Tag: scams

Spring has Sprung Scams: Facebook Marketplace

With Spring in the air, a lot of people have started their Spring Cleaning, selling unused, unwanted items on Facebook Marketplace. Facebook Marketplace has become a hotspot for scammers. Here are some things to look out for:

Prices that are too good to be true

One red flag to watch out for is if a seller is offering an item at a price that seems too good to be true. Scammers often lure in buyers with significantly low prices to attract attention. In the end, the buyer never receives the item. Another warning sign is if the seller insists on using unconventional payment methods or requests personal information such as your bank details or social security number. Never share your personal information and report any suspicious behavior.

Rental Scams

A scam that has become increasingly popular is rental scams. These scams show fake listings for a number of different items. Such as, boats, bikes, equipment, properties, etc. In this scenario, the scammer will ask for payment upfront or a deposit to secure their rental. The victim then ends up with no rental and lost money. Protect yourself by first seeing the rental in person and paying after, use reputable rental platforms instead of Facebook, be cautious of below-market pricing, and avoid wire transfers.

Return Scams

In this scam the buyer states that they want to return the item that they purchased, they will ask for a refund. The scammer will then either not return the item or return a similar item that is broken or something totally different than the original item. The fraudster will send fake tracking information to show “proof” that they are returning the item. To avoid this scam, sellers should wait for the returned item and check that it is in good condition before issuing any sort of refund.

Two-Factor Authentication Codes

Never share a two-factor authentication code! If someone asks for this code, there’s a high chance that you are speaking to a scammer. These codes are ONLY meant for you. Phishers will ask you to send them this code to verify that you are who you say you are. In reality, they are really going to use this code to log in to one of your accounts. You are at risk of being hacked if you share a two-factor authentication code.

Trust your Instincts

To stay safe while using Facebook Marketplace, it’s recommended to meet sellers in person, in a public place, and inspect the item before making any payment. Share your meeting location/plan with a friend or family member and avoid carrying large amounts of cash with you. Additionally, trust your instincts – if something feels off or suspicious, it’s better to walk away from the deal. By staying informed and alert, you can enjoy the benefits of Facebook Marketplace without falling prey to scams.

https://www.aarp.org/money/scams-fraud/info-2024/facebook-marketplace.html

https://www.comparitech.com/identity-theft-protection/top-facebook-marketplace-scams/

https://www.facebook.com/help/2374002556073992

Don’t Get Caught in an Emergency Scam!

Your grandson’s calling – and he’s in bigtime trouble! He’s been kidnapped and being held for ransom, so he needs you to wire over money ASAP.

Before you wire over anything, stop! You’re probably being scammed. Here’s what you need to know about emergency scams and how to protect yourself. 

How the scams play out

In an emergency scam, a target gets a phone call, email or text message pretending to be a close relative. The caller will claim to have been caught in hot waterwhich can be anything: a kidnapping, an issue with the police, a car accident or getting stuck overseas with no money. 

The caller will then ask the target to send over money pronto, using a wire transfer or prepaid debit card. While emergency scams are commonly played out with a grandparent of an alleged caller, they can also target the parents, uncles, aunts, and siblings of the “caller.”

Unfortunately, if the target follows the caller’s directions by sending over money, these funds will go into the scammer’s pockets. 

Red flags

Here are some signs that can alert you to the possibility of an emergency scam:

  • Your “relative” calls to tell you about an emergency situation they’re in, but they ask you not share this information with family members or anyone else.
  • You’re urged to act quickly.
  • You’re asked to send money by a wire transfer, prepaid gift card or cryptocurrency. 
  • You’re asked to share sensitive information over the phone.

Protect yourself

Follow these tips to help keep yourself safe from emergency scams:

  • If a friend or family member calls you with an urgent request for funds, hang up and call them directly from a number they’ll recognize. 
  • Never wire money or send a prepaid gift card to an unverified contact. 
  • Ask an alleged caller some questions about your shared memories to determine if they actually are who they claim to be.
  • Always be cautious and avoid acting rashly regardless of the situation.
  • Don’t share your personal info with an unknown contact. 
  • Don’t be afraid to share details of a phone call with other family members and friends.

Stay safe!

All You Need to Know About Tech Support Scams

There’s little in life that’s more frustrating than a computer that won’t do its job. But sometimes, like your own private miracle, a message appears on your screen. It says: “Technical difficulties? Click here for assistance.” 

Unfortunately, if you follow these instructions, you’ll probably fall directly into a scammer’s trap. Here’s what you need to know about technical support scams and how to prevent yourself from falling victim.

How the scams play out

In a tech support scam, a target may have an unresponsive computer with a message, get an email, text message, pop-up or even a phone call allegedly from a computer technician who works for a well-known company. The “rep” will offer to help with any computer issues they may (or may not) have. They’ll direct the target to call a specific number or click on an embedded link, which will connect them to the “rep” who can supposedly help them. Once connected, the scammer will ask the victim to pay for the services before they’re rendered using a wire, prepaid gift card or cryptocurrency. Once the payment is made, the scammer disappears.

Red flags of technical support scams

  • You get an unsolicited message or phone call offering tech support for an issue you aren’t having.
  • Your computer may be unresponsive playing an alert audio with a phone number to call.
  • You’re required to pay for tech support by wire transfer, prepaid gift card or crypto.
  • A pop-up message appears claiming there’s a security issue with your computer and directing you to call a specific number. 

What you need to know about tech support

  • Legitimate tech companies won’t reach out to you by phone, email or text message to let you know your computer is having issues. 
  • Security pop-up warnings from authentic companies won’t ask you to call a number or click on a link. 
  • Legitimate companies won’t demand that you pay for a service by wire transfer, prepaid gift card or crypto. 
  • Logos are easily spoofed and should never serve as proof of a message’s true origin.

Protect yourself

Don’t fall for a tech support scam! 

First, if you run into technical difficulties with your computer, don’t wait for a rep to contact you to offer assistance. Instead, directly reach out to a trusted company.

Also, if you believe there may be a problem with your computer, update its security software and run a scan to identify any potential problems.

Finally, never provide an unverified contact with access to your device or credit card information.

If you’ve been targeted

If you believe you’ve been targeted by a tech support scam, here’s how to mitigate the damage. 

If you’ve given a scammer remote access to your computer, update your computer’s security software, then run a scan and delete anything that’s flagged as a problem. If you’ve shared your login credentials with a scammer, change all your passwords.

If you’ve provided any credit card or banking information, contact the institution and relay the situation.

Report the scam to the FTC

Stay safe!

How to Avoid Romance Scams this Valentine’s Day

Don’t be the next victim of a romance scam! Here’s all you need to know:

How the scam plays out

In a romance ruse, a scammer will create a bogus online profile and attempt to connect to singles on dating apps and websites, as well as through social media platforms. After a connection is formed, the scammer will work to build up the relationship with the victim, calling and texting often. Once the scammer has gained the victim’s trust, the scammer will spin a sorry story and ask the victim for money.

The scammer may explain that they cannot meet in person because they are currently living or traveling outside the United States. They’ll claim to be a doctor working for an international organization, a blue-collar worker in the middle of a construction project or to be part of the military and currently serving overseas. They may ask for money to help cover travel expenses, pay for medical treatment, cover customs fees at the airport or to pay for a visa or other official travel documents.

The scammer will ask for payment via wire transfer or prepaid debit card. Once they’ve received the funds, they will disappear. Alternatively, the scammer will ask their “date” to share personal financial information and then go on to empty the victim’s accounts.

How to spot a romance scam

If you’re in the market for a new date and you’re hoping to meet someone online, look out for these red flags:

Profile is too good to be true. If a single’s profile has unrealistic credentials, including a magazine-worthy photo, you’re likely looking at a scam.
Single rushes into the relationship. If the contact comes on too strong, too fast, it may be a scam.

Single asks you for money. Don’t believe a money-starved story of someone you just met online, especially if they start asking you to help them out.

How to play it safe online

Avoid falling victim to romance scams and similar ruses by following basic online safety rules.

First, never share personal details online with anyone whose identity you cannot verify. This includes all financial information, credit card details and personal information that can be used to unlock a password on any of your accounts.

Second, only visit secure sites and keep all the settings on your social media pages private. Never engage in conversation with a stranger who reaches out to you on a platform you’ve just begun using, or who sends you personal texts or emails you without any prior communication.

It’s equally important never to send money to anyone online.

If you suspect a romance scam

If you believe you’ve been targeted by a romance scam, take these steps to avoid further damage:

Research the name on the profile to see if the details check out. You can also use an online background checking tool, such as BeenVerified or TruthFinder, to verify the credibility of the profile.

Do a reverse-image search of the profile picture to see if it’s a stock photo or an image that was plucked off the internet. You can also ask the contact to share a current photo of themselves.

If your research confirms your suspicions, stop all communication with the scammer immediately. Block the scammer’s number and flag their emails as spam. If you’ve already paid a romance scammer with a prepaid gift card, call the company that issued the card to ask them to refund your money.

Report the scam to the FTC. It’s also a good idea to alert the website or app that the scammer is using. You may also consider warning your friends about the scam.

Follow the tips outlined above to keep your love life scam-free.

6 Naughty Holiday Scams to Beware of This Season

‘Tis the season to be jolly! Unfortunately, though, not everything about the holiday season is all happy and nice. As always, scammers are on the scene, ready to turn the joyous season into a nightmare. Here are six naughty-list scams to watch out for this holiday season. 

Online shopping scams

In this classic scam, a shopper is lured into a bogus site that appears to belong to a popular retailer and proceeds to purchase an item that does not exist. Alternatively, a too-good-to-miss deal will be heavily promoted through pop-up ads and emails. In either scenario, the shopper will never receive the ordered item and won’t be able to reclaim their lost funds. In some cases, the product will be delivered to their home, but it will be of inferior quality, in poor condition or completely different from the advertised item. 

Protect yourself: Only shop reputable websites. Check the URL of each landing page you visit to ensure you are still on a trusted site. Also, if a deal seems too good to be true, it likely is.

Charity scams

Here, a charity targets do-gooders in the weeks leading up to the holidays, asking for donations. Unfortunately, though, the charity is completely bogus, and the money will go right into the hands of scammers. Sometimes, scammers will impersonate a well-known charity and use its name and/or logo to appear authentic. 

Protect yourself: If you want to donate money to a specific charity, seek it out yourself instead of following a link or an ad. It’s also a good idea to verify charities on sites like Charity NavigatorGuideStar or CharityWatch

Gift card scams

Gift cards have always been a popular choice for holiday gifting, but scammers have found ways to exploit them. In a gift card scam, fraudsters convince victims to share their gift card codes by pretending to be tech support or another believable contact. 

Protect yourself: Never share sensitive information with an unverified contact. 

Porch pirates

In this simple but devastating scam, thieves stake out private residences and snatch up delivered packages from porches soon after they arrive. Scammers may even follow UPS and Amazon trucks so they can pilfer more easily. They’ll wear hats, hoodies or masks to avoid detection via security camera, and once they make off with the goods, there’s virtually no way to recover the packages. 

Protect yourself: Track your ordered packages, and once notified that an item has been delivered, bring it inside immediately. If you aren’t home when an item’s been delivered, ask a neighbor to take it in for you. 

Travel scams

Traveling during the holidays can get expensive, and scammers know this. In holiday travel scams, they’ll offer vacation packages, or what looks like a dream vacation rental at rock-bottom prices. Then, they’ll disappear once the victim has paid. Alternatively, the victim will arrive at their vacation to find it is quite different than the way it was promised. 

Protect yourself: Don’t believe travel deals that are far too cheap for what they are offering. Research any travel agency you are using and be wary of sites and/or ads containing poor grammar and/or lots of spelling mistakes. Finally, be sure to read reviews on vacation rentals before booking and to do a reverse image search on the rental to see if it’s an authentic pic or a stock photo. 

Romance scams

The holiday season can be lonely for some people, and romance scams tend to pick up this time of year. In this scam, a love interest will build a relationship with an unsuspecting target, and then ask the victim for funds to help them out of a financial tight spot. 

Protect yourself: Be wary of anyone who wants to build a relationship very quickly. It’s also a good idea to do a reverse image search on any photos a new love interest has shared with you to determine if it’s authentic. As always, never wire money to an unverified contact. 

Don’t let scammers be your Grinch this Christmas. Watch out for these and similar scams, and use the tips outlined here to stay safe!

Don’t Get Caught in a Utility Scam!

Knock, knock! It’s your energy company, here with the bad news that your bill is overdue, so we’re shutting off your electricity unless you pay up right now. 

Sounds like a nightmare, right? Well, it’s going to get worse: this is a scam. Pay the visitor at your door, and you’ve just paid a scammer. 

It’s happening a lot more lately. So, here’s what you need to know about these scams and how to keep the lights on without falling victim.

How the scam plays out

In a utility scam, a target receives a phone call, email, text message or even an in-person visit from an alleged representative of their gas, water or electric company. This “rep” will claim to be collecting a past due account that’s pending shutoff unless payment is made immediately. They’ll often ask for the payment to be made via wire or through a prepaid gift card. Unfortunately, any money paid will go directly to the scammer, and not to the utility entity they claim to represent. 

What to do if you’re targeted

Do not engage with the caller or visitor. If the alleged rep sent you an email or text message, mark it as spam, block the address and do not respond. You can also call the company the scammer claimed to represent to confirm that your account is not pending shut off. 

Red flags

Watch out for these red flags which can help you avoid a utility scam:

  • A demand for immediate payment with no prior warning. Authentic company reps will always give you ample warning, in writing, before enacting a shutoff. 
  • Pressured to act quickly. Scammers want you to act now and think later. 
  • The “representative” cannot provide details about your account or a means to verify their identity. 
  • They request a specific form of payment. Prepaid card requests are almost always a huge red flag in any scenario.

Stay safe

To avoid utility and similar scams, follow these precautionary measures:

  • Never wire money or send a prepaid gift card to an unverified contact. 
  • Keep the security on your devices at its strongest and updated settings.
  • Update your spam list often. 
  • Never share your personally identifiable information with an unverified contact. 

Utility scams pose a real threat to your financial security. Follow these tips to stay safe!

Beware of Mobile App Scams

In today’s digital world there’s an app for practically everything; the weather, mobile banking, socializing, games, entertainment… the list goes on. There are millions of downloadable apps for your phone and electronic devices. With all these convenient apps, there’s more ways for fraudsters to take advantage of innocent mobile app users. Unfortunately, mobile app fraud can come in numerous forms and is not always easy to identify. Here’s some things to look out for:

  • Fake apps: These apps are made to look like the real apps that the user is intending to download. Also called Malware apps, these apps make it hard to know whether you are downloading a real one or not. Here’s how to spot a fake mobile app:
    • Reviews/Downloads. If the app has few downloads and short/vague reviews, chances are it’s a scam. A reputable app will have lots of downloads and descriptive reviews.
    • Research. Look into the app developer. See what other apps their company has created and if they’re reputable.
    • Details. Make sure the images look professional, no misspellings, different fonts, or anything else that may seem off. A true app developer will also have a description and instructions/features of the app.
    • Signs you may have downloaded a fake app; strange messages, battery drainage, random pop-ups, and spikes in data usage
  • Vishing (Voice Phishing): Voice Phishing is when a scammer calls or leaves voice messages pretending to be from a reputable company or agency. They will attempt to illicit an action such as downloading a malicious application or request personal information such as a credit card number to defraud that person or company. Vishing makes the user believe they are talking to someone or a company they trust. Often Vishing will be done in conjunction with caller ID Spoofing.  If you are being asked to download an application or for credit card information from an inbound call, it is best to verify the caller. Validate the phone number by performing a call back to that number. It’s also best to call the number on the back of your bank card if you’ve received a voicemail from a number you don’t know.  Be cautious of anyone that wants sensitive information.
  • Remote Access Scams: This last scam tends to use both fake apps and vishing/phishing to mislead the victims. Remote access scams are when scammers impersonate trusted workers such as tech support, banks, government agencies, etc. This is typically done by vishing or phishing; they call the victim or send them a text and/or email of an urgent issue that needs to be resolved right away. Fraudsters will then trick victims into giving them control of their device by downloading an app, remote desktop software, or built-in tools. Once these fraudsters have remote access, they can access sensitive information such as passwords and financial information. With all that information they can commit identify theft, hold your information hostage, and/or sell your information on the dark web. Here’s how to protect yourself:
    • Only download apps from trusted sources, never click a link from an unknown sender
    • Before downloading an app check its reviews and ratings
    • Research all apps before downloading
    • Regularly update your operating system and app versions
    • Be cautious when answering unknown numbers, hang up right away if they’re asking about sensitive information
    • Never give remote access to someone you don’t know

Sports Gambling App Scams 

With football season back in full swing, so are sports betting scams. It’s Sunday, you place a bet, and you win. But as soon as you try and cash out it says declined, you try again. It keeps saying declined. You contact someone about this issue, they say that they need more information and/or identity verification. No matter how much information you give them, you never get your money. Not only do these fraudsters now have your money, but they also have any personal information that you shared with them.  

Avoiding Sports Gambling Scams: 

  • Delays in getting paid. One of the most common tricks used is the slow payout scam. Fraudsters delay payment in the hope that the user reverses the request for payout. A scammer will typically request more identity verification before a “payout” is made to slow the payment process, when really, they aren’t going to pay you at all.  
  • Look for verified apps. It’s important to look for sports books that have been approved by your area’s gaming commission. Do not enter any personal information/payment information on apps that can’t be verified. And only download apps from the app store, not through links or pop-up ads. Bookmark websites you know are safe, so you don’t click on a website made to look real. 
  • Phishing and identity fraud. Phishing redirects a user to a fake website and will then collect personal information, such as passwords and security info. These links are made to look like the real deal but beware! Look at the URL, make sure it’s taking you to a trusted site, never open a link from an unknown email, number, or pop-up ad. 
  • Read the fine print. Gambling sites/apps typically offer incentives or bonuses for new users. But they could be misleading, often they’re too good to be true. Be sure to read the fine print carefully. “Risk-free” doesn’t usually mean there’s no risk, typically money lost will turn into a credit that you can use only to place other bets. Even legitimate sports betting apps have the right to freeze your winnings if they suspect there’s an unfair advantage or irregular playing pattern. Be sure to take the time to read the important details. 

Stay on the lookout for phishing scams, only place bets on verified sports betting apps, and don’t believe the too good to be true bonuses (they really are too good to be true). 

https://www.scams.info/blog/player-protection/sports-betting-scams/

https://www.bbb.org/article/scams/26620-bbb-scam-alert-betting-on-a-big-game-dont-fall-for-a-sports-betting-scam

https://lifehacker.com/how-to-spot-a-shady-online-sports-betting-site-1848525467

AI Fraud and How to Protect Yourself

Artificial intelligence (AI) is revolutionizing the way we live and work. Unfortunately, though, it’s also revolutionizing the way scammers play their games. Here’s what you need to know about AI fraud and how to protect yourself.

What is AI fraud?

AI fraud is the use of artificial intelligence to deceive or defraud individuals or organizations. Fraudsters and/or Scammers have begun using AI backed software to assist in scams that utilize vast amounts of knowledge and techniques to assist with fraudulent practices. Some of the fraudsters through the use of AI have been able to create convincing fake identities, manipulate social media, generate realistic fake images and videos (AKA “deepfakes”) and more. 

The scammers then create fake social media profiles and email addresses using these bogus identities and footage. Often, they’ll pretend to represent celebrities for soliciting money and information. Similarly, they may create fake websites or emails that appear to be from legitimate sources, such as financial institutions or government agencies, and ask people to provide their personal information or login credentials.

AI fraud comes in several forms, including:

  • Phishing
  • ID theft
  • Deepfakes
  • Fake news
  • Social engineering
  • Chatbot scams

Red flags

Are you being targeted by AI fraud? Look out for these red flags:

  • Multiple unsolicited emails and/or text messages
  • Asked to provide personal info or login credentials by an unverified contact
  • Unusual activity on your social media accounts
  • Requests for money or gift cards

If you notice any of these signs, it’s important to investigate. If the contact claims to represent a government agency or financial institution, do not engage. Reach out to the agency that supposedly contacted you to see if the communication is legit. 

Protect yourself

  • Never share sensitive info with an unverified contact.
  • Check the URL of each landing page when banking online or using another platform to share sensitive information. 
  • Use strong, unique passwords across all of your accounts. 
  • Keep your device’s security on its strongest setting.
  • Use updated antivirus software.

If you’ve been targeted

If you suspect you’ve been the victim of AI fraud, act quickly to mitigate damage. First, contact High Point FCU at 800-854-6052 to let us know your information has been compromised. Similarly, reach out to your credit card companies to let them know about the fraud. Next, report the fraud to the FTC so they can take appropriate measures in catching the humans behind the bot-generated scam. You’ll also want to change your passwords and consider a credit freeze. Finally, if your identity has been stolen, reach out to identitytheft.gov to learn your next steps.

All You Need to Know About Pet Adoption Scams

Pet adoption can be a highly rewarding experience. Unfortunately, though, scammers often exploit people’s adoration for animals through pet adoption scams. Let’s take a closer look at these scams and how to protect yourself from falling victim.

How these scams play out

In a pet adoption scam, fraudsters pose as legitimate pet sellers or rescue organizations to scam potential adopters. They may advertise pets online, and use emotional appeals to lure unsuspecting individuals. One scam variation includes “puppy mills,” where animals are bred in inhumane conditions and then sold. Another variation is the “phantom pets” scam, where the scammers falsely claim to have pets available for adoption. In the first scam, the buyer is charged a huge price for a severely neglected pet. In the second, the buyer makes the required payments for a pet that never arrives

Red flags 

If you’re in the market for a new pet, watch out for these red flags:

  • The seller only communicates by email.
  • The seller demands upfront payment.
  • The seller refuses to provide important documentation and details about the pet’s background or health.
  • The seller asks for additional fees for shipping, vaccinations or permits. 
  • The ad featuring the adoptable pet has tons of typos.
  • All photos of the pet are generic or stock photos.

If a potential pet seller shows any of these red flags, you’re likely looking at a scam.

Search safely 

When searching for a pet to adopt, verify the authenticity of the seller or rescue organization before proceeding. Look for a physical address, contact information and a secure online presence. Check out any online reviews or complaints about the seller. Finally, reach out to local animal shelters or breed-specific rescues to validate the legitimacy of the seller.

Finalizing an adoption

Once you’ve found a pet, continue to exercise caution as you finalize the sale. 

First, insist on meeting the seller and pet or visiting the rescue organization in person. This will enable you to observe the animal’s living conditions, assess its health and interact with it directly. If everything checks out and you’re going ahead with the sale, use a secure payment method that offers fraud protection, such as a credit card. 

Don’t get caught in a pet scam! Use the tips outlined here to stay safe

Don’t Get Caught in a P2P Scam

Before discussing how to avoid a P2P scam, you may be wondering what “P2P” stands for. A peer-to-peer (P2P) service is a decentralized platform whereby two individuals interact directly with each other, without intermediation by a third party. Instead, the buyer and the seller transact directly with each other via the P2P service. Google Wallet, PayPal, Snapcash, Venmo and Bitcoin are examples of P2P services.

P2P platforms are super-convenient. But, P2P scams are rampant and varied. Plus, once money is transferred by P2P, it’s usually gone forever.

Here are five P2P scams to beware of:

1.      Mystery money

In this P2P scam, a stranger “accidentally” sends the target money and then reaches out, wanting their money back. The target sees these funds in their P2P account and returns them. Unfortunately, though, because this money was added to the target’s account using a stolen credit card or account, the platform flags the original transaction as fraud and removes the funds from the victim’s account. 

2.      Hidden credit card fraud

In this P2P scam, a fraudster purchases an item listed on a site, like Craigslist, using a P2P service. They’ll pick up the item, or have it shipped to their home, and they’ll never be heard from again. Meanwhile, the P2P platform will eventually recognize the funds for the purchase come from a bogus source, and will take the money back from the seller. 

3.      Utility scams

In this scam, a “rep” from a utility company reaches out to a target, claiming their service will be shut off unless a payment is made immediately. The scammer insists on payment by P2P. Unfortunately, once the transfer is made, it can be impossible to reclaim the money. 

4.      Password scam

In this scam, an alleged representative of a credit union or bank will reach out to a target by text, asking them to approve a recent large P2P transfer from their account. A “no” response will prompt the scammer to call the victim. Posing again as a rep of their financial institution, they’ll offer to assist in reclaiming the allegedly frauded money. To do so, the scammer claims the victim will need to share their Zelle login credentials. Unfortunately, if the victim shares the one-time passcode, the scammer can change the password and send themselves money through the victim’s account. 

5.      Bogus receipts

Here, a scammer will insert themselves into a legitimate P2P transaction by digitally manipulating a screenshot to make it appear as if they have completed a part of an ongoing deal and insisting you now owe them money. In truth, though, the transaction was never completed and, if you send the money, you’ll be sending it directly to a scammer’s P2P account.

Stay safe

  • Only send and accept funds from people you know and trust. 
  • Never give out your passwords/pins/challenge response tokens to anyone.
  • Use strong passwords and don’t reuse them across any accounts.
  • Use 2 Factor Authentication.
  • Don’t use guest or unsecured networks when doing transactions or logging into accounts.
  • Always confirm you’re interacting with the correct person by verifying their phone number at every stage of the P2P transaction process.
  • Call the P2P platform’s customer service number directly to resolve any errors. Similarly, reach out to High Point Federal Credit Union directly if you receive notification of an allegedly frauded account
  • Check your checking account after every P2P transaction to confirm that you’ve received the funds. 

Device Advice: How to Keep Your Phone Safe from Fraud

Smartphones are the millennial’s answer to the disorganized life. You can buy anything with just a few swipes, schedule appointments and store your photos in this one, convenient spot. Unfortunately, all of that convenience comes at a price: Your mobile devices pose an inherent risk to your security if they fall into the wrong hands. Fortunately, there are ways to protect your device and information. 

Here are 6 tips to help keep your phone safe and secure. 

1.      Keep your phone locked

If your entire life is on your phone, you run the risk of giving a thief access to your identity if it’s stolen or misplaced. The best way to prevent this from happening is to have a lock on your screen. Opt for a physical lock if possible, such as fingerprint or face recognition. Finally, adjust your phone’s lock settings so the screen automatically locks when not in use by setting a lock based on idle time.  

2.      Choose strong, unique passwords across all your devices and apps

Use a different password for each device, app and other online accounts. The longer your password the stronger it is, but security can also be improved when you include a blend of letters with varied capitalization use, numbers, and symbols.

3.      Browse safely

  • Look for the padlock icon and the “s” after the “http” in the URL of each landing page you visit.
  • Never give your login information to anyone. Olean Area Federal Credit Union will never ask for this information. Please report if someone claiming to be from the Credit Union asks for your login.
  • Never share your personally identifiable information (PII) with an unknown contact.
  • Keep your security settings current.
  • Avoid clicking on pop-up ads or links in emails from unverified senders. 

4.      Use secure Wi-Fi

Using public Wi-Fi can make you vulnerable to hacking. It’s best not to use public Wi-Fi at all, especially when banking online. To help keep your device safe while using public Wi-Fi, consider  using  a virtual private network (VPN). In addition, be sure to keep your own Wi-Fi secured  to avoid having strangers access it. 

5.      Encrypt your data

Using encryption on your devices along with secure logins can assist with protecting its data and potentially any PII contained on those devices.

6.      Install antivirus software on your phone 

Consider the use of Antivirus software for all your devices including phones and tablets.

Use the tips outlined here to help keep your phone safe from fraud.

All You need to Know About Credit Card Fraud

With the advent of online commerce, credit and debit card fraud has exploded. Unfortunately, credit card fraud can go unnoticed until it causes serious damage. Here, we’ve outlined what you need to know, how to protect yourself, and what to do when you’re targeted. 

What is credit card fraud?

Credit and debit card fraud occurs when a scammer gains access to a victim’s card information and goes on to empty their accounts, commit identity theft and more. 

Credit card fraud can be pulled off in many ways:

  • Card skimming involves a scammer tampering with an ATM or payment terminal. The machine reads the victim’s card information and transmits it to the scammer.
  • Brute force attacks employ an auto-dialer to access the card numbers issued within the target’s BIN. The scammer can perform infinite guesses until they land on the card’s expiration date, security code and numbers.
  • Online phishing is done through insecure links embedded in emails or online ads, or through bogus surveys, solicitations, job offers, dating profiles and the like. The scammer uses these means to gain access to the victim’s credit or debit card information.

Protect yourself

Follow these tips to stay safe from credit and debit card fraud: 

  • Sign up for alerts. Many issuers will send you texts or emails when new charges post to your account or card-not-present transactions happen. 
  • Monitor your checking and credit card accounts frequently so you can spot the first signs of fraud
  • Use strong, unique passwords across all your accounts. 
  • Shop with caution. Only shop reputable sites and avoid clicking on pop-up ads or links in emails from unverified senders. To confirm a site’s security, look for the padlock icon and the “s” after the “http” in the URL. Avoid storing your credit card info in online shopping accounts. Finally, make sure the security settings on your devices are current.

If you’re targeted

If you believe your card has been frauded, take immediate steps to mitigate damage. First, let the credit card company know about the fraud. Similarly, if your debit card has been frauded, let High Point Federal Credit Union know as soon as possible. Your old card will be canceled, and you’ll be issued a replacement card immediately. You may also want to place a credit freeze on your accounts to prevent the scammer from taking out a loan or opening another account in your name. 

After you’ve reported the fraud to your financial institution and/or credit card company, be sure to report it to the Federal Trade Commission at ReportFraud.ftc.gov, so others can avoid becoming victims.

Free Vacation Scams

Congrats – you’ve won an all-expense paid vacation to the Bahamas! It’s a dream come true! Or is it? If you’re notified that you’ve landed a free luxury vacation, you’ve likely been targeted by a scam. Here’s what you need to know.

How the scams play out

In a free vacation scam, a target gets a letter, email or text message telling them they’ve won a sweepstakes for a free vacation. They’re asked to pay a fee or tax to process the prize. Alternatively, they may be asked to share their credit card information before it can be claimed. After paying the fee, they’ll never hear from the sweepstakes company again.

In another variation of this scam, the target is asked to attend a “short” meeting before claiming their prize. This turns out to be a prolonged and overt sales pitch for a time-share purchase or travel-club membership. There may be vouchers for the promised vacation at the end of the class, but they can only be used for specific dates, and require all sorts of additional fees before the “free” vacation can be redeemed. 

Red flags

Look out for these red flags to help you spot a free vacation scam:

  • You’re told you’ve won a sweepstakes you never entered.
  • You’re asked to pay a fee or tax before a prize can be processed.
  • You’re pressured to sign up for a time-share purchase or travel club membership.
  • You’re asked to share your credit card information to claim a free vacation.

Protect yourself

  • Never share personal information with an unverified contact.
  • Never agree to pay a “processing fee” or “tax” to claim a prize.
  • If a caller insists on payment by gift card or wire transfer, hang up.
  • Always read fine print and do research before signing up for a time-share or club. 

If you’re targeted

If you believe you’ve been targeted by a free vacation scam, there are steps you can take to mitigate the damage. 

First, if you’ve paid the “processing fee” or “tax” with a credit card, dispute the charge as soon as possible. If you’ve shared your credit card information, cancel the card and consider placing a credit freeze on your name as well. Finally, let the FTC know about the circulating scam. 

Stay safe!

Don’t Get Caught in a Non-Delivery Scam

With the holidays coming up, and online shopping reaching its annual peak, scammers are out to get at your money and your stuff. There are loads of scams to watch for this time of year, from online “retailers” phishing for information as you shop to thieves swiping delivered packages from doorsteps and so many more. The non-delivery scam can be particularly difficult to spot, and recovery is nearly impossible. Here’s what you need to know about this scam.

How the scam plays out

In a non-delivery scam, a shopper makes an online purchase, often at a deep discount. Unfortunately, though, the promised package never arrives. After weeks of waiting, the shopper may try reaching out to the seller, only to find that the seller’s gone AWOL,

along with the victim’s chances of recovering their money and/or their purchase.

Protect yourself

Here’s how to protect yourself against non-delivery scams:

  • Never click on links or open attachments of unsolicited emails or on social media.
  • Keep your device’s security at its strongest settings. 
  • Opt-out of websites that are full of typos and/or grammatical errors.
  • Check each website’s URL for authentic spelling and signs of security, like the “https” and padlock.
  • Research every new seller when shopping before sharing any information or making a purchase.
  • Avoid making payments by prepaid gift cards or wire transfer. When shopping online, it’s best to use a credit card.
  • Stay away from sellers who advertise as if they are residents of the U.S. and then respond to questions by claiming they are out of the country.
  • Be wary of items with prices that are too good to be true–they probably are!

If you’re targeted

If you believe you’ve fallen victim to a non-delivery scam, there are steps you can take to mitigate damage. 

First, if you’ve paid by credit card, call the company to dispute the charge as soon as you recognize the scam. Next, alert the FTC about the scam so they can do their part in catching the crooks. If the alleged retailer is on the BBB website, you can let them know, too. 

Shop smartly this season and follow the tips outlined here to avoid getting scammed. Stay safe!

‘You Better Watch Out’ for Holiday Shopping Scams!

The Holiday Season is quickly approaching, and scammers ‘see you when you’re shopping’ online and know how to trick you out of your money! Here are some quick tips that will help you avoid fraudulent retailers and ensure that you get what you pay for.

1. Maintain Your Account Awareness

Set up appropriate E-Alerts for your accounts and monitor your activity regularly. It’s especially important to monitor your accounts if while using your account information you notice anything abnormal while performing online payments.  If you haven’t already, set up E-Alerts by logging in to your Digital Banking Account at HighPointFCU.com.

2. Don’t Purchase Anything Via Social Media Links

While you can find legitimate advertising on social media, it’s best to research the sale yourself via your browser, on the retailer’s official website. This way you avoid potential fraud, as scammers can easily copycat legitimate websites and advertisements.

3. Don’t Click on Links in Email or Text Messages

Even if you’ve subscribed to a particular retailer to stay up to date on sales, that doesn’t mean the ad you just received is legitimate. Scammers can duplicate or closely imitate advertisements from trusted companies. Your safest bet is to visit the official website of the retailer and look for the sale there.

4. Only Use Gift Cards on Trusted Websites

If you have a gift card you’d like to use for holiday shopping, be sure to use it with the retailer it’s associated with. If it’s a gift card that can be used anywhere, only use it on trusted websites. Do not use it in places like Facebook Marketplace or Craigslist. If the seller is a fraud, you won’t be able to get your money back.

5. Don’t Pay with Cryptocurrency or Wire Transfer

These forms of payment are nearly impossible to trace, so if you pay a scammer, you’ll likely never see that money again.

6. When in Doubt, Use Your Credit Card

Any legitimate online retailer will accept credit cards. If you’re interested in purchasing from a company you’re unfamiliar with, first do your research to see if anyone has complained about the company. If there are no red flags, make the purchase with your credit card and save the order confirmation. This way if there are any issues with your order, you can dispute the charges.

7. Be Extra Suspicious of Deals that are Too Good to be True

If something seems too good to be true, it usually is. Don’t fall prey to scammers looking to steal your information and ruin your credit. Validate the deal by navigating to the sale directly through the retailer, not through the link or ad you received.

8. Report Scams Immediately!

If you make a payment to a fraudulent retailer, call your financial institution right away. You can contact High Point FCU by calling 800-854-6052. Then, report the scam at ReportFraud.ftc.gov and at IC3.gov. And lastly, inform your friends and family! If you were tricked into a holiday shopping scam, then someone you care about could be next.

Don’t Get Caught in a Social Security Scam

Social Security scams are on the rise. Unfortunately, many of the older adults who receive Social Security benefits can be overly trusting and vulnerable to these scams. However, with some knowledge of how these scams play out, you can protect yourself and Social Security beneficiaries you know from these schemes. 

How the scams play out

In a Social Security scam, a target gets a phone call from someone pretending to be a Social Security employee, who informs them that their suspended benefits need to be reactivated. The target is told they must share personal information with the caller. Alternatively, they are told they must pay a fee to reactivate their account.

In another variation of the scam, an automated voice message claiming to be from the Social Security Administration (SSA) instructs them to call a number to reactivate their “suspended” benefits. If the target follows through by calling the number, they’ll be asked to share personal information or pay a fee to continue their benefits.

The scam is sometimes pulled off through an email message containing an embedded link. The scam then follows the same script depicted earlier, concluding in the victim being asked to share personal information or pay a fee.

Of course, the end of the story is the same in each scenario: The victim shares their money and/or their information with scammers. In doing so, they pad the scammers’ pockets or grant access to their financial accounts. 

Protect yourself

The SSA cautions Social Security beneficiaries to be wary of phone calls claiming to represent their organization. Also, the SSA will never:

  • Ask you to share a full Social Security number over the phone.
  • Demand immediate payment by gift card, prepaid card, wire transfer, cryptocurrency or cash sent through the U.S. postal system. The SSA only accepts payments electronically through Pay.gov, Online Bill Pay or physically by check or money order at its offices. 
  • Threaten a beneficiary with arrest or legal action for not paying immediately.
  • Suspend a Social Security number.

In addition, if there is an issue with someone’s account, the SSA will notify them through the mail. They will only send emails or text messages to someone if they’ve signed up for them.

If you’re targeted

If you believe you’re being targeted by a Social Security scam, hang up on the caller and report the scam to oig.ssa.gov. You can also call 1-800-772-1213 and ask if there is actually a problem with your benefits. If you’re being scammed, the SSA will be better equipped to stop the scammers. 

If you receive a suspicious email about your Social Security benefits, mark it as spam and do not respond. It’s also a good idea to block numbers that continuously send scammy text messages.

As a rule, never agree to wire money to an unverified contact over the phone or online. In fact, it’s best not to share any personal info over the phone or internet. 

Finally, tell your friends and family about the scam so they can be aware and protect themselves.

Stay safe!

All You Need to Know About SIM Swaps  

SIM swaps, also known as SIM swap scams or SIM hijacking, can be a nightmare for an unwary victim. According to a recent announcement by the FBI, this ruse is on the rise. Here’s what you need to know about this prevalent scam and how to protect yourself. 

How the scam plays out

Before the scam is pulled off, the scammer will generally employ a phishing scam to obtain the target’s personal information, mobile number, and phone service provider information. They’ll then use this info to convince the service provider that they are actually the target and ask them to transfer the number to their own SIM card. Finally, they’ll insert the newly activated SIM card into their own device and use it to access the victim’s accounts by bypassing the SIM-based two-step authentication. If the target doesn’t catch on soon enough, the scammer can change all passwords for online accounts linked to the phone. This leaves the victim with an inactive SIM card and locked out of their own accounts.

Warning signs of a SIM swap

  1. You can no longer make calls or send text messages. This is the very first sign. You will likely still be able to use your apps at first, so be sure to take action right away by changing your email password and other account passwords. 
  2. You receive an email stating that your SIM card was activated on another device.
  3. You suddenly can’t log in to your accounts.
  4. You discover unfamiliar financial transactions.

If you’ve been targeted

If you believe you’ve been targeted by a SIM swapping scam, take these steps to mitigate the damage:

  • First, change your email password, then change the passwords and logins on all your other accounts.
  • Contact your cellphone provider to regain control of your phone number.
  • Let your financial institution and credit card companies know about the scam so they can look out for suspicious activity on your accounts. Consider locking your financial accounts until the issue is resolved.
  • Consider placing a credit alert and/or credit freeze on your accounts. 
  • Report the scam to your local FBI field office, your local law enforcement agency and the FBI’s Internet Crime Complaint Center.

Protect yourself

Despite its prevalence, there are ways to protect yourself from SIM swaps:

  • Never share personally identifiable information online. 
  • Use long and strong, unique passwords across all your online accounts.
  • If possible, create a password code with your cellphone carrier that needs to be provided before any changes can be made.
  • Never share information about your financial assets while online.
  • Never share information about your mobile phone number or cellphone provider with an unverified contact over the phone or online.
  • If you receive an unexpected call, message or email from your mobile phone’s provider asking you to share or confirm information, do not engage. Contact the provider directly to determine if the communication was authentic. 
  • Keep your social-media platform settings private.
  • Sign up for E-Alerts for SMS and Email.
  • Use strong, updated security for all your devices. 

Stay alert and stay safe!

Don’t Get Caught in an Election Scam

Democracy is a privilege that’s upheld by the election process. But scammers are out to hijack this process and cause havoc throughout election season. Here are three red flags to watch out for this time of year to avoid an election scam.

1.      Eleventh-hour campaign contributions

This scheme targets voters right before elections by asking them to make a donation toward their chosen candidate’s campaign. They’ll claim to represent the candidate and suggest that the candidate just needs one big push to move to the front of the line. 

Unfortunately, if the target believes the caller and makes a donation, they’ll be giving money helping to line a scammer’s pockets. 

Stay safe: If you’d like to contribute to a candidate’s campaign, reach out to campaign headquarters on your own through their website.

2.      Polling for information

During election season, informal poll-takers and petitioners are everywhere while canvassing voters. Once they have your attention, they’ll ask who you’re voting for, request that you fill out a survey or have you sign an election petition on a particular issue. But first, some will say they’ll need your personally identifiable information (PII), like your name, date of birth, home address and even your Social Security number. If you oblige, you’ll be sharing your information with a scammer.

Stay safe: Never share your PII with an unverified contact. If you do decide to fill out a voter survey, be super-selective about the information you share. Don’t share your Social Security number, driver’s license number or any other information that can be hijacked for crime. 

3.      Voter re-registration

In the weeks leading up to Election Day, you may get a bogus voter registration form, claiming your name has been mistakenly removed from voter rolls. They will say you can get back on by filling out this form and mailing it out. Alternatively, they’ll reach out over the phone, text, or email, and tell you to register by responding. Naturally, this is an election scam!

Stay safe: Remember that you can only register to vote by mail. In addition, there’s no reason to believe your registration is no longer valid. If in doubt, search your state’s Secretary of State website. 

Stay safe, and may the best candidates win! 

All You Need to Know About Cybersecurity

Cybercrimes are increasing massively each year. In fact, according to Cybercrime Magazine, cybercrime will cost the world $10.5 trillion annually by 2025.

The best way to protect yourself from falling prey to cybercrimes is by being aware of common tactics and keeping your systems and devices secure. In honor of Cybersecurity Month, let’s take a closer look at this essential toolset and how to best harness it for your protection. 

What is cybersecurity?

Cybersecurity is the protection of online devices, networks, data and electronic systems from attacks by hackers, scammers and cybercriminals. 

There are several major categories of cybersecurity:

  • Network security is the securing of a computer network from intruders who commit crimes by targeted attack or malware. 
  • Application security focuses on protecting software and devices from threats. 
  • Information security protects the integrity and privacy of data.
  • Operational security includes handling and protecting data assets. 
  • Cloud security refers to creating secure cloud applications for companies that use cloud service providers, like Google, AWS, etc. 
  • Identity management and data security protects processes that enable authorization and authentication of legitimate individuals to an organization’s systems. 
  • Mobile security protects data stored on mobile devices from threats.

Methods of cybercrimes

All forms of cybercrimes threaten cybersecurity in some way. Here are some of the methods used to wage attacks: 

  • Malware-includes ransomware, spyware and viruses. These can install harmful software, block access to systems or provide scammers with access to data.
  • Trojans-trick users into thinking they’re opening a harmless file, but they’re really installing a backdoor that provides access to cybercriminals. 
  • Botnets-conducted via remotely controlled malware-infected devices and usually employed as a large-scale attack. 
  • Adware-involves a potentially unwanted program installed without the user’s permission, which automatically generates unwanted online advertisements.
  • Phishing-employed by email, text, or social media message, it tricks the target into sharing sensitive information. 

How can I protect myself against cyberattacks?

Fortunately, there are many ways to protect yourself from cyberattacks: 

  1. Use banking activity alerts.
  2. Update your software and operating systems often.
  3. Use anti-virus software. 
  4. Use strong, unique passwords across all your online accounts.
  5. Never open email attachments or click on links from unknown senders. 
  6. Avoid using unsecured public WiFi.

Through awareness and use of cybersecurity tools, you can keep your devices and personal information secure. 

Stay up to date on current scams and learn how to report fraud by visiting https://consumer.ftc.gov/.

Video Banking