Online Dating Scams are Actually a Thing, and They’re Breaking Hearts & Bank Accounts

It’s happening all over, and closer to home than you may think. Scammers are continuing to fake online dating profiles using photos of other people to lure their victims. Once connected, the scammers often say they are from the U.S., but are temporarily traveling or working overseas. The scammers quickly profess their love and tug at the victim’s emotions with fake stories and their need for money. The victims often send the scammers money or provide online banking login credentials.

How exactly does the scam work?

  • The scammers start by stealing a photo from an internet site. The photos are usually of beautiful people and the quality of the photo is high. The photos are usually stolen from modeling sites with reports that 90% of them are being taken from a site called Focus Hawaii. If you think you are being scammed, go to this site and browse the photos to see if the person you are communicating with has a photo on this site. They also use photos taken from profiles of other people on dating sites.
  • They then post ads with fake profiles on online dating sites. They also lurk in chat rooms and social networking sites, as well as Christian and other religious-based dating sites. They spend months chatting up and luring their targets with online intimacy.
  • The scammers often pretend to be foreign specialists temporarily working in Nigeria or other overseas countries. A slight twist is when the scammer pretends to live in the same country as the victim, and once a relationship has developed, then advise them they are required to go to another country on an assignment. Some of the sophisticated scammers send flowers or candy (from stolen credit cards) to capture hearts.
  • The fraudsters then choose one of two approaches: 1) They either state that their employer pays them with money orders and they can’t cash them in Nigeria or are having trouble cashing them. Then they convince their “soul mate” to bank this deposit into their bank account and wire them the money via Western Union. They are often told to keep some of the money for their trouble (which helps to build trust and also helps make them an accessory to the crime!). After a few weeks the bank will tell the victim that the money orders are fraudulent and then the victim is often responsible for paying the money back to the bank, and in some cases face charges of passing a counterfeit instrument. 2) The alternative is to say their wallet has been stolen, the hotel owner is holding their passport, customs officials need to be bribed, new plane tickets are needed, they have been victimized and put in jail and need money to get out, or they need money for some sort of medical reason, etc. The reasons for needing the money will sound plausible. Regardless of the story, the end result is the same – the cyber “soul mate” is asked to send money!

Other romance scam variations include:

  • Victims are duped into providing online banking login credentials to the scammers under the guise that the scammers do not have access to financial services in the foreign country in which they are traveling or working. The scammer logs into the account and uses the account-to-account external transfer feature to initiate debits against accounts at other institutions pulling funds into the victim’s account for deposit. The victim is instructed to send the funds to the scammer by Western Union or MoneyGram. The debits are subsequently returned to the financial institution as unauthorized up to 60 days later.
  • The scammer logs into the victim’s account and accesses the mobile remote deposit capture service, or requests access if it isn’t already set-up. The scammer transmits images of fraudulent checks via mobile deposit to the victim’s account. Again, the victim is instructed to send the funds to the scammer by Western Union or MoneyGram. The checks are subsequently returned unpaid.

How to spot an online dating scam:

  • The person is new to the website or hasn’t logged in many times.
  • The photo looks like a model or looks “too good to be true.”
  • The profile is not well written.
  • You are asked to go straight from on-site messaging to off-site messaging such as regular email or instant messaging (to prevent the dating site administrators seeing the evidence of the scam and kicking them off the site).
  • The scammer will find ways to get out of live video chat because the profile photo is fake. The excuse they will give is their lack of technology overseas. They will usually hire someone with an appropriate accent for the phone calls.

Follow these specific safeguards for online dating:

  • Research the person’s photo and profile using online searches to see if the material has been used elsewhere.
  • Go slow and ask lots of questions.
  • Beware if the individual seems too perfect or quickly asks you to leave a dating site or Facebook to go “offline.”
  • Beware if the individual attempts to isolate you from friends and family, or requests inappropriate photos or financial information that could later be used to extort you.
  • Beware if the individual promises to meet in person, but then always comes up with an excuse why he or she can’t. If you haven’t met the person after a few months, for whatever reason, you have good reason to be suspicious.
  • Never send money to anyone you don’t know personally!

What to do if you suspect someone you are communicating with is an online scammer:

  • Once the scammer has asked for money, stop all communication with them.
  • Report them to the dating site.
  • No matter how trustworthy they may seem, DO NOT SEND THEM MONEY!
  • If you have already sent them money – your chances of getting it back are probably zero, but you should report the incident to your local police and the FBI’s Internet Crime Complaint Center (IC3).

T.H.I.N.K First because There’s Harm INot Knowing!

Article Sources:

https://www.fbi.gov/news/stories/romance-scams

http://www.watchforscams.com/nigerian-dating-scams.html

 

A Credit Freeze Won’t Help With All Equifax Breach Threats

If you’ve placed a security freeze on your credit reports at Equifax, Experian, TransUnion, and Innovis, that will help prevent fraudsters from opening new credit accounts in your name.

Freezing your credit report specifically at Equifax will also prevent crooks from registering as you at the government website “my Social Security,” and block them from attempting to steal your Social Security benefits. *Note: Setting up a credit freeze with Equifax will stop identity thieves from setting up a “my Social Security” account in your name.

But taking these steps won’t protect you against every identity fraud threat arising from the Equifax data breach.

With the information that hackers got, including access to Social Security numbers, birth dates, and an unspecified amount of driver’s license numbers, you need to take other steps to help lock down your finances.

Here are three important ways you can protect yourself.

Tax Refunds

With your Social Security number, crooks can file false income tax returns in your name, take bogus deductions, and steal the resulting refund. More than 14,000 fraudulent 2016 tax returns, with $92 million in unwarranted refunds, were detected and stopped by the Internal Revenue Service as of last March.

Though you are generally not liable for such fraud, if a criminal manages to change your tax records and receive your refund, it can take months to straighten out the mess.

How to protect yourself. The best defense is to obtain an Identity Protection PIN from the IRS, which is a code that must be filed with your legitimate return for it to be accepted. An identity thief can’t file the fraudulent return without your PIN.

But you can get a PIN only if a fraudulent return has previously been filed in your name, if the IRS determines that you’re an ID fraud victim, or if you live in a high tax-related identity theft locale such as Washington, D.C.; Florida; or Georgia.

The IRS did not yet say whether those affected by the Equifax breach would qualify for a PIN.

Andrew Mattson, a tax partner at the Moss Adams tax firm in Silicon Valley, recommends that taxpayers who don’t officially qualify for a PIN request one anyway, by filing a Form 14039, Identity Theft Affidavit (PDF). “Even if the IRS says no, your account will generally be flagged for additional monitoring for suspicious activity,” he says.

Mattson also recommends that you periodically view your IRS account information, which shows when returns were filed and which refund payments were made. Activity there—if it’s not yours—can be a sign of fraud. The balance updates every 24 hours, usually overnight, but there is a one- to three-week lag in the time it takes for refund payments to show up.

If you suspect fraud, contact your local IRS office using the Taxpayer Assistance Center Office Locator.

Health Insurance

Data from the Equifax breach can be used to steal your benefits from private health insurance, Medicare, or Medicaid when the identity thief uses your coverage to pay for their own medical treatment and prescriptions.

Many health insurers have internal special investigation units and anti‐fraud personnel to root out medical identity fraud, and if suspicious activity is detected, they’ll send email alerts to the policyholder, says Cathryn Donaldson, a spokeswoman for America’s Health Insurance Plans, the trade association of health insurers.

How to protect yourself. Get copies of your medical records from providers to establish the baseline of your health before your records are compromised. Increasingly, online patient portals make this easy to do. Check back regularly to see whether providers you didn’t use are listed and whether you’ve been charged for treatments you never received.

In addition, review your free annual MIB Consumer File, which contains medical and personal information about you reported by health, life, disability, and other member insurers. Do the same for your Milliman Intelliscript report, which tracks your history of prescription drug purchases.

The Federal Trade Commission also says consumers should ask each of their health plans and medical providers for the “accounting of disclosures” related to their medical records. That tells who got copies of your records from the provider. The law allows you to order one free copy from each medical provider every year.

If available, sign up for your insurer’s secure online portal, and regularly review the explanation of benefits, which shows which treatments you received when and from which providers. While there, sign up for fraud alerts via email or text message, which will keep you apprised of benefit payments.

Regularly review your credit report for medical collection accounts that don’t belong to you.

Your Driver’s License

Using your driver’s license number, identity thieves can create bogus driver’s licenses and hang their moving violations on you. With more work and information from phishing or further hacking, identity thieves can create bogus checks to pay a cashier, who “verifies” the shopper’s identity by writing your license number on the bad check.

If this happens to you, you may not discover how your license has been used until a police officer tells you, or perhaps, until a bank closes your account because of too many bounced checks.

How to protect yourself. Ask the motor vehicle department to give you a copy of your driving record; most states charge for this, usually about $10. To find out whether any bad checks are attributed to your driver’s license, request your free annual consumer report from each of the big three check verification companies: ChexSystems, Certegy, and TeleCheck.

If you find that your driver’s license is being used fraudulently, you can file a police report at your local police department and ask the motor vehicle department to flag your license number, which will alert law enforcement officers to be extra careful in identifying people they pull over with your license number. You should also request a new driver’s license number.

If you’re arrested or find criminal charges on your record, go to the Identity Theft Resource Center for advice on clearing criminal identity theft; if you find fraudulent checks on your record, follow the ITRC for advice on resolving checking account fraud. You can also call 888-400-5530 for free assistance.

Don’t wait until it’s too late! Be sure to enroll in First Financial’s Identity Theft Protection Program from SherpaThe best part? You can enroll right online, 24/7. You can trust in First Financial and Sherpa to help keep your personal information protected. Packages begin at just $5.99 per month – so click here to enroll today! Learn more about safeguarding your identity with our consumer identity theft protection guide.

Article Source: Jeff Blyskal for Consumer Reports

 

Important Member Alert: Tech Support Scams

Recently, we have learned that some of our First Financial members have fallen victim to a new line of scams – where fraudsters claim to be Microsoft or Apple tech support employees. Please read the following important details about this latest scam from the Federal Trade Commission.

How the Scam Works

Scammers may call, place alarming pop-up messages on your computer, offer free “security” scans, or set up fake websites – all to convince you that your computer is infected. The scammers try to get you on the phone, and then work to convince you there’s a problem. Finally, they ask you to pay them to fix that non-existent problem.

To convince you that both the scammers and the problems are real, the scammers may:

  • Pretend to be from a well-known company – like Microsoft or Apple.
  • Use technical terms.
  • Ask you to get on your computer and open some files – and then tell you those files show a problem (when they don’t).

Then, once they’ve convinced you that your computer has a problem, the scammers might:

  • Ask you to give them remote access to your computer – which lets them change your computer settings so your computer is vulnerable to attack.
  • Trick you into installing malware that gives them access to your computer and sensitive data, like user names and passwords.
  • Try to sell you software that’s worthless, or that you could get elsewhere for free.
  • Try to enroll you in a worthless computer maintenance or warranty program.
  • Ask for credit card information so they can bill you for phony services, or services you could get elsewhere for free.
  • Direct you to websites and ask you to enter your credit card number and other personal information.

These scammers want to get your money, access to your computer, or both. But here’s what you can do to stop them.

If You Get a Call or Pop-Up

  • If you get an unexpected or urgent call from someone who claims to be tech support, hang up. It’s not a real call. And don’t rely on caller ID to prove who a caller is. Criminals can make caller ID seem like they’re calling from a legitimate company or a local number.
  • If you get a pop-up message that tells you to call tech support, ignore it. There are legitimate pop-ups from your security software to do things like update your operating system. But do not call a number that pops up on your screen in a warning about a computer problem.
  • If you’re concerned about your computer, call your security software company directly – but don’t use the phone number in the pop-up or on caller ID. Instead, look for the company’s contact information online, or on a software package or your receipt.
  • Never share passwords or give control of your computer to anyone who contacts you.

If You Were Scammed

  • Get rid of the malware. Update or download legitimate security software and scan your computer. Delete anything the software says is a problem.
  • Change any passwords that you shared with someone. Change the passwords on every account that uses passwords you shared.
  • If you paid for bogus services with a credit card, call your credit card company and ask to reverse the charges. Check your statements for any charges you didn’t make, and ask to reverse those, too. Report it to ftc.gov/complaint.

Refund Scams

If you paid for tech support services, and you later get a call about a refund, that call is probably also a scam. Don’t give out any personal or financial information.

The refund scam works like this: Several months after a purchase, someone calls to ask if you were happy with the service. If you say no, the scammer offers a refund. Or, the caller says the company is going out of business and giving refunds. The scammer eventually asks for your credit card number, or asks for access to your bank account to make a deposit. But instead of putting money in your account, the scammer takes money from your account.

If you get any calls like this, hang up, and report it immediately: ftc.gov/complaint.

If at anytime you feel any of your First Financial accounts may have been compromised in this or a similar scam, contact our Member Relationship Center right away at 732.312.1500. If your First Financial credit or debit cards were compromised in a scam, call the 24/7 toll-free number on the back of your card to report the incident and replace your card. All important phone numbers for members can be found on our website: https://www.firstffcu.com/contact-us.htm

Article Source: https://www.consumer.ftc.gov/articles/0346-tech-support-scams

Important Member Notice: Same Day Electronic Payments

On September 15, 2017 Same Day ACH payments will be coming to merchants and billing companies. This means that if you agree to make an electronic payment, funds might be debited from your account as soon as the very same day. Previously, it may have taken a couple of days for payments to post. Starting on September 15th, this may no longer be the case.

When making a payment or paying a bill through ACH, available funds must be in your account. If the funds are not immediately available, we recommend you wait until funds are available before making the payment. If funds are not available and are debited from your account, we may charge you a fee. If you do not have overdraft protection, you will also incur an additional fee from the merchant or billing company.

FAQs:

1. What is an ACH payment/debit?

These are electronic debits that are commonly known as Direct Payment, Direct Debit, ACH Debit, Electronic Check or e-check, and similar terms.

2. Why is this changing?

As part of an effort to improve and modernize U.S. payments systems, electronic debit payments can now be processed same day. It is a nation wide regulation intended to provide faster access to funds.

3. What are the benefits?

Many merchants and billing companies may offer you the option to make a same day electronic payment, such as to pay a bill or to transfer funds. If you agree, then the funds might be debited from your account that same day. For example, if you have a bill due on the 20th of the month, the billing company might allow you to call or use its website on the morning of the 20th to make an on time payment, and also have the funds debited from your account on the 20th. While these types of payments won’t be reflected on your account balance as quickly as your debit card and ATM transactions, you will have access to more accurate information about your actual available account balance more frequently throughout the business day.

4. Who offers same day payments?

Merchants and billing companies may have an option for same day payment. As soon as that same day, funds may be debited from your account. We recommend that you do not make a payment unless sufficient funds are in your account.

5. What will happen if I make a payment and it is processed before sufficient funds are available in my account?

If you have overdraft protection the payment will go through, but you will incur an overdraft fee. If you do not have overdraft protection – the payment will be returned and you will incur a return fee, plus you may also incur another fee from the merchant or billing company. If you are interested in overdraft protection please contact our Member Relationship Center during business hours at 732-312-1500.

6. Will this affect me if I use Bill Pay or have a scheduled recurring payment?

If a payment is scheduled to be made on a certain day, the electronic payment will be processed and funds may be debited from your account that day. For example, if a bill/automatic payment is scheduled for the 20th of every month, please make sure those funds are available before the 20th.

7. What can I do to prevent my account from being overdrawn?

We offer account alerts via email and text message so that you can stay up-to-date on your account status. To set up these alerts, please click here and follow the enrollment steps.

We also offer overdraft lines of credit. To apply for an overdraft line of credit, please call our Member Relationship Center at 732-312-1500.

If you have any questions about same day ACH, please do not hesitate to contact us.

-First Financial Federal Credit Union

 

 

Important Member Alert: Equifax Data Breach

On September 7, 2017 Equifax disclosed that they discovered a data breach on July 29, 2017 and it may have impacted 143 million consumers in the United States. Equifax is one of the 3 main organizations in the U.S. that calculates credit scores, so it has access to an extraordinary amount of personal and financial data for virtually every American adult.

The company stated that hackers accessed data between mid-May and July through a vulnerability in a web application. They were able to obtain names, Social Security Numbers, birth dates, addresses, some driver’s license numbers, and about 209,000 credit card numbers.  Additionally 182,000 “dispute documents” containing personal identifying data were compromised in the breach. They have not indicated who is behind the breach and the investigation is ongoing. Equifax is maintaining that its core credit reporting databases were unaffected.

The reason why this data breach is so severe is because nearly half of the U.S. population has been impacted and most likely will feel the impact of the breach for years to come, especially when it comes to information that does not change, i.e. your Social Security Number.

Equifax has established a dedicated website, www.equifaxsecurity2017.com – to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection. The offering, called TrustedID Premier, includes 3-Bureau credit monitoring of Equifax, Experian and TransUnion credit reports; copies of Equifax credit reports; the ability to lock and unlock Equifax credit reports; identity theft insurance; and Internet scanning for Social Security numbers – all complimentary to U.S. consumers for one year. The website also provides additional information on steps consumers can take to protect their personal information.

Equifax recommends that consumers with additional questions visit www.equifaxsecurity2017.com or contact a dedicated call center at 866-447-7559, which the company set up to assist consumers. The call center is open every day (including weekends) from 7:00 a.m. – 1:00 a.m. Eastern standard time. In addition to the website, Equifax will send direct mail notices to consumers whose credit card numbers or dispute documents with personal identifying information were impacted.

Additional information on the data breach can be found here. To see if you may have been impacted, get started here.

Don’t wait until it’s too late! Be sure to enroll in First Financial’s Identity Theft Protection Program from Sherpa. The best part? You can enroll right online, 24/7. You can trust in First Financial and Sherpa to help keep your personal information protected. Packages begin at just $5.99 per month – so click here to enroll today! Learn more about safeguarding your identity with our consumer identity theft protection guide.

Enroll your First Financial Debit/Credit Cards in Visa Purchase Alerts – you’ll get an email each time your Debit Card is used over an amount you set, when your card is used outside the country, or when your card is used to make a purchase online or over the phone. Credit Cardholders also have the additional option of adding a text alert, this can be set-up in Online Banking under your Credit Card account (select the Communications tab and then Visa Transaction Alerts).

As always, First Financial monitors our member accounts for suspicious activity. If you have any additional questions or concerns, please give us a call at 732.312.1500 or email us at info@firstffcu.com.

*9/11/17 Update – Please be advised that should you elect to sign up for Equifax’s one year of credit monitoring, you may be giving up your right to sue the company for the incident, and you could be prevented from joining a class-action lawsuit.

The language was laid out in the original terms of service by Equifax:

AGREEMENT TO RESOLVE ALL DISPUTES BY BINDING INDIVIDUAL ARBITRATION. PLEASE READ THIS ENTIRE SECTION CAREFULLY BECAUSE IT AFFECTS YOUR LEGAL RIGHTS BY REQUIRING ARBITRATION OF DISPUTES (EXCEPT AS SET FORTH BELOW) AND A WAIVER OF THE ABILITY TO BRING OR PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, OR OTHER REPRESENTATIVE ACTION. ARBITRATION PROVIDES A QUICK AND COST EFFECTIVE MECHANISM FOR RESOLVING DISPUTES, BUT YOU SHOULD BE AWARE THAT IT ALSO LIMITS YOUR RIGHTS TO DISCOVERY AND APPEAL.

On 9/11/17 Equifax provided an update on their website to state: 

Adjusted the TrustedID Premier and Clarified Equifax.com
“We’ve added an FAQ to our website to confirm that enrolling in the free credit file monitoring and identity theft protection that we are offering as part of this cybersecurity incident does not waive any rights to take legal action. We removed that language from the Terms of Use on the website, www.equifaxsecurity2017.com. The Terms of Use on www.equifax.com do not apply to the TrustedID Premier product being offered to consumers as a result of the cybersecurity incident. 
We are listening to issues consumers have experienced and their suggestions. These are helping to further inform our actions, and we are now sharing regular updates on this website. Thank you for your continued patience and feedback as we continue to improve this process.”

Article source: https://www.cnbc.com/2017/09/08/were-you-affected-by-the-equifax-data-breach-one-click-could-cost-you-your-rights-in-court.html 

Local Alert: Skimming Device Found on Point Pleasant NJ Rite Aid ATM

A skimming device was found on a local ATM in Point Pleasant, New Jersey at Bridge Avenue Rite Aid on July 24th. However, it is suspected that the device was placed around July 17th.  If you used this ATM – you should monitor your bank statements and change your card PIN numbers. Anyone who discovers any unauthorized activity on their account should contact the Point Pleasant Police Department to file a report. If you are a First Financial member and used one of your First Financial cards at this ATM, please call Member Services at 732-312-1500.

To read the full article from Patch, click here.

Please be careful of such devices and be sure to protect yourself and your bank account by using the following steps:

  • Use secure ATM machines under video surveillance or inside of a bank lobby. They’re less likely to be tampered with!
  • Pay careful attention to what the card reader and keypad normally looks like on the ATMs you use most frequently.
  • Don’t use an ATM if the card reader appears to be added on, fits poorly, or is loose.Some thieves place a fake box over the card slot that reads and records account and PIN numbers.
  • Call the customer service number on the ATM immediately if a machine appears suspiciousor if it does not function properly.

Don’t become a fraud victim!