Common Warning Signs of Fraud
Phony Email Addresses and Links
If the sender’s email address looks strange or the part of the sender’s email address that shows the domain (website address) doesn’t doesn’t match the company that the sender claims to represent, that email is probably part of a phony email or “phishing” scam. Similarly, move your cursor over any of the links in the email without clicking them so you can see where the link will take you. If a link seems unusual, it’ll probably take you to a fake website. Don’t click or tap on it. Delete the email and report it to the Federal Trade Commission (FTC).
Suspicious Requests for Information
At OAS FCU, never call you, or text you to ask for account information, access codes, Social Security Numbers, driver’s license numbers, or other private information.
If you call us, we may ask you to confirm the last four digits of your Credit or Debit card or Social Security Number or, if you have previously created one, to provide the security code in your account for this specific purpose.
Unusual Payment Methods
Payments are traditionally made by credit card, debit card, cash, wire transfers, ACH, or check. If an individual, business, or nonprofit asks you to pay a bill, make a donation, or send money with a prepaid card, suspicious wire transfer, courier, or cryptocurrency such as bitcoin, this is most likely a sign of fraud. Criminals use these payment methods because they’re difficult to track and cancel.
Legitimate businesses and government agencies will never use high-pressure tactics to try to collect outstanding bills or taxes. If someone claiming to be a bill collector or government agent contacts you by phone, email, or text implying you’ll be arrested, lose Social Security benefits or be subject to an audit or heavy fine if you don’t pay them immediately, it is probably a fraud and should be reported to the Federal Trade Commission (FTC).
Strange Financial Activity
If you notice unusual purchases charged to your accounts, your debit or credit card is unexpectedly denied, or you receive alert notifications of changes to your accounts that you didn’t make, these issues could be the result of compromised cards or accounts, or even identity theft. At OAS FCU, we can detect and alert you to various types of suspicious activity based on your Online Banking eAlert settings. Still, you should constantly monitor your accounts as well.
Examples of Fraudsters in Action
The IRS Fraudster
You receive a phone call from someone claiming to be an Internal Revenue Service or “IRS” agent. They say you’ve been notified repeatedly about owing back taxes. Police are waiting to arrest you if you don’t pay what you owe within an hour. To avoid being arrested, you need to wire money to the caller’s account or authorize them to debit your account. The fraudster is trying to threaten and intimidate you, and the only way they say they’ll stop is if you pay them quickly.
The Delivery Fraudster
You receive an email that appears to be from the postal service or a delivery company. The email says they’ve been trying to deliver a package to you but haven’t been able to. They want you to verify your purchase and schedule a new delivery, so they tell you to click a link and provide information such as an order number or account login. The fraudster is looking for credit card numbers and other private data to steal.
The Crisis Fraudster
In challenging times, there are always criminals looking to take advantage of the situation. For example, some people have been emailed or called by strangers and offered COVID-19 tests if they provided their insurance or Medicare information. The fraudster wants to use this information to commit medical identity theft and issue fraudulent bills and claims. In some cases, they want to trick you into clicking links in emails and text messages that can lead to spyware being installed on your computer or phone.
Social Engineering Fraud
Social engineering is the psychological manipulation of people into performing actions or divulging confidential information. These fraudsters are highly sophisticated and will pretend to be part of reputable companies, so that you let your guard down and divulge sensitive information. To learn what to be on the lookout for, please watch the explanation video by clicking here.
The Pay Yourself Scam
This fraud involves a scammer pretending to be your financial institution. Sending you a text message in the form of a security alert, so that you introduce your credentials into a fake website or reach out and provide them with sensitive information regarding your account. To learn what to be on the lookout for, please watch the explanation video by clicking here.
Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker; or to deploy malicious software on the victim’s infrastructure like ransomware. As phishing attacks become increasingly more sophisticated, we wanted to share a quick video on how to be safe. To learn what to be on the lookout for, please watch the explanation video by clicking here.
If you receive a phishing email or phone text message, we encourage you to report it to the proper authorities. That way, you can do your part to help fight scammers.
Step 1. Forward the email to the Anti-Phishing Working Group at [email protected]. For text messages, copy and text it to “SPAM” (7726). Remember: Do not click or tap any links.
Step 2. Report the phishing attack to the Federal Trade Commission (FTC) by calling 1-877-FTC-HELP (1-877-382-4357) or filing a complaint online at ftc.gov/complaint.
If you think a scammer has your information, such as your Social Security Number, credit or debit card, or bank account number, visit IdentityTheft.gov and take the specific steps listed based on the information that you lost. If you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer’s security software now. Then run a system scan.