Category Archives: Important Alerts & Scams

4 Ways Scammers Can Steal Your Tax Refund

Posted on by
Reply

48d9f43eab68404d0dc0def19d14ba6dIdentity thieves LOVE tax season.

Any thief who has your personal information can easily file a tax return, collect the fraudulent refund and leave you waiting months to get your own refund back and clear up the issue. Unfortunately, it’s only getting worse – as the IRS launches hundreds of investigations into tax-related identity theft, where criminals use stolen personal information like Social Security Numbers to claim fraudulent refunds.

Here are some of the ways scammers use to steal your identity and how to avoid becoming a victim.

1. Fake calls from the IRS. As part of the scheme, callers impersonating IRS agents told victims that they owed taxes and needed to pay by wire transfer or a prepaid card. Other scams are carried out through email, and ask for personal information like a Social Security Number or birthdate — which can later be used to claim tax refunds.

To protect yourself, be wary of any correspondence from someone claiming to be from the IRS. The agency says it usually reaches out by mail, and it will never ask for personal information via email or phone. If you receive something questionable, reach out to the agency yourself and verify that it’s legitimate.

2. Rogue employees. Be careful about giving out your personal information. Don’t ever give away more personal information than you need to and don’t be hesitate to ask someone why they need any of your personal information.

Some tax preparers could potentially be a scam artist. To avoid being fooled, be wary of any preparers who charge fees based on the size of your refund and never let a preparer ask for the refund to be deposited into an account in their control rather than sent straight to you. To help you detect if you’ve been scammed, be sure to regularly monitor your bank accounts and credit card statements for any suspicious charges.

3. Data breaches. Data breaches occur when hackers break through a company’s privacy walls and access private customer information and scarily enough, it’s becoming increasingly common. Once that information is in a fraudster’s hands, it’s easy for them to file a tax return in your name. If you know or suspect that your information was compromised during a data breach, consider signing up for identity theft protection (see below) or start regularly monitoring your accounts on your own. Be sure to investigate any charges you don’t recognize, no matter how small they are.

Most of the time if someone has a stolen card, the thief will often test it with a small transaction first in order to see if the card is activated, to make a bigger purchase. And because there’s a good chance you will be more susceptible to identity theft after a data breach, make sure to strengthen your passwords utilizing at least 8 characters, including upper- and lower-case letters as well as numbers and special characters (!@#$%).

4. Snail mail. It’s not as common as online identity theft these days, but many fraudsters still use the old-school strategy of stealing mail from mailboxes to piece together the information they need to file a tax return in someone else’s name. Other times, thieves will go as extreme as dumpster diving – it’s a low-tech way to easily retrieve your information, so make sure you ALWAYS shred any personal documents.

Another easy way to protect yourself is to file early. Many scammers are able to get fraudulent refunds because they file before the victim does. If you file first, the IRS will be forced to investigate when a second return from the same person arrives.

LifeSizePennyClick here to view the article source by Blake Ellis of CNN Money.

Important Alert: Card Cracking Scam Targets Students

Posted on by
Reply

scamCash-strapped college students have been recruited to participate in a scam
referred to as “card cracking.” Using ATM/debit cards and PINs willingly provided by the students, fraudsters deposit fraudulent checks to the students’ accounts. The funds are subsequently withdrawn by the fraudsters with the students receiving a portion of the funds for their participation.

Details
The “card cracking” scam was reported to originate in Chicago and generally targeted college students who were recruited through social media sites including Facebook, Instagram and YouTube. Participants were even recruited in person at college campuses. The sales pitch is to allow the fraudster to deposit a check to a student’s account and withdraw the funds for which the student receives half of the proceeds for agreeing to participate. This scam was since reported nationwide.

Willing participants provide the fraudsters with their ATM/debit cards and PINs. The fraudsters deposit fraudulent checks (stolen or counterfeit checks) to the student accounts via ATMs and subsequently withdraw the funds. Their proposition is simple: If you provide me with access to your account so I can deposit a check and withdraw the money, I will provide you with half of the proceeds.

After initial contact is made, the scammer arranges to meet up with the student to retrieve the debit card and corresponding PIN. The deposit is made, the money is withdrawn and then the fraudulent checks were subsequently returned unpaid and charged back to the students’ accounts. Following the fraudsters’ instructions, the participants report their ATM/debit card as lost or stolen and that the transactions were fraudulent.

The participants may not be entitled to protection under Regulation E (Reg E) for
unauthorized use of their ATM/debit card since they willingly provided their card to the
fraudsters, which contains an exclusion to the definition of unauthorized
electronic fund transfer:

Unauthorized electronic fund transfer means an electronic fund transfer from a consumer’s account initiated by a person other than the consumer without actual authority to initiate the transfer, and from which the consumer receives no benefit. The term does not include an electronic fund transfer initiated by a person who was furnished access to the consumer’s account by the consumer, unless the consumer has notified their financial institution that transfers by that person are no longer authorized.

This is a huge risk – especially for students who may have large amounts going through their accounts from loans, scholarships and tuition reimbursements.

“Even though the students might be considered victims, authorities point out that providing their debit cards to someone else is a crime,” the Sun-Times of Chicago stated.

There’s an easy solution: Never share your account information, debit card or PIN with anyone! 

Here are some other safety tips you should keep in mind:

  • Always verify the identity of the person trying to obtain personal information.
  • Never give personal information to someone over the phone or via email. Personal information includes: Birth date, Social Security Number, maiden name, address, bank account number, debit/credit card number, PIN number, etc.
  • Maintain a record of the phone call or solicitation. Write down the phone number that the person is calling from, the time and date they called, the caller’s name, and reported affiliation. If it was online, save a copy of the email conversation or advertisement.
  • If it sounds too good to be true, it probably is.
  • If you believe you may be a victim of fraud, call your local police department so authorities can be alerted to the activity. You can also report email or internet scams to the Internet Crime Complaint Center (IC3) by going online to http://www.ic3.gov.

14 Tips to Avoid Cyber Monday Scams

Posted on by
2

cyber-monday-discountIn the frenzy of limited time offers, last minute sales and one-click shopping, it can be difficult to stay secure while you shop online, particularly on days like Cyber Monday.

Consumers spend about 1.5 billion dollars on Cyber Monday. Coupled with the boom in sales is a predicted increase in the amount and severity of online scamming and data theft.

Will Pelgrin, CEO of The Center for Internet Security (CIS), a non-profit organization focused on improving the cyber-security posture of both the private and public sector, shares a few helpful tips about staying secure online this season.

1. Don’t Click on Pop-up Ads

Though it may seem obvious, malicious pop-up ads still pose one of the largest threats to web shoppers. According to Pelgrin, studies have shown that a large amount of consumers will click on the “ad” regardless of its message. Be mindful of what pop-ups say, it could be evidence of a security threat.

2. Keep Software Up-To-Date

Though many systems automatically update your software as new features become available, it’s important to keep your programs as current as possible. To avoid security holes, update apps and software minimally once a week, as newer versions appear.

3. Use Strong Passwords

An essential part of online security in any sense is using strong passwords. This means no birthdays, dog names or variations of “1234” for any of your accounts. For help making a strong password, check out this guide: How to Create a Secure Password.

4. Install Antivirus and Anti-Spyware software

When shopping, you don’t want others to be able to track what sites you’re visiting and what information you’re entering online. It’s important to make sure you have antivirus software installed on your computer to protect your sensitive financial information.

5. Enable ‘Timeouts’ on Mobile

According to Pelgrin, more and more consumers are doing the bulk of their holiday shopping on mobile phones. If you’re one of those consumers, make sure to enable a lock screen password, in case your device is lost or stolen. “If your phone isn’t timed out, you’re leaving the keys to your kingdom to whoever picks it up,” says Pelgrin.

6. Use a Secure Connection

Pelgrin recommends that any and all online financial transactions take place through a secure, private Wi-Fi connection, as opposed to using the more vulnerable free Wi-Fi in a coffee shop or library.

7. Avoid Email Advertisements

Your inbox is likely swarming with holiday promotions from all of your favorite (and likely least favorite) brands. To avoid being hacked, the CIS recommends you always enter the shop’s URL in your browser, rather than following the links contained in an email.

8. Shop at Companies You Know

Before you buy from a merchant on Amazon, Etsy or Ebay, check their rating and number of sales. Make sure they have good return policies and clearly posted contact information. If worried, you can always check on a businesses legitimacy through the Better Business Bureau.

9. Use Credit, Not Debit

“There are more security protections on your credit card that may not exist while using your debit card, should your info be taken,” says Pelgrin.

10. Ensure Your Site Is Secure

If you are entering your financial information on a webpage, make sure the URL begins with “https” as opposed to “http” or has a lock in your browser’s search bar.

11. Be Wary of Charity Sites

Though the holidays are frequently the most popular time to make donations to charity, Pelgrin urges consumers to check the legitimacy of your charity’s website.

“Fraudulent sites pop up during disasters and holidays like clockwork. Be alert,” he says.

12. Check Your Location and Privacy Settings

Many apps and websites will automatically share your GPS location by default. Sometimes, apps will change your settings once downloaded. Check what services your downloads have access to in your phone’s privacy settings.

13. Check Your Statements Frequently

According to Pelgrin, some hackers will do very low level theft once obtaining your information, charging small amounts to your credit card to avoid detection. Stay on top of your account statements and keep a record of how much you spend and where.

14. Add Browser Extensions and Security Apps

Pop-up blockers and malware detection extensions will add an extra layer to your security this season.

Happy Safe Shopping!

Click here to view the article source by Max Knoblauch of Mashable.

new%20ncua%20disclaimer-resized-600

Smishing – An ID Theft Scam

Posted on by
Reply

Have you been “smished” lately? Be on the alert for text messages with links — they could be an ID theft scam known as smishing.

Similar to phishing (which involves email), smishing uses cell phone text messages to deliver bait that’s intended to get you to divulge personal information. Smishing may involve winning a prize or a message that contains something that requires your immediate attention — the link tells you to “click here.” If you click on the infected link, it downloads malware that allows the bad guys to gain control of your device remotely. They can then use your phone from anywhere in the world to access your banking information, credit card data and the like.

What to do:
If you receive a text message that asks for sensitive information –

  • Do not reply to the message.
  • Do not click on any of the links that may be embedded in the message.
  • Contact your carrier’s privacy or fraud team. If their company name or brand is used in efforts to fraudulently obtain personal information, they may choose to pursue legal action.
  • Contact your financial institution to be sure your accounts have not been compromised.

Visit the FTC Identity Theft website to learn more about how to minimize damage from identity theft. If you believe that you have been a victim of a smishing scam, you can file an online complaint with the Federal Trade Commission’s Report Fraud webpage. You can also call the FTC toll-free at 1.877.FTC.HELP (1.877.382.4357).

Bottom line: Avoid clicking!

Save someone from getting smished:
As technology provides new ways to expose and defend against familiar scams, clever con artists devise new ones. Please share this with loved ones and friends — smish be gone, pass this on!

If you notice any fraudulent activity on any of your First Financial accounts, contact us by calling 732.312.1500, emailing info@firstffcu.com or stopping into any one of our branches.

Article Sources: http://www.andersoncooper.com

Tips for Recognizing and Avoiding Fake Check Scams

Posted on by
Reply

fraudFake check scams are clever ploys to steal your money and First Financial wants to make sure you know the ways you can avoid becoming a victim by simply recognizing how the scam process works. It is important that you understand that you are responsible for the checks you deposit to your account, even if they are fraudulent.

So, if someone you don’t know wants to pay you by check but wants you to wire some of the money back, beware! It’s a scam that could cost YOU thousands of dollars.

  • There are many variations of the fake check scam. It could start with someone offering to buy something you advertised, pay you to do work at home, give you an “advance” on a sweepstakes you’ve supposedly won, or pay the first installment on the millions that you’ll receive for agreeing to have money in a foreign country transferred to your bank account for safekeeping. Whatever the pitch, the person may sound quite believable.
  • Fake check scammers hunt for victims. They scan newspaper and online advertisements for people listing items for sale, and check postings on online job sites from people seeking employment. Scammers place their own ads with phone numbers or email addresses for people to contact them and they call, send emails, or faxes to people randomly knowing that some will take the bait.
  • They often claim to be in another country. The scammers say it’s too difficult and complicated to send you the money (i.e. they claim to be in the military or vacationing overseas) directly from their country, so they’ll arrange for someone in the U.S. to send you a check.
  • They tell you to wire money to them after you’ve deposited the check. If you’re selling something, they say they’ll pay you by having someone in the U.S. who owes them money send you a check. It will be for more than the sale price; you deposit the check, keep what you’re owed, and wire the rest to them. If it’s part of a work-at-home scheme, they may claim that you’ll be processing checks from their “clients.” You deposit the checks and then wire them the money minus your “pay.” Or they may send you a check for more than your pay “by mistake” and ask you to wire them the excess. In the sweepstakes and foreign money offer variations of the scam, they tell you to wire them money for taxes, customs, bonding, processing, legal fees, or other expenses that must be paid before you can get the rest of the money.
  • The checks are fake but they look real. In fact, they look so real that even bank tellers may be fooled. Some are phony cashier’s checks, others look like they’re from legitimate business accounts. The companies whose names appear may be real, but someone has dummied up the checks without their knowledge.
  • You don’t have to wait long to use the money, but that doesn’t mean the check is good. Under federal law, banks and financial institutions have to make the funds you deposit available quickly – usually within one to five days, depending on the type of check. But just because you can withdraw the money doesn’t mean the check is good, even if it’s a cashier’s check. It can take weeks for the forgery to be discovered and the check to bounce.That means it might be a month or more before they take the money out of your account.
  • You are responsible for the checks you deposit. That’s because you’re in the best position to determine the risk – you’re the one dealing directly with the person who is arranging for the check to be sent to you. When a check bounces, the bank or credit union deducts the amount that was originally credited to your account. If there isn’t enough to cover it, the bank or credit union may be able to take money from other accounts you have at that institution, or sue you to recover the funds. In some cases, law enforcement authorities could bring charges against the victims because it may look like they were involved in the scam and knew the check was counterfeit.
  • There is no legitimate reason for someone who is giving you money to ask you to wire money back. If a stranger wants to pay you for something, insist on a cashier’s check for the exact amount, preferably from a local financial institution or a financial insitution that has a branch in your area.
  • Don’t deposit it – report it! Report fake check scams immediately to NCL’s Fraud Center, at www.fraud.org. That information will be transmitted to the appropriate law enforcement agencies.

Think this doesn’t happen close to home or at First Financial? Think again!

Here is an example of an incident that occurred in one of our branches: We received an HSBC check from a member who stated that he received the check in the mail from a person claiming to need a personal assistant located near Russia. After further investigating the check, one of our tellers realized that the routing number did not have the required 9 digits – it had 10, and the check number on the bottom of the check did not match the check number in the top right corner. The teller went on to the HSBC website and discovered that there is not a financial institution located at the address printed on the check. The teller then contacted HSBC’s fraud department and spoke with a representative to confirm that the check was indeed fake. We then contacted the member to explain the situation and what was to follow.

If you suspect you’ve received a fraudulent check, please contact us at 732.312.1500 or stop into any one of our branches and have a representative look at the check to try to help you confirm its validity. We also encourage you to visit our Resources page on our website in order to protect yourself and/or your business from crime.

Article Sources: www.fraud.org | www.redtape.nbcnews.com

**First Financial is not responsible for content listed on external websites. 

 

Alert: Credit Union Members Recruited as Money Mules

Posted on by
Reply

alert-resized-600What is a Money Mule you may ask? A Money Mule is a person who transfers stolen money or merchandise from one country to another, either in person, through a courier service, or electronically. The term is commonly used to describe online scams that prey on victims who are unaware that the money or merchandise they are transferring is stolen. As a precaution, First Financial wanted to alert our members that there have been several reports of credit union members across the country being recruited as Money Mules, and unknowingly assisting fraudsters in laundering stolen funds. We want you to be aware of this scheme and to report any suspicious activity to your local authorities immediately.

Alert Details

Money Mules unknowingly assist fraudsters in laundering stolen funds. The source of the stolen funds received by the Money Mules is often from account takeovers at other financial institutions through online banking systems.

Money Mules are most often recruited through bogus job offers for payment processors, financial managers, or overseas representatives. Fraudsters typically find their potential Money Mules by searching websites where job seekers post their resumes. A key consideration in accepting the position is the ability to work from home.

Upon accepting the job, the Money Mules are notified they will receive deposits to their accounts via ACH and/or wire transfer. In some cases, the money mules are instructed to open an account at a financial institution in order to receive the funds. The Mules are instructed to not share details of their new job with anyone. Upon receipt of the funds, the Mules are instructed to either wire the funds to an account at another financial institution (foreign and domestic) or send the funds to individuals via Western Union. The Money Mules keep a portion of the funds deposited to their accounts as wages.

The deposits made to the Money Mule accounts via ACH and/or wire transfer are actually stolen from deposit accounts at other financial institutions and investment accounts held at brokerage firms. Using sophisticated banking Trojans, fraudsters steal the login credentials of online banking users and investors who access their investment accounts online. The fraudster logs into the account and transfers funds.

If you’ve fallen for the scam and become a Money Mule, here’s what has gone wrong:

  • You’re receiving stolen money. This may be through bogus sales from online auctions or the proceeds of phishing, where crooks have obtained victims’ bank details and are transferring their cash to your account (which is why they often want you to open an account at a particular bank — the same one as their victims).
  • It may even be cash from a crime that the crooks just want to get out of the country. Or someone just sends you a bogus check that you bank and then forward.
  • You’re taking a cut of the proceeds of crime and transferring the rest via an untraceable money wire to a crook.
  • You’ve given away your own personal information in that phony employment contract you signed, leaving yourself open to identity theft.

Although easy-money job offers sound so inviting, you do not want to become the real perpetrator of this crime. So here are some ways to make sure you DO NOT become a Money Mule:

  • First and foremost, money forwarding jobs like this don’t exist. Period. There is no law preventing global companies from directly transferring money from one country to another.
  • Never accept payments from anyone and then transfer part of the proceeds by money wire.
  • Don’t open a new bank account to receive money from people you don’t know.
  • Scrutinize the name of the company offering employment. Go to a site like DomainTools.com and check out when the website was registered. If it’s a scam, it’ll probably be within the prior 28 days.
  • Check the advertisement or email for poor language and grammar.

Please contact our Member Service Center at 732.312.1500 if you suspect any fraudulent activity on your First Financial accounts.

Contributing Article: http://www.scambusters.org/moneymule.html