Fraud Protection
MSECU is dedicated to helping its members become aware of how to avoid fraud and keep their identities safe. Once your identity is stolen it can take many years for you to fully regain it back. This is the reason it is important to protect against fraud and ID theft NOW rather than later. We aim to provide tools for you to use to help you better protect yourself and your family from falling victim to identity theft and alerting you about any new threats.
(Click a link to skip directly to that section.)
What is Identity Theft?
Identity theft occurs when someone uses your personally identifying information, like your name, Social Security number, or credit card number, without your permission, to commit fraud or other crimes.
The FTC estimates that as many as 9 million Americans have their identities stolen each year. In fact, you or someone you know may have experienced some form of identity theft.
The crime takes many forms. Identity thieves may rent an apartment, obtain a credit card, or establish a telephone account in your name. You may not find out about the theft until you review your credit report or a credit card statement and notice charges you didn't make or until you're contacted by a debt collector.
MSECU Identity Theft Protection Tools
 |
MSECU will never solicit
personal or private information
via e-mail or text message |
|
|
 |
- OnGuard Online - provides practical tips from the federal goverment and the technology industry.
OnGuard Online provides informative Topics, Games, Videos and Tools to keep your identity safer.
Click Here or on the image for more information.
MSECU will never solicit Personal/Private information through e-mail or text messages.
Should you receive a suspicious email or text message that appears to be from MSECU, and you're not sure, please email us at
msecu@mastatecu.org
and we'll happy to confirm it for you.
Back to top
Alerts
Telephone (VOIP) Fraud Alert
1/28/09
Some members have notified us of suspicious calls saying a member's debit card has been compromised and then asked for information about the card. Members are told to call a 1-800 number to give them their card information. The number that comes up from caller ID may be, but not limited to, 720-330-7150. Do not give out any personal information over the phone, hang up and notify the credit union by calling either Main Number (617) 723-5555 or Toll Free (800)700-7733.
Information about Telephone Phishing (Vishing)
Vishing, (Voice phISING) also called “VoIP phishing for the internet phones,” is the voice counterpart to phishing. Instead of being directed by e-mail to a Web site, an e-mail message asks the user to make a telephone call. The call triggers a voice response system that asks the user’s card number or other personal or financial information.
The initial bait is a telephone call with a recording that instructs the user to phone an 800 number or another area code within or outside of the United States.
This is a different attack. The numbers that are in the caller ID are being spoofed (some CU's had law offices and car dealerships being listed as the callers). The calls generally are being generated through internet VOIP providers, making them very hard to trace.
CU members and non-members are receiving calls (late night and usually comes through as “out of area” ) supposedly from their/or a CU with an automated message about their Credit Card/ Debit Card compromised and asked not to call any number but to simply press 1 to “be transferred to the card security department” automatically. From this point the members are being asked to enter their 16 digit number and the security code in the back...
Remember, MSECU will never solicit personal or private information through telephone, e-mail or text messages.
Should you receive a suspicious call, e-mail or text message that appears to be from MSECU, and you are not sure, please contact us at Main Number - (617) 723-5555 or Toll Free (800) 700-7733 and we'll happy to confirm it for you.
Back to top
Phishing Alert
8/28/2008
According to CUNA, multiple phishing scams posing as various credit unions have begun circulating. In fact, one credit union was recently notified of several scams occurring in the Ohio market within the last few days. In some of these scams, members and non-members are receiving e-mails and cell phone text messages informing them that their online account access has been suspended. Recipients are given a phone number to call to re-instate their online access (this is how the fraudsters steal their account information and potentially withdraw funds). Credit unions have already had members fall prey to these scams.
If a member is hit with this scam:
-- Report the phishing scam. Report the phishing scam to the CU.
-- Report the scams to the Federal Bureau of Investigation’s Internet Crime Compliance Center at www.ic3.gov, and the Anti-Phishing Workgroup at reportphishing@anitphishing.org.
Because these phishing messages are nearly impossible to trace, the best way to fight these scams is to alert our membership.
MSECU will never solicit Personal/Private information through e-mail or text messages.
Should you receive a suspicious email or text message that appears to be from MSECU, and you're not sure, please email us at
msecu@mastatecu.org
and we'll happy to confirm it for you.
Back to top
8/27/2008
Vishing, (Voice phISING) also called “VoIP phishing for the internet phones,” is the voice counterpart to phishing. Instead of being directed by e-mail to a Web site, an e-mail message asks the user to make a telephone call. The call triggers a voice response system that asks the user’s card number or other personal or financial information.
The initial bait is a telephone call with a recording that instructs the user to phone an 800 number or another area code within or outside of the United States.
This is a different attack. The numbers that are in the caller ID are being spoofed (some CU's had law offices and car dealerships being listed as the callers). The calls generally are being generated through internet VOIP providers, making them very hard to trace. CU members and non-members are receiving calls (late night and usually comes through as “out of area” ) supposedly from their/or a CU with an automated message about their Credit Card/ Debit Card compromised and asked not to call any number but to simply press 1 to “be transferred to the card security department” automatically. From this point the members are being asked to enter their 16 digit number and the security code in the back...
MSECU will never solicit Personal/Private information through e-mail or text messages.
Should you receive a suspicious email or text message that appears to be from MSECU, and you're not sure, please email us at
msecu@mastatecu.org
and we'll happy to confirm it for you.
Back to top
Scam alerts!
There is a new phishing scam going around, this one is for the IRS and your refund. The lure email is shown below, and is quite standard in its formatting. It even threatens you with criminal prosecution if you lie.
So far nothing special, until you click the link. It’s to an EXE, not to a website. When you download that and look, what you get is a locally hosted website with the phishing site shown below (broken in IE7):
This is a new twist in phishing attacks that can bypass the normal URL filtering bar for malicious sites. It requires that the mechanism that determines if it’s a phishing site recognize that EXEs can also be used in phishing. It makes sense that this would evolve, We suspect we’ll see more of this soon.
|
