical of any e-mail or pop-up that asks for personal information. Anti-SPAM filtes block many phishing e-mails, and pop-up blockers can limit the number of pop-ups you get, but no technology can prevent you from falling for the con. Legitimate businesses are very aware of phishing, and do not send e-mails requesting sensitive information. Do not reply to the e-mail, or follow any of the links. If you think the request might be genuine, confirm it either by calling the company directly at a number you know, or go directly to the company’s website by typing a known address in the browser window. When evaluating an e-mail message requesting personal information, try to imagine it as an unsolicited telephone call. If you wouldn’t give that information over the telephone to an unknown caller, don’t give it out in response to an unsolicited e-mail.
What you do will depend on what type of information you have given out. For more information, including how you can report this crime, go to http://www.cybercrime.gov/.
There are a number of sites on the web that provide information about phishing. The Anti-Phishing working group has excellent information relating to many different types of attacks on their Consumer Advice web page, at http://www.antiphishing.org.
For tips from the Federal Government and the technology industry to help you be on guard against fraud, improve online safety and protect your personal information visit OnGuard Online, at http://www.onguardonline.gov/
For additional information about how to identify fraudulent emails and protect yourself go to this FTC consumer alert address, at http://www.consumer.ftc.gov/scam-alerts.
What You Need to Know About Bank/Financial Institution Imposter (Spoofing) Scams
Scammers are constantly finding new ways to appear legitimate. One tactic that has become more common is financial institution imposter scams, sometimes called call spoofing.
These scams are designed to look and feel real. In some cases, even the phone number on your caller ID may appear to match your financial institution.
Understanding how these scams work can help you avoid falling into the trap.
A financial institution imposter scam happens when someone pretends to be from a financial institution to gain access to your personal or financial information.
Scammers may contact you by phone, text, or email and claim there is an urgent issue with your account, such as suspicious activity or a locked card.
- To make the request seem legitimate, they may:
- Use a phone number that appears to be from your financial institution
- Reference basic personal information
- Create a sense of urgency to prompt immediate action
Their goal is to get you to share sensitive information or approve a transaction.
You may receive a call or message that appears to come from your financial institution. The caller may:
- Claim there is fraud on your account
- Ask you to verify personal or account information
- Request a one-time passcode or login approval
- Direct you to move money to “protect” your account
In some cases, scammers may stay on the line while asking you to take action, creating pressure to respond quickly.
Financial institution imposter scams often include:
- Calls or messages that create urgency or pressure
- Requests for passwords, passcodes, or full account details
- Instructions to move money or make a payment immediately
- Caller ID that appears legitimate but feels unexpected
- Misspelled email addresses and/or URLs
- Contact when you were not actively working with your financial institution
A simple rule to remember: If you didn’t initiate the contact, take a moment to verify before responding.
If you receive a suspicious call, text, or message:
- Set up two-factor or multi-factor identification on your accounts
- Do not share personal or account information
- Do not provide one-time passcodes or login approvals
- Do not send money or transfer funds based on unexpected instructions
- Hang up and contact your financial institution directly using a trusted number
- Don’t click on unsolicited links that are sent in emails or text messages
Taking a moment to pause and verify can help prevent fraud.
If you believe you may have shared personal or financial information with a scammer, don’t panic. Acting quickly can help protect your accounts. Here are a few important steps to take:
Contact LCFCU right away using the number on our website
- Change your online banking passwords and any similar passwords used on other accounts
- Review your account activity for any unfamiliar transactions
- Enable account alerts if they are not already set up
- Monitor your accounts and credit reports over the next several weeks
If you were asked to approve a login request or provide a one-time passcode, let us know as soon as possible so we can help secure your account.
