Security Articles

 



Refer to these helpful tips and articles to protect you and your family
against fraud, identity theft and malicious activity. Please call us if you ever need
assistance or have questions about safeguarding your identity and computer.

 QuickSource

Internet and Identity Protection     Security Alerts     Security Center

Contact Us

 



Ask Questions to Avoid Fake-Check Scams

Three key questions will protect you from many scams:

1. Why would anyone send you more money than you're due? Just asking the question is a reminder that you rarely get something for nothing.

2. Why do you need that information? When anyone asks for personal information--check routing numbers, driver's license numbers, Social Security numbers, or other data--ask why it's required. Unless you're convinced by the answer, refuse to provide it. Never provide information when someone else originates the transaction or request for information. 

3. Is this check genuine? Even cashier's checks can be faked. 

Please be sure to ask a professional at PrimeSource Credit Union to examine any questionable check before withdrawing funds.

     Fake checks are making it tougher to tell if someone is offering you a real deal or just another scam. The crooks creating the latest fake checks often call or e-mail victims to tell them they have won a sweepstakes or inherited money. The crook invents an excuse to explain why the check is written for an amount larger than the total owed to the recipient. To get faster access to the funds, the crook advises the recipient to accept the too-large check and wire back the "excess" amount. 
     The recipient then has a financial instituion wire the "excess" funds to the crook. When the scam is discovered, the financial institution typically withdraws the amount of the check from the victim's account. Meanwhile, the victim loses the amount sent by wire transfer, often thousands of dollars. 

Although PrimeSource Credit Union makes every effort to verify checks, we cannot guarantee that the checks will not be returned for nonpayment, and in the case fraudulent or counterfeit checks, the member is ultimately responsible. When in doubt, ask for help!

Learn about Foreign Lottery Scams and Internet Identity and Protection

ALERT: SMiShing Attempts Take Aim at Credit Union Members Nationwide 
A SMiShing* scam targeting credit union members tell recipients their credit or debit card has been locked or deactivated and instructs them to call a phone number. The text message falsely claims to be from a credit union, among them. All of the text messages include the first four digits of the named credit union’s debit card BIN, and a phone number to call.

If you receive such a message, do not call the number or reply to the text. Never give out your personal information in response to an e-mail or text. If issues ever arise relating to your debit or credit card — or if you have concerns about your card status — contact the credit union as soon as possible, or call only the number(s) listed on the back of your card.
 
*What is SMiShing? (from Wikipedia.com)
In computing, Smishing is a form of criminal activity using social engineering techniques similar to phishing. The name is derived from "SMs phISHING". SMS (Short Message Service) is the technology used for text messages on cell phones.
 
Similar to phishing, smishing uses cell phone text messages to deliver the "bait" to get you to divulge your personal information. The "hook" (the method used to actually "capture" your information) in the text message may be a web site URL, however it has become more common to see a phone number that connects to automated voice response system.

The smishing message usually contains something that wants your "immediate attention", some examples include:

  •  "We’re confirming you've signed up for our service. You will be charged $2/day unless you cancel your order on this URL www.?????.com;
  • "(Name of popular online bank) is confirming that you have purchased a $1500 computer from (name of popular computer company). Visit www.?????.com if you did not make this online purchase"; 
  • and "(Name of a financial institution): Your account has been suspended. Call ###.###.#### immediately to reactivate". 

The "hook" will be a legitimate looking web site that asks you to "confirm" (enter) your personal financial information, such as your credit/debit card number, CVV code (on the back of your credit card), your ATM card PIN, SSN, email address, and other personal information. If the "hook" is a phone number, it normally directs to a legitimate sounding automated voice response system, similar to the voice response systems used by many financial institutions, which will ask for the same personal information.

This is an example of a (complete) smishing message in current circulation: "Notice - this is an automated message from (a local credit union), your ATM card has been suspended. To reactivate call urgent at 866-###-####."
 
In many cases, the smishing message will show that it came from "5000" instead of displaying an actual phone number. This usually indicates the SMS message was sent via email to the cell phone, and not sent from another cell phone.
 
This information is then used to create duplicate credit/debit/ATM cards. There are documented cases where information entered on a fraudulent web site (used in a phishing, smishing, or vishing attack) was used to create a credit or debit card that was used halfway around the world, within 30 minutes.

How to Be More Clever Than an Identity Thief
U.S. Department of Justice data show that identity theft is the fastest-growing crime in America, and studies show that the 18- to 29-year-old age bracket accounts for 30% of all identity-theft complaints.

Identity theft occurs when someone uses your personal identifying information, like your name, Social Security number (SSN), or credit card number, without your permission, to commit fraud or other crimes and to get credit in your name.
Identity thieves are clever and can obtain a victim's personal information in many ways:
  • Dumpster Diving—Going through trash to find bills and papers with personal information on it;
  • Phishing—Posing as financial institutions or companies like eBay or PayPal and sending spam or pop-up messages to get consumers to reveal personal information;
  • Property theft—Stealing wallets and purses; mail, including bank and credit card statements; preapproved credit offers; and new checks or tax information;
  • Smishing—Phishing with text messaging on smart phones. Victims are instructed to visit a fake Web site.
  • Spyware—Tricking victims into downloading illicit software when they open an attachment. Spyware records keystrokes to get credit card numbers and passwords.

No one can totally eliminate the risk of identity theft. Be cautious and protect your SSN, financial account numbers, and passwords. Create passwords that are not obvious, and that would be difficult to emulate.
You can reduce your chances of becoming a victim:

  • Don't carry your Social Security card in your wallet unless you need it that day.
  • Avoid using public computers to access financial accounts, and use intricate passwords.
  • Limit personal information online.
  • Shred any paperwork that contains nonpublic information.
  • If you access financial accounts or shop online, make sure the Web site is secure. Secure sites have an "s" after the http—https://.
  • Check your credit report regularly at annual creditreport.com and monitor your transactions. Reconcile your accounts regularly.
  • Keep an inventory of everything in your wallet and your PDA.
  • For more identity theft prevention tips, call or stop in to PrimeSource Credit Union today
     And if you ever become a victim of identity theft, remember that we're here to help and want to hear from you right away.

Simple Steps Enhance Computer Privacy and Security
The significant consequences that can arise from connecting an unprotected computer to the Internet vary depending on whether a computer invader takes something, such as information that enables a thief to create a false identity, or whether the invader leaves something behind, such as a virus or program that allows the invader to return to take control of your computer for dubious purposes.

The first step to take in protecting your identity is developing an awareness of the type of information that identity thieves need to pretend to be you. Regard account numbers of any type as sensitive information. That goes beyond credit union/bank accounts to utility accounts and cell phone accounts. Hackers who sneak into your computer to "steal" your identity also are interested in any type of relationship that offers significant personal information, which can then be used to stage an impersonation. 

Computer users with high-speed or broadband Internet connections carry additional risk, since hackers are drawn to their enhanced online capabilities. Fortunately, you can take simple steps to protect your home computer.

* Use antivirus software. Antivirus software identifies infected e-mail attachments and other virus carriers before they have a chance to damage your computer. Bundled software packages combine antivirus software and personal firewalls for $60 to $80.

* Regularly update antivirus software. Since new viruses emerge every day, the companies that make antivirus programs allow computer owners to subscribe to updates to catch the latest versions.

* Create strong passwords. Hackers easily can steal the information used to create common passwords such as your birthday or a pet's name. They also have access to programs that will plug in every known word from the dictionary in an attempt to crack your passwords. Strong passwords avoid personal information, login names, or adjacent keyboard symbols. Instead, they combine numbers and letters in passwords that contain at least eight characters.

* If you have a high-speed connection, install a personal firewall. This hardware blocks hackers who attempt to locate your computer or access your files. Personal firewalls range from about $40 to $50 depending on whether you buy it packaged or purchase it from a major vendor as a download. Virus protection alone runs about $35 to 450, and annual updates run about $30 to $35, depending on vendor and features.

* Be wary of unsolicited e-mail. Viruses often are sent as attachments, and identity thieves may attempt to use e-mail to get personal information by masquerading as an Internet Service Provider (ISP) or another vendor. Always confirm the identity of the e-mail's author before opening attachments, never send sensitive personal information to anyone using e-mail, and always verify that an e-mail request for sensitive material is genuine before sharing personal information.

Protect your identity and your account! If you receive any suspicious email or telephone calls, please be aware that you should never give out any personal information or account information (nor click any email links that you are unsure of).

Please remember that PrimeSource Credit Union employee will not call you and ask you to provide sensitive account verification information. If you have any doubt, DO NOT RESPOND and please call us directly for assistance.
[ Info Desk | Products & Services | Online Services | Rates | Other | Site Map ]

Privacy Policy Notices, Terms, and Conditions | Design & Hosting by Cavion Plus SM
Browser Requirements | Copyright © Harland Financial Solutions, Inc. All Rights Reserved.
Click to verify BBB accreditation and to see a BBB report.