Online Safety

Protect yourself from clever Internet and other scams. While this is far from a complete list, below are a few of the more common scams that you might come across.

Smishing

A SMiShing* scam targeting credit union members tell recipients their credit or debit card has been locked or deactivated and instructs them to call a phone number. The text message falsely claims to be from a credit union. All of the text messages include the first four digits of the named credit union’s debit card BIN, and a phone number to call.

If you receive such a message, do not call the number or reply to the text. Never give out your personal information in response to an e-mail or text. If issues ever arise relating to your debit or credit card — or if you have concerns about your card status — call only the number(s) listed on the back of your card.

*What is SMiShing? (from Wikipedia.com)

In computing, Smishing is a form of criminal activity using social engineering techniques similar to phishing. The name is derived from "SMs phISHING". SMS (Short Message Service) is the technology used for text messages on cell phones.

Similar to phishing, smishing uses cell phone text messages to deliver the "bait" to get you to divulge your personal information. The "hook" (the method used to actually "capture" your information) in the text message may be a web site URL, however it has become more common to see a phone number that connects to an automated voice response system.

The smishing message usually contains something that wants your "immediate attention", some examples include "We’re confirming you've signed up for our dating service. You will be charged $2/day unless you cancel your order on this URL: www.?????.com."; "(Name of popular online bank) is confirming that you have purchased a $1500 computer from (name of popular computer company). Visit www.?????.com if you did not make this online purchase"; and "(Name of a financial institution): Your account has been suspended. Call ###.###.#### immediately to reactivate". The "hook" will be a legitimate looking web site that asks you to "confirm" (enter) your personal financial information, such as your credit/debit card number, CVV code (on the back of your credit card), your ATM card PIN, SSN, email address, and other personal information. If the "hook" is a phone number, it normally directs to a legitimate sounding automated voice response system, similar to the voice response systems used by many financial institutions, which will ask for the same personal information.

This is an example of a (complete) smishing message in current circulation: "Notice - this is an automated message from (a local credit union), your ATM card has been suspended. To reactivate call urgent at 866-###-####."

In many cases, the smishing message will show that it came from "5000" instead of displaying an actual phone number. This usually indicates the SMS message was sent via email to the cell phone, and not sent from another cell phone.

This information is then used to create duplicate credit/debit/ATM cards. There are documented cases where information entered on a fraudulent web site (used in a phishing, smishing, or vishing attack) was used to create a credit or debit card that was used halfway around the world, within 30 minutes.

On March 9th, 2012 Walmart issued a Fraud Alert regarding a large number of scam texts offering a $1000 gift card as their bait.

If you receive a message similar to one of these, it is NOT from HealthShare Credit Union or any other financial institution - it is a scam and please DELETE the text message.

The credit union (or your current financial institution) will NEVER call, text, email or correspond to you and ask you for your personal information - we already have it. Do not fall victim to these types of scams.

If you have any questions, please call the credit union at 336-832-8119 or contact your financial institution directly.

Phishing

Tips on how to avoid the Internet scam known as phishing.

• If you receive an unexpected e-mail saying your account will be shut down unless you confirm your billing information, do not reply or click any links in the e-mail body.

• Before submitting financial information through a Web site, look for the "lock" icon on the browser's status bar. It means your information is secure during transmission.

• If you are uncertain about the information, contact the company through an address or telephone number you know to be genuine.

• If you unknowingly supplied personal or financial information, contact your bank and credit card company immediately.

• Suspicious e-mail can be forwarded to uce@ftc.gov, and complaints should be filed with the state attorney general's office or through the FTC at www.ftc.gov.

Identity Theft

Identity theft occurs when someone uses your personally identifying information, like your name, Social Security number, or credit card number, without your permission, to commit fraud or other crimes.

The FTC estimates that as many as 9 million Americans have their identities stolen each year. In fact, you or someone you know may have experienced some form of identity theft.

Deter identity thieves by safeguarding your information.

• Shred documents with personal information before discarding

• Don’t give out your Social Security number or other personal information unless you know who you’re dealing with

Detect suspicious activity by routinely monitoring your financial accounts and billing statements.

• Inspect your credit reports, financial statements and bills regularly for activity you did not authorize or expect

Defend against ID theft as soon as you suspect it.

• Place a “Fraud Alert” on your credit reports
• Close the affected accounts
• File a police report
• Report ID theft to the FTC

For more information, visit ftc.gov/idtheft