When shopping online and clicking to purchase, a "card declined" message could be received. Users may attempt to try a different, or several different cards and receive the same message. Unfortunately, then the user has entered all their information multiple times to a fake site. Upon calling the financial institution, users discover the card was never declined, however the card has been used for other purchases via fraud. Several tips to protect yourself include:
Make sure that the URL for the website begins with an https . Be wary of fake links that point to fake, look-alike websites. Here are two red flags to watch for when you're online shopping: If the website requires you to purchase "now" or "immediately" to get a deal; if the website requires you to use only a specific payment app, like Zelle. Before you make a purchase, check with your bank or credit card carrier about what protections they offer you. For example, do they offer you protections when you're purchasing from abroad? What if the purchase is over a certain amount - will you be notified? If you believe your payment information has already been compromised, you should immediately call your bank or credit card carrier and put a stop on that purchase, card and or account. Holiday Gift Card Scams Police are warning about a new gift card scam going around this holiday season. Scammers are taking cards from the store without paying for them and without loading funds onto them. They take the gift card home, and carefully remove the card from its packaging, cut off the top of the card, remove the inner barcode and return the card to the store. Shoppers then buy the gift card, get money loaded onto it and head home unaware. By the time the card is opened or gift has been given, the card is useless because the money ended up in the hands of the scammer. To avoid becoming a victim of this crime, officers suggest every shopper remove the gift card envelopes at check out to make sure they have not been cut or otherwise tampered with.
More information on this scam can be found here .
E-Mail Scams Fraudulent emails known as phishing scams pose as your financial institution or other trusted business to try to obtain your personal and financial information online or by telephone.
Phishing scams often work to mimic the original site. It is important to verify the source of all emails and any included links. Do not input any personal information without verifying the destination. OMSEFCU will not ask you for any personal information via email.
Avoid responding and unsubscribing from a scam email. By doing so, you put your information at risk. Any reply shows a scammer that your email address is in service, which can result in repeated emails. Your email address could also be used to access other people or accounts.
Credential Stuffing Credential Stuffing is a type of cyberattack where stolen account usernames, passwords, email addresses, etc. are pushed, or "stuffed," into a website or web application in large volumes to attempt to gain unauthorized access to user accounts. This attempt can often be defeated by using a unique username and password for each website or application.
Text Message Scams Text message scams, or "smishing," is when a scam artist poses as a financial institution, government agency, or business stating that the recipient's account has been closed or locked out, and to have it reinstated or unlocked they must provide their personal or financial information. This type of message is fraudulent.
Avoid responding “STOP” to a scam text and unsubscribing. By doing so, you put your information at risk. Any reply shows a scammer that your number is in service, which can result in repeated texts. Your number could also be used to access other people or accounts.
Romance Scams Scammers will set up phony profiles on social media, or dating websites often with fake photographs and identities, and develop online friendships with other users. Once the scammers have gained the trust of their new online friend, they will request money for a variety of seemingly urgent situations. In 2020, Americans lost a record total of $4.2 billion to romance scams--taking more money from the average victim than any other scam. To protect yourself, don't send money to people you don't know, or only know from the internet. Never give out your personal information including phone numbers, addresses, social security numbers, passwords, PIN numbers, etc. Report the scammer to the FTC, FBI or the platform from which you met. Finally, think before you click on any links they may send you. You can spot a romance scam in several ways:
They fall in love with you too quickly. The scammers try to make each interaction as romantic as possible so the victims of these scams never suspect that they're being scammed.They won't video call. Scammers will always have an excuse for why they can't get on a video call, which means you're not truly able to verify they are who they say they are!Their voice doesn't match their pictures. Because scammers are usually from foreign countries, many victims recall their voices being different than they expected upon calling their internet love interest for the first time. ATM Scams Equipment like hidden cameras, card scanners and skimmers can be illegally added to ATMs. These devices allow a thief to video record your PIN and scan your card number. The false scanner may also be set up to "capture" your card so that it is not returned. Once you have left the ATM, the thief returns and collects your card.
Impersonation Scams These scams are initiated when you are contacted by someone claiming to be from your financial institution. The scammer claims there has been some fraudulent activity on your account. You are then asked to transfer money from your account or send a payment somewhere else. When in doubt, end all communication with the scammer and call the number listed on the back of your debit or credit card, or your financial institution directly.
The fraud is executed by fraudsters phishing, spoofing, and using social engineering against accountholders via phone calls, text messages, emails, or chat and pretending to be from the financial institution’s fraud team. The fraudster requests the accountholder provide them with multiple authentication information such as online banking username and password, PIN, security codes, 6-digit code, and/or account number in attempt to drain the accountholder of their funds. They may also ask the accountholder to verify information such as card number, PIN and CVV/CVC, providing everything they need to counterfeit a card. Accountholders continue to be fooled into thinking they are connected to the institution’s fraud team wanting to help them. The accountholder can be manipulated by the fraudster into performing the transaction and sending the funds to the fraudster. The fraudster may also contact your financial institution or your third-party vendors call center to place a travel alert for debit or credit card transactions so the fraud can be permitted in other states or countries.
An OMSEFCU employee will NEVER ask you for your LOGIN credentials.
Utility Scams Scammers pretend to be your utility company, claiming your account has been compromised, and threaten to shut off your services unless you pay immediately. Utility companies will never request a payment via Zelle or any other peer-to-peer systems. Zelle is intended to send money to friends, family and others you trust.
Business Email Compromise Scams In this scam, you receive an email from a vendor requesting you to send money to a different account. The email looks genuine, but it could be from a fraudster who got access to your vendor's network. Always check the email address from where the email was sent. In addition, check for typos and misspellings that are usually prevalent in these fraudulent emails.
Fake Website Scams You're searching for your financial institution's website on a search engine to sign in to your account, but end up on a fake website. When you sign in to a fake website, scammers will steal your username and password. Always use OMSEFCU.org, omsefcuonline.org or our Mobile App to sign in to your account.
ATM Utilization Security Precautions should always be taken when utilizing an ATM:
Memorize your Personal Identification Number (PIN). Do not write it down or keep it in your wallet or purse. Do not tell anyone else your PIN (including financial institution employees, the police, etc.) Shield the ATM keypad from anyone who may be standing or parked nearby, anyone crowding you, or from potential hidden cameras that have been attached to the machine by a criminal, in an attempt to view your PIN and/or transaction. You can always "cup" your hand over the keypad or use your body as a shield if necessary while you enter your access code Make sure you retain your transaction receipt. Do not throw the receipt away at the ATM site. A card skimmer is an illegal device that criminals attach to card readers at Automated Teller Machines, (ATM), Point-of-Sale (POS) terminals, or at gas pumps. Visually and physically inspect ATMs and POS machines before swiping or inserting your card. Does it wiggle or seem loose? If so, do not swipe or insert your card, notify the business and local law enforcement. Jugging This is a popular form of robbery committed by criminals who will watch and follow a victim to their next location as they leave from a bank or ATM machine, check cashing location, or other location after having withdrawn or received money. Once there, the suspect threatens or assaults the victim then demands or takes the victim's money.
Pig Butchering A recent cryptocurrency scam has highlighted a need for fraud awareness. The new scam - called “pig butchering” - includes a sophisticated new twist that combines a romance scam with an investment spin. According to the Federal Bureau of Investigation (FBI), the term “pig butchering” refers to a time-tested, heavily scripted, and contact intensive process to fatten up the prey before slaughter.
Pig butchering scams originated in Southeast Asia and are spreading globally. This scam is predominately executed by a ring of cryptocurrency scammers who mine dating apps and social media sites in search of victims. It involves a con artist creating a fake profile used to reach out to potential victims often through social media, WhatsApp, Tinder or other dating sites, and even random texts, masquerading as an incorrect number or an old acquaintance. The goal is to initiate a cordial discussion with the victim, attempting to be their “new friend” or “lover”.
The new friend creates reasons to continue a conversation, which leads to multiple calls. They slowly develop a relationship so they can insert themselves into their victim’s daily life. While building trust with the victim, they slowly introduce the idea of making a business investment using cryptocurrency. The new friend employs persuasion rather than requesting money outright because they are aware that individuals are savvy and know that being asked for money by a stranger is a sign of a scam. The victim is gradually drawn into what appears to be benign talk about cryptocurrency investments and earnings, but they are really being manipulated to make an investment.
Gift Cards Government authorities do not accept gift cards as payments. Always be cautious if you are asked to purchase gift cards under the guise of payment for back taxes, services, or to help a loved one in trouble.
QR Codes Always be cautious when scanning a QR code. Only scan QR codes supplied by reputable sources. Use your phone’s camera when scanning QR codes instead of downloading a QR reader app, which can have ads that lead to phishing websites. Avoid downloading and using unfamiliar apps.
Online Purchase Scams Social media ads with eye-catching sales are being created that impersonate a reputable store. The ad’s link will take you to a website that appears legitimate, but will potentially steal your information. You could also end up paying for an item that you'll never receive.
Investment Scams Scammers might contact you, promising a guaranteed, risk-free way to turn your investment into significant financial gains. These schemes often use financial apps or websites that seem legitimate. However, once you've committed your funds to the "investment," it often proves to be fake, allowing the scammer to escape with your money. Be cautious of offers requiring payment types that are less secure, like cryptocurrency. Be sure to research the investment company and/or the platform before committing any of your funds, and never send money to someone you haven’t met in person.
Parking Meter Scams Recently fraudulent QR codes have been found affixed to some Southern California parking meters. The fake code directed motorists to a "paybyphone'' website that prompted them to input their location and payment information. Be careful which QR codes you scan and make sure to check the website link you're directed to before inputting personal information. File a police report if you think you've been defrauded.
FasTrack Scams Some FasTrack customers have received texts notifying them of amounts due and providing a link to one of several websites where they can pay. The websites provided are fraudulent and are not related to FasTrak, so please do not use them to pay tolls. FasTrak does not request payment by text with a link to a website and advises all customers to make payments directly on their website or by calling their customer service number.
If you have any questions or need further assistance, please call us at (909) 983-1959 or send us a message.
Contact Us
