Don’t Fall Victim to These Phishing Scams

There are a number of unscrupulous types out there, waiting to take your hard earned money. One of the most common ways criminals try and scam you is to “phish” for your information. In these types of scams, you are asked to reveal personal financial information. This information can then be used to commit identity fraud — and can cost you in time and money.

Here are some phishing scams to be aware of:

You made a purchase. It usually involves an email message that claims to be sending you a receipt for a purchase at a major retailer. If you didn’t make that purchase, don’t open the PDF attachment! Even if you did, do not call the number in the document to make a dispute. Instead, look at your card statement independently to verify whether there was a purchase or not. For example, Apple is a common retailer used in this type of scam and if you look closely, the email message doesn’t come from Apple.com.

Lower your credit card interest rate. Who doesn’t want a lower interest rate on their credit cards? This phishing scam involves a phone call, and a recorded message telling you that you qualify for a lower rate. You then press a number, and you are prompted to enter your credit card number.  Hopefully you can see where this is going in terms of identity fraud …

Unlock your bank account. Some people have received phone calls claiming that their bank accounts are locked. If you receive a call like this, you might even be told that there has been some “suspicious activity on your account.” It sounds like your bank has locked down your account on your behalf. All you need to do to unlock your account is give them your account number.  And, unlike a credit card with its fraud protections, there isn’t much you can do if someone decides to drain your bank account. The moral of this story: your actual bank already knows your account number, you will never need to give it to them.

Hotel computer crash. According to Consumer Reports, the Better Business Bureau is reporting on an interesting scam that has cropped up. You receive a call on your hotel phone. The person on the other end claims to be from the front desk. The computer system has crashed, and all the data is gone — including your credit card data. All you have to do is give the information over the phone, and everything will be straightened out. This is a complete scam, and now the scammer has your credit card information to start using.

It is important not to give out personal financial information out unless you can verify the source. Additionally, don’t give out information over the phone when some calls asking for it. Always realize that your bank and credit card issuers won’t ask for your full account number; they already have it! Anyone who asks for your full account number for “security” or “verification” is probably almost always a scammer.

Bottom Line: Be on guard for phishing scams, whether they are perpetrated via email or over the phone. Keep your personal financial information private, and remember to verify information coming from others independently.

Article Source: Miranda Marquit for Moneyning.com

Important Member Alert: Tax Season Phishing Scams

It’s tax filing season, and the Internal Revenue Service (IRS) and state tax agencies have issued warnings related to a recent increase in sophisticated phishing emails. The emails appear to come from the IRS and demand a payment or threaten to seize tax refunds as a result of non-payment.

What is phishing? Phishing is a tactic cyber criminals use to collect an individual’s online banking, credit card, or other identifying account information. Once received, the cyber criminals can use your information and make transactions as you.

The tax refund season is the time of year in which the majority of tax related scams occur and there is increased vulnerability. This year, the IRS has reported a 60% increase in phishing emails attempting to steal taxpayer funds and tax-related information.

Phishing emails can be hard to detect. Often, intimidation tactics and urgent requests are commonly used by cyber criminals. The emails sent in a phishing attempt will appear to come from a trusted source, using a spoofed or compromised email address. Phishing emails usually contain stolen logos and often include hyperlinks to malicious websites, or contain attachments that are embedded with malware or viruses.

Targeted tax time victims have reported that their emails contained the following:

  • An email originating from IRS Online
  • Contained an attachment titled “Tax Account Transcript”
  • A subject line using the phrase “Tax Transcript”

In addition to email phishing scams, similar phone scams have also been reported. A common phishing phone attempt involved a caller claiming to be from the IRS and threatening victims with a lawsuit or arrest if a tax payment isn’t made immediately with a debit card.

To reduce your risk of falling victim to a phishing scam:

  • Remember that the IRS will never initiate contact with taxpayers via email, text, or social media network to request personal or financial information.
  • The IRS also will never call a taxpayer and threaten a lawsuit or arrest.
  • Do not click on links or open email attachments from an unknown or suspicious source. Even if the email appears to be from someone you know, subtle variations will be present in the sender’s email address (for example: JohnSmith1@abc.com instead of JohnSmithI@abc.com).
  • Another red flag for email recipients includes grammatical errors and spelling mistakes. Legitimate professional organizations and agencies typically do not contain such errors in their communications.
  • For more information on preventing and reporting tax scams to the IRS, click here.

Article Source: CUNA Risk Alert, December 2018

Phishing Scam Alert: Fake Invoices

Scammers have been relentless lately – here they are, back at it with a new twist on an old phishing scam.

Recently, scammers have been posing as well known tech companies and emailing phony invoices which show that you purchased music or apps from them. Check out our recent blog on these types of scams here. The scam emails tell you to click on a link if you did not authorize the purchase. If you get one of these emails, do NOT click on the link! This is a phishing attempt scheme.

What is phishing? When a scammer uses fraudulent emails, copycat websites, or texts to get you to share valuable information. The fraudsters then use this information to commit identity theft or other fraud in your name.

Scammers are also using phishing emails to get access to your computer or network – then they install programs like ransomware that can lock you out of important files on your computer.

Here are some tips to help keep your information secure:

  • Be suspicious if a business, government agency, or organization asks you to click on a link that then asks for your username or password or other personal data. Instead, type in the web address for the organization or call them. The link in the email may look right, but if you click on it you may go to a copycat website run by a scammer.
  • Be cautious about opening attachments. A scammer could even pretend to be a friend or family member, sending messages with malware from a spoofed account.
  • Set your security software to update automatically, and back up your files to an external hard drive or cloud storage. Back up your files regularly and use security software you trust to protect your data.

Lastly, report phishing emails and texts by forwarding them to spam@uce.gov and file a report with the FTC.

If you feel that any of your First Financial accounts may have been compromised as a result of a scam, please contact Member Services at 732-312-1500 Monday through Friday 8am-6pm EST, or Saturday 8:30am-1pm.

Article Source: Ari Lazarus for FTC.gov