Fraud Safety and Prevention
Protect your finances, identity and peace of mind
Technology has revolutionized the way we conduct financial transactions and share personal information, which means the risk of falling victim to fraudulent activities has never been higher. Whether you’re a seasoned online shopper, a small business owner, or simply someone who values their financial security, this page is designed to keep you informed on the latest fraud scams and cybersecurity alerts, and offer practical tips to stay one step ahead of fraudsters.
Common Types of Fraud
Learn about the different types of fraud and cybercrimes, along with steps you can take to avoid them.
Credit and Debit Card Fraud
Credit card fraud and debit card fraud are financial crimes that involve unauthorized or fraudulent use of credit or debit cards to make purchases, withdraw cash, or engage in other financial transactions. Both credit and debit card fraud can lead to financial losses and identity theft.
Here are steps you can take to reduce your risk of card fraud:
- Protect Your Card Information. Keep your cards in a secure location and never share your card numbers, PINs, or CVVs with anyone. Try to memorize your PIN instead of writing it down.
- Regularly Check Your Statements. Review your credit card and bank statements regularly, looking for any unauthorized or suspicious transactions. If you find a discrepancy, report them to your card issuer or financial institution immediately.
- Be Cautious with Online Transactions. Only make online purchases from reputable and secure websites. Ensure the website’s URL starts with “https” and displays a padlock symbol, indicating a secure connection. Do not save card information on websites or apps unless it’s absolutely necessary.
- Use Card Controls and Alerts. Card Controls allows you to quickly lock your debit or credit card inside the COPFCU mobile app anytime you suspect it to be lost or stolen. Locking your card will prevent any additional transactions from being made. Once the card is locked, contact our Lost/Stolen hotline to deactivate the card.
Receive a text notification anytime your debit or credit card is used by signing up for Instant Transaction Alerts. Alerts can be customized by dollar amount and type, and ensure that your cards are not being used without your knowledge.
By following these steps, you can reduce the risk of credit card and debit card fraud and better protect your financial well-being.
Check cashing fraud is a type of financial scam or criminal activity that involves manipulating or exploiting the check cashing process to obtain unauthorized funds. This typically occurs when an individual attempts to cash a fraudulent or altered check, deceive a financial institution, or engage in illegal activities related to check cashing.
Check cashing fraud can take various forms, including:
- Counterfeit Checks: Criminals create fake checks that appear genuine, often using high-quality printing equipment to mimic legitimate financial instruments.
- Altered Checks: Fraudsters modify legitimate checks by changing details such as the payee’s name, the check amount, or the date to gain more money than originally intended.
- Identity Theft: Perpetrators may use stolen or forged identification to impersonate the payee, making it seem as though the check is being cashed by the rightful recipient.
Here are steps you can take to reduce your risk of check cashing fraud:
- Secure Your Checks. Store your checks in a secure location to prevent theft. Use checks with security features like watermarks, holograms, or special ink.
- Use Secure Mail Service. When sending checks in the mail, take them directly to the post office or use an in-branch drop box instead of sending them from your mailbox at home.
- Shred Old Checks. Safely dispose of old or canceled checks by shredding them to prevent unauthorized individuals from retrieving your account information.
- Report Suspected Fraud. If you suspect check cashing fraud, report it to your credit union or bank immediately.
Check cashing fraud can result in significant financial losses for individuals who unknowingly participate in the scheme. By taking these steps, you can reduce your risk of falling victim to check cashing fraud and minimize potential financial losses.
Internet Security / Phishing
Phishing is a type of cyberattack or online scam that involves fraudulent attempts to trick individuals into disclosing sensitive information, such as login credentials, credit card numbers, or personal information. These attacks are typically carried out by posing as a trustworthy entity, often using emails, websites, or messages that appear legitimate. The ultimate goal of phishing is to steal information or carry out other malicious activities, such as spreading malware.
Here are the key characteristics of phishing:
- Impersonation: Phishers impersonate legitimate organizations, such as banks, government agencies, or well-known companies, to gain the trust of their targets.
- Deceptive Communication: Phishers use emails, text messages, or other forms of communication to create a sense of urgency or concern, prompting the recipient to take immediate action.
- Spoofed Websites: Phishing emails often contain links to fake websites that closely resemble legitimate sites, where victims are encouraged to enter their sensitive information.
- Social Engineering: Phishers employ psychological manipulation to exploit human behavior. They may use scare tactics, urgency, or appeals to curiosity to entice victims to click on links or provide information.
- Malware Distribution: Some phishing attempts may also deliver malware onto the victim’s device, allowing the attacker to gain access to the system or steal information.
Here are steps you can take to protect yourself against phishing attacks:
- Stay Informed. Keep up-to-date with the latest phishing trends and tactics. Awareness is the first line of defense. Share information about phishing scams with friends and family to help protect them as well.
- Check for Red Flags. Be cautious of emails or messages from unknown senders. Look for signs of phishing, such as generic greetings or spelling and grammar errors.
- Avoid Clicking Suspicious Links. Hover over links in emails to see where they lead before clicking. Be cautious of shortened URLs. Don’t click on links in unsolicited emails or messages, especially if they request sensitive information.
- Double-Check Website Authenticity. When directed to a website, ensure the URL is legitimate and secure. Look for “https://” and a padlock symbol in the address bar. You can also manually type the web address rather than clicking on links in emails or messages.
- Beware of Urgency and Pressure. Be skeptical of emails or messages that create a sense of urgency, pressure you to act quickly, or threaten consequences for not complying.
- Keep Software and Antivirus Up to Date. Regularly update your operating system, web browser, and antivirus software to patch security vulnerabilities.
- Be Cautious with Personal Information. Think twice about what you share on social media and other online platforms. Phishers may use personal information that’s available online to craft convincing scams.
By following these steps and remaining vigilant, you can reduce your risk of falling victim to phishing attacks and protect your personal information and online security.
Phone Security / Vishing
Vishing is a type of cyberattack or scam that relies on voice communication to deceive individuals into revealing sensitive information or taking certain actions. The term “vishing” is a combination of “voice” and “phishing” (which stands for “voice phishing”). In vishing attacks, fraudsters often impersonate trusted entities, such as banks, government agencies, or companies, using phone calls or voicemail messages to manipulate victims.
Key characteristics of vishing attacks include:
- Caller Impersonation: Vishing attackers pose as legitimate organizations, often using techniques like Caller ID spoofing to make it appear as though the call is coming from a reputable source.
- Social Engineering: Attackers use persuasive and deceptive tactics to manipulate the victim into divulging personal information, such as account numbers, PINs, or other sensitive data. They may create a sense of urgency or fear to pressure the victim into compliance.
- Pretexting: Vishing often involves a pretext, where the attacker creates a plausible scenario or backstory to make the call seem legitimate. For example, the caller may claim to be from a bank’s fraud department investigating suspicious activity.
- Call-Back Numbers: Vishing attackers might provide a callback number for the victim, which, unbeknownst to the victim, connects to the scammer or an accomplice.
Here are steps you can take to guard yourself against vishing attacks:
- Verify Caller Identity. Always verify the identity of the caller and their organization before sharing any personal or financial information. If you receive a call from someone claiming to be from a legitimate organization, hang up and independently look up the official contact information for that organization to call them back. Do not use the number provided by the caller.
- Do Not Share Sensitive Information. Refrain from sharing personal, financial, or sensitive information over the phone, especially if the call is unsolicited or unexpected. As a reminder, COPFCU will never call, text or email you asking for personal or account information.
- Beware of Urgency and Pressure. Be skeptical of callers who create a sense of urgency, pressure you to make quick decisions, or threaten consequences if you don’t comply.
- Be Cautious with Automated Calls. Automated voice messages can also be used for vishing. Be cautious with unsolicited automated calls and do not follow their instructions unless you are sure of their legitimacy.
- Report Suspicious Calls. Report vishing attempts to your local law enforcement, the Federal Trade Commission (FTC), or other relevant authorities. Providing details of the call can help in tracking and preventing future scams.
- Stay Educated and Informed. Stay informed about current vishing tactics and scams to recognize new threats. Share information about vishing scams with family members, friends, and colleagues to raise awareness and help protect others.
Vishing attempts can be convincing, but by following these precautions and staying vigilant, you can reduce the risk of falling victim to these scams. Always prioritize your personal and financial security when receiving unexpected or unsolicited calls.
Common Fraud Scams
Fraud scams come in many different forms. Learn how you can spot them so you can better protect yourself against fraud.
Romance scams, also known as “catfishing” scams, are a type of online fraud where criminals create fake romantic relationships with the intent of manipulating victims into sending money or providing personal information. These scams typically unfold as follows:
- Creation of a Fake Profile: Scammers create a fake online persona, often on dating websites, social media platforms, or even in online gaming communities. They may use stolen photos and create an attractive and convincing identity.
- Establishing a Connection: Once the fake profile is set up, scammers reach out to potential victims and initiate a conversation. They use flattery, affectionate messages, and emotional manipulation to build trust and a sense of intimacy.
- Building a “Relationship”: Over time, the scammer nurtures the online relationship, often pretending to be in a different location or facing personal hardships. They may even profess their love and desire to meet in person in the future.
- Request for Money: At a certain point in the relationship, the scammer invents a convincing reason to ask for money. This could be framed as a medical emergency, travel expenses to meet in person, or any number of fabricated situations.
- Financial Exploitation: Once the victim sends money, the scammer may continue inventing excuses to request more funds. This cycle can continue until the victim realizes they are being scammed or runs out of money.
- Discovery or Realization: In some cases, victims eventually realize they have been conned. This often leads to feelings of embarrassment and distress.
Romance scams are not only financially damaging but can also have a profound emotional impact on victims. Scammers are skilled at exploiting vulnerabilities and emotions, and they prey on individuals seeking genuine love and companionship.
To protect yourself from romance scams, it’s crucial to remain cautious online, avoid sending money to someone you’ve never met in person, and be skeptical of individuals who rush the development of an online relationship or avoid in-person meetings. Additionally, reporting suspicious profiles to the platform or site where you encountered them can help prevent others from falling victim to the same scams.
Money mule scams are a type of financial fraud in which individuals, often unwittingly, are used to transfer and launder money acquired through illegal means.
Here’s how these scams typically work:
- Recruitment: Scammers look for potential victims, often through online job postings or social media. They may present the opportunity as a work-from-home job or a way to earn easy money.
- Deception: The victim is often told they will be handling financial transactions for a legitimate business. They may be promised a commission or a percentage of the funds they transfer.
- Money Transfer: Once the victim is recruited, they are given funds, usually deposited into their bank account or sent via a money transfer service. They are then instructed to transfer these funds to another account, often located in a different country.
- Money Laundering: The money that passes through the victim’s account serves to obscure its origins, making it difficult for authorities to trace back to the criminal activities that generated it. Money mules effectively launder the illicit funds, making it appear as if they came from a legitimate source.
- Legal Consequences: Money mules are usually unaware of the illegal nature of their actions. However, being involved in such scams can have serious legal consequences, including criminal charges for money laundering or fraud.
Money mule scams can involve a wide range of illicit activities, including phishing, identity theft, online fraud, and more. It’s essential for individuals to exercise caution when offered any job or financial opportunity that involves receiving and transferring funds, especially when it seems too good to be true. If something seems suspicious or you’re unsure about the legitimacy of a job offer, it’s advisable to verify the details with law enforcement or relevant authorities to avoid unwittingly becoming involved in criminal activity.