Fraud and Security Information
Part of managing your finances is to be on the lookout for fraudulent activity on your accounts or in your name. Below is some information that can help you protect your accounts, credit and debit cards, and personal information from criminals. You will also find information about steps to take should you experience account fraud or identity theft.
Please contact us if you have any questions or concerns about any activity on your account or a suspicious letter, email, phone call, or text.
PLEASE BE AWARE:
Community Credit Union of Florida will NEVER contact you asking for your account number, credit card number, Personal Identification Number (PIN), online banking user name/password, or to confirm a family member's personal information. If someone emails or calls you asking for this information, it is a scam. DO NOT FOLLOW THE INSTRUCTIONS.
If you receive a suspicious phone call or voice mail message from someone claiming to be from CCU, please call our main number 321-690-2328 and speak to a member services representative who can confirm whether or not the call was legitimate.
ATM/Debit Card Security
Just as you would protect your cash, please take a few steps to protect your cards:
Ensure that we have your current phone numbers on record, including your mobile number. CCU uses intelligent fraud detection systems to alert you regarding possibly fraudulent transactions, but they can only be effective if we can contact you immediately when suspected fraud occurs.
Keep your card in a safe place.
DO NOT write your PIN on anything you carry with you.
Never loan your card to others to use.
Report lost or stolen cards immediately.
Download the SecurLOCK® app so you can control your cards from your phone or tablet.
Protect Yourself Online
Learn how to protect yourself and children onlne at this site from the Federal Trade Commission: OnGuardOnline.gov
Spoofing is the act of disguising a communication as being from a known, trusted source. For example, with caller ID spoofing, it can appear as if the phone call is coming from a specific number—either one that is known and/or trusted to the recipient, or one that indicates a specific geographic location. Attackers can then use social engineering—often posing as someone from a credit union—to convince their targets to provide sensitive information such as account numbers.
The primary way to protect against spoofing is to be vigilant and wary of the information the caller is requesting. Even if the number looks legitimate, hang up and call the number yourself, as caller ID numbers can be spoofed.
Spoofing can sometimes be easy to spot, but not always—malicious scammers can carry out sophisticated spoofing attacks that require vigilance on the part of the user. Being aware can help you avoid being a victim.
Government Imposter Scams
The FTC’s latest Data Spotlight shows the surge in reports about government imposters. People are reporting calls from – and losing money to – scammers pretending to be the Social Security Administration, IRS, Medicare, a government grants group, cops, or the FBI. Please keep in mind:
- Government agencies do not call people out of the blue with threats or promises of money
- You cannot always trust caller ID (see 'Spoofing' above)
- You should always check with the real agency
- Government agencies will never ask you to pay with a gift card or wire transfer
- You can report government imposter scams at ftc.gov/complaint
Romance scammers most often use fake online profiles and may use photos from the web to create attractive and convincing phony profiles. They might make up names or assume the identities of real people on dating apps or social media sites. Once scammers have someone by the heartstrings, they say they need money, often for a medical emergency, misfortune, or pretending to need help with travel costs for a long-awaited visit. Some claim to be in the military and stationed abroad, which explains why they can’t meet in person. Reports of romance scams more than doubled and reported losses increased more than fourfold from 2015 to 2018.
So what can singles do to play it safe while dating online? Here are some tips to help spot bogus suitors:
- Never send money or gifts to a sweetheart you haven’t met in person.
- Talk to someone you trust about this new love interest. In the excitement about what feels like a new relationship, we can be blinded to things that don’t add up. Pay attention if your friends or family are concerned.
- Take it slowly. Ask questions and look for inconsistent answers. Try a reverse-image search of the profile pictures. If they’re associated with another name or with details that don’t match up, it’s a scam.
- Learn more at ftc.gov/imposters.
Identity theft is a serious crime that occurs when someone uses your personal information, such as your name, Social Security number, driver's license, credit card number, or other sensitive and confidential information without your permission to commit fraud or other damaging crimes. Unfortunately, no individual can control whether he/she will become a victim; however, you can minimize your risk by managing your personal information.
Click on the image below to view a Financial Fitness Minute on avoiding identity theft. You can also find additional resources on many aspects of preventing and recovering from identity theft on the BALANCE web site.
Fake Check Scams
If it sounds too good to be true, it probably is…
Unfortunately, some fraud is caused when account holders unwittingly participate in a scam. A popular one is the Fake Check Scam. Here’s an example: Someone is given a $1,000 check to deposit and told to withdraw $800 and send that back to the individual who provided the check, and keep the check is from and keep the $200 as payment for doing this. Scammers use counterfeit checks in many scenarios - connected with a sweepstakes, a job offer to be a "mystery shopper" at some store, or even an offer for putting a decorative wrapper around your car.
Seems like a quick way to make money without having to do much. But, ultimately the check deposited will be determined to be a bad check, and you now owe the entire amount of the check to their financial institution.
Skimming happens when an illegal copy of a credit, debit or ATM card is made when the original was being used during a normal transaction process. Typical methods of skimming involve use of a modified card reader that reads and stores all the sensitive information that the original card contains, such as Personal Identification Numbers (PIN). This information is then used to make counterfeit cards. When using an ATM, it is important to be suspicious of anything that seems unusual, such as odd-looking equipment, noticeable wires that are suspiciously attached to the machine, or a jammed machine that forces you to use another ATM where the actual skimming device might be attached. In addition, also be sure to check your account statements regularly to make sure there are no unusual or unauthorized transactions that were debited from it.
Card issuers like CCU have practices in place that are intended to protect you from fraud. Some card companies, in an attempt to prevent fraudulent charges on your account, may put a hold on your card for suspicious activity if they are not aware of your travel plans, or they may even place a freeze on a country if it is discovered that fraudulent card perpetrators are known to be working within that country. It is also a good idea to contact each of your card companies before leaving on your trip to notify them that you're traveling internationally and to check their policies. Please take a few minutes to call a Member Service Representative at 321.690.2328 or 1.800.690.2338 with any questions that you may have before you travel so you can avoid an interruption in service.
Phishing, pronounced "fishing," is a high tech scam that uses emails and online messages to deceive unsuspecting consumers into disclosing their credit card numbers, bank account information, social security number, passwords, or other personal and sensitive information on "look alike" websites. Phishing happens when an individual sends an email or pop-up message claiming to be from a business or organization that you may deal with, such as your Internet Service Provider (ISP), financial institution, or government agency, asking you to "update" or "verify" your information on a bogus website.
If you received an email like this claiming to be from CCU or any other financial provider, delete it. Do not click on any links in the email or call a number provided in the email. If you have any questions or concerns about an email that appears to have come from CCU, please contact us by calling 321.690.2328. Click here for more information on Phishing.
In this variation on phishing, identity thieves are sending spam that warns victims that their credit union/bank account or PayPal accounts were supposedly compromised. However, unlike typical phishing emails, there is no website address in these phishing messages. Instead, the victim is urged to call a phone number to verify account details.
The automated voice message says: "Welcome to account verification. Please type your 16-digit card number." The goal is to get the victim to enter their credit card number. In these reported scams, no mention of the credit union, bank or PayPal is made.
Security experts tracking this scam and other instances of "vishing", short for "voice phishing", say the frauds are particularly despicable because they imitate the legitimate ways people interact with financial institutions. In fact, some vishing attacks don't begin with an e-mail. Some come as calls out of the blue, in which the caller already knows the recipient's credit card number. This increases the perception of legitimacy, the caller asks for the valuable three-digit security code on the back of the card.
Vishing appears to be prospering with the help of Voice over Internet Protocol, or VoIP, the technology that enables cheap and anonymous Internet calling, as well as the ease with which caller ID boxes can be tricked into displaying erroneous information.
How to Avoid Becoming a Victim of Phishing or Vishing Scams:
- Never call a number you receive from a spam email, and certainly don't enter in any private information if you make a mistake and do call. If you want to call your bank, use the normal phone number you regularly use, not the phone number you get in an e-mail.
- Never click on the link provided in an e-mail you believe is fraudulent.
- Do not open an attachment to an unsolicited e-mail unless you have verified the source.
- Do not be intimidated by an e-mail or caller who suggest dire consequences if you do not immediately provide or verify information.
- If you believe the contact is legitimate, go to the company's website by typing in the site address directly or using a page you have previously book marked, instead of a link provided in the e-mail.
- Use the FTC (Federal Trade Commission) website, www.onguardonline.gov.
- Consumers can take interactive quizzes designed to enlighten them about identity theft, phishing, spam and online-shopping scams. Elsewhere on the site, consumers can find detailed guidance on how to monitor their credit histories, use effective passwords and recover from identity theft.