Protect Yourself from Fraud and Identity Theft
At UFirst, we never stop working to protect your security. We constantly monitor for risks and use specialized systems to immediately eliminate potential threats to your data. We diligently protect your sensitive information, but there are additional things you can do to stay safe. Here are some ways you can increase your own safety, and protect yourself from identity theft and financial fraud.
Remember, UFirst will never verbally ask you for your secure access code. Please never share a secure access code over the phone. If you are asked for sensitive information in a call or text message, stop engaging. You can contact UFirst directly at 801-481-8800 to confirm the legitimacy of any request.
Critical Safety Tip
UFirst will never ask
you for your username, password, PIN, secure access code, or for your full Social Security Number. Never
share your personal details with an unverified source! Learn more about the DOs and DON'Ts of fraud
Be Aware of Common Fraud Types and Behaviors
Despite everything financial institutions do to prevent cyber fraud, it remains a legitimate threat. Scammers can be well disguised, but they also display red flag behaviors that can reveal fraudulent activity.
As a general rule, any offer that sounds too good to be true, is probably not true (especially
when it comes from a questionable, unproven or unsolicited source). Similarly, attempts to intimidate or
threaten you into taking immediate action (usually involving payments), are also red flags. Imposters
are known to use fear and urgency to obtain your personal data. The first step in being proactive with
your financial fraud protection is to be aware of the red flags and respond accordingly.
What are some examples of red flag behaviors?
- phone calls or requests for protected personal or financial data (like your account numbers or social security number - your financial institution will never call you to “confirm” those details)
- text messages that alert you of inaccurate issues with your debit or credit cards
- phone calls that demand immediate action (especially regarding money or protected account details)
- any veiled or blatant threats
- links to unknown or suspicious URL
Common Financial Fraud Scams
Watch Out for These Common Schemes
Online Banking Secure Access Code Scam
Members may receive a text message containing an alert to verify unusual account activity or to inform that a banking account has been restricted. These illegitimate texts are phishing for a response. When a member engages with the illegitimate text, scammers will then call that member, claim to be an agent of your financial institution, and verbally ask for the online banking secure access code. If provided, scammers gain access to the member’s accounts. Remember to never share sensitive data as it puts your accounts, finances and identity at risk
Robocalls are becoming more and more frequent. If you receive a call from a prerecorded or “robotic” voice that alerts you of an urgent situation that requires immediate attention, or pitches an offer that’s “time sensitive” or “just for you,” these could be phishing calls designed to obtain personal information that could lead to financial fraud or identity theft.
Be skeptical of any phone call that demands action or threatens fines if immediate action is not taken. If you receive a call like this, do not engage verbally or press buttons. Any action other than hanging-up could lead to you being targeted by additional scams.
Pin fraud happens when a scammer contacts you to confirm or change your PIN. But remember, financial
institutions will never ask you for your secure information. PIN codes are intentionally encrypted to
ensure that no one other than yourself knows your PIN. No one at the credit union will have access to
your PIN, and resetting your number should either be an automated process in which only you can
see or hear your new PIN, or done in-person using a touchpad (that only you can see).
You can avoid PIN fraud by never sharing your PIN number with ANYONE and by not engaging calls to confirm or reset your PIN. If you are having issues with your card or if you suspect your PIN has been compromised, directly contact UFirst Credit Union.
ATM and Debit Card Fraud
ATM and debit card fraud, also called skimmer fraud, is when a device called a skimmer is installed onto a card swiping machine, usually an ATM, that modifies the machine in such a way that scammers are able to capture and use your card information. Using the card reader, the skimmer can lift the unique information embedded in your debit or credit card and use that information to access your money. Using this type of ATM fraud, perpetrators can print additional cards or use your account information to pay for online transactions.
Because skimming devices are not often readily visible, sabotaged ATMs might not appear different or suspect. When you’re swiping your card at an ATM or fuel pump, for example, be aware of what’s around you; if something appears questionable or tampered with, DO NOT use that machine. Inspect card readers before you insert your credit or debit cards. If you find unknown or unnecessary attachments or if you see scratches or adhesives on the machine, do not swipe your card.
If an ATM appears safe to use, you should still be cautious to protect your PIN and account information. Guard your data and don’t use an ATM if it appears to be stalked by a person behaving suspiciously. Always take and properly dispose of your ATM receipts, and monitor your accounts to be sure you are aware of all account activity.
Fraudulent Scam Websites
Fraudulent and scam websites, also called copycat websites are those that, although fraudulent, represent themselves as legitimate organizations or the web pages of legitimate organizations. Scam websites often mimic the colors, design, verbiage, and other identifying factors of a specific website (usually that of a credit union, bank or government web page) in order to establish trust and phish for information. Copycat websites can be well-disguised, but its URL will usually be a dead giveaway.
As scammers can record any information input into a fraudulent website, you should review URLs before entering sensitive information into any website. Never enter your information into a website that you do not trust or cannot verify.
If you’re unsure of the legitimacy of a website, check for the padlock symbol in the address bar. That symbol will only appear on secure websites where it’s safe to enter your information. You can also look for URLs that begin with https:// which also indicates greater security than sites that begin with just http://. You can also try re-entering the web address into the search bar to ensure the page is legitimately affiliated.
Advance Fee Loan Scams
An advance fee loan scam will ask for money up-front in order to assure loan approval. Scammers will attempt to convince you that you can get approved for a loan regardless of your credit history so long as you share your bank and social security information, or pay them via wire or check “to ensure the loan.”
A legitimate lender will never ask for payment for a loan up-front, and will never guarantee a loan or credit card before you apply. For financial fraud protection, never give your information to someone promising a loan over the phone or email. Remember, if something feels suspicious or too good to be true, it probably is.
Email Frauds and Scams
Email frauds and scams (also known as phishing) have become more known and therefore less effective, but there are still a huge number of fraud cases involving international email and phishing scams. If an unknown person, a prince or government official, for example, wants to send you his fortune and just needs your bank account information so he can transfer the money, don’t do it. Don’t let scammers trick or manipulate you online, and never share your bank details or personal information. If you receive an email from an unknown source that asks you to send money or passwords, delete it immediately.
Phishing is another type of email scam in which victims are targeted by a scammer posing as the representative of a legitimate institution. Scammers lie about their identity in order to lure personal information like Social Security Number, banking details, usernames or passwords. The phished information is then used to steal assets or even the victim’s identity. To avoid this crime, never share your personal details through email. Phishing results in identity theft and reversing the repercussions of identity theft are extremely difficult.
Sweetheart scams happen when a predator builds a personal and romantic relationship with a victim in order to gain control over money or accounts. The scammer will build trust with the victim, particularly with promises of true love or a new life. They manipulate a victim’s affections, and then, usually with seemingly innocent asks, the scammer will have a problem that requires the victim’s money. For example, a scammer may say that his mother has had a medical emergency or that he wants to come spend time with you but he’s hit a rough patch and can’t afford to travel.
Because scammers can be adept at emotional manipulation, sweetheart scams are hard identify. When building relationships, especially online, trust your instincts, watch for red flags and protect yourself. Don’t send money or account details to anyone online.
IRS Impersonation Scams
IRS impersonation scams are often perpetrated by persons impersonating tax collectors or IRS agents. If you receive urgent, aggressive or threatening calls or emails claiming you owe taxes or tax-related fines, DO NOT share your payment or bank information. Even if an “agent” demands payment or threatens consequences, never share personal data like your social security number, bank account number, usernames or passwords.
Here are some red flags to watch for if you suspect you are a victim of an IRS impersonation scam:
- seeing more than one tax return filed with your SSN
- owing additional taxes, receiving a tax refund offset, or having collection actions taken against you for previously unfiled tax returns
- IRS records showing income from an unknown source
- agents urging you to act quickly to avoid additional fines
Please remember that the IRS will NEVER call or email you asking for money or personal data. If you receive a fraudulent email, do not click links and delete the email immediately. If you feel you may be a victim of a tax scam, report it to the IRS.
Financial Fraud Against the Elderly
It’s important for the elderly in the community to know how they can practice identity theft and financial fraud protection, because it is often perpetrated by family members, close friends or caretakers. This type of scam involves illegal or inappropriate use of an elderly person’s assets, money, property or other resources and the abuse may involve manipulation, deception, coercion or forgery. Report perpetrators if you or your family members are being coerced into signing over assets, power of attorney, or are being stolen from.
Indicators of financial scams against the elderly include sudden loss of resources, sudden changes to assets, missing belongings, overly “generous” gifts or unexplained account activity.
If anyone you know is at risk or vulnerable to scam tactics, please share this information with them. Awareness is key to combating online fraud.
Free Trial Scams
Some companies, particularly those specializing in health or beauty products, offer “free trials” enabling curious consumers to sample their product before committing to it on a subscription basis. This can be great for business and good for you, but it also creates opportunity for unethical or fraudulent practices. Many consumers have reported giving credit card information to pay for shipping and later being charged in full or enrolled in a subscription service without consent.
The truth of any “free trial” situation usually lies in the fine print. Before you agree to a free trial or share your credit card information for a “free” service, read the terms and conditions carefully. There may be stipulations or obligations that you did not expect but, “technically,” have agreed to by performing the transaction.
To avoid free trial scams always understand the terms and conditions (even if you have to click a button to read them or request that a representative explain them to you). If a promotion seems dubious, research the company and it’s reviews online using engines like Google, Yelp or the Better Business Bureau.
Although a check represents money, checks are not money. Perpetrators of check fraud will present something that looks like a “good” check when, in reality, there is no actual money, account or account-holder authorization to support it.
Be skeptical if you receive a check you weren’t expecting, if someone
asks you for your information in order to deposit a check into your account, or if someone offers you
a check in exchange for cash, funds transfer or gift cards. Never share your account information and,
if you work with checks, allow time for funds to be cleared and verified before releasing money, goods
Protect Yourself from Online Fraud and Scams
UFirst will always protect your information. But here are some ways you can protect yourself by making sure you are not susceptible to online scammers. Take the following security measures, and you’ll be safer from online fraud.
- keep the software updated on your smartphone and computers
- enable firewalls and use an antivirus or antimalware on your computer
- avoid using free wifi networks
- be cautious about the sites you visit and links you follow online
- don’t respond to unknown emails or follow unknown links
- be aware of your privacy settings on social media and online accounts
- log out of apps and websites when you are done using them
- be cautious of what you share online, and never share your personal or banking information
- shred your sensitive documents
- create strong passwords and never leave your passwords or login where’re they’re accessible to others
- add a Trusted Contact to your UFirst accounts
Are you a Victim of Identity Theft or Financial Fraud?
If you feel you have been targeted or victimized, please contact us immediately. We take your security seriously, and we will work fast to ensure you and your assets stay safe.
If your checks, debit, or credit cards are lost or stolen, notify us immediately at 801-481-8800 and visit the nearest UFirst Credit Union branch to obtain a new account/card number. If theft is involved, please also notify the appropriate law enforcement.
If you have received suspicious emails, phone calls or text messages claiming to be associated with UFirst Credit Union, or if you feel in any way targeted or threatened, please contact us at 801-481-8800. If you have any questions regarding your security or how we keep your information protected, please call us or visit your local branch today.