As your credit union and trusted financial partner, we felt it necessary to better educate our members on fraud. With the increased use of debit and credit cards to conveniently make purchases in stores and online, it unfortunately does come with some risk. Credit card fraud is on the rise in recent years, fueled in part by the COVID pandemic. Although there isn’t anything you can do to completely remove these risks, there are steps you can take to remain vigilant to catch these situations as quickly as possible.
How does bank fraud happen?
There are a number of ways that fraud can take place, but here are some of the common ones:
- Using your debit or credit card to make an online purchase on an unsecured website
- Data breach of a website or store where you’ve used your debit or credit card (keep in mind that a breach could be from years ago, but your card information could still be compromised)
- Breach of a third-party payment application where your payment information is stored
- Scam callers that trick you into giving out personal information, including payment information
- Scam emails or text messages that trick you into giving out personal information, including payment information
- Using public Wi-Fi or an unsecured network when accessing your banking accounts online
Unfortunately, fraud has become a part of our everyday lives. We have to constantly be vigilant for possible ways that scammers may try to steal our information.
8 Tips to Help Prevent Banking Fraud
1. Only Use Secure Sites
When shopping online, make sure the site you are using is secure. For example, when making a payment on a website, you should see the symbol of a lock next to the URL. This indicates that the site is secure. If you don’t see this symbol, reconsider making that purchase.
2. Create Strong Passwords
When using third party payment applications, ensure you have a secure password unique to that site. Not having a strong, secure password could leave your payment information at risk.
Here are the main characteristics of a strong password:
- Passwords should be at least eight characters long – the longer your password is, the better
- It should consist of a combination of uppercase and lowercase letters, numbers, and special symbols
- Does not contain memorable keyboard paths (i.e. qwerty)
- Should not be based on your personal information (i.e., first or last name, pet’s name, or the city you live in)
3. Verify to Whom You Give Your Personal Information
Protecting your personal information can help you avoid bank fraud. Never give out your personal information unless you know it’s a trusted and verified source. If you receive a phone call from someone you think is a trusted source (remember, call spoofing does happen) and they are asking for personal information – hang up the phone. It’s always safer to call a company or person directly using the phone number on their website or in the phonebook. Then ask if there is a legitimate reason for needing your personal information. Your personal information could include: social security number, bank account information, credit/debit card numbers, online banking login info, secure access codes, etc.
4. Don’t Respond to Suspicious Emails or Texts
Phishing is a kind of fraud used by criminals to access their victims’ computers, steal confidential information, and more. Be cautious of calls or emails that request sensitive information. Many times, they will try to trick you into clicking on a link and providing further information. They use messages that create a sense of urgency with words like: important, past due, fraudulent, etc. These types of messages may also have grammatical errors, typos, and irregular formatting – which are all red flags to look out for.
The credit union will never call, text, or email you and ask for your personal identification number (PIN), secure access code, social security number, or any other sensitive information. Remember, if something seems off, it probably is. Always safeguard your information.
Click here to learn more about phishing.
5. Fraudulent Checks
If you receive a check in the mail that you were not expecting, it’s always a good idea to check with your financial institution to see if the check is valid. Many times, scammers will forge checks to make it look like you’re receiving a legitimate check from a financial institution, but the check is in fact not real. It could also come in the form of a larger scam where you are asked to deposit the check and send money back to an organization in exchange for some kind of prize or service. It is a red flag if you are asked to send back money in any way.
If in doubt, always call or visit your financial institution to investigate the check first.
6. Avoid Public Wi-Fi for Banking Needs
We also do not recommend accessing your online banking or making payments, or shopping online when using public Wi-Fi or an unsecured network. This could leave your device vulnerable and possibly compromise your information. Avoid using public computers as well.
7. Use Antivirus Software
Antivirus software is an application or a suite of programs that finds and removes viruses on computers and networks. Antivirus software helps protect your computer against malware and cybercriminals. It searches for known threats and monitors the behavior of all programs, flagging suspicious behavior. Viruses often come in the form of phishing attacks where you may unknowingly introduce a virus to your computer by clicking on a link in an unknown email or visiting an unsecure website. Antivirus software can help stop these from doing damage to your computer and your information.
Knowing that there are threats out there makes it so important that you have software to help protect your devices. There are different types of software that can help you combat various threats, such as spam and spyware.
Spam is unwanted, unsolicited digital communication sent out in bulk. Often spam is sent via email, but can also be distributed via text messages, phone calls, or social media. Spyware is malicious software designed to enter your computer or mobile device to gather data about you and forward it to a third party without your consent. Often, spyware can be circulated through spam messages.
By having a firewall, which is a software program or hardware device that filters and examines the information coming through your internet connection, you can help keep your device protected. Firewalls can stop a malicious program or attacker from gaining access to your network and information before any potential damage occurs.
8. Enable 2-Step Verification & Biometric Login
Implementing additional security measures can help you keep your accounts safe and secure. Two-factor and biometric authentication can help prevent bank fraud by providing an additional layer of protection.
Two-factor authentication verifies any attempt to log in to your account. After entering your usual login information, a second layer of protection includes a secure code being sent to you via an email address or text message, that you need to enter before you can log in to a site. This helps ensure that it is actually you logging in. Biometric authentication involves using some part of your physical makeup to authenticate you. Biometrics uses fingerprint, retina scan, or other physical characteristics to identify a person.
How can I catch fraud if it’s happening to me?
The best advice we can give is to be vigilant with your accounts. Utilize tools like Online Banking and monitor your accounts regularly. Check the transactions that have cleared your account and make sure that they are purchases that you made.
Set Up Alerts
We also offer alerts! Sign up for these so you can be notified when any transactions are made. You can set up the parameters for the alerts and have it emailed or texted to you. For example, set up an alert to notify you any time a transaction over $1.00 clears your account. This will help you catch unauthorized transactions very quickly.
Monitor Monthly Statements
You may also check your monthly statements to verify that all the transactions listed were made by you. Just keep in mind, that these transactions could be a month old.
If you do find a transaction that you did not make, contact your financial institution immediately.
Does HFS have a Fraud Detection System?
Yes, HFS does have a Fraud Detection System that can flag possible fraudulent transactions and notify you. Should we detect something suspicious, you may get a phone call to verify your transaction from our automated HFS FCU Fraud Detection Center. They will provide you with a case number and confirm the transaction’s validity. However, we still recommend that all members follow the advice above and be vigilant in monitoring their accounts.
What to do as a Victim of Fraud
The very first thing to do is contact your bank or credit union. Let them know specifically which transaction is fraudulent and request their assistance with filing a dispute. At this time, our card processor will work with the store to determine if the charge was indeed fraudulent. Unfortunately in some cases, the store may claim the purchase to be legitimate. At this point, if you still disagree with the outcome, you’ll need to contact the store directly to further pursue this claim.
You should also request a new debit or credit card since your current card information was compromised. If the fraud occurred directly on your savings or checking account, the entire account should be closed and a new one should be opened. Although this is an inconvenience, it is well worth the effort to protect yourself in the future.
For HFS FCU members, call the following numbers as soon as you detect any fraudulent activity:
- Debit Card Transactions: 1-855-251-1788
- Visa Platinum® Credit Card Transactions: 1-866-604-8153
- Visa Signature® Credit Card Transactions: 1-866-604-8139
Examples of Bank Fraud
Story: Tom received a call from a gentleman claiming to be a representative from ABC Credit Union (the phone number on the caller ID was correct too). The representative claimed that Tom’s debit card had a fraudulent charge on it, so he was calling to assist him. All he would need is Tom’s PIN to confirm his identity, and then he could file the dispute.
What went wrong: Chances are, in this case, the scammer already had Tom’s card information from a previous data breach and only needed his PIN to be able to use it. When Tom received this call, he should have hung up immediately and called his credit union directly to inquire. Even if the phone number seemed to be correct, this can easily be spoofed by fraudsters.
Story: Pam doesn’t shop online. She’s afraid that someone will steal her information. One day when Pam received her monthly account statement, she noticed a charge for $1.50 from MusicBot on her debit card. She doesn’t use MusicBot and never bought anything online.
What went wrong: Unfortunately XYZ Store, a chain big box store in town had a data breach 3 years ago. Pam has been shopping there for years! Although the breach happened a while ago, her card information is still compromised. She never requested to get a new debit card. Often times, fraudsters will make continuous small purchases like these. It’s not enough to make you immediately check your account, but does add up over time.
Story: Shelly received a call from a young lady claiming to be from 123 Bank. She stated that Shelly’s online banking account had been compromised. To verify her identity, she would be sending a secure access code to Shelly’s phone. She’d just need to read it back to her.
What went wrong: Your secure access code is for your eyes only. Aside from your username and password, this is the third layer of security to protect your online account. In this situation, the fraudster already had Shelly’s log in information. The code was the last piece she needed.
Story: Fred signed up for #1 Movies. It was free and the perfect way to pass the summer. He thought it was a little curious that he needed to provide his credit card information, but didn’t think much of it. Two months later, he saw a $29.99 charge on his credit card.
What went wrong: Be wary of anything claiming to be free. Often times these are free trials for a limited time. Be sure to read the fine print which will state how long the free trial is available and how to cancel the subscription. Although this isn’t necessarily fraud, it’s quite common.