Important Member Alert: Publishers Clearing House Scam

Who wouldn’t love to be that winner you see on TV holding a great big sweepstakes check? That’s what con artists are counting on when they claim to be Publishers Clearing House. This trick is an oldie but goodie for scammers.

The scam starts with a call or letter saying you’ve won the Publishers Clearing House sweepstakes. But to collect your prize, they say, you need to send money to pay for fees and taxes. Typically you’ll be asked to send money by Western Union or MoneyGram, or by getting a reloadable card or gift card. Scammers ask you to pay these ways because it’s nearly impossible to trace the money — and you’ll almost never get it back.

But that’s not the only way scammers get your money with this scam. Some will send you a realistic-looking fake check in the mail. You’re told that, to claim your prize, you need to deposit the check and send some of the money back for made-up expenses. But when the check you deposit bounces — even after it seemed to clear, you may be on the hook for the money you sent.

If you think you’ve won a prize, here are a few things to know:

  • Never send money to collect a prize, sweepstakes check, or lottery winnings. If you have to pay, it’s a scam.
  • Never deposit a check and send back money, even if the funds appear in your account. That’s a sure sign of a scam.
  • If anyone calls asking you to pay for a prize, hang up and report it to the FTC.

Still think this sweepstakes is real? The real Publishers Clearing House says it will never ask you to pay a fee to collect a prize.

If at any time you feel any of your First Financial accounts may have been compromised in a similar scam, contact our Member Relationship Center right away at 732.312.1500. If your First Financial credit or debit cards were compromised in a scam, call the 24/7 toll-free number on the back of your card to report the incident and replace your card. All important phone numbers for members can be found on our website: https://www.firstffcu.com/contact-us.htm

Article Source: Emma Fletcher for FTC.gov

Important Member Alert: Mobile Phone Port-Out Scams

Fraudsters are impersonating mobile phone users to have phones transferred to a different carrier – effectively stealing the user’s mobile phone number. This is being coined as a port-out scam. Once transferred to a different carrier, the fraudster receives all calls and texts that were intended for the user – including those that can be used to takeover a member’s account via online banking. Fraudsters have successfully intercepted one-time passcodes used to authenticate members logging into their account or to initiate transactions within online banking.

How can you prevent this scam from happening to you?  You can place a “port validation password” on your mobile phone account to help prevent having your phone fraudulently transferred to a different carrier.

Call your wireless carrier and ask for PIN authentication for your accounts. Sprint requires customers to create a PIN when they open a new account. Here’s what to do with the other major carriers.

  • AT&T: Log into your ATT.com account, go to your profile by clicking your name, and under the wireless passcode drop down menu, click on “manage extra security.”
  • T-Mobile: Call 611 from your cellphone or (800) 937-8997 to speak with customer service.
  • Verizon: Visit vzw.com/PIN or call (800) 922-0204.

Scam Levels and Details

Mobile phone users switch carriers for a variety of reasons, and can carry their phone number with them to the new carrier. Meanwhile, fraudsters are exploiting this capability by impersonating mobile phone users to have the mobile phones ported to a different carrier. The fraudsters harvest the user’s personally identifiable information and use this information to impersonate users in having the mobile phones transferred to a different carrier.

The port-out scam can take place at a wireless store or online, but in both cases, the imposters have enough information to convince the phone company that they are who they claim to be and have that person’s phone service transferred to their mobile device.

“And with a smartphone, if you’re on Wi-Fi, everything’s going to work except the actual calling and texting, so you may not even notice right away that something’s wrong with your phone — which can give the scammers a few hours of lead time,” said Katherine Hutt, director of communications for the Council of Better Business Bureaus. “If that ever happens, if you can’t make calls or receive calls, immediately contact the phone company and see if your number has been ported.”

Online Banking Fraud: A fraudster often ports a user’s mobile phone to a different carrier after the fraudster has stolen the user’s account login credentials. This could increase the risk of account takeovers through online banking, which involves sending a one-time-passcode via text message for login attempts as well as to validate transactions initiated within online banking. Members must enter the one-time-passcode to complete the login or transaction. By transferring a member’s mobile phone to a different carrier, the fraudster would receive the one-time-passcode intended for the member.

Card Fraud: This scam could also result in fraudulent transactions using credit and debit cards. A fraudster, who has ported a cardholder’s mobile phone to a new carrier, could use a counterfeit or stolen credit or debit card belonging to the cardholder to conduct fraudulent transactions. If a card processor’s fraud management system detects a suspicious transaction, a fraud analyst could attempt to contact the cardholder to confirm the legitimacy of the transaction by calling the cardholder’s mobile phone. However, the call is made to the fraudster who confirms the transaction as legitimate.

Card fraud could be worsened when, after confirming a suspicious transaction as legitimate, the card is suppressed for a period of time – usually seven days. It is common practice for card processors to suppress a card when the fraud management system identifies a suspicious transaction that a cardholder confirms is legitimate. When a card is suppressed, transactions on the card are not monitored by the fraud management system.

Email Fraud: Many public email service providers also offer out-of-band authentication using one-time passcodes that are sent via text message to user’s mobile phones. This could easily lead to a compromise of a member’s personal email account after a fraudster ports the member’s mobile phone to a different carrier.

Read more about mobile port-out scams from NBC News.

If at any time you feel any of your First Financial accounts may have been compromised in a similar scam, contact our Member Relationship Center right away at 732.312.1500. If your First Financial credit or debit cards were compromised in a scam, call the 24/7 toll-free number on the back of your card to report the incident and replace your card. All important phone numbers for members can be found on our website: https://www.firstffcu.com/contact-us.htm

Article Source: CUNA Mutual Risk Alert, and Herb Weisbaum for NBCNews.com

 

6 Tips for Protecting Yourself Against Robocall Scams

With the rise of automated telemarketing — otherwise known as robocalling, it looks like the annoying calls have evolved. If these automated calls could simply be chalked up as the digital version of cold calling, it would be the least of our worries. But many of them are deliberate scams designed to trick people into sharing their account details, social security numbers, and other personal information. Based on consumer reporting, the Federal Trade Commission estimates there are 2.6 billion of these calls each month!

Maybe you know better than to give personal information over the phone, but some scammers can use any response you give, even a simple “yes.” For example, one of the robocall scams circulating last year started with the line “Can you hear me?” If someone answered “yes,” the response was recorded and used to authorize fraudulent charges on the victim’s accounts over the phone.

Some robocall scams will impersonate familiar entities like the IRS or charity organizations. In one recent scourge of fraudulent robocalls, recordings posed as Google account specialists. Another tactic these scams use is known as spoofing — calling from a phone number that will look familiar to you, perhaps sharing the same area code or prefix.

Authorities are cracking down on this type of fraud, but they are still far from eradicating the problem — if that’s even possible. Meanwhile, there are many ways you can protect yourself from becoming a victim of a robocall scam.

1. Don’t answer the phone for an unfamiliar number. If you answer, immediately hang up. Do NOT speak or key any responses.

One of the first lines of defense is not to interact with these machines at all. Answering and immediately hanging up is the next best thing, but you’re likely to keep getting more calls. It’s better not to give any indication that you’re a “live” target.

2. If you responded to a call in the past and suspect it was a scam, check your accounts.

Don’t feel too bad if you’ve fallen for one of these scams — they’re designed to fool the best of us. Simply check your accounts for suspicious activity and change important passwords. Contact your bank or credit card company immediately if your account has been compromised. In fact, checking your account regularly is a good practice. Add it into your routine – it really doesn’t even take that long, and soon will become second nature.

3. If you suspect you may have received fraudulent calls, report them.

These kinds of calls, even if they aren’t exactly scams, are illegal in many cases. Never hesitate to report suspicious calls to the Better Business Bureau’s Scam Tracker or the Federal Communication Commission’s (FCC) Help Center. Even if the scammers didn’t get to you, reporting them will make sure they don’t get to anyone else.

4. Ask your carrier if they have a robocall blocking service.

In November 2017, the FCC approved rules that give carriers more license to block suspicious calls. If there’s a service in place, make sure you opt into it.

5. Fight back: install a robocall-blocking app on your mobile device.

Just as telemarketers have shifted their efforts to cell phones, robocall scams are increasingly targeting mobile phones. Apps such as “Robokiller,” “Nomorobo,” “Should I Answer?” and “Hiya” use robot-detecting technology to create another line of defense between you and the latest scam.

6. Keep your number to yourself.

Just about every online form asks for a phone number, but you don’t have to give this information away. The more your number gets out there, the greater the chance robocall scammers will get their hands on it. Treat your phone number like it’s a part of your personal identity and guard it carefully.

If you feel that any of your First Financial accounts may have been compromised as a result of a scam, please contact Member Services at 732-312-1500 Monday through Friday 8am-6pm EST, or Saturday 8:30am-1pm.

Article Source: Jessica Sommerfield for Moneyning.com

Phishing Scam Alert: Fake Invoices

Scammers have been relentless lately – here they are, back at it with a new twist on an old phishing scam.

Recently, scammers have been posing as well known tech companies and emailing phony invoices which show that you purchased music or apps from them. Check out our recent blog on these types of scams here. The scam emails tell you to click on a link if you did not authorize the purchase. If you get one of these emails, do NOT click on the link! This is a phishing attempt scheme.

What is phishing? When a scammer uses fraudulent emails, copycat websites, or texts to get you to share valuable information. The fraudsters then use this information to commit identity theft or other fraud in your name.

Scammers are also using phishing emails to get access to your computer or network – then they install programs like ransomware that can lock you out of important files on your computer.

Here are some tips to help keep your information secure:

  • Be suspicious if a business, government agency, or organization asks you to click on a link that then asks for your username or password or other personal data. Instead, type in the web address for the organization or call them. The link in the email may look right, but if you click on it you may go to a copycat website run by a scammer.
  • Be cautious about opening attachments. A scammer could even pretend to be a friend or family member, sending messages with malware from a spoofed account.
  • Set your security software to update automatically, and back up your files to an external hard drive or cloud storage. Back up your files regularly and use security software you trust to protect your data.

Lastly, report phishing emails and texts by forwarding them to spam@uce.gov and file a report with the FTC.

If you feel that any of your First Financial accounts may have been compromised as a result of a scam, please contact Member Services at 732-312-1500 Monday through Friday 8am-6pm EST, or Saturday 8:30am-1pm.

Article Source: Ari Lazarus for FTC.gov

Important Member Alert: Tax Scams

We are in the midst of tax season, and you guessed it – the fraudsters are at it again! Please be on the lookout for the following tax scams, where the scammers have been posing as the IRS via phone or email. The most important thing to remember here is that the IRS will never contact you via phone or email.

Click here to watch a short video from NBC Nightly News, which explains some of the recent tax scams.

In the first tax scam scenario, fraudsters will have already obtained an individual’s non-public personal information (name, SSN, date of birth) and bank account information. They may have obtained this information in many different ways (dumpster diving, computer hacking, stolen wallet, pretext calling). They will then file a false tax return using the individual’s name and information. Once they receive confirmation that the tax return has been deposited into the individual’s bank account, they will contact the individual via telephone posing as an employee of the IRS. They will state the funds were deposited to their account in error and order them to pay the funds back or suffer penalties.

In the second tax scam scenario, a fraudster will contact an individual via phone or email, again posing as a representative from the IRS. They will state that they owe back taxes and demand payment from the individual. They will attempt to obtain the individual’s checking account/bank routing number or credit card information to directly debit their account, or they may instruct them to mail a check.

Once again, the IRS will never contact anyone via phone or email – they will only use regular US postal mail. If you receive a phone call or email from the “IRS” – it is not the IRS.

Have you received a tax refund you didn’t file for yet?

  • Contact your financial institution immediately.
  • Have your financial institution return anything direct deposited into your account to the IRS, and then call the IRS at 1-800-829-1040
  • For an actual check received in the mail, write VOID across the front of the check and mail it to the IRS location closest to you by entering your zip code at IRS.gov
  • If you cashed the check, you will need to reimburse the IRS with a personal check.
  • For further instructions, visit the tax fraud section of the IRS’ website here.

If you feel that any of your First Financial accounts may have been compromised as a result of a tax scam, please contact Member Services at 732-312-1500 Monday through Friday 8am-6pm EST, or Saturday 8:30am-1pm.

Article Sources: NBC Nightly News and IRS.gov

Scammers Impersonating the Social Security Administration

Your Social Security number is an important key for an identity thief. Scammers want it, and they think of all sorts of ways to trick you into giving it away.

The Federal Trade Commission has been getting reports about calls from scammers claiming to be from the Social Security Administration. They say there’s been a computer problem, and they need to confirm your Social Security number.

Others have come across spoof websites that look like the place where you would apply for a new Social Security card – but these websites are actually a setup to steal your personal information.

If you get a phone call or are directed to a website other than ssa.gov that is claiming to be associated with the Social Security Administration, don’t respond. It’s most likely a scam.

Here are some tips to deal with these government imposters:

  • Don’t give the caller your information. Never give out or confirm sensitive information – like your bank account, credit card, or Social Security Number – unless you know who you’re dealing with. If someone has contacted you, you can’t be sure who they are.
  • Don’t trust a name or number. Con artists use official-sounding names to make you trust them. To make their call seem legitimate, scammers use internet technology to spoof their area code – so although it may seem they are calling from Washington DC, they could be calling from anywhere in the world.
  • Check with the Social Security Administration. The SSA has a warning about these scams and suggests you contact them directly at 1-800-772-1213 to verify the reason for the contact and the person’s identity prior to providing any information to the caller.

If you come across one of these scams, please report it to the Social Security Administration’s Fraud Hotline at 1-800-269-0271 and then tell the FTC about it.

Don’t become an ID Theft victim! Learn how to prevent identity theft with our ID theft protection guide.

Article Source: Ari Lazarus for the Federal Trade Commission