Fraud
Device Advice: How to Keep Your Phone Safe from Fraud
Smartphones are the millennial’s answer to the disorganized life. You can buy practically anything with just a few swipes, schedule your appointments and store all your photos and home videos in this one, convenient location. [You can also manage your accounts, check your balance and deposit checks through SRI Federal Credit Union’s mobile banking app and/or website]. Unfortunately, all of that convenience comes at a price: Your mobile devices pose an inherent risk to your security if they fall into the wrong hands. The good news is, there are ways to protect your phone and your information from fraud. Here are 6 tips for keeping your device safe and secure. If your entire life is on your phone, you run the risk of giving up complete access to your identity if your phone is stolen or misplaced. The best way to prevent this from happening is to have a lock on your screen. Opt for a physical lock if possible, such as fingerprint or face recognition; meaning no amount of automated password inputs can open your phone. Consider installing a tracking device/app on your phone as well to help you locate it and retrieve or erase the data if it gets misplaced. Finally, adjust your phone’s lock settings so the screen automatically locks after the shortest amount of time being idle. Passwords should be a blend of letters with varied capitalization use, numbers and symbols. Be sure to use a different password for each of your devices, apps and other online accounts, and to change up your passwords approximately every six months. Don’t store the info for all your passwords in one location on your phone or have your device “remember” your passwords. If you find it challenging to recall all your passwords and login credentials, you may benefit from a password manager like Sticky Password or LastPass. Follow these rules for safe online browsing: The first thing many people do when they sit down in a restaurant, at a bar, or almost anywhere, is search for free Wi-Fi access. It’s an easy way to save on data, so why not? Simply put, using public Wi-Fi makes you vulnerable to hacking. It’s best not to use public Wi-Fi at all, especially when banking online. To keep your device safe while using public Wi-Fi, connect to a virtual private network (VPN). Changing your virtual network will protect your location and sensitive information from scammers. In addition, be sure to keep your own Wi-Fi locked to prevent strangers from accessing your network. 5. Encrypt your data Your phone stores loads of your PII, which can make you vulnerable to identity theft if it’s stolen or misplaced. Protect your information by encrypting all sensitive data on your phone. Most phones have encryption settings, which you can enable easily. To encrypt data on an Apple device, go to the settings menu, choose “Touch ID & Passcode” from the pop-up menu and follow the prompts to unlock your phone. When you’ve gained access, scroll down until you see the words “Data Protection”. If this feature is not enabled, enable it now. Your data is now unreadable. If you own an Android phone, charge your phone at least 80% and unroot it. Next, go to your security settings and choose “Encrypt Phone” from the menu. Encryption may take an hour or more. The same antivirus programs that protect your laptop can also keep your phone secure. Check out security programs for phones, like McAfee or Norton 360. Antivirus software will provide your phone with protection from security breaches and attacks from scammers. If you believe your device has been compromised, and/or you’re vulnerable to identity theft, notify SRI Federal Credit Union immediately. Alert the FTC as well. Smartphones bring a lot of convenience into our lives, but they carry an inherent security risk. Use the tips outlined here to keep your device safe from fraud.
What is the Dark Web?
Q: I’ve heard of the dark web, but I never understood what this term means. What is the dark web? How is it accessed? Is there any way to keep my information out of its depths?
A: The dark web is the deepest layer of the internet that isn’t visible to the average browser. Unfortunately, its name is a perfect description of its function, as the dark web is full of illegal activities and crimes. Let’s take a closer look at the dark web and how you can protect your information from being caught in its trap. What is the dark web? The internet has been likened to an iceberg. There is very little of it that is truly visible above the surface, but it is enormous, dark and deep underneath. There are three basic components of the internet: Despite its name, not all of the activity that takes place on the dark web is illegal. The deepest part of the internet also provides a platform for communication and commerce among people living in countries that have heavy censorship over online activity. In addition, the dark web was originally used by the United States Department of Defense to communicate anonymously. Unfortunately, though, the dark web remains a hotbed of criminal activity. Loads of illegal trade takes place through the dark web, including drugs, firearms, counterfeit money, subscription credentials and personal information of thousands of targets. The inherent anonymity of the dark web allows hackers and scammers to roam free without fear of being caught. How does the dark web work? The dark web, and by extension the Tor browser, uses a technology known as “onion routing.” This technology uses multiple layers of encryption and redirection to assure anonymity for every browser. When a browser tries to access a site on the dark web, its information will be routed through thousands of relay points, making it impossible to identify and trace. How can I protect myself from the dark web? It’s important to take preventative measures to protect your information from the dark web. Here’s how: The dark web is fraught with danger and impossible to trace but there are ways to protect your information. Use the tips outlined here to stay safe.
Beware of Digital Kidnapping
Most parents warn their kids against taking candy or accepting a ride from a stranger, but there’s a digital equivalent to conventional kidnapping that is unknown to many people. Digital kidnapping happens when a crook takes control of a target’s social media profiles and holds them until a ransom is paid. It can also involve “kidnapping” photos that are posted on social media pages. Here’s what you need to know about digital kidnapping and how to protect yourself from falling victim. How the scams play out In a digital kidnapping scam, a hacker or ring of scammers will take control of one or more of a target’s social media profiles. The target will be effectively locked out of their own social media accounts and will be unable to access or update them. Once the scammer has control of the profile, they’ll contact the target, demanding a hefty ransom in return for access to the account. They may even threaten to post damaging or humiliating content on the social media profile unless the ransom is paid. In another version of this scam, hackers will “kidnap” a photo of a child or baby off an unsecured social media account. They will post these photos in their own accounts, using the picture-perfect moments to create a fantasy world of their own. In a creepy twist of reality, they’ll pretend these are snapshots of their own family. They may use this fake world to help them create an imaginary escape, or to draw traffic to their own public accounts. Sometimes, they’ll utilize these photos to help build a bogus story, such as a baby being put up for adoption, or a charitable fund to benefit a child whose parents are struggling financially. Unfortunately for the actual parents, it can be months or years before they find out that their child’s picture is splashed across a public account with thousands of followers. If you’ve been targeted If you believe you’ve been targeted by a digital kidnapping scam, there are steps you can take to mitigate the damage. First, alert the company that owns the social media platform to let them know your account has been compromised. They’ll likely have specific instructions for you to follow to ensure your account remains safe. They may even advise you to close the compromised account and open a new one. Next, tip off the Federal Trade Commission (FTC) and local law enforcement agencies which can help you determine whether it makes sense to pay the requested ransom. Finally, clean up your accounts and make sure there is no identifying or potentially dangerous information being posted on a public forum. Protect yourself The best way to protect yourself from digital kidnapping is by keeping your accounts private and secure. Always choose the strongest security settings on your devices and opt for private social media accounts across every platform. This will limit your audience to by-invitation-only viewers while helping to keep hackers and creeps away. It’s also a good idea to be mindful of what you post, and how often you post it. Even when using the strongest security settings, sharing a picture online essentially means sharing it with the public. You never know who may be trolling your accounts or looking for pictures to “adopt” as their own. Think three times before posting a picture of your kids. Extra caution is advised for those with super-cute kids. Finally, be sure to follow basic online safety rules to avoid giving a scammer access to your accounts. Use strong, unique passwords for each of your online accounts and change up your passwords every six months or so. Avoid using public WiFi unless absolutely necessary. Accept every security and software update offered for your device to keep them operating at optimal security. Finally, avoid sharing sensitive information with an unverified contact and never download an attachment or click on a link within an email from an unknown sender. Stay alert and stay safe!
What is a Fraud Ring and How Can I Keep Myself Safe?
Q: I’ve been hearing a lot about fraud rings and how dangerous they can be for both businesses and consumers. What is a fraud ring, and how can I keep myself safe from falling victim?
A: A fraud ring is a group of fraudsters and merchants that can operate for years, stealing money and information while causing tremendous damages and loss.
Let’s take a deeper look at fraud rings, how they operate and how consumers and merchants can keep themselves safe. What is a fraud ring? A fraud ring is an organized circle of criminals that works to defraud and steal from people. They’ll use the same tactics as smaller groups of scammers and individual crooks, but they work on a much larger scale. They also tend to have access to more technology and resources than a scammer who is working alone. Consequently, the harm they can do is on a much larger scale as well. A fraud ring can consist of a group of criminals, as in any organized crime ring, or it can consist of a family of crooks working together to pull off their crimes. The members of the fraud ring collaborate to share information that can help them commit acts of fraud to net vast amounts of stolen funds and merchandise. Fraud rings take a tremendous amount of skill and coordination to create and run. Unfortunately, though, they can be very lucrative for fraudsters. In addition, the skill used to operate these rings makes them very difficult to detect and they can operate for years before being caught. The good news is that investigators can use their own advanced methods to identify and catch fraud rings and bring their operators to justice. How does a fraud ring operate? A fraud ring can operate under one of several pretexts. One common premise involves forgery, in which the fraud ring will create fake claims, steal identities and even print counterfeit checks and currency. Some rings target individuals, committing identity theft and the like, but many will focus on targeting eCommerce websites, businesses, charities, or government agencies. The fraud rings will often test their software against the business’s payment solutions by trying to make purchases through bogus giftcards or by using fake credit cards. If the fraud ring can get past the first line of defense the business has in place, it will move on to more severe crimes against the business, including larger purchases paid for via fraudulent means, hacking into the company’s database, and stealing the personal details of their customers and more. A fraud ring can commit any of the following scams: How can I recognize a fraud ring? Unfortunately, with the world of commerce and banking moving more online, fraud has become more rampant than ever. There are millions of pieces of sensitive data floating around the internet, including Social Security numbers, checking account information, credit card numbers and more. While most of this is inaccessible to the common crook and hidden behind safety measures like encryption, lots of data slips through cracks and gets picked up by scammers. There are also sophisticated hacking and phishing methods that help criminals gain access to this information. Finally, scammers can use a few bits of innocent, but identifying information, such as a date of birth, street address, and hometown — all of which can easily be found online and on social media accounts — to crack open passwords for accessing sensitive data. In fact, the internet has made fraud so rampant that research shows there is a new victim of identity theft every two seconds. Fraud rings have naturally also benefited from the massive amounts of information that can be scraped off the internet. With their increased manpower and resources, fraud rings can, unfortunately, access lots of data from individuals and merchants. Fortunately, you can learn to recognize signs of fraud and protect yourself from falling victim to a fraud ring or a scammer working alone. Look out for these red flags which can indicate signs of fraud: If you own a business, you may be at even greater risk of falling victim to a fraud ring. Be sure to look out for several sudden and large purchases from a customer who hasn’t made a purchase in a while, new accounts from customers that quickly become big spenders, and claims that demand refunds for faulty products you believe were in perfect order when shipped. It’s also important to follow rules of safe online interaction and identity protection at all times. Never share any sensitive information online or on the phone unless you are absolutely sure you are engaging with a reputable entity on the other end. Detecting instances of fraud at the first sign of suspicion can help mitigate the damage and keep your money and your information safe.
Don’t Answer Calls from These Area Codes
Robocalls have got to be one the most annoying inventions of the 21st century. Unfortunately, those phone calls can do a lot more than disrupt your dinner to send you running to the phone just to hear about an offer for an extended warranty on your car. Using sophisticated spoofing methods and dogged persistence, they can swindle unsuspecting targets out of hundreds, or even thousands of dollars, using nothing but a phone. In fact, according to data from Trucaller, Americans lost close to $30 billion to phone scams in 2020. Technology has made it far too easy and cheap for scammers to place a huge number of robocalls in seconds. New robocall platforms can make up to 5,000 simultaneous calls a second for as little as a dollar. Even if only 10 of these phone calls have their desired effect on the targets, the scammers have pulled in a solid profit. Here’s what you need to know about phone scams and how to avoid them. Traffic pumping According to federal law, rural carriers are allowed to charge wireless and long-distance carriers higher fees for calls to local subscribers. To earn a quick buck – or a few hundred – rural carriers partner up with chat lines, adult entertainment numbers and “free” conference call service providers, as well as other numbers that are based overseas. Their goal is to artificially inflate the call volume in the home area codes of the rural carriers so they, in turn, can bill the wireless and long-distance companies an exorbitant amount of money and give the chat lines a kickback, too. This is known as “traffic pumping.” The bad news for private consumers is that their wireless or landline provider will pass the higher cost structure onto them. Sometimes, the caller will be warned of a higher charge, but other times, the consumer will believe these calls are completely free – until the bill arrives. Area code alert: The 712 area code and the 218 area code are infamous for traffic pumping. The one-ring scam In this ruse, scammers use robocalling technology to call wireless numbers and hang up after only one ring. The scammers are hoping the target will be curious and careless enough to return the call. If they do, they will likely be calling a number in the Caribbean, which can cost them up to $30 a minute. A prevalent one-ring scam that originates in Japan brings that cost up to $50 a minute! Whenever you receive a call from an unfamiliar number, it’s best to let it go to voicemail instead of picking up. Curious enough to return a one-ring call? First Google the number to see who the caller is. If it’s a scammer, you’ll likely find some warnings posted online when you look up the number. Area code alert: The FTC warns consumers about returning one-ring calls from these area codes: When an unfamiliar number comes up on your phone screen, you’re better off waiting for a voicemail to determine if you have a legitimate caller before calling it back. You can also Google the phone number itself. If the number is a scam, chances are good that others will have posted warnings about it online. Protect your phone If the robocalls are driving you crazy, there are steps you can take to limit the amount that reach your phone. First, place your number on the Do Not Call list. You can also reach out to your phone service provider to ask about robocall blocking functionality they may offer, though you may need to pay for this extra service. Finally, consider using a robocall-blocking app, like Hiya, YouMail or RoboKiller. Think twice before picking up the phone from an unknown caller, or returning a call from an unfamiliar number. Stay safe!
4 Scams to Watch Out for this Black Friday and Cyber Monday
Black Friday has traditionally been the day that kicks off the holiday shopping season, sending hordes of crowds surging through malls and big-box stores all over the nation. Unfortunately, it’s also been a day that kicks off the season of shopping scams. Here are four scams to watch out for this Black Friday and throughout the holiday shopping season: In this ruse, a scammer posing as an Amazon representative will call a target to notify them about an alleged problem with their Prime account. The victim will be prompted to download a tool on their computer or mobile device. That “tool” will give the scammer remote access to “help them resolve the problem” that is at hand. If they comply, the victim will then be instructed to log onto their banking account, supposedly so the caller can be compensated for their time. Unfortunately, doing this will give the scammer direct access to the victim’s accounts. Phishing emails are nothing new, but they can be difficult to spot among the barrage of promotional emails flooding inboxes during this time of year. Here are two common variations of phishing scams: The coronavirus pandemic has forever changed the way Americans shop. It’s resulted in the volume of U.S. online purchases increasing steadily, according to the Census Bureau’s quarterly e-commerce reports. Scammers are well aware of this, and they’ve been quick to capitalize on the opportunities to pull off delivery scams, especially this time of year. Delivery scams generally take the form of a message appearing to be from UPS, FedEx or another delivery service, informing the victim of a “delivery issue” with an order. They’ll be asked to confirm or update their information with the provided link. Doing so will give the scammer access to their financial information and open the door to identity theft and more. In another variation of the delivery scam, a victim will be asked to pay a fee for covering a customs charge or tax. Of course, these fees are invented by the scammer, who will gladly pocket the money. Another scam whose prevalence has spiked with the increase in online shopping is the non-delivery scam, which involves a purchased gift that never arrives. The victim, likely lured in by an ad promising a super-low price on a desired item, rushed to complete the purchase without researching the seller. Unfortunately, the seller then disappears and the victim has no way of notifying them about the no-show or requesting a refund. How to avoid Black Friday scams Follow these tips to keep your shopping free of scams: Stay safe! Your Turn: Have you been targeted by a Black Friday scam? Tell us about it in the comments.
Don’t Get Spooked by One of these Scams this Halloween!
That cackling, long-haired witch might send your heart fluttering with fear, but these Halloween scams are even spookier! Here’s what to know about these common Halloween scams. 1. The Joker Desperate for money before the holiday shopping season hits? Looking to pad your pockets with a bit of extra cash? Scammers know this all too well, and target consumers with messages promising loads of money for very little work. All you need to do is send a small amount of money to a designated digital address via CashApp, Venmo, or another money transfer app, and your money will be doubled, tripled, or more. Don’t fall for the tricks! Much like another variation of the money-flipping scam, they’ll ask you to share your account information so they can withdraw the money and then “treat” you with the cash you’ve earned. It’s like getting free money – which, of course, doesn’t exist. Spot a money-flipping scam through the amateur writing and too-good-to-be-true promises. Any request for you to share your banking information is another dead giveaway. 2. Night of the Living Dead This scam can be pulled off at any time of year, but it takes on an extra level of spookiness when yards are decorated with ghosts and cobwebby graveyards. In the deceased identity theft scam, scammers actually steal the identity of someone who is no longer living. They may empty the decedent’s accounts, pass off their credit history as their own and use their Social Security number to collect benefits, apply for a job, and more. Protect a loved one’s identity from being stolen after they pass on by taking steps to lock down their social media accounts, credit report, and Social Security number. Keep an eye on their accounts until their assets have been lawfully divided. 3. Trick or Treat You found the perfect costume online, and for a bargain price! You happily pay up, complete your order and wait for the package to arrive. And wait. And wait. Unfortunately, you’ve been tricked. In a variation of the online order scam, the package arrives on your doorstep as promised, but has little resemblance to the way it looked online. The quality may be lacking, the size and color completely off, or important components missing. You may try to find a customer service line, but there’s no working number listed. You may also try returning the purchase, but a street address for returns will be more elusive than the invisible man. Don’t get tricked! Only order from reputable sites that display complete contact information for the company. Ignore all offers that scream “Hot Deal! Act Now!” and feature prices that are way below the average sale price. Shop with caution and you’ll only walk away with treats. 4. Hitman There’s a hitman at your door – and no, this is no disguise! In the hitman scam, scammers pretend to be assassins who were hired to take out a target. They’ll send the target extortion emails and messages, promising to spare their life for just a few thousand dollars. Often, they’ll even drop the name of the friend or family member who allegedly put a hit on the target’s life. Don’t get scammed! If you receive an extortion message of any kind, contact local law enforcement. Never share money with an unverified contact. And finally, if the scammer shared the name of the person who allegedly hired them, reach out to this person to verify that no, they didn’t put a hit on your life. It’s a frightening world out there, but being aware of these scams and following smart precautions, you can protect your money and your information. Have a happy and safe Halloween! Your Turn: If you think you have been targeted for one of these Halloween scams or any other fraud please let us know as soon as possible.
Beware of Gift Card Scams
Everyone loves a gift card for their favorite retailer or restaurant. It’s like getting money to spend in any way you please! Unfortunately, scammers also love gift cards, but for all the wrong reasons: They often use gift cards to pull off scams. Here’s what you need to know about gift card scams and how to avoid them. How the scams play out There are several ways scammers utilize gift cards to con victims out of their money: How to spot a gift card scam A little bit of knowledge goes a long way in recognizing gift card scams: In general, gift cards should be used for purchases or to send as gifts, and not as payments. Also, as with all sensitive information, the numbers on your gift card should never be shared over the phone or online. Finally, it’s best to only purchase gift cards through reputable sellers or those that have excellent customer reviews and/or offer a cash-back guarantee. If you’ve fallen victim to a gift card scam If you’ve paid a scammer with a gift card or shared your gift card information after being taken by any of the above ruses or similar schemes, take immediate steps to mitigate the damage. First, contact the company that issued the card as soon as possible. You can find the customer service number for most companies on the card itself or through a simple Google search. Tell the representative what happened. If you still have them, hold on to the receipt and the actual card for proof should it be required. Next, if the scammer continues to contact you by phone, text message or email, do not engage further. Block the scammer’s number from your mobile device and mark their emails as spam. Finally, report the incident to the Federal Trade Commission (FTC) and alert your family and friends about the scam. Stay safe!
SRIFCU Fraud Monitoring Through Text Messages
Our text alert service allows you to instantly keep tabs on suspicious
card activity.
At SRI Federal Credit Union, we want to make sure that using your debit or credit card is always as safe and convenient as possible. That’s why we use text alerts as part of
our ongoing fraud monitoring program.
How It Works:
With text fraud alerts*, if our system detects suspicious activity on your card, you’ll receive a text message with details about the suspected transaction. All you have to do is respond to the text to confirm the transaction.
If you indicate the transaction is fraud, you’ll receive another message with a number to call for follow-up. If not, you’re all set. The system will mark the transaction as legitimate and you can get on with your day – simple as that.
Getting Started:
If we have your mobile phone number on file, you don’t have to do anything. It’s really that easy. If there is suspicious activity, we’ll send a text alert right away.
To verify or update your mobile phone number give us a call at 800.986.3669.
* All texts will be sent from 37268.
Fraud Prevention and Security
The Internal Revenue Service (IRS) recently warned taxpayers and tax professionals about a new IRS impersonation scam email.
The email subject line may vary, but according to the IRS, recent examples use phrases like “Automatic Income Tax Reminder” or “Electronic Tax Return Reminder.” The emails include links that are meant to look like the IRS website with details about the taxpayer’s refund, electronic return or tax account. The emails contain a “temporary password” or “one-time password” that purports to grant access to the files. However, these are actually malicious files. Once the malware files are installed on your computer, scammers may be able to secretly download software that tracks every keystroke, giving the bad guys access to information like passwords to your financial accounts.
Don’t be fooled: The IRS does not send unsolicited emails and never emails taxpayers about the status of refunds.
KEEPING YOUR MONEY SAFE
Fraud and scams are realities in today’s world. Here are just a few of the most common schemes fraudsters may use:
“Is this too good to be true?” If it sounds too good to be true, it probably is. Read on for some typical fraud tactics.
- “Buy it now – this offer is only good today!”
- Pay first, before any of the details or contract are provided.
- Offers that discourage potential customers from taking the time to research the product or company thoroughly before purchasing.
- Offers in which a fee has to be paid to receive a large amount of money back.
Extremely alarming or threatening messages – threats of account closure and/or jail for yourself or a loved one. Fraudsters use fear in hopes that people will panic and be frightened into providing their personal information.
Promises of money for little or no effort. “Free” trips, life insurance, lottery winnings, etc. They ask you to pay a small processing charge in order to receive your money/gift.
Buy gift cards to pay for services/fees. A legitimate business will not ask for services to be paid with a gift card.
Email or text messages – claiming to need to verify or update your information. Never send your account numbers, card numbers, PIN(s), passwords, Social Security number(s), or any other personal identification information via text or email.
Love of your life (or a really good scam artist?). Be very cautious when a long-distance romance interest, a relative of a romantic love interest or anyone else that you know little about “needs money” or “has passed away and left you a large sum and you just have to send money to get it”.
How do I protect myself? Here are some ways to protect yourself.
PROTECT YOUR IDENTITY
Never share account or card information. This includes your internet banking login/password, account numbers, social security number, personal identification number(s)/PIN(s).
Do not provide personal information via email. Email is not a secure way to communicate.
Wait to “share”. Avoid posting on social media when you are on vacation and when you will be returning advertising that your home will be empty. Wait until you get back to post those fun photos!
Secure your mail. Place outgoing mail in a post office collection box and not in your own mailbox. If you are going to be away from home for more than a couple of days, have the US Post Office hold your mail. SRIFCU online banking and electronic statements are a great option!
Review your account regularly.
Safely dispose of personal information. Shred any documents that have personal or financial information.
Review your credit report annually. Request a free copy of your credit report at: www.annualcreditreport.com.
If you believe your identity and/or account information may have been compromised, contact the Federal Trade Commission immediately for guidance and to report identity theft.
How to protect your SRIFCU debit card from fraud and unauthorized transactions
HOW TO PROTECT YOUR SRIFCU DEBIT CARD FROM FRAUD AND UNAUTHORIZED TRANSACTIONS:
- Regularly review account transactions
- Do not provide your card number to via unsecure internet or to an unsecure website
- Log off any site after making a purchase with your card or close the browser completely
- Use a specific debit card tied to a specific account for online purchases only
- Track transactions carefully
- NEVER share your PIN with anyone
- Destroy old cards. Don’t throw them in the trash
- Protect your card as you would cash
- Use ATMs in well-lit and secure areas
- Shield the keypad when entering your PIN
What to do if you see transactions that you did not make?
- Contact the merchant immediately to discuss the charge and request reimbursement.
If the merchant will not provide a refund:
- Close your card: Call 800-986-3669 or stop by the branch to request that your card be closed immediately so no further transactions can be charged. A dispute form will also be provided for you to complete and submit.
