Phishing and Identity Theft

Don't get phished by a crook!

Phishing

Click here for a CCUFL Phishing ALERT!

Beware! Thieves may be “phishing” (pronounced ‘fishing’) for your personal financial information. Account numbers, passwords, Social Security numbers, and other financial information are all vehicles crooks use to invade your checking account or charge their purchases to your credit cards. In the event crooks do get your personal information, you could become a victim of identity theft.

How phishing works
Typically, you’ll receive an email that appears to come from a reputable source that you know and trust such as your credit union. Or, the email may appear to come from a government agency that may or may not be associated with your credit union. Likely, the email will advise you of a serious problem affecting your account and ask for your immediate reply to rectify the situation by clicking on a link provided in the email.

In a phishing scam, the result of your clicking on that link will take you to either a site that looks just like the authentic site, or it may actually be the real site where a pop-up window will appear to secretly gather your personal information. You likely will be asked to verify or update your personal and/or account information. As you enter this information, you are giving thieves everything they need to steal your identity and your money.

If you’ve been “phished”, forward the phish email to:

• reportphishing@antiphishing.org
• spam@uce.gov (Federal Trade Commission)
• the company who has been “spoofed”
• When forwarding spoofed messages, always include the entire original email with its original header information intact and notify the Internet Fraud Compliance Center of the FBI by filing a complaint on their website: www.ic3.gov

Some phishing attacks use viruses and/or Trojans to install programs called “key loggers” on your computer. These programs capture and send out any information that you type to the phisher, including credit card numbers, user names, passwords, Social Security numbers, etc. If you’ve fallen victim to this you should:

• Install and/or update anti-virus and personal firewall software.
• Update all virus definitions and run a full scan.
• Confirm every connection your firewall allows.
• If your system appears to have been compromised, fix it and then change your password again, since you may well have transmitted the new one to the hacker.
• Check your other accounts! The hackers may have helped themselves to many different accounts: eBay account, Pay Pal, your email ISP, online bank accounts, online trading accounts, e-commerce accounts, and everything else for which you use online passwords.

Identity Theft

Identity theft occurs when someone uses your personal information such as your name, Social Security number, credit card number or other identifying information, without your permission to commit fraud or other crimes. If you have become a victim of identity theft you should:

• Report the theft to the three major credit reporting agencies-Experian, Equifax and TransUnion Corporation, and do the following:

1. Request that they place a fraud alert and a victim’s statement in your file.
2. Request a FREE copy of your credit report to check whether any accounts were opened without your consent. You can find information about obtaining free credit reports on the Federal Trade Commission’s website at: http://www.ftc.gov/bcp/conline/edcams/freereports/index.html.
3. Request that the agencies remove inquiries and/or fraudulent accounts stemming from the theft.

Major Credit Bureaus:
Equifax – www.equifax.com
To order your report, call 800-685-1111 or write P.O. Box 740241, Atlanta, GA 30374-0241
To report fraud, call 800-525-6285 and write P.O. Box 740241, Atlanta, GA 30374-0241

Experian – www.experian.com
To order your report, call 888-397-3742 or write P.O. Box 2002, Allen, TX 75013
To report fraud, call 888-397-3742 and write P.O. Box 9530, Allen, TX 75013

TransUnion – www.transunion.com
To order your report, call 800-888-4213 or write P.O. Box 1000, Chester, PA 19022
To report fraud, call 800-680-7289 and write Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92634

• Notify your financial institution(s) and ask them to flag your account and contact you regarding any unusual activity.
• If bank accounts were set up without your consent, close them.
• If your ATM card was stolen, get a new card, account number and PIN.
• Contact your local police department to file a criminal report.
• Contact the Social Security Administration’s Fraud Hotline to report the unauthorized use of your personal identification information.
• Notify the Department of Motor Vehicles of your identity theft:
  • Check to see whether an unauthorized license number has been issued in your name.
• Notify the passport office to watch out for anyone ordering a passport in your name.
• File a complaint with the Federal Trade Commission:
  • www.consumer.gov/idtheft or call 1-877-IDTHEFT
• File a complaint with the Internet Fraud Complaint Center (IFCC)
  • www.ic3.gov
  The Internet Fraud Complaint Center (IFCC) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C), with a mission to address fraud committed over the Internet. For victims of Internet fraud, IFCC provides a convenient and easy-to-use reporting mechanism that alerts authorities of a suspected criminal or civil violation.
• Document the names and phone number of everyone you speak to regarding the incident.
• Follow-up your phone calls with letters. Keep copies of all correspondence.

Protect Yourself

Identity theft is most often a crime of opportunity. If you make it hard for someone to steal your identity, the thief will move on to an easier target.

1. Never give your personal information via internet or telephone when you did not initiate the contact with the company.
2. Contact the company by other means if you believe the request for information is legitimate. Use public resources (phone book or internet) as well as your account statements to obtain contact phone numbers or addresses. Or go to the company’s web site by typing in the site address directly in your web browser.
3. Don’t provide passwords in response to unsolicited requests over the phone or internet. Legitimate companies should never contact you and ask for that information.
4. Do not be intimidated by an e-mail or caller who suggests dire consequences if you do not immediately provide or verify financial information.
5. Never click on a link provided in an e-mail you believe is fraudulent. It may contain a virus that can contaminate your computer.
6. Regularly review your account statements to verify all charges were made by you or an authorized signor on your account. If you don’t receive your account statement in a timely manner, notify your credit union immediately.

What To Do If You’ve Given Out Your Personal Financial Information

Here’s some advice on what to do if you are in this situation:

• Report the theft of this information to the card issuer or financial institution as quickly as possible:
  Many companies have toll-free numbers and 24-hour service to deal with such emergencies. For Central Credit Union issued cards, call our office during business hours at (850) 474-0970 or (800) 375-2235. Nights, weekends and holidays call Visa at (800) 453-4270 or Certegy Card Services at (800) 543-5073.
• Cancel your account and open a new one.
• Review your billing statements carefully after the loss:
  • If they show any unauthorized charges, it’s best to send a letter to the card issuer describing each questionable charge.
• Credit Card Loss or Fraudulent Charges (FCBA):
  • Your maximum liability under federal law for unauthorized use of your credit card is $50.
  • If the loss involves your credit card number, but not the card itself, you have no liability for unauthorized use.
• ATM or Debit Card Loss or Fraudulent Transfers (EFTA):
  • Your liability under federal law for unauthorized use of your ATM or debit card depends on how quickly you report the loss.
  • You risk unlimited loss if you fail to report an unauthorized transfer within 60 days after your account statement containing the unauthorized use is mailed to you.

Central’s Security Measures

It is the policy of Central Credit Union of Florida to NEVER request personal or confidential information from members via e-mail or an e-mail link. In addition, we will never ask a third party or credit union affiliated organization to request this type of information from you. It is our goal to keep your information safe!

Central’s privacy policies are mandated by state law and federal regulations. We strictly enforce these policies. Access to members’ nonpublic information on record at Central is limited to those employees who need to know that information to provide services to you. Passwords and PINs established for your account at Central are not recorded at the credit union, therefore, only you have access to your passwords and PINs. Information that you use to log on to your accounts with Central is encrypted into a secure code to prevent hackers from accessing that information. Virus protection software is utilized by the credit union to protect the computer network from potential hazards.

In the event you receive an electronic communication requesting personal information pertaining to your Central Credit Union account, please notify us immediately at mservices@ccufl.org with the email address from which it was received.

Other Helpful Resources

www.usps.com/postalinspectors/fraud
www.consumer.gov/idtheft
www.bbb.org/phishing
www.visa.com

Back to top