Security and Scam Prevention Tips

Let's work together to avoid scams and fraud.

Contact Us: Security and Scam Prevention Tips Locations: Security and Scam Prevention Tips

We're here to help you at every turn.

Stay alert and know how to spot potential scams and fraud.

Tips to safeguard your accounts

Establish good habits now to help prevent and detect fraud, including:
  • Never share your Online/Mobile Banking login username or password, one-time security passcode or PIN with anyone. VCCU will never ask you for that information. 
    • If you receive a call, email or text message from a company asking for your password, it's a scam. Hang up immediatly and call the number from the company's website to verify
  • Stay ahead of the fraudsters by knowing what scams are out there and how to spot a scam when you see one. Visit consumer.ftc.gov and sign up for Consumer Alerts to your inbox.
  • Review your account statements regularly for any suspicious or unusual transactions.
  • Check your credit report at least once per year to catch signs of identity theft early. Get your free credit report at annualcreditreport.com.
Take action: Report fraud to the Federal Trade Commission at ReportFraud.ftc.gov. Visit our Fraud Protection and Identity Theft pages to learn more.
 

Scams and Alerts

The information provided here is for informational purposes only. These scams have not happened at any Ventura County Credit Union ATM machine and are not a warning to our members. These are merely trends that have happened elsewhere in the United States for which you should be aware. Please contact us with any questions you may have.

A team of organized criminals is installing equipment on legitimate bank ATMs in at least two regions to steal both the ATM card number and the PIN. The team sits nearby in a car receiving the information transmitted wirelessly from equipment they install on the front of the ATM. If you see an attachment like this, do not use the ATM and report it immediately to the police.

The equipment used to capture your ATM card number and PIN is cleverly disguised to look like normal ATM equipment. A "skimmer" is mounted to the front of the normal ATM card slot that reads the ATM card number and transmits it to the criminals. At the same time, a wireless camera is disguised to look like a leaflet holder and is mounted in a position to view ATM PIN entries. The thieves copy the cards and use the PIN numbers to withdraw thousands of dollars from many accounts in a very short time directly from the ATM.

Thieves are putting a thin, clear, rigid plastic “sleeve” into the ATM card slot. When you insert your card, the machine can't read the strip, so it keeps asking you to re-enter your PIN number. Meanwhile, someone behind you watches as you key in your number. Eventually you give up, thinking the machine has swallowed your card and you walk away. The thieves then remove the plastic sleeve complete with card, and empty your account. If your card is captured by an ATM machine, contact the financial institution where the card was issued as soon as possible.

Members have reported receiving phone calls from what looks to be VCCU's main phone number asking to verify their Online/Mobile banking login information, one-time verification passcode or password. This is a Caller ID Spoofing Scam.

Spoofing calls appear to be from local or known sources, but they are actually thieves attempting to gain access to your accounts.
 
If you receive a suspicious phone call, email or text message:
  1. Hang up and call our main phone number to confirm if we are trying to contact you.
  2. Don’t reply, and don’t click on links provided in emails or text messages. 
  3. Do not share personal information such as your SSN, password, one-time passcode, credit or debit card number with anyone if you did not initiate.
  4. Review your accounts regularly for unauthorized charges and report them to us right away.
  5. Report fraud to the Federal Trade Commission (FTC) at ftc.gov.
If you have received a suspicious phone call, text message or email from us or have further questions, please call 805.477.4000.

College students are recruited through social media, including Facebook and YouTube and in-person at college campuses. Willing participants provide the fraudsters with their ATM/debit cards and PINs. The fraudsters deposit fraudulent checks (stolen or counterfeit checks) to the student accounts via ATMs and subsequently withdraw the funds. The fraudulent checks are subsequently returned unpaid and charged back to the students’ accounts. Following the fraudsters’ instructions, the participants report their ATM/debit card as lost or stolen and that the transactions were fraudulent.

Be aware that you may not be entitled to protection for unauthorized use of your ATM/debit card if you willingly provide your card to the fraudsters.

Members answer an online advertisement offering money to have their cars “wrapped” with advertising from a reputable company. The offer usually includes a lucrative up-front payment and then monthly installments for just driving around in your car and displaying their ads. The scammer sends a check for more than was agreed upon and asks the victim to deposit or cash the item and send electronically the difference directly to the graphic artist that will be performing the installation on the car using Western Union or MoneyGram. The check winds up returning and no one shows up to wrap the car.

TIP: Never accept a check for deposit for more than was agreed on upfront and always let a credit union employee verify the check before depositing it.

With the economy and job markets still struggling, unemployed members searching for work have been victimized by “work from home” scams. The members have been contacted, interviewed and hired via email. After performing a minor task like a “mystery shop” or a making a travel arrangement, they receive a check in the mail that represents an “excess payment.” The boss asks them to cash the check at their financial institution, and return the overpayment via Western Union or MoneyGram. The original check ultimately returns unpaid as a counterfeit and the member incurs a loss.

TIP: Ask a credit union employee to verify the check for you before negotiating it!

Gift card scams. Gift cards are a popular way for scammers to steal money from you. Gift cards are for gifts, not payments. Anyone who demands payment by gift card is always a scammer.

Watch this video from the Federal Trade Commission (FTC) on how to detect and report common gift card scams. Learn more about gift card scams here

Scammers pose as grandchildren in distress and needing money wired to them immediately due to a car accident, an emergency medical situation, or to be released from jail in a foreign country.

TIP: The perpetrator will often plead with the victim not to tell anyone. Credit union employees are kept aware of the current scams targeted at our membership and can help you validate the information before you send the money.

Members selling an item on an online site such as Craigslist are sent a check for more than the amount requested. The buyer contacts the member and states to deposit or cash the item and send the difference back electronically. Additionally they may state the difference is for a moving company to pick up and transport the item. The member is instructed to send the difference via Western Union or MoneyGram to the moving company. The original check ends up returning and the member is left with a bad check and the merchandise they tried to sell.

TIP: Never accept payment for more than you agreed to sell the item for and make sure to have a credit union employee verify the check before depositing.

Peer-to-Peer (P2P) payment apps like Zelle, Venmo and CashApp are useful tools to pay people you know quickly and easily online. Unfortunately, fraudsters have caught on and use these apps to trick people into sending them money without sending the goods. Or even hack into your account to send money! To avoid being caught in a P2P scam, remember these tips:

  • Use additional security like Two-Factor Authentication, Facial Recognition and/or a PIN for your P2P payment app and never share your login information with anyone.
  • Only send payments to people you know and trust.
  • Avoid potentially high-risk transactions like items bought from an online bidding or sales site. Example: See Puppy Payment Scams
  • Make sure you are getting the good or service you are paying for before you send the payment. Example: Pay your hairdresser after you get the haircut.
  • Always double check that you have the person's correct user information (phone number, user handle or email address) before sending a P2P payment.
Sadly, there is little to no recourse in getting your payment back when you send it to the wrong person. But, if you remember these tips, and stay aware of current scams, you'll be ahead of the game. You can also contact the P2P company that issued the payment and report the scam to the Federal Trade Commission (FTC) at ReportFraud.ftc.gov.
 
What is Phishing? 
Scammers use email or text messages to try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could get access to your email, bank, or other accounts. 

How do I recognize a phishing scam?
Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. You might get an unexpected email or text message that looks like it’s from a company you know or trust, like a bank or a credit card or utility company. Or maybe it’s from an online payment website or app.

Here’s a real-world example of a phishing email:
Netflix Phishing Scam Email Example

Signs that this email is a scam
Even though it looks like it comes from a company you know — and even uses the company’s logo in the header:
  • The email has a generic greeting.
  • The email says your account is on hold because of a billing problem.
  • The email invites you to click on a link to update your payment details.
While real companies might communicate with you by email, legitimate companies won’t email or text with a link to update your payment information. Phishing emails can often have real consequences for people who give scammers their information, including identity theft.

Four ways to protect yourself from phishing
  1. Protect your computer by using security software. Set the software to update automatically so it will deal with any new security threats.
  2. Protect your cell phone by setting software to update automatically. These updates could give you critical protection against security threats.
  3. Protect your accounts by using multi-factor authentication. Some accounts offer extra security by requiring two or more credentials to log in to your account. This is called multi-factor authentication.
  4. Protect your data by backing it up. Back up the data on your computer to an external hard drive or in the cloud. Back up the data on your phone, too.
What to do if you suspect a phishing attack
If you get an email or a text message that asks you to click on a link or open an attachment, answer this question: 
  • Do I have an account with the company or know the person who contacted me?
    • If the answer is “No,” it could be a phishing scam. Go back and review the advice in How to recognize phishing and look for signs of a phishing scam. If you see them, report the message and then delete it.
    • If the answer is “Yes,” contact the company using a phone number or website you know is real — not the information in the email. Attachments and links might install harmful malware.
What to do if you responded to a phishing email
If you think a scammer has your information, like your Social Security, credit card, or bank account number, go to IdentityTheft.gov. There you’ll see the specific steps to take based on the information that you lost.

If you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer’s security software. Then run a scan and remove anything it identifies as a problem.

How to report phishing
If you got a phishing email or text message, report it. The information you give helps fight scammers.
  • If you got a phishing email, forward it to the Anti-Phishing Working Group at [email protected].
  • If you got a phishing text message, forward it to SPAM (7726).
  • Report the phishing attempt to the FTC at ReportFraud.ftc.gov.
To learn more about Phishing Scams, visit Consumer.ftc.gov.

Elderly members are being targeted via the internet on dating sites. The alleged suitor spends time getting to know the victim and gaining their trust and personal information. Soon the scammer asks for money claiming a tragedy has befallen them and they need it desperately. Often they create fake online profiles and prey on the sympathy and loneliness of their victims.

TIP: Never give personal information or money to someone that you have never met. Don’t trust people on the internet even though they may have a dating profile that looks legitimate.

VCCU is a full-service, Southern California credit union with branches in Ventura, Port Hueneme, Oxnard, RiverPark, Camarillo, Thousand Oaks, Simi Valley and Moorpark. If you live, work or attend school in Ventura or Santa Barbara Counties, you are eligible to join

 

 

Joining the credit union was my best choice; I love the welcoming atmosphere and the warm greetings I get from all the employees!

Ana G., Oxnard