See threats coming and avoid them.
Technology makes everyone's life easier. Unfortunately, it also gives people with bad intentions more opportunities to try to steal your money and harm your credit. At Advantage One, we're committed to doing everything possible to protect your financial and personal data. But it's just as important that you take steps to protect yourself.
In 2014, Russian hackers stole nearly 1.2 billion passwords from more than 420,000 websites. Though there had been a lot of talk about password security before that time, the incident drove home the point that everyone needs to be extra careful in creating their passwords and keeping them private. If you haven't done so recently, it might be time to change your passwords.
- Use a separate password for each website; never use the same password for multiple sites.
- Minimally, use a 6- to 8-character password that contains uppercase and lowercase letters, numbers and symbols. Short phrases are even more secure.
- Change your passwords about every three months.
- Make sure your computer is running anti-virus software.
- Set up multi-step logins when possible.
Phishing is a type of Internet piracy where thieves try to obtain your personal financial information to make purchases or obtain credit. Since financial institutions are a leading target of phishing scams, we want to make sure you don't get caught.
Typically, a phishing scam uses email, with the messages often claiming to be from a business that you normally deal with. Please be aware that Advantage One will never solicit you by email, telephone, or mail for a username, password, Social Security number, credit card number, or any other type of personal information. Disregard any such requests and delete any type of suspicious email. If you receive a questionable email, phone call, or mailing that appears to be from Advantage One, please do not hesitate to contact us at 734-676-7000 or at firstname.lastname@example.org
Tips to Keep You from Getting Caught by Phishers:
- Be suspicious of any email with urgent requests for personal financial information. Phishers typically: include upsetting or exciting (but false) statements in their emails to get people to react immediately; and ask for confidential information such as user names, passwords, credit card numbers, social security numbers, account numbers, etc.
- Don't use the links in an email to get to any web page if you suspect the message might not be authentic. Instead, call the company on the telephone, or log onto the website directly by typing the web address in your browser.
- Avoid filling out forms in email messages that ask for personal financial information. You should only communicate information such as credit card numbers or account information via a secure website or the telephone.
- Always ensure that you're using a secure web site when submitting credit card or other sensitive information via your web browser. To make sure you're on a secure web server, check the beginning of the web address in your browsers address bar - it should be "https://" rather than just "http://".
- Consider installing a web browser tool bar to help protect you from known phishing fraud websites. Ensure that your browser is up to date and security patches are applied.
- Regularly check your online accounts and statements. Don't wait for as long as a month before you check each account. If you spot anything suspicious, contact your financial institution(s) and card issuers.
- Always report "phishing" or “spoofed” e-mails to the following groups: Anti-Phishing Working Group and the Federal Trade Commission.
- When reporting spoofed messages, always include the entire original email with its original header information intact; and notify the Internet Fraud Complaint Center of the FBI by filing a complaint on their website.
- Some members have reported receiving phone calls from an automated system that requests them to verify their Advantage One account information. Do not give any account information; this call is not from your credit union. We urge you to never verify or release personal financial information to unknown callers.
- Some members are receiving the following text message from an unknown phone number:
"CO-OP Services CU Alert: Your CARD has been DEACTIVATED. Please contact us at 734-736-4010 to REACTIVATE your card." If you receive this text, do not respond.
- We have also received notice that some of our members are getting text messages from Community Driven Union requesting account numbers and personal information. These messages appear to be from Community Driven Union, but have actually been sent by a fraudulent third party in an attempt to trick members.
- Some members have also reported getting phone calls that are supposedly from Downriver Federal Credit Union stating that their debit card has been deactivated. The caller asks to confirm your account information or asks that you call a number to verify your account information. Do not call the number given. If you have an account at Downriver Federal CU, call them directly using the numbers published in the phone book or on their website to confirm your account or card status. Do not reply or contact any numbers given in the message.
- The National Credit Union Administration has warned consumers to beware of a telephone fraud, known as a “vishing” scheme, that uses the agency’s name in an attempt to obtain personal financial information. Several credit union members have been contacted by an automated phone call claiming to be from NCUA and notifying consumers their debit cards have been compromised. The call then asks the receiver to follow prompts, which request personal information, including sensitive financial data and personal identification information.
A number of credit unions have reported that their members are being recruited as money mules by fraudsters. Money mules unknowingly assist fraudsters in laundering stolen funds. The source of the stolen funds received by the money mules is often from account takeovers at other financial institutions through online banking systems.
Money mules are recruited using a wide variety of offers including taking work-from-home jobs as payment processors or overseas representatives, being employed to help foreign companies buy heavy equipment and even through dating sites to help reunite separated overseas loves. The variety of stories that fraudsters will concoct knows no bounds, so it’s important that members are on guard against bogus offers.
The common thread between the "jobs" that fraudsters set up is always that the mule is required to funnel the company’s funds through an account they already own, or set up at the fraudsters request. This helps insulate the fraudsters from the appearance of the illegal activity and puts the blame and risk on you, the unknowing mule. Another similarity between the scams is that the funds are almost always eventually wired to another institution, or sent via Western Union to another individual.
- Thoroughly research any prospective employer.
- Be extremely wary of any employer that demands that you conceal or hide your new job.
- Avoid any offer that requires use of your personal account or requires opening up an account on behalf of an employer.
- Avoid offers that require you to wire or otherwise transfer money through your account to other accounts or individuals.