Refer to these helpful tips and articles to protect you and your family
against fraud, identity theft and malicious activity. Please call us if you ever need
assistance or have questions about safeguarding your identity and computer.
Use Strong Passwords to Prevent Fraud
It’s important that you establish strong passwords to protect your accounts and identity. Without them, you may unwittingly leave yourself open to identity theft, according to the Credit Union National Association (CUNA) Center for Personal Finance.
If you’re typical of many computer users, you have a weak password--one that’s easy for hackers to crack. One example is any word in the dictionary; con artists have written software programs that search every word in the dictionary to uncover the key that can open your files. Another no-no is using personal information, such as birthdays or names of family members and pets. And using consecutive keys on the keyboard, such as qwerty, is a gift that keeps on giving for identity thieves. The key to a strong password, according to Microsoft, is to use a variety of characters and make it both random and lengthy.
The greater the variety, the better:
Combine letters, numbers and symbols. Each character you add increases your protection from fraud. A password without symbols needs to be considerably longer to have the same degree of protection as an eight-character password with symbols.
We're Doing Our Best to Help Protect You and Your Cards Against Fraud
Plastic card fraud statistics are up, and much of the fraud comes from criminal activities you can't control. But you can help yourself by being responsible and aware of actions that will minimize risk. PrimeSource also can help by using protective measures to fight plastic card fraud.
At PrimeSource we're proud of the measures we take to help protect your credit cards. At first, some measures may seem a bit inconvenient, but before getting frustrated, realize they are for your safety.
We're also working hard to make sure every card transaction is valid. If we flag your card as being potentially fraudulent, please understand we're only trying to protect you. Be patient, we'll work things out. You may receive a call asking to verify transactions. For questions you might have about plastic card fraud or any other concerns, please contact us today at 509-838-6157.
Thwart ATM Skimmers
Every year sophisticated thieves steal millions of dollars from consumers by “skimming” their personal account information. Skimming, sometimes called "card cloning," involves a thief installing a magnetic card reader, or skimmer, over the actual card reader at an ATM or gas pump.
When you swipe your card, the skimming device steals the information and transmits it to a remote computer. At the same time, a tiny, concealed camera reads your PIN as you key it in.
The camera often is in a bar the thief has affixed to the machine that looks the ATM’s trim. Criminals usually ensure their counterfeit equipment matches the machine’s color scheme. Their methods are growing more sophisticated, including keypads that fit over the machine's real keypad, eliminating the need for the camera.
Luckily, you can take steps to avoid becoming a victim:
• Use the same ATM as often as possible. Memorize how it looks, so you will know if anything about it looks fishy.
• Inspect the ATM. If anything looks unusual—cracked, loose, scratched, or taped—don’t use it.
• Avoid ATMs in popular tourist locations, as they’re common targets. When possible, use indoor ATMs, which are harder for thieves to tamper with.
• When entering your PIN on the keypad, cover the keypad with your free hand to block the view of a spying camera.
Check your account often.
If you suspect fraudulent activity and need to report your card number:
Call us during business hours at (509) 838-6157 or (800)660-0444; or
To Report a Lost or Stolen VISA DEBIT CARD:
Call (800) 472-3272
To Report a Lost or Stolen VISA CREDIT CARD:
Call (800) 808-7230
Ask Questions to Avoid Fake-Check Scams
Three key questions will protect you from many scams:
1. Why would anyone send you more money than you're due? Just asking the question is a reminder that you rarely get something for nothing.
2. Why do you need that information? When anyone asks for personal information--check routing numbers, driver's license numbers, Social Security numbers, or other data--ask why it's required. Unless you're convinced by the answer, refuse to provide it. Never provide information when someone else originates the transaction or request for information.
3. Is this check genuine? Even cashier's checks can be faked.
Please be sure to ask a professional at PrimeSource Credit Union to examine any questionable check before withdrawing funds.
Randomly capitalize some letters. Sprinkle them throughout your password.
Stray from typical symbols. Don’t forget about punctuation marks, slashes, dashes and brackets--symbols not on the upper row of your keyboard.
Use a phrase or sentence to help you remember. Here’s one example, “My #1 dog is a cross between Boxer/Lab,” becomes the password “m#1diacbB/L.” Remember this phrase and you won’t forget this seemingly random combination of letters, numbers and symbols.
Avoid easy-to-guess passwords. This includes your login name, sequences (123456789), or look-alike characters (M@ddie).
* Combine letters, numbers and symbols. Each character you add increases your protection from fraud. A password without symbols needs to be considerably longer to have the same degree of protection as an eight-character password with symbols.
* Randomly capitalize some letters. Sprinkle them throughout your password.
* Stray from typical symbols. Don’t forget about punctuation marks, slashes, dashes and brackets--symbols not on the upper row of your keyboard.
* Use a phrase or sentence to help you remember. Here’s one example, “My #1 dog is a cross between Boxer/Lab,” becomes the password “m#1diacbB/L.” Remember this phrase and you won’t forget this seemingly random combination of letters, numbers and symbols.
* Avoid easy-to-guess passwords. This includes your login name, sequences (123456789), or look-alike characters (M@ddie).
Finally, take time to check the strength of your password. Use Microsoft’s online tool at Microsoft.com (search “password checker”) to see how your password stacks up
Fake checks are making it tougher to tell if someone is offering you a real deal or just another scam. The crooks creating the latest fake checks often call or e-mail victims to tell them they have won a sweepstakes or inherited money. The crook invents an excuse to explain why the check is written for an amount larger than the total owed to the recipient. To get faster access to the funds, the crook advises the recipient to accept the too-large check and wire back the "excess" amount.
The recipient then has a financial instituion wire the "excess" funds to the crook. When the scam is discovered, the financial institution typically withdraws the amount of the check from the victim's account. Meanwhile, the victim loses the amount sent by wire transfer, often thousands of dollars.
Although PrimeSource Credit Union makes every effort to verify checks, we cannot guarantee that the checks will not be returned for nonpayment, and in the case fraudulent or counterfeit checks, the member is ultimately responsible. When in doubt, ask for help!
Learn about Foreign Lottery Scams and Internet Identity and Protection
ALERT: SMiShing Attempts Take Aim at Credit Union Members Nationwide
A SMiShing* scam targeting credit union members tell recipients their credit or debit card has been locked or deactivated and instructs them to call a phone number. The text message falsely claims to be from a credit union, among them. All of the text messages include the first four digits of the named credit union’s debit card BIN, and a phone number to call.
If you receive such a message, do not call the number or reply to the text. Never give out your personal information in response to an e-mail or text. If issues ever arise relating to your debit or credit card — or if you have concerns about your card status — contact the credit union as soon as possible, or call only the number(s) listed on the back of your card.
*What is SMiShing? (from Wikipedia.com)
In computing, Smishing is a form of criminal activity using social engineering techniques similar to phishing. The name is derived from "SMs phISHING". SMS (Short Message Service) is the technology used for text messages on cell phones.
Similar to phishing, smishing uses cell phone text messages to deliver the "bait" to get you to divulge your personal information. The "hook" (the method used to actually "capture" your information) in the text message may be a web site URL, however it has become more common to see a phone number that connects to automated voice response system.
The smishing message usually contains something that wants your "immediate attention", some examples include:
- "We’re confirming you've signed up for our service. You will be charged $2/day unless you cancel your order on this URL www.?????.com;
- "(Name of popular online bank) is confirming that you have purchased a $1500 computer from (name of popular computer company). Visit www.?????.com if you did not make this online purchase";
- and "(Name of a financial institution): Your account has been suspended. Call ###.###.#### immediately to reactivate".
The "hook" will be a legitimate looking web site that asks you to "confirm" (enter) your personal financial information, such as your credit/debit card number, CVV code (on the back of your credit card), your ATM card PIN, SSN, email address, and other personal information. If the "hook" is a phone number, it normally directs to a legitimate sounding automated voice response system, similar to the voice response systems used by many financial institutions, which will ask for the same personal information.
This is an example of a (complete) smishing message in current circulation: "Notice - this is an automated message from (a local credit union), your ATM card has been suspended. To reactivate call urgent at 866-###-####."
In many cases, the smishing message will show that it came from "5000" instead of displaying an actual phone number. This usually indicates the SMS message was sent via email to the cell phone, and not sent from another cell phone.
This information is then used to create duplicate credit/debit/ATM cards. There are documented cases where information entered on a fraudulent web site (used in a phishing, smishing, or vishing attack) was used to create a credit or debit card that was used halfway around the world, within 30 minutes.
How to Be More Clever Than an Identity Thief
U.S. Department of Justice data show that identity theft is the fastest-growing crime in America, and studies show that the 18- to 29-year-old age bracket accounts for 30% of all identity-theft complaints.
Identity theft occurs when someone uses your personal identifying information, like your name, Social Security number (SSN), or credit card number, without your permission, to commit fraud or other crimes and to get credit in your name.
Identity thieves are clever and can obtain a victim's personal information in many ways:
- Dumpster Diving—Going through trash to find bills and papers with personal information on it;
- Phishing—Posing as financial institutions or companies like eBay or PayPal and sending spam or pop-up messages to get consumers to reveal personal information;
- Property theft—Stealing wallets and purses; mail, including bank and credit card statements; preapproved credit offers; and new checks or tax information;
- Smishing—Phishing with text messaging on smart phones. Victims are instructed to visit a fake Web site.
- Spyware—Tricking victims into downloading illicit software when they open an attachment. Spyware records keystrokes to get credit card numbers and passwords.
No one can totally eliminate the risk of identity theft. Be cautious and protect your SSN, financial account numbers, and passwords. Create passwords that are not obvious, and that would be difficult to emulate.
You can reduce your chances of becoming a victim:
- Don't carry your Social Security card in your wallet unless you need it that day.
- Avoid using public computers to access financial accounts, and use intricate passwords.
- Limit personal information online.
- Shred any paperwork that contains nonpublic information.
- If you access financial accounts or shop online, make sure the Web site is secure. Secure sites have an "s" after the http—https://.
- Check your credit report regularly at annual creditreport.com and monitor your transactions. Reconcile your accounts regularly.
- Keep an inventory of everything in your wallet and your PDA.
- For more identity theft prevention tips, call or stop in to PrimeSource Credit Union today
And if you ever become a victim of identity theft, remember that we're here to help and want to hear from you right away.
Simple Steps Enhance Computer Privacy and Security
The significant consequences that can arise from connecting an unprotected computer to the Internet vary depending on whether a computer invader takes something, such as information that enables a thief to create a false identity, or whether the invader leaves something behind, such as a virus or program that allows the invader to return to take control of your computer for dubious purposes.
The first step to take in protecting your identity is developing an awareness of the type of information that identity thieves need to pretend to be you. Regard account numbers of any type as sensitive information. That goes beyond credit union/bank accounts to utility accounts and cell phone accounts. Hackers who sneak into your computer to "steal" your identity also are interested in any type of relationship that offers significant personal information, which can then be used to stage an impersonation.
Computer users with high-speed or broadband Internet connections carry additional risk, since hackers are drawn to their enhanced online capabilities. Fortunately, you can take simple steps to protect your home computer.
* Use antivirus software. Antivirus software identifies infected e-mail attachments and other virus carriers before they have a chance to damage your computer. Bundled software packages combine antivirus software and personal firewalls for $60 to $80.
* Regularly update antivirus software. Since new viruses emerge every day, the companies that make antivirus programs allow computer owners to subscribe to updates to catch the latest versions.
* Create strong passwords. Hackers easily can steal the information used to create common passwords such as your birthday or a pet's name. They also have access to programs that will plug in every known word from the dictionary in an attempt to crack your passwords. Strong passwords avoid personal information, login names, or adjacent keyboard symbols. Instead, they combine numbers and letters in passwords that contain at least eight characters.
* If you have a high-speed connection, install a personal firewall. This hardware blocks hackers who attempt to locate your computer or access your files. Personal firewalls range from about $40 to $50 depending on whether you buy it packaged or purchase it from a major vendor as a download. Virus protection alone runs about $35 to 450, and annual updates run about $30 to $35, depending on vendor and features.
* Be wary of unsolicited e-mail. Viruses often are sent as attachments, and identity thieves may attempt to use e-mail to get personal information by masquerading as an Internet Service Provider (ISP) or another vendor. Always confirm the identity of the e-mail's author before opening attachments, never send sensitive personal information to anyone using e-mail, and always verify that an e-mail request for sensitive material is genuine before sharing personal information.
Protect your identity and your account! If you receive any suspicious email or telephone calls, please be aware that you should never give out any personal information or account information (nor click any email links that you are unsure of).
Please remember that PrimeSource Credit Union employee will not call you and ask you to provide sensitive account verification information. If you have any doubt, DO NOT RESPOND and please call us directly for assistance.