Protecting our members is important to us, so we want to keep you in the loop on current fraud and scams.
Scammers send fake text messages to trick you into giving them your personal information – The scammers use a variety of ever-changing stories to try to rope you in. Please remain alert and don't share your personal sensitive information.
- A new spam text out in the community is a mobile alert stating "Your VISA Card is Locked". Mobile users are asked to call a toll free number that alerts them their card is temporarily locked. The recording then prompts the mobile user to enter their 16 digit card number.
- Wanigas Credit Union a division of Financial Plus will never call, text or email you to request your personal sensitive information, such as your Social Security number, your credit/debit card number(s), or your digital banking username and password.
- Financial Plus has been notified by members receiving text messages regarding an attempt to obtain digital and online banking information. While these fraudsters have not been successful in their attempts, we want to make members aware of these attempts so they can avoid becoming a victim.
- Sample of fraudulent text message content: “Due to the merger of Financial Plus and Wanigas, online banking would not be available through regular portals. Click here to access your online banking.”
Credit/Debit Card Number Scam
Please be aware of potential fraudsters acting as the Wanigas Fraud Department making phone calls to get your credit or debit card number over the phone. If you receive a call asking for your credit or debit card number, hang up. Wanigas will never ask you for this information over the phone.
Card Skimmers - Tips You Need To Know
The vast majority of ATM & Gas Pump transactions are conducted safely and securely, but ATM & Gas Pump fraud can and does happen. A common technique used by thieves to obtain your debit card information and PIN at ATMs & Gas Pumps is skimming. ATM & Gas Pump skimming occurs when thieves use hidden electronics or technology on ATM & Gas Pump machines to steal card info. With your card’s information in hand, scammers can empty your checking or savings account.
What To Look For
- Skimming Overlay Devices. These devices are placed over the card slot. When a card is inserted into the card slot, the device records the card’s magnetic strip data.
- Shimming technology. Thieves have more recently developed “shimming” technology, where they install a thin, card-size device with a microchip into the card slot. This device isn’t visible from the outside of the ATM/Gas Pump and steals information that allows the thief to clone your card.
- Keypad Overlays. These devices are placed over a keypad and can capture PINs as they’re entered.
- Tiny Cameras. Cameras are used in conjunction with the skimming or shimming device. The camera is placed in a location on the ATM or Gasp Pump to record the user entering the PIN. Some thieves even use cameras with thermal imaging to see the numbers and order in which you pressed them. These days, many skimming devices transmit information back to fraudsters using Bluetooth technology. However, it’s possible that some crooks could still be watching you enter your PIN with binoculars or by looking over your shoulder, so don’t let your guard down. Be especially wary of anyone offering to “help” you use the ATM. There are some precautions you can take to stay safe.
What You Can Do
- Use Your Eyes & Fingers. If something doesn't feel right, move on. Watch for signs that the ATM may have been altered. Does the ATM have parts that look crooked, misplaced or damaged? If you pull on the card reader, does it come loose? If you push buttons on the keypad, do they feel loose or spongy? These are all warning signs of potential tampering.
- Visit high-traffic and high-profile ATMs & Fuel Pumps. Avoid gas pumps that are out of sight of the clerk and ATMs in areas with little traffic. Scammers want to stay out of view when installing and collecting their technology.
- Cover your hand when entering your PIN. This should be done even if you don’t see anyone or anything suspicious. A hidden camera may be viewing the keypad even if you aren’t aware of it. You can also be sure to rest your fingers on the plastic keypad. This will obscure your PIN from thermal cameras.
- Pay inside, with cash or a card, rather than at the pump. There is less chance a fraudster placed a card skimmer on the payment terminal in front of the clerk inside the gas station or convenience store. However, it takes just seconds to place a skimmer on a card reader.
- Be observant of your surroundings. Stand directly in front of the ATM while using it and watch for anyone standing too close.
- Be wary of suspicious Bluetooth signals. You can download free scanning apps that detect suspicious Bluetooth signals and alert you to potential skimmers.
- Check your accounts regularly. There’s a chance you may not notice a compromised ATM/Gas Pump until your information has already been stolen. Regularly check your account statements and set up fraud alerts to be alerted of any fraud right away.
IRS Email Scams
IRS Email Scams
Over the past few weeks, there has been a rise in phishing attempts (email scams) which appear to be from the IRS. While the verbiage on the emails vary, the common request is for you to interact with a file (review, open, fill out, etc.). These emails usually have a document or file attached. Once opened, the file drops malware (viruses, trojans, etc.) on your computer which gives the scammers access to everything you do.
Please note, the IRS will NEVER contact you via email, text messages, or social media. Scammers use emotions to get people to act. Here is a statement taken directly from the IRS.GOV website:
Avoid email, phishing and malware schemes
Scammers send emails that trick businesses and taxpayers into thinking the messages are official communications from the IRS or others in the tax industry. As part of phishing schemes, scammers sometimes ask taxpayers about a wide-range of topics, such as refunds, filing status, confirming personal information, ordering transcripts and verifying personal identification numbers.
The IRS does not use email, text messages or social media to discuss tax debts or refunds with taxpayers.
If you receive emails, text messages, or social media messages claiming to be from the IRS, you are able to use one of these methods from the IRS.GOV website to report them:
How to report scams
Taxpayers can use these options to report phone, email and other impersonation scams:
- Report impersonation scams to the Treasury Inspector General for Tax Administration. on the “IRS Impersonation Scam Reporting” webpage.
- Report phone scams to the Federal Trade Commission using the FTC Complaint Assistant. Add "IRS Telephone Scam" in the notes.
- Report an unsolicited email claiming to be from the IRS or an IRS-related system like the Electronic Federal Tax Payment System to the IRS at email@example.com.
For additional information, please visit https://www.irs.gov/privacy-disclosure/report-phishing
Grandparent scams typically work something like this:
- The victim gets a call from someone posing as his or her grandchild.
- This person explains, in a frantic-sounding voice, that he or she is in trouble. They claim that there’s been an accident, an arrest, or a robbery. To up the urgency, the caller might claim to be hospitalized or stuck in jail. To make the impersonation more convincing, he or she will throw in a few family particulars, gleaned from the actual grandchild’s social media activity.
- The impostor offers just enough detail about where and how the emergency happened to make it seem plausible and perhaps turns the phone over to another scammer who pretends to be a doctor, police officer, or lawyer and backs up the story.
- The “grandchild” implores the target to wire money immediately, adding an anxious plea: "Don't tell mom and dad!"
- The person claiming to be your grandchild asks you to send money immediately and provides details on how. For example, via gift card, prepaid card or wiring money to a particular Western Union office.
- The call usually comes late at night
Be Aware of Phishing: Cybercriminals and Credit Unions
In the United States, the National Credit Union Administration (NCUA) warned of an increase in cyber attacks targeting credit unions. Since credit unions are usually small non-profit institutions, they typically have a closer and more loyal membership base than banks. Which makes credit unions an ideal target for cybercriminals.
Most times, cybercriminals will attempt to target credit union members by sending fake emails that appear to be from your credit union. These phishing attempts can vary from signature requests, login requests, and incoming payment notifications, but all of these emails will direct you to click a link for more information. The link will then take you to a fake login page for your credit union in hopes that you will log in and give them your banking credentials.
However, you can easily stay protected by following these tips:
- Never click on a link to an email that you were not expecting, which includes links to sign documents that you didn't request or were not contacted about. Wanigas will never send you documents to sign without being in contact with you first.
- Anytime you receive a notification, ask yourself questions such as: Did I sign up for these notifications? Have I received this notification in the past?
- Anytime an email from your credit union asks you to log in, navigate to the official site yourself rather than clicking a link. That way, you can ensure you're logging into the real site and not a fake look-a-like.
- Always check the email address, if it is an unfamiliar or looks suspicious, contact your credit union before clicking any links to be safe.
Caller ID Spoofing
Caller ID spoofing is when a caller deliberately falsifies the information transmitted to your caller ID display to disguise their identity. Spoofing is often used as part of an attempt to trick someone into giving away valuable personal information so it can be used in fraudulent activity or sold illegally
Tips to Avoid Spoofing Scams
- Don't answer calls from unknown numbers. If you answer such a call, hang up immediately.
- If you answer the phone and the caller, or a recording asks you to hit a button to stop getting the calls, you should just hang up. Scammers often use this trick to identify potential targets.
- Do not respond to any questions, especially those that can be answered with "Yes" or "No."
- Never give out personal information such as account numbers, Social Security numbers, mother's maiden names, passwords or other identifying information in response to unexpected calls or if you are at all suspicious.
- If you get an inquiry from someone who says they represent a company or a government agency, hang up and call the phone number on your account statement, in the phone book, or on the company's or government agency's website to verify the authenticity of the request.
- Use caution if you are being pressured for information immediately.
Learn more information regarding Caller ID Spoofing,
Online Shopping Steals
Now more than ever, consumers shop online. It’s not just convenient but easier to compare prices. While your shopping for good deals, keep in mind that cybercriminals are shopping for easy victims.
Cybercriminals have created a record number of malicious online stores to trick unsuspecting shoppers. These stores tend to claim to sell hard-to-find items, such as limited products like Xbox's, Playstations, trending makeup products, or this year's hottest toys. To lure in customers, cybercriminals will create fake social media ads, ads on other websites, and even have gone as far as Google search ads. Once you click on one of these ads, you are taken to a malicious online store with real product images, descriptions, functional shopping cart, and check process. However, if you try to purchase something from one of these malicious stores, your money, personal information, payment information, and mailing address will fall right into cybercriminals' hands.
Follow these tips to avoid being a victim of a malicious online store:
- Pay attention to the domain names. Malicious sites may appear to look like the real deal, but cybercriminals may be spoofing them by replacing an "i" with an "l".
- If something seems too good to be true, it probably is.
- Always shop from well-known retailers. If you haven't shopped from them before, look up reviews and customer feedback.
- Instead of clicking the ad, try searching the website itself for the deal.
Malicious Apps: Facebook Login Scams
There is a new Facebook scam being used by fraudsters. Scammers are creating their own third-party Android applications (apps), which have allowed them to hijack over 10,000 Facebook accounts. Once you download one of these apps, they will display a familiar feature that says "Continue with Facebook login." Oftentimes, legitimate apps are integrated with websites like Facebook to make account creation a breeze. However, in these malicious apps, the link often leads to a phony login page created to steal your login credentials and more!
These applications are unique as they will open the official Facebook login page while still allowing the scammers to track your information. Once the scammers have your account credentials, they can use them to scam your friends/family, create false posts, and much more.
Here are some simple tips to stay protected.
- Although this has been primarily targeting Android users, this technique can be used on any device that downloads apps, including computers.
- Always check out the reviews, ratings, and comments on an application before downloading. Poor reviews can be a dead giveaway that an app is questionable.
- Only download apps from a trusted publisher. Since anyone, even scammers, can upload on the official app, it is important to only download trusted publisher's apps.
Staying Protected: Romance Scams
With things slowly starting to go back to normal, it is as important as ever to be conscious of new scams that look to take advantage of the pandemic. One scam in particular, 'Romance Scam,' has reached a record $308 million in losses in 2020, up 50% from 2019.
A 'Romance Scam' typically targets older adults in an attempt to fill a void in their life. The romance scammer will create a fake profile on a dating site, app, or just Facebook to build up a relationship with an individual. Often, the scammer will ask for money to come visit them or for money to help solve a life problem of their own. Romance scams are not just online, these can happen when older adults are socially isolated or dependent on others to assist them. It is important to be cautious as these people are often met at places such as church, community centers, or in social groups.
The Federal Deposit Insurance Corporation (FDIC) has worked to develop an award winning financial education curriculum, 'Money Smart for Adults.' The best part is that this is a free resource to stay alert of scams and increase your financial awareness.
You can learn more at Federal Deposit Insurance Corporation's website.