Shield Yourself from COVID-19 Fraud

Fraudsters are leveraging fears over the coronavirus as an opportunity to scam financial institutions and consumers. Credit unions are taking steps to warn and protect their members.

In response to these fraudsters’ attempts, WHO and CDC have issued alert warnings to consumers to be on the lookout for individuals posing as the organizations.

Opportunistic hackers are employing other tactics to take advantage of consumers.

One of the phony maps fraudsters use is Corona-Virus-Map.com, according to PaymentSource. This website claims to provide an up-to-date coronavirus map similar to another map from Johns Hopkins University.

The malicious website produces a map that nearly matches the university’s graphics. The fraudulent map contains software that steals usernames, passwords, credit card numbers, and other data stored in the user’s browser.

The Corona-Virus-Map.com Trojan is distributed through infected email attachments, malicious online ads, social engineering, and software vulnerabilities, according to PCRisk.com.

Fraudsters also target consumers through a more common tactic: phishing email attacks.

Phishing emails will use the virus as a lure in the subject line. The email’s text may contain false news about the COVID-19.

Some emails claim to be from CDC or WHO, and others offer a link to coronavirus map of the recipient’s neighborhood, or an update on how many people have been infected.

The emails attempt to trick users into entering personal information or clicking on a link that will download malware on user’s computer.

Identity Theft Prevention Tips

We recommend that you remain vigilant for incidents of fraud and identity theft by reviewing account statements and monitoring your credit reports. You may obtain a free copy of your credit report from each company listed below once every 12 months by requesting your report online at www.annualcreditreport.com, calling toll-free 1-877-322-8228, or mailing an Annual Credit Report Request Form (available at www.annualcreditreport.com) to: Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA, 30348-5281. You may also purchase a copy of your credit report by contacting any of the credit reporting agencies below:

Equifax
PO Box 740241
Atlanta, GA 30374
www.equifax.com
888-766-0008

Experian
PO Box 9554
Allen, TX 75013
www.experian.com
888-397-3742

TransUnion
PO Box 2000
Chester, PA 19016
www.transunion.com
800-680-7289

If you believe you are the victim of identity theft, you should contact the proper law enforcement authorities, including local law enforcement, and you should consider contacting your state attorney general and/or the Federal Trade Commission (“FTC”). You also may contact the FTC to obtain additional information about avoiding identity theft.

Federal Trade Commission, Consumer Response Center
600 Pennsylvania Avenue NW, Washington, DC 20580; 1-877-IDTHEFT (438-4338)
www.ftc.gov/idtheft

Tips for Protecting your Information

We would like to remind you of the value of taking good security precautions. It is a good idea to develop strong and secure online passwords and to change them frequently. Below are a few tips for good password practices.

• Include numbers, symbols and letters.
• Use a combination of capital and lowercase letters.
• Do not use the same password across multiple sites.
• Do not store important passwords, such as your home banking password, in your email account.
• Monitor your accounts regularly for suspicious activity.

Report Suspicious E-mails

Internet scams are nothing new, and as more of us conduct our business online, we’re also becoming more business savvy in spotting suspicious e-mails. Unfortunately, the Internet scammers are becoming more sophisticated in their tactics, for example, creating fake websites which appear to be legitimate, but are actually designed to lure unsuspecting users into providing confidential information.

How the “PHISHERS” Lure You

Phishing (pronounced “Fishing”) is an online fraud technique used by criminals to entice you into to disclosing your personal information. One of the most common – and successful – techniques is to send you fake messages that mimic valid messages or websites from a company you trust, such as your financial institution, a credit card company, government agency, or online shopping site. The logos and the links all look correct.

Asking For Personal Information

Usually, the messages open by reporting a problem with your account, and will ask you to verify the following information:

• Name and online user name
• Address and phone number
• Social Security Number
• Account password or PIN
• Account number
• ATM/debit or credit card number
• Credit card validation code, (CVC). This is the code credit card companies use to authorize credit charges. American Express uses a 4-digit CVC number which appears on the front of your card, while Visa, MasterCard and Discover all use a three-digit number that is on the back.

Providing any of this information is the online equivalent of giving criminals the keys to your house. They can empty your financial accounts, run up charges on your credit cards or open fraudulent credit card accounts in your name. And it can take years to repair the damage to your financial integrity.

Suspicion = Protection

Be suspicious of e-mails that ask for personal information, and be alert to other common scams such as foreign lotteries, requests to transfer funds from overseas bank accounts and work-from-home opportunities.

• Delete any e-mail you don’t trust – even opening a “phishing” e-mail can plant a virus or spyware on your PC.
• Never send confidential information by e-mail. If you think you have been scammed and your confidential information compromised, contact your credit card companies and financial institutions immediately. Report it to the Federal Trade Commission . And contact all three credit reporting bureaus to have alerts placed on your credit reports.

• Equifax: equifax.com | 888.766.0008
• Experian: experian.com | 888.397.3742
• TransUnion: transunion.com | 888.909.8872

Remember, neither Motion nor any legitimate business will ever send you an e-mail asking for personal information. If you receive an e-mail that you’re suspicious of, don’t respond to it.

10 Ways to Protect Against Debit Card Fraud

1. Update your contact information with your financial institution. Your Credit Union can’t ask you about a suspicious charge unless it has your current phone number.

2. Copy the customer service phone number from the back of each of your debit or credit cards and keep this list in a separate location from your purse or wallet in case a thief steals the latter.

3. Let your financial institution and card issuers know your travel dates and destination. If your card gets swiped at an unusual location, the card issuer may decline the suspicious transaction.

4. Look out for ATMs that appear to be dirty or in disrepair. A fake machine may be set up to capture your card information.

5. Do not use ATMs with unusual signage, such as a command to enter your PIN twice to complete a transaction.

6. Watch out for ATMs that appear to have been altered. If anything on the front of the machine looks crooked, loose or damaged, it could be a sign that someone attached a skimming device.

7. Avoid using the ATM if suspicious individuals are standing nearby. Criminals may try to distract you as you use the machine to steal your cash, or watch as you type in your PIN.

8. Be aware that if your card gets stuck in the machine and someone approaches to help, it may be a scam. A criminal may be trying to watch as you enter your PIN code.

9. If your card gets stuck in the machine, call your financial institution promptly to report the incident.

10. As you key in your PIN, cover the keypad with your other hand to block anyone, or a camera, from viewing the numbers you type.

Important Note: Remember to check your balance on a regular basis. Federal law doesn’t protect debit cards to the same degree as credit cards when it comes to fraud. If you notify the bank within two days of discovering the card was lost or stolen, your loss is limited to $50. After two days, this amount jumps to $500, and after 60 days of receiving the statement with the fraudulent charges, your loss may be unlimited.

You can download a PDF of these 10 tips here.