Baltimore Credit Union Facebook Instagram Icon
HomeFraud Alerts

Fraud Alerts



Scams involving your Social Security number and benefits are on the rise - July 31, 2019

Have you received a call or voicemail from someone warning that your Social Security number or benefits are suspended due to suspicious activity? Scammers are hoping you'll be scared into believing their claims. They usually ask you to confirm your Social Security number and pay money to "reactivate" your number, protect it, or restore your benefits.   

Social Security scams are on the rise

Social Security scams now outnumber other types of scams, including Internal Revenue Service (IRS) scams, which were formerly the most common. Pretending to be a representative of the government is a common way for fraudsters to trick people into giving up their money or personal information. Knowing how to tell the difference between a scammer and a genuine call from the federal government is important.

Here are the facts:
  • The government will not threaten to take away benefits or ask for money or personal information to protect your Social Security card or benefits.
  • Scammers can fake your caller ID, so don't be fooled if the call seems to be from the Social Security Administration's (SSA's) real phone number or the SSA Inspector General's Fraud Hotline number. You can always call the Social Security Administration directly at (800) 772-1213 to find out if they are really trying to reach you.
  • If someone calls you asking for your Social Security number, bank account number, or credit card information, hang up.
Spread the word about Social Security scams and report them
  • Talk about it! You may have heard of IRS scams or other types of scams targeting government benefits, but Social Security scams haven't been as common until recently. Share the message with others to make them aware of this type of scam.
  • Report Social Security scams to the Federal Trade Commission at FTC.gov/complaint and to the SSA Office of Inspector General Fraud Hotline at (800) 269-0271 or oig.ssa.gov/report.

 

Mortgage Closing Scams: How to protect yourself and your closing funds - June 11, 2019

Closing on a new home can be one of your most memorable life moments. It’s the final and one of the most critical stages in the home-buying journey, but with the exchange of key paperwork and a sizable down payment, it can also be a stressful experience, especially for first-time homebuyers.  

The FBI has reported that scammers are increasingly taking advantage of homebuyers during the closing process. Through a sophisticated phishing scam, they attempt to divert your closing costs and down payment into a fraudulent account by confirming or suggesting last-minute changes to your wiring instructions. In fact, reports of these attempts have risen 1,100 percent between 2015 and 2017, and in 2017 alone, there was an estimated loss of nearly $1 billion in real estate transaction costs. 

While it’s easy to think you may not fall for this kind of scam, these schemes are complex and often appear as legitimate conversations with your real estate or settlement agent. The ultimate cost to victims could be the loss of their life savings. 

Here’s what you should know and how to avoid it happening to you.

How it works
Scammers are increasingly targeting real estate professionals, seeking to compromise their email in order to monitor email correspondences with clients and identify upcoming real estate transactions. During the closing process, scammers send spoofed emails to homebuyers – posing as the real estate agent, settlement agent, legal representative or another trusted individual – with false instructions for wiring closing funds.

How to avoid a mortgage phishing scam

  • Identify two trusted individuals to confirm the closing process and payment instructions. Ahead of your mortgage closing, discuss in person, or by phone, the closing process and money transfer protocols with these trusted individuals (realtor, settlement agent, etc.). Be cautious about exchanging any details about your closing over email. You may want to use this opportunity to also create a code phrase, known only by these trusted parties, if you need a secure way to confirm their identities in the future. 
  • Write down their names and contact information. 
  • Before wiring money, always confirm instructions with your trusted representatives. Never follow instructions contained in an email. Verify the closing instructions, including the account name and number, with your trusted representatives either in person or by using the phone number you previously agreed to.
  • Avoid using phone numbers or links in an email. Again, scammers can closely replicate the email address, phone number and format of an exchange from your agents. Avoid clicking on any links or downloading attachments without first confirming with your trusted representatives.
  • Do NOT email financial information. Email is never a secure way to send financial information. 
  • Be mindful of phone conversations. It may be difficult to identify whether a phone call is fraudulent or legitimate. Scammers may call and ask you to verify your personal or financial information. When in doubt, always refer back to your trusted professionals to confirm whether it’s legitimate. 

What to do if it happens to you

  • Contact your bank or wire-transfer company immediately. Ask for a wire recall. Reporting the error as soon as possible can increase the likelihood that you’ll be able to recover your money.
  • File a complaint with the FBI. Contact the FBI’s Internet Crime Complaint Center at www.ic3.gov.

While it can be easy to think you’ll never fall for a scam of this nature, the reality is that it’s becoming more and more common, and the results can be disastrous for eager homeowners. By being mindful and taking a few important steps ahead of your closing, you can protect yourself and your loved ones.

 

"Tech-Support" is a Top Fraud Issue Reported by Older Adults - March 13, 2019

Last week the U.S. Department of Justice (DOJ) announced the largest coordinated sweep of elder fraud cases in history.  More than two million Americans, largely seniors, were victimized by more than 260 defendants from around the globe in these cases.  Total alleged losses from the elder fraud financial schemes were over three fourths of one billion dollars.  This DOJ interactive map provides details on its cases.

An increasingly more common form of elder fraud is the technical-support (tech-support) scam.  This is where criminals trick victims into giving remote access to their computers while pretending to give technical support.  According to the Federal Trade Commission (FTC), older adults are the hardest hit by such scams.  The FTC’s Consumer Sentinel Network received nearly 143,000 reports with a loss of $55 million on tech support scams in 2018.  Consumers 60 and over filed more loss reports on tech-support scams from 2015 to 2018 than on any other type of fraud reported to the Consumer Sentinel Network. The median individual reported loss to tech-support scams was $400, however, people 60 and over reported a 25 percent higher median loss of $500. 

Tech-scam frauds are done in several ways:  the criminals make telephone calls and claim to be computer technicians associated with a well-known company or may use internet pop-up messages to warn about non-existent computer problems.  They might claim they have detected viruses or other malware on a victim’s computer.  They then pretend to be "tech support" and ask the victim to allow remote access to his or her computer.  Eventually, they diagnose a non-existent problem and ask for payment for unnecessary services.

The problem is that money isn’t the only thing people can lose with tech-support scams.  People hand over control when they give the scammers remote access to their computer.  Scammers can then steal sensitive information or install spyware to gather information.  People have even been persuaded to log into their bank accounts whereby the scammer can then move funds remotely.  The FTC has developed a resource webpage and infographic for consumers that explain how to spot, avoid, report and recover from such scams.

Although tech-support scams appear to be the au courant scam in defrauding older adults, other schemes to defraud the elderly are still very much in use.  Some examples include:

  • Sending supposedly personalized direct mass mailings on official-looking letterhead promising cash, valuable prizes or good fortune if the recipients sent back a payment for processing fees or taxes;
  • Operating a "Grandparent scam" or "relative in distress scam," convincing seniors that their grandchildren or relatives were in trouble in a foreign country and money was needed to resolve the problem;
  • Setting up websites for fictitious financial services companies offering to arrange loans to individuals with credit problems while them to provide bank information and pay an "insurance deposit";
  • Posing as agents of a U.S. government department or agency and telling victims they had won large monetary prizes in sweepstakes contests that required a sum of money in order to receive the prize; and,
  • Acting as a third party attorney, contacting businesses and elderly individuals in an attempt to collect a so-called outstanding debt by sending a counterfeit check to the victim for deposit and requesting the victim then wire funds to an account overseas in Asia.

The coordinated sweep also took action against the money mule network that facilitates foreign-based elder fraud.  According to the DOJ, the FBI and Postal Inspection Service took action against over 600 alleged money mules nationwide by conducting interviews, issuing warning letters and bringing civil and criminal cases. Secret Service agents assisted by seizing and forfeiting proceeds in transit from victims to the elder fraud perpetrators.

Reducing elder financial abuse has become a priority for federal agencies. Elder fraud complaints may be filed with the FTC at www.ftccomplaintassistant.gov  or at 877-FTC-HELP. The DOJ provides a variety of resources relating to elder fraud victimization through its Office of Victims of Crime.  And, here are some additional helpful resources on combatting elder financial exploitation:

Written by Shari R. Pogach, NAFCU Regulatory Paralegal

 

Possible ATM Skimming Device Incident - October 10, 2017

We have recently received notice of fraudulent ATM transactions on some of our members accounts.

Preliminary findings indicate that an ATM skimming device may have been placed on our Perry Hall ATM. If you used the Perry Hall ATM Machine within the last few weeks, please continue to monitor your account for unauthorized transactions.

A skimming device only captures the Debit/ATM card number and PIN. Please be reassured that other personal information was not compromised.

The Credit Union does have Fraud Protection in place for its members, however, the best way to prevent fraud is to actively check your accounts online and view recent member statements. If you see anything unusual, please call us immediately. Just a reminder, we also added Visa Purchase Alerts to our website.

As a precaution, if any member wants to close their Debit or ATM card, we are glad to accommodate. The Credit Union now offers "Instant Issue" for Debit Cards only, and for added security, the new cards must be picked up at one of our branches.

 

Equifax Data Breach September 11, 2017

Your Credit Union maintains the safety and security of its members' personal information as a top priority. In light of the recent Equifax data breach, protective measures you can take are provided here for consideration. Learn more >

 

Shopping Online?

Shopping Online or ordering from a TV commercial? Beware of those FREE Trial offers. By accepting, you may have signed up for automatic delivery whether you want it or not. Learn more >

 

Arby's Restaurant Fraud Alert- February 13, 2017

We have been notified by VISA of a data breach that occurred at Arby's fast food restaurant from October 2016 January 2017.

Members who used their credit or debit cards at Arby's during that time period are encouraged to be vigilant by monitoring their account(s) for unauthorized activity.

If you are concerned that your card is a part of that security breach, please call the VISA Department. We can block your card at your request. We also now offer Instant Issue debit cards that can be picked up at any of our branches within 1-2 business days.

We will be monitoring this situation and will update you with any new information as it become available.

 

Wendy's says malware affected over 1,000 locations July 12, 2016

Last week, Wendy's made a public disclosure that they were a victim of malicious cyber activity targeting customer payment card information. The breach is believed to have begun in late 2015.

Members who used their credit or debit cards at Wendy's are encouraged to be vigilant by monitoring their account(s) for unauthorized activity.

Wendy's has arranged to offer one year complimentary fraud consultation and identity restoration services to all customers who used a payment card at a potentially affected restaurant during the time when the restaurant may have been affected.

If you would like more information, call Wendy's toll-free number 1-866-779-0485 between 8:00am to 5:30 pm CST. You may also go to their website for the latest updates on this data compromise. https://www.wendys.com/en-us/about-wendys/the-wendys-company-updates

If any members wish to close they debit and/or credit card as a precaution, please contact Member Services at 410-828-4730.

 

NCUA warns of spoofing text messages March 26, 2015

The National Credit Union Administration is alerting consumers that texts they receive from an agency telephone line, 703-518-6301, asking for personal information are not coming from NCUA.

NCUA does not request personal or financial information from consumers. See NCUA's Privacy Policy for more information.

This attempted fraud scam is called "spoofing." The perpetrators are able to mimic a telephone number to generate text messages. The texts may warn of a debit card reaching its limit or use some other trick to persuade individuals to provide personal information or go to a malicious website. Consumers should not click on links in the message, provide information to any websites referenced in the message nor attempt to conduct any financial transactions through those websites.

More than 40 consumers around the country received text messages yesterday.

Consumers receiving these texts should contact NCUA's Consumer Assistance Center Hotline at 800-755-1030. NCUA also offers information about avoiding frauds and scams at MyCreditUnion.gov. Consumers who suspect they may have become victims of identity theft should immediately contact their financial institutions and, if necessary, close existing accounts and open new ones. When identity theft occurs, NCUA urges consumers also contact the three major credit bureaus Equifax (800-525-6285), Experian (888-397-3742) and TransUnion (800-680-7289) to request a fraud alert be placed on their credit reports.

 

National Credit Union Administration warns of scammers using similar website logo and design March 17, 2015

The National Credit Union Administration has received reports of an online phishing scam that uses a website with a logo and a design similar to the agency's own site in an attempt to convince unwary customers to provide information or send money.

Consumers have received emails from a National Credit Union website, which apparently originates in Australia and claims to offer services in the United States, Europe and the Commonwealth of Independent States. This website is not affiliated in any way with the National Credit Union Administration, a federal agency whose website is www.ncua.gov and the emails being sent to consumers are not from NCUA.

The emails attempt to persuade individuals to provide personal information, such as Social Security numbers, account numbers and login information, or transfer large amounts of money. Consumers should neither provide information to this website nor attempt to conduct any financial transactions through it. NCUA would not request personal or financial information in this manner. See NCUA's Privacy Policy for more information.

Consumers receiving such emails should call NCUA's Fraud Hotline toll-free at 800-827-9650 or 703-518-6550 in the Washington, D.C., area. Consumers should also contact the Internet Crime Complaint Center, a partnership between the FBI and the National White Collar Crime Center. NCUA also offers information about avoiding frauds and scams on its MyCreditUnion.gov website.

 

Home Depot Data Breach

Update 10/29/14

Credit Union members with VISA Debit or Credit Cards included in the recent data breach will be receiving personalized letters from the Credit Union in the coming days.

The letter explains that the Credit Union will: (1) continue to monitor the affected accounts for fraudulent activity and (2) issue new debit or credit cards with new card numbers to those members.

If you receive a letter, please note the specific instructions and dates for making a smooth transition from your current to your newly-issued card.

Your understanding is much appreciated as we work through this unfortunate situation.

Thank you.


Update 9/10/14

Last week, we reported the news concerning a possible data breach involving 2,200 Home Depot stores across the United States.

Home Depot officials have now confirmed that a data breach has taken place. For more information about this situation, visit www.homedepot.com.

We have not received information from VISA confirming whether any of our cardholder accounts have been affected. Once we receive specifics, those members will receive personalized letters clearly explaining our action plan to reduce their risk.

In the meantime, members that have used their VISA Debit Card or VISA Credit Card at Home Depot should monitor their account and contact the Credit Union if they notice any unusual activity. You may also make a request for us to issue you a new debit or credit card.

Please be assured, we will continue to monitor the situation and provide additional details as they become available.

Thank you.

Several members have reported receiving phishing phone calls.

Your Credit Union will never call, email or text you and ask for your account information. Please do not give these callers any account numbers, debit or credit card numbers, Social Security numbers or any of your personal and confidential information. Should you receive a suspicious call, please call Member Services to report them. You can also report phishing calls to the Federal Trade Commission at www.ftc.gov.

 

Latest Software Vulnerability - OpenSSL Heartbleed Bug - April 16, 2014

You may have heard the recent news reports about the OpenSSL Heartbleed bug. Some companies use a software program called OpenSSL to securely transmit data over the Internet by means of encryption.

Security researchers discovered that this program had a weakness that may allow attackers to decrypt login credentials.

Your Credit Union does not use OpenSSL on its servers or personal computers.

Our vendor partners are aware of this issue and have proactively taken steps to install software patches to fix the problem and eliminate the risk to members that use our on-line services. We have no evidence that this weakness has been exploited.

If we believe further communication is needed on this topic, we will provide an additional update on this page.

 

Target Data Breach Update January 13, 2014.

Because the security of our members' account information is our top priority, we have decided to issue new VISA Debit Card and VISA Platinum Credit Cards to those members whose card information was included in the Target Store Data Breach.

This reissue is only for cards that were used at Target stores during the time period of November 27 December 15, 2013. If your card information was included in the Target Store Data Breach, you will be receiving a special letter of notification from us and we will be mailing you a new card within the next few weeks.

In the meantime, you can continue to use your current card until you receive the new one unless suspicious activity necessitates deactivating the card sooner. We are sorry for any inconvenience but wanted to be proactive to help minimize any possible fraudulent activity.

For more information about the Target data breach.

 

Target Stores Fraud Alert –12/23/13

Target has information on their website to address concerns from customers who may have been affected by the data breach that occurred in their stores between November 27th and December 15th. Credit Union members who shopped at Target during that period of time should diligently monitor their accounts for any possible fraudulent activity. We have stepped up the monitoring of the activity associated with the data breach and will update you as needed about your debit or credit cards issued by the Credit Union. For more information about the Target data breach, please click here.

 

Global Payments Card Breach Could Increase Phishing – 4/5/2012

On the heels of the recent Global Payments breach, we are warning members of the potential for increased phishing attacks. These attacks could also target members who were not impacted by the recent card breach.

We are alerting members to be aware of any suspicious emails, text messages or phone calls requesting any personal or financial information. The next several days and weeks are critical.

The card information that may be requested includes: cardholder billing address; 3-digit CVV2/CVC2 code found on the back of the card; or enrollment criteria/passwords for Verified by VISA or MasterCard SecureCode. This card information was not part of the recent Global Payments breach. Criminals, however, may ask for this information to add to the other card data they may have obtained from the breach in order to perform illegal card transactions.

If a member receives a suspicious email, text or phone call, please contact the Credit Union immediately. Being aware of a potential phishing scheme may help curb the chances for ID Theft that may result from the recent Global Payments card breach.

Note: Your Credit Union will NEVER call you to ask for personal or confidential account information.

 

Be Vigilant for Fraud this Holiday Season – 11/30/2011

With the holiday season upon us, be on guard for scams. Especially when shopping on the internet, you are even more prone to being a target.

Remember that legitimate financial organizations, such as your Credit Union, never request personal financial information through an email and never include attachments in emails. Should you receive unusual emails like this, you are best to delete them.

Also, be careful should you receive an email from your "system administrator" asking you to perform maintenance on your account. This is a widespread phishing scam that many banking customers have fallen victim to.

Even emails that appear to be from friends should be opened with caution. e-Card scams are widespread including those adorable animated holiday e-Cards that have been known to redirect viewers to a site with malware.

Needless to say, emails from desperate, wealthy people in foreign countries who need help securing their funds into a U.S. bank can be deleted guilt-free!

 

Telephone Scam Alert – 10/24/2011

Members of Credit Unions as well as banking customers have reported receving calls from 1-718-683-3104 stating that there has been fraud on their VISA debit card. The caller then asks for the card and PIN so that the client can be identified. The 718 phone number comes back to the sales office of the Laditude Condos in Riverside, New York. A google search shows multiple reports of that telephone number being used in similar scams. No one from the Credit Union will ever call you and ask for your card and PIN number. Please be aware.

 

Bogus Text Messaging – 7/22/2011

In the last few days, credit unions from around the country have reported their members are receiving bogus text message (smishing) alerts. The text message indicates it is from Credit Union Services and advises the member to call the number provided in the text message to have their card reactivated.

This is a scam as no credit union would ever ask a member for this type of information using text messaging. Credit Unions have reported multiple phone numbers provided in text messages sent to credit union members to call to have their card reactivated.

Because of the increase in both smishing (text message phishing) and vishing (phone call phishing) attempts directed towards members asking for personal or financial information, we are alerting members to never respond to this type of request.

In fact, never respond to any type of request for personal or financial information being requested by text, phone or email.

If you are able...capture the telephone number used by the fraudster, report the number to the Federal Trade Commission at spam@uce.gov

Phone Scam – 2/17/2009

Diligent members and non-members have informed us of a "vishing" scam which uses telephone recordings to lure unsuspecting consumers into disclosing their personal account information.

Random calls are being made to members and non-members telling them their credit or debit card account has been compromised and that they will need to provide their account number and PIN verification.

YOUR CREDIT UNION WILL NEVER CALL OR EMAIL YOU ASKING FOR YOUR ACCOUNT INFORMATION.

Other credit unions are experiencing similar scenarios. Findings suggest that fraudsters do not know if the household is actually a Credit Union member. They count on the volume of false calls to produce their desired results. Unfortunately, this is a widespread problem affecting financial institutions around the country.

If you inadvertently respond to one of these calls and provide your confidential information, please notify us immediately.

Security Breach at Heartland Payment Systems – 2/17/2009

The Baltimore County Employees Federal Credit Union has learned that there was a security breach at Heartland Payment Systems, a card processor for retail merchants based in Princeton, New Jersey.

Information that may have been compromised includes debit and credit card numbers, cardholder names, and card expiration dates. According to a press release issued by Heartland, no personal information such as addresses, phone numbers, PINs, or social security numbers was exposed.

These types of breaches sometimes occur through no fault or involvement of your Credit Union. Please be assured that we have sophisticated plastic card monitoring programs in place and have increased the monitoring of all accounts. Your Credit Union receives alerts of unusual account activity and potential fraud on a daily basis, and will contact you directly should this occur.

For this reason, the Credit Union does not intend to cancel or reissue any member cards at this time. We encourage you to review your statements and if you notice any discrepancies or suspicious activity, please contact our VISA Department at 410-828-4730 or 1-800-234-4730, option 3.

VISA Security Alert Criminal seeking account information are at it again!

New techniques are being applied to previously used schemes. In a new twist on traditional forms of "phishing," criminals are now targeting your C V V 2 information.

C V V 2 (Card Verification Value) is a three-digit code on the back of your card used during telephone or internet-based transactions. C V V 2 was implemented by credit card companies as a way to authenticate the actual card with the cardholder and reduce fraud.

In these new schemes, criminals posing as representatives of credit card companies communicate to you with urgency about a possible fraud scenario involving your card. During this process, you are then duped into revealing your C V V 2 number.

Your Credit Union will never ask you to reveal your C V V 2, PIN, or any other number because we have your account information on file.

Your Credit Union will never send you an email telling you our website is down and suggest that you access your account from an alternate website provided through a "convenient" link. These are examples of outright scams.

Today's technology offers great convenience for members in handling their finances. It also offers criminals countless ways to creatively scam unwary consumers.

"PHISHING" is just like fishing.

An alarming trend in internet piracy is called "phishing" (pronounced fishing)... which is exactly what the thieves are doing–fishing for your personal financial information.

"Phishing" thieves are desperately in search of account numbers, passwords, Social Security numbers, and other confidential information that they can use to loot your checking account or run up your credit card bills. If these individuals are successful, you could find yourself a victim of identity theft. With your identity, a thief has the ability to take out loans, obtain credit cards, and even acquire a driver's license in your name. This can result in serious damage to your financial history, cost thousands of dollars to repair, and can take years to correct.

There are many ways in which a thief may try to "phish" out your personal information. One common avenue is by email. Typically you receive an email that appears to come from a reputable company, a government agency, or even the Credit Union. It may warn of a serious problem that requires your immediate attention. Often, by following their instructions, you are redirected to a phony web site that looks exactly like the real thing. The unsuspecting person, desiring to remedy the problem with their account will start to provide their personal information. Now, the internet thieves have pertinent information about you to continue their scam on your personal finances.

Remember these helpful hints:

  1. Never provide your personal information in response to an unsolicited request.
  2. If you believe an email could be legitimate and have concern about an account problem they have brought to your attention, contact the financial institution or agency yourself.
  3. Never provide your password over the phone or to an unsolicited email request.
  4. Review your account statements regularly to ensure the accuracy of all charges, transactions, and balances.

Report all suspicious email contacts to the Federal Trade Commission through the internet at www.consumer.gov/idtheft or by calling 1-877-IDTHEFT.

 

We have been alerted to an Internet scam targeting credit union members.

The e-mail message fraudulently shows that it is from the National Credit Union Administration (NCUA). It is addressed to credit union members advertising that they have been selected to take part in a quick and easy 5-question survey and that their responses will enable the credit union to provide improved and expanded online services.

The members are advised that their replies will be kept confidential and that in return for responding to the survey questions, $50.00 will be credited to the member's credit union account.

To receive the $50.00 award, the member is asked to provide their account number and PIN so that the $50.00 may be credited to the member's account.

The message is a scam. It is not from the NCUA. It is an attempt to obtain enough personal information relating to the member's credit union account to enable the swindlers to steal money from the account.

We have been told that the NCUA is in the process of having this phony website closed down. However, until it is closed, please be aware that it is a scam and should not be responded to by any recipient.

Back to Top

Close

E-NEWSLETTER MODAL WINDOW

E-NEWSLETTER SIGN UP
Keep informed on promotions, new services and events.

Error! Please try again later.
You are already signed up.
Submit E-newsletter Signup
Note: At any time you can easily unsubscribe from this service
STAY CONNECTED
Thank you for signing up!
Please look for a confirmation email.