Important Member Alert: Tech Support Scams

Recently, we have learned that some of our First Financial members have fallen victim to a new line of scams – where fraudsters claim to be Microsoft or Apple tech support employees. Please read the following important details about this latest scam from the Federal Trade Commission.

How the Scam Works

Scammers may call, place alarming pop-up messages on your computer, offer free “security” scans, or set up fake websites – all to convince you that your computer is infected. The scammers try to get you on the phone, and then work to convince you there’s a problem. Finally, they ask you to pay them to fix that non-existent problem.

To convince you that both the scammers and the problems are real, the scammers may:

  • Pretend to be from a well-known company – like Microsoft or Apple.
  • Use technical terms.
  • Ask you to get on your computer and open some files – and then tell you those files show a problem (when they don’t).

Then, once they’ve convinced you that your computer has a problem, the scammers might:

  • Ask you to give them remote access to your computer – which lets them change your computer settings so your computer is vulnerable to attack.
  • Trick you into installing malware that gives them access to your computer and sensitive data, like user names and passwords.
  • Try to sell you software that’s worthless, or that you could get elsewhere for free.
  • Try to enroll you in a worthless computer maintenance or warranty program.
  • Ask for credit card information so they can bill you for phony services, or services you could get elsewhere for free.
  • Direct you to websites and ask you to enter your credit card number and other personal information.

These scammers want to get your money, access to your computer, or both. But here’s what you can do to stop them.

If You Get a Call or Pop-Up

  • If you get an unexpected or urgent call from someone who claims to be tech support, hang up. It’s not a real call. And don’t rely on caller ID to prove who a caller is. Criminals can make caller ID seem like they’re calling from a legitimate company or a local number.
  • If you get a pop-up message that tells you to call tech support, ignore it. There are legitimate pop-ups from your security software to do things like update your operating system. But do not call a number that pops up on your screen in a warning about a computer problem.
  • If you’re concerned about your computer, call your security software company directly – but don’t use the phone number in the pop-up or on caller ID. Instead, look for the company’s contact information online, or on a software package or your receipt.
  • Never share passwords or give control of your computer to anyone who contacts you.

If You Were Scammed

  • Get rid of the malware. Update or download legitimate security software and scan your computer. Delete anything the software says is a problem.
  • Change any passwords that you shared with someone. Change the passwords on every account that uses passwords you shared.
  • If you paid for bogus services with a credit card, call your credit card company and ask to reverse the charges. Check your statements for any charges you didn’t make, and ask to reverse those, too. Report it to ftc.gov/complaint.

Refund Scams

If you paid for tech support services, and you later get a call about a refund, that call is probably also a scam. Don’t give out any personal or financial information.

The refund scam works like this: Several months after a purchase, someone calls to ask if you were happy with the service. If you say no, the scammer offers a refund. Or, the caller says the company is going out of business and giving refunds. The scammer eventually asks for your credit card number, or asks for access to your bank account to make a deposit. But instead of putting money in your account, the scammer takes money from your account.

If you get any calls like this, hang up, and report it immediately: ftc.gov/complaint.

If at anytime you feel any of your First Financial accounts may have been compromised in this or a similar scam, contact our Member Relationship Center right away at 732.312.1500. If your First Financial credit or debit cards were compromised in a scam, call the 24/7 toll-free number on the back of your card to report the incident and replace your card. All important phone numbers for members can be found on our website: https://www.firstffcu.com/contact-us.htm

Article Source: https://www.consumer.ftc.gov/articles/0346-tech-support-scams

Important Member Notice: Same Day Electronic Payments

On September 15, 2017 Same Day ACH payments will be coming to merchants and billing companies. This means that if you agree to make an electronic payment, funds might be debited from your account as soon as the very same day. Previously, it may have taken a couple of days for payments to post. Starting on September 15th, this may no longer be the case.

When making a payment or paying a bill through ACH, available funds must be in your account. If the funds are not immediately available, we recommend you wait until funds are available before making the payment. If funds are not available and are debited from your account, we may charge you a fee. If you do not have overdraft protection, you will also incur an additional fee from the merchant or billing company.

FAQs:

1. What is an ACH payment/debit?

These are electronic debits that are commonly known as Direct Payment, Direct Debit, ACH Debit, Electronic Check or e-check, and similar terms.

2. Why is this changing?

As part of an effort to improve and modernize U.S. payments systems, electronic debit payments can now be processed same day. It is a nation wide regulation intended to provide faster access to funds.

3. What are the benefits?

Many merchants and billing companies may offer you the option to make a same day electronic payment, such as to pay a bill or to transfer funds. If you agree, then the funds might be debited from your account that same day. For example, if you have a bill due on the 20th of the month, the billing company might allow you to call or use its website on the morning of the 20th to make an on time payment, and also have the funds debited from your account on the 20th. While these types of payments won’t be reflected on your account balance as quickly as your debit card and ATM transactions, you will have access to more accurate information about your actual available account balance more frequently throughout the business day.

4. Who offers same day payments?

Merchants and billing companies may have an option for same day payment. As soon as that same day, funds may be debited from your account. We recommend that you do not make a payment unless sufficient funds are in your account.

5. What will happen if I make a payment and it is processed before sufficient funds are available in my account?

If you have overdraft protection the payment will go through, but you will incur an overdraft fee. If you do not have overdraft protection – the payment will be returned and you will incur a return fee, plus you may also incur another fee from the merchant or billing company. If you are interested in overdraft protection please contact our Member Relationship Center during business hours at 732-312-1500.

6. Will this affect me if I use Bill Pay or have a scheduled recurring payment?

If a payment is scheduled to be made on a certain day, the electronic payment will be processed and funds may be debited from your account that day. For example, if a bill/automatic payment is scheduled for the 20th of every month, please make sure those funds are available before the 20th.

7. What can I do to prevent my account from being overdrawn?

We offer account alerts via email and text message so that you can stay up-to-date on your account status. To set up these alerts, please click here and follow the enrollment steps.

We also offer overdraft lines of credit. To apply for an overdraft line of credit, please call our Member Relationship Center at 732-312-1500.

If you have any questions about same day ACH, please do not hesitate to contact us.

-First Financial Federal Credit Union

 

 

eBay Asks 145 Million Users to Change Passwords After Data Breach

alert-resized-600Online commerce giant, eBay, recently asked users to change their passwords after hackers stole encrypted passwords and other personal information, including names, e-mail addresses, physical addresses, phone numbers and dates of birth.

The data breach occurred between late February and early March 2014, according to a press statement posted on the company’s website.

The company stated that Cyberattackers compromised a small number of employee log-in credentials, allowing unauthorized access to eBay’s corporate network. The company is currently working with law enforcement and security experts to investigate the breach and has not noticed any fraudulent activity related to the incident. eBay discovered the breach in early May, meaning it went unnoticed for about a month. The company spent a few weeks investigating the incident before disclosing it to the public.

Here’s what you need to know:

  • The company is asking all of its 145 million active users to change their passwords as a “precautionary measure,” but is not sure how many accounts were compromised in the breach.
  • No financial information, including credit card numbers, were stolen.
  • Paypal information was also safe because it was encrypted and stored on a different network.
  • Users that use their eBay password elsewhere should immediately go change that password on other sites – especially their e-mail.

It is important that users heed eBay’s request to change their passwords because the hackers may eventually be able to break the encryption that secures them.

Don’t wait until it’s too late! Check out First Financial’s ID Theft Protection products – with our Fully Managed Identity Recovery services, you don’t need to worry. A professional Recovery Advocate will do the work on your behalf, based on a plan that you approve. Should you experience an Identity Theft incident, your Recovery Advocate will stick with you all along the way – and will be there for you until your good name is restored and you can try it FREE for 90 days!*

Our ID Theft Protection options may include some of the following services, based on the package you choose to enroll in: Lost Document Replacement, Credit Bureau Monitoring, Score Tracker, and Three-Generation Family Benefit. To learn more about our ID Theft Protection products, click here and enroll today!**

*Available for new enrollments only. After the free trial of 90 days, the member must contact the Credit Union to opt-out of ID Theft Protection or the monthly fee of $4.95 will automatically be deducted out of the base savings account or $8.95 will be deducted out of the First Protection Checking account (depending upon the coverage option selected), on a monthly basis or until the member opts out of the program. **Identity Theft insurance underwritten by subsidiaries or affiliates of Chartis Inc. The description herein is a summary and intended for informational purposes only and does not include all terms, conditions and exclusions of the policies described. Please refer to the actual policies for terms, conditions, and exclusions of coverage. Coverage may not be available in all jurisdictions.

Article source courtesy of Andrea Peterson of the Washington Post.

Important Alert: Card Cracking Scam Targets Students

scamCash-strapped college students are being recruited to participate in a scam
referred to as “card cracking.” Using ATM/debit cards and PINs willingly provided by the students, fraudsters deposit fraudulent checks to the students’ accounts. The funds are subsequently withdrawn by the fraudsters with the students receiving a portion of the funds for their participation.

Details
The “card cracking” scam was reported to originate in Chicago and generally targeted college students who were recruited through social media sites including Facebook, Instagram and YouTube. Participants were even recruited in-person at college campuses. The sales pitch is to allow the fraudster to deposit a check to a student’s account and withdraw the funds for which the student receives half of the proceeds for agreeing to participate. This scam is now being reported nationwide.

Willing participants provide the fraudsters with their ATM/debit cards and PINs. The fraudsters deposit fraudulent checks (stolen or counterfeit checks) to the student accounts via ATMs and subsequently withdraw the funds. Their proposition is simple: If you provide me with access to your account so I can deposit a check and withdraw the money, I will provide you with half of the proceeds.

After initial contact is made, the scammer arranges to meet up with the student to retrieve the debit card and corresponding PIN. The deposit is made, the money is withdrawn and then the fraudulent checks were subsequently returned unpaid and charged back to the students’ accounts. Following the fraudsters’ instructions, the participants report their ATM/debit card as lost or stolen and that the transactions were fraudulent.

The participants may not be entitled to protection under Regulation E (Reg E) for
unauthorized use of their ATM/debit card since they willingly provided their card to the
fraudsters which contains an exclusion to the definition of unauthorized
electronic fund transfer:

Unauthorized electronic fund transfer means an electronic fund transfer from a consumer’s account initiated by a person other than the consumer without actual authority to initiate the transfer, and from which the consumer receives no benefit. The term does not include an electronic fund transfer initiated by a person who was furnished access to the consumer’s account by the consumer, unless the consumer has notified their financial institution that transfers by that person are no longer authorized.

This is a huge risk – especially for students who may have large amounts going through their accounts from loans, scholarships and tuition reimbursements.

“Even though the students might be considered victims, authorities point out that providing their debit cards to someone else is a crime,” the Sun-Times of Chicago says.

There’s an easy solution: Never share your account information, debit card or PIN! 

Here are some other safety tips you should keep in mind:

  • Always verify the identity of the person trying to obtain personal information.
  • Never give personal information to someone over the phone or via email. Personal information includes: Birth dates, social security numbers, maiden names, addresses, bank account numbers, debit/credit card numbers, PIN numbers, etc.
  • Maintain a record of the phone call or solicitation. Write down the phone number that the person is calling from, the time and date they called, the caller’s name, and reported affiliation. If it was online, save a copy of the email conversation or advertisement.
  • If it sounds too good to be true, it probably is.
  • If you believe you may be a victim of fraud call your local police department so authorities can be alerted to the activity. You can also report email or internet scams to the Internet Crime Complaint Center (IC3) by going online to http://www.ic3.gov.

Check out First Financial’s ID Theft Protection products – with our Fully Managed Identity Recovery services, you don’t need to worry. A professional Recovery Advocate will do the work on your behalf, based on a plan that you approve. Should you experience an Identity Theft incident, your Recovery Advocate will stick with you all along the way – and will be there for you until your good name is restoredTo learn more about our ID Theft Protection products, click here and enroll today!*

Click the links to view more information from the original article sources: Yahoo Finance, Explorer News and CUNA Mutual Group.

*Identity Theft insurance underwritten by subsidiaries or affiliates of Chartis Inc. The description herein is a summary and intended for informational purposes only and does not include all terms, conditions and exclusions of the policies described. Please refer to the actual policies for terms, conditions, and exclusions of coverage. Coverage may not be available in all jurisdictions.

Important Vishing Scam Alert – March 2014

alert-resized-600Vishing calls originating from (410) 768-7599 are being made via automated dialer to random telephone numbers. Vishing or Voice phishing is the criminal practice of using social engineering over the telephone system to gain access to private personal and financial information from the public for the purpose of financial reward.

SCAM DETAILS

  • Calls are automated and a recorded message warns that there is a very important matter to discuss that involves a lower interest rate on a credit card. Victims are encouraged to press 1 to speak to a representative.
  • Callers who press 1 are directed to a call center operator/fraudster.
  • The operator who answers the call has a very heavy accent and at no time asks the victim what their name is or where they live. Operators focus on collecting payment card expiration dates and the last 12 digits of the victim’s payment card.
  • Card issuer brands are never mentioned.

BEST PRACTICES

  • Please do not call the potentially fraudulent number. Law enforcement and local communication companies may be in the middle of an investigation that will be compromised if the fraudsters become suspicious.

If you receive any suspicious calls from this phone number, do not call it back – please contact us immediately at 866.750.0100 so we can report the scam. Due to an increase in these vishing scams, it is important to be cautious if you receive any calls from unknown numbers or area codes. If you have any additional questions or concerns, please give us a call or email us at info@firstffcu.com. Thank you for being a valued member of First Financial.

*Article source courtesy of FICO Alert Bulletin 14.03.

Warning: Record Breaking Phishing Attack Attempts

phishing-scammerResearchers at Kaspersky Lab have documented a drastic increase in the number of web users who have been “subjected” to phishing attacks over the past year, according to a new report.

The Moscow-headquartered security firm found that 37.3 million people faced the prospect of being phished in 2012 to present day, an 87 percent increase over the same period between 2011 and 2012.

In its “The Evolution of Phishing Attacks” study, Kaspersky Lab studied threats faced by roughly 50 million customers running its security products.

For several years, Kaspersky researchers have been warning that phishing is the preferred method of online criminals to steal information and foist malware – almost always with the goal to profit – but the mechanisms to automate the process are becoming even more rapidly automated and commercialized with each passing year.

“The nature of phishing attacks is such that the simplest types can be launched without any major infrastructure investments or in-depth technological research,” the report said. “This situation has led to its own form of commercialization of these types of attacks, and phishing is now being almost industrialized, both by cyber criminals with professional technological skills and IT dilettantes.”

Phishing can be spread in various ways, with most attacks (89 percent) appearing in the browser, versus email (11 percent), the report states.

“Phishers use several different methods to trick their potential victims,” the report said. “In addition to the obvious need to create a detailed copy of a website that will be used to attack the victim, the criminals also prepare their cover story by using similar website URLs, replacing one or several characters in the name of the website, or using recognizable website names in the sub-domains.

“If the delivery channel for a phishing link is email or electronic documents (.doc, .odf, or others), malicious users will often resort to the hyperlink features typically available in most text editors and email clients,” the report added. “In this case, the text of the email or document will display the link to the real site, but the link will actually lead to the website created by the malicious users.”

As expected, popular brands like Google, Amazon and Facebook are common brands that are abused by phishing attacks, as well as banks and other financial institutions, according to the study. Most of the scams targeted users in Russia, the United States, India, Vietnam and the U.K.

Please be sure to monitor your personal information and be cautious of the sites you provide with your financial information. If you notice any fraudulent or suspicious activity on any of your First Financial accounts, contact us by calling 866.750.0100, e-mailing info@firstffcu.com or stopping into any one of our branches.

To protect yourself and your loved ones from identity theft, enroll in First Financial’s new ID Theft Protection products today!  Our products provide you with a professional Recovery Advocate who will do the work on your behalf, based on a plan that you approve. Should you experience an Identity Theft incident, your Recovery Advocate will stick with you all along the way – and will be there for you until your good name is restored. First Financial’s ID Theft Protection products include features such as lost document replacement, credit bureau monitoring, score tracker, and more.  For more details or to get started click here.

*Click here to view the article source.