Identity Theft and Fraud Information
We increasingly rely on computers, smartphones and the internet for everything from shopping and communicating to banking and bill-paying. While the benefits of these online services are clear, there are often risks associated. The links below may assist you in avoiding and identifying these risks.
If you become a victim of identity theft, take the following steps as quickly as possible to minimize the potential damage to you:
- Contact us as soon as possible.
- File a police report with your local law enforcement agency. You will need a report on file in order to dispute unauthorized charges.
- Contact the fraud departments of the major credit bureaus to report the identity theft and request that the bureaus place a fraud alert status in your file. You are also entitled by law to receive a free copy of your credit report if you are a victim of identity theft. To report fraud to the major credit bureaus, contact information is:
- Equifax: 1.800.349.9960
- Experian: 1.888.397.3742
- Innovis: 1.800.540.2505
- TransUnion: 1.888.909.8872
- Equifax: 1.800.349.9960
- Contact the Federal Trade Commission’s toll free Identity Theft hotline:
The FTC will take a report and place your name in the nationwide “Consumer Sentinel” consumer fraud database shared by local, state and federal law enforcement agencies.
- Contact your creditors and inform them. Close your accounts, change all account passwords, and obtain new credit, debit and ATM cards.
- For additional information on what you can do if you believe you are a victim of identity theft, visit: www.consumer.gov/idtheft; https://www.irs.gov/identity-theft-central
- For more information on Identify Theft, please visit our office and pick up a copy of the NCUA “Fraud Prevention” brochure. The information here has excerpts from that brochure.
- To receive one free credit report per year, visit www.annualcreditreport.com or call 1-877-322-8228 or mail your request to:
Annual Credit Report Request Service
P O Box 105281
Atlanta, GA 30348-5281
To protect your account, our service provider (Fiserv) monitors your ATM and debit card transactions for potentially fraudulent activity. If Fiserv suspects fraudulent ATM or debit card use, an automated service will contact you via a phone call or text to validate the legitimacy of your transactions. Your participation in responding to their call is critical to prevent potential risk and avoid restrictions we may place on the use of your card.
- An automated call or text will ask you to verify recent transaction activity on your card.
- You will be able to respond via your touchtone keypad or return text message.
- You will also be provided with a toll-free number to call should you have additional questions.
- You will NEVER be asked for your social security number or any passwords or PIN numbers. If asked, do not respond and contact us.
- Our goal is to minimize your exposure to risk and the impact of any fraud. To ensure we can reach you whenever potential fraud is detected, please keep us informed of your correct cell and home phone numbers, e-mail address and home address at all times.
There has been an increase in debit and credit card fraud known as “skimming.” Skimming is a type of fraud which occurs when an ATM or pay at pump dispenser is compromised by a skimming device, a card reader which can be disguised to look like a part of the machine. The card reader saves the users' card number and pin code, which is then replicated into a counterfeit copy for theft. The skimming equipment can be very sophisticated, small and difficult to identify. Best practices for protecting yourself include checking the card slot before inserting your card. This same rule applies for pay at the pump fuel dispensers. The majority of skimming attacks deal with the capture of payment data from magnetic-stripe payment cards.
Currently, EMV chip cards are being issued to replace magnetic strip, but all EMV chip cards must maintain a magnetic stripe until all merchants’ devices have been upgraded to accept the chip cards in the U.S.
In a typical phishing case, you’ll receive an email that appears to come from a reputable company that you recognize.
The email may warn you of a serious problem that requires your immediate attention. It may use phrases, such as “immediate attention required,” or “Please contact us immediately about your account”. The email will then encourage you to click on a link to go to the institution’s website.
In a phishing scam, you could be redirected to a phony website that may look exactly like the real thing. Sometimes, in fact, it may be the company’s actual website. In those cases, a pop-up window will quickly appear for the purpose of harvesting your financial information.
In either case, you may be asked to update your account information or to provide information for verification purposes. This could include the following: your Social Security number, your account number, your password, or the information you use to verify your identity when speaking to a real financial institution, such as your mother’s maiden name or your place of birth. If you provide the requested information, you may find yourself a victim of identity theft.
Here are some important tips to keep in mind:
- Do not reply or click on any link.
- Never provide your personal information in response to an unsolicited request. Neither Peach State nor any of our third- party providers (for example VISA®) will ever ask a member to disclose account or other personal information via email.
If you think you might be a victim of phishing, contact us as soon as possible.
Smishing is the mobile phone counterpart to phishing. Instead of being directed by email to a website, a text message is sent to the user’s cell phone or other mobile device with some ploy to click on a link. The link causes a Trojan to be installed in the cell phone or other mobile device.
If you think you might be a victim of smishing, contact us as soon as possible.
A recent example of fraudster ingenuity is the use of Voice over Internet Protocol (VoIP) phones to steal a person’s financial information. This scam is called “vishing” – short for “voice phishing.”
There are at least two “Vishing” methodologies scammers use.
The scammer sends a blast email, disguised to appear as though it’s from your credit union, online payment service or other well-known business. The email, which may have a trusted logo, typically reports a “security” problem with the recipient’s account and urges the individual to call a telephone number to “straighten things out.”
Although many people know better than to click on hyperlinks in strange emails for fear of being “phished” (attempt to steal your information via email), they often feel safe calling a telephone number that appears to be local or toll-free. When the member calls, they reach an automated attendant prompting them to enter their account number, password or other private information for “security verification” purposes.
Some “vishers” use automated dialing programs to “cold call.” The person’s caller ID device may list a legitimate-looking local phone number to inspire trust from the recipient. A pre-recorded message (or sometimes a live “employee”) claims the person’s account has been compromised or needs updating or verification. The person is then asked to enter their account information, which is digitally transcribed onto the hard drive of the scammer’s computer.
If you provide the requested information, you may find yourself a victim of identity theft.
- Do not reply or click on any link.
- Never provide your personal information in response to an unsolicited request. Neither NMCU nor any of our third party providers (for example VISA®) will ever ask a member to disclose account or other personal information via email.
- Contact us to report vishing as soon as possible.
Text Message Scams
Text message scams work by sending you a text message from a number you may not recognize. It is designed to get the recipients to reveal confidential personal and/or financial information in order to steal this information for identity theft or other illegal purposes.
Do not, under any circumstances, respond to this type of a text message. Neither we (NMCU) nor any of our third-party providers (for example VISA®) will ever ask a member to disclose account or other personal information via text message. If you receive a similar text message, call NMCU as soon as possible and report the incident.
The only text you may receive from us or our third-party providers (MasterCard® or Visa®) will be to verify whether a suspicious transaction was actually one you initiated and you will then only be asked to respond with a yes or no.
If you think you might be a victim of a text message scam, contact us as soon as possible.