All You Need to Know About Data Breaches

January 16, 2020January 10, 2020 / destinationscreditunion / Leave a comment

If you follow the news, you’ll note that there seems to be another major data breach person typing on keyboard with graphic locks over the image monopolizing headlines every week. The details vary, but in each breach, thousands, millions or even billions of victims’ sensitive information is compromised, and they’re now vulnerable to identity theft unless they take immediate action.

Here at Destinations CU, your financial success and safety is our primary goal. To help keep your information and your finances secure, we’ve compiled a comprehensive guide on data breaches.

What is a data breach?

Data breaches occur when sensitive information is accessed or used without authorization. Factors like a wealth of online data and sophisticated hacking tools have spurred a steep increase in data breaches in recent years, causing tremendous damage to individual consumers and businesses across every industry.

Data breaches occur by exploiting vulnerabilities in a company’s security system. Alternatively, an employee can be tricked into giving a cybercriminal access to the company’s network.

The goal of most data breaches is to obtain personal information, like names, email addresses and passwords, as well as financial information, like credit card numbers and account details. This information is used by criminals to steal identities and empty accounts, or sold to other criminals who will then do so.

While major data breaches make headlines, according to the Identity Theft Resource Center, there is an average of three data breaches each day, most of which will never even make the news.

After a data breach

Whenever you hear about a major data breach that can possibly affect you, it’s best to monitor your accounts for suspicious activity. In most cases, you will be notified by the victimized company if your data has been compromised; however, it helps to keep an eye on your accounts even if you haven’t been contacted so you can minimize your loss by acting quickly if your are among the unfortunate victims.

If you’ve been victimized by a breach

If you’ve been informed your information is compromised by a data breach, take the following steps immediately:

1. Freeze your credit
Placing a freeze on your credit is the most crucial step you can take to stop scammers from getting at your information. A credit freeze will not bring down your credit score, but it will serve as a red flag for lenders and credit companies by alerting them to the fact that you may have been a victim of fraud. This added layer of protection will make it difficult, or impossible, for hackers to open a new credit line or loan in your name.
You can freeze your credit at no cost at all three of the major credit bureaus, Equifax, Transunion and Experian. You’ll need to provide some basic information and you’ll receive a PIN for the freeze. Use this number to lift the freeze when you believe it is safe to do so.

2. Change your passwords
Most people are on the alert following a major data breach, but they tend to let their guard down once the heat is off and things calm down. Hackers know this, and they’ll often hold onto victims’ information immediately following a data breach and then sell it months down the line to other identity thieves. To protect your accounts from a delayed-reaction hack, change all of your passwords after a breach that possibly has affected you.

3. File an identity theft report
Unfortunately, these protective measures can sometimes be too little, too late. If your accounts have been compromised, and you believe your identity has been stolen, file an identity theft report with the Federal Trade Commission (FTC) as soon as possible. This will assist the feds in tracking down your hacker(s) and returning your finances to their usual state as quickly as possible.

Protecting your information

There’s no fool-proof way to protect yourself from a data breach, but following these simple steps can help keep your information as safe as possible:

Monitor your credit. Check your credit accounts for suspicious activity on a regular basis. You can request a free credit report from each of the three major credit bureaus once a year at AnnualCreditReport.com. You may also want to consider signing up for credit monitoring, a service that will cost you $10-30 a month for the promise of notifying you immediately about any suspicious activity on your accounts.

Use strong, unique passwords. Use a different password for each account, and choose codes that are at least eight characters long. Also, use a variety of numbers, letters and symbols. Vary your capitalization use as well, and don’t utilize any portion of your name, phone number or a common phrase as your password. Using a password manager like Dashlane or iPassword can also help keep your information safe. It’s also a good idea to choose two-factor authentication when possible, and non-password authentication, such as face recognition or fingerprint sign-in, for stronger protection.

Browse safely. Never share sensitive information online and always keep your security and spam settings at their strongest levels. Make sure your devices are fully updated at all times. It’s also a good idea to keep your social media accounts as private as possible.

Destinations Credit Union has tools to help you prevent unauthorized use of your account. In our mobile app, you can sign up for card controls and get notified each time your debit or credit card is used. In addition, you can get group pricing, as a Destinations Credit Union member, on ID Shield, which helps restore your identity in the event of a theft.

Hackers never stop trying to get at your data, but with the right protective measures in place, you can keep them from seeing success.

Your Turn: How do you protect yourself from data breaches? Share your tips with us in the comments.

Sources:
https://www.forbes.com/sites/nicolemartin1/2019/02/25/what-is-a-data-breach/amp/
https://www.malwarebytes.com/data-breach/
https://www.experian.com/blogs/ask-experian/what-is-a-data-breach/

Don’t Get Scammed By Santa!

November 14, 2019November 12, 2019 / destinationscreditunion / Leave a comment

Someone’s been naughty this year-and we’re not talking about you! Those awful santa looking in mailbox scammers don’t take time out for the holidays, and if you don’t know what to expect you can be their next victim.

One of the oldest holiday scams, which is even more prevalent in the age of the internet, is the letter-from-Santa scam.

Here’s all you need to know about this Christmas-themed scheme.

How it plays out

In this ruse, scammers set up bogus websites where parents can order legitimate-looking letters from Santa for their children. The cost is less than $30. All they need to do is share some details about their child along with their credit card information, and the letter is supposedly as good as mailed.

Except that it’s not. Unfortunately, anyone who follows the instructions detailed on the site has just fallen prey to a scam. They’ll never see that promised letter, or the money they paid for the privilege of receiving a note from Santa. Worse, the ring of scammers now has the children’s information and their parent’s credit card details.

This set of circumstances can have all sorts of unhappy endings, from identity theft to emptied accounts. Sometimes, the scammers will go after the child’s credit, which will likely go unchecked for years. When the children are grown and try to open a credit card or take out a loan, they may find that their credit score has been destroyed by these scammers over the years, all without their knowledge.

Some sites will even offer to send the letter at no cost. All you need to do is share some details about your child, like their full legal name, date of birth and home address. Of course, this is also the work of scammers looking to steal your child’s identity.

How can I tell it’s a scam?

There are legitimate websites where you can order a letter from Santa for your child at no risk of identity theft or a ruined credit history. But how can you weed out the phony sites from the authentic services?

We’ve made it simple. Look for the following red flags, which should alert you to the fact that a site is created by scammers:

The fruadster reaches out to you repeatedly. Promotional emails and ads are one thing; targeted marketing that is so aggressive it borders on harassment is another thing entirely. If a company doesn’t stop sending you emails or alerts about its services, you may be dealing with a scam.
The site is not secure. As always, check for the lock icon and the ‘s’ after the ‘http’ in the URL; both indicate a site’s security. Also, look for security badges on the bottom of the webpage and click on them to see if they’re actual links to the security company they allegedly represent. Scammers often post static images of well-known security badges, which do fool people into thinking the site is safe.
You need to answer too many questions. Yes, a service sending your child a letter from Santa will need to know your child’s name and mailing address. They may even ask your child’s age so they can send an age-appropriate letter. But there’s no need for them to be privy to your child’s exact date of birth, and certainly not their Social Security number. If the questions in an online form are making you uncomfortable, opt out.
You can’t reach a representative by phone. Most websites will have the company’s toll-free contact number on the site’s homepage. If you suspect fraud, try the number. If the company is bogus, the number will likely be a fake.
You can’t find any positive reviews about the company online. An online search on a legitimate service should bring up basic information and some positive reviews about the service. If a search turns up empty, and of course, if it turns up any reports of past scams, the “company” is run by crooks.

If you’ve recognized a company as a scam, be sure not to click on any links that are embedded in their emails. Flag their emails as spam, and delete every email, message and alert it sends you.

You can still send your child a letter from Santa. Try a legitimate site like Portable North Pole or or better yet, create and send one yourself!

Your Turn: Have you been targeted by a letter-from-Santa scam? Share your experience with us in the comments.

SOURCES:
https://www.consumeraffairs.com/news/watch-out-for-the-letter-from-santa-scam-121214.html
https://news.yahoo.com/beware-the-santa-claus-letter-scam-155343661.html;_ylt=AwrEePCUWYJdWQkA6BsPxQt.;_ylu=X3oDMTByZnU4cmNpBGNvbG8DYmYxBHBvcwM5BHZ0aWQDBHNlYwNzcg–
https://www.aarp.org/money/scams-fraud/info-2018/protection-from-holiday-scammers.html

Take Caution Before You Borrow Someone’s Charging Cable

November 12, 2019November 7, 2019 / destinationscreditunion / Leave a comment

You know the feeling. It’s like a bona fide coffee addict running low on caffeine, or like a young man charging phone hiker almost out of drinking water. You’re travelling and your phone is running low on juice. Frantic, you’re searching for a place to plug in and recharge. The last thing you want is to be completely stranded in a strange place with no way to order an Uber or pay for your dinner. In one last desperate move, you search through your bag for the charging cable you always keep there – and then you remember you lent it to your friend and never got it back.

What to do?

And then, like an angel, a stranger appears out of nowhere with a friendly smile on their face. They’re holding a wonderful, beautiful charging cable in their hands.

“Do you want to use this?” they ask.

What do you do?

A. Smile your thanks, grab the cable and plug in your phone.
B. Say “No, thank you,” before walking away, dead smartphone and all.

If you chose B, you made the right decision. Cybersecurity experts are warning against using a stranger’s charging cable or even borrowing one from an airport official or front-desk concierge at a hotel.

“There are certain things in life that you just don’t borrow,” says Charles Henderson, global managing partner and head of X-Force Red at IBM Security. “If you were on a trip and realized you forgot to pack underwear, you wouldn’t ask all your co-travelers if you could borrow their underwear. You’d go to a store and buy new underwear.”

Henderson heads a team of hackers that clients privately hire to break into their computers to identify vulnerabilities before blackhat hackers do. Henderson’s team will often send clients a compromised iPhone cable in the mail to see if the client will plug it in or if they’ve learned to be more cautious by discarding the charger instead.

Henderson warns that cyberhackers can easily implant charging cables with malware that can be used to hijack mobile devices and computers. This can spell complete disaster for the desperate traveler who graciously accepted the spare cable from their fellow passenger and plugged in their device.

At the annual DEF CON Hacking Conference in Las Vegas, a hacker known as MG showed the attendees how he had modified an iPhone lightning cable to serve as a hacking device. MG used the cable to connect an iPod to a Mac computer and then remotely accessed the cable’s IP address to take control of the Mac. These compromised cables are available on the Darknet for just $200 each.

Don’t be fooled into thinking that charging cables left over by previous guests in the front desk of the hotel are any better than a cable offered by a stranger.

“If the front desk had a drawer full of underwear,” says Henderson, “would you wear those?”

Unlike most scams aiming for as wide a target base as possible, using a charging cable to hack a victim’s device can only be pulled off on one victim at a time. Lucky for us, this means the charging cable hack isn’t as popular or widespread – yet. Henderson warns that the relatively inexpensive technology required for the hack and the fact that it is so easy to make the cable look completely innocent could mean an upsurge in these scams in the near future.

For now, it’s best to be aware of this threat and to practice caution when travelling.

Henderson adds that using public USB charging stations is currently a larger threat than compromised cables. These stations can easily be compromised and open your device to all sorts of malware and vulnerabilities. It’s best to use your own charger at all times.

“In a computing context, sharing cables is like sharing your password,” says Henderson, “because that’s the level of access you’re crucially conveying with these types of technology.”

To avoid falling victim to this hack, always pack an extra charging cable in your handbag. If you forgot to take one along or you can’t seem to find it, purchase a new one to use while you’re away. You can find charging cables in almost any convenience store for under $10 – a small investment for your safety.

The next time you’re running low on juice and a stranger offers you the use of their charging cable, make the safe choice!

Your Turn: Have you ever been targeted by using a borrowed charging cable? Tell us about it in the comments.

SOURCES:
https://www.forbes.com/sites/suzannerowankelleher/2019/08/15/why-you-should-never-borrow-someone-elses-charging-cable/amp/
https://www.headtopics.com/us/why-you-should-never-borrow-someone-else-s-charging-cable-7654695
https://frnews.ng/why-you-should-never-borrow-someone-elses-charging-cable/

Beware The Apple Support Scam!

October 29, 2019 / destinationscreditunion / Leave a comment

If you have an iPhone, iPad or a Macbook, you need to know about this recent, hard-to-spot scam. Hackers are impersonating Apple support in an effort to scrape sensitive information from Apple users’ devices. These scams can be difficult to identify and are often successful.

Here’s all you need to know about the latest phishing scam and how to keep yourself safe.

How does this scam play out?

In the Apple support scam, hackers are spoofing Apple’s support number and calling iPhone users to offer them technical support. The scammer will tell the victim they’re calling about a data breach that needs immediate attention. They’ll claim the victim’s Apple iCloud account is compromised, hacked or has been showing suspicious activity. To fix the problem, they’ll say they need access to the victim’s device. They’ll go on to ask for the Apple user’s login credentials, passwords and other sensitive data. Their ultimate goal is to gain access to the victim’s iCloud account.

Sometimes, the scam takes the form of an automated message sent to the victim announcing that evidence of suspicious activity has been found in their iCloud account. The victim is instructed to call a specific number to reach “Apple Support.” Once victims makes that phone call, they’ll be greeted by a legitimate-sounding welcome message complete with estimated wait times, as if they’d actually reached the real Apple Support. They may even be directed to press the number one to reach a support adviser or supervisor. Of course, once they’re connected to a “representative,” they’ll be speaking to a scammer, who is waiting to ask for their iCloud account credentials and login information.

One of the reasons this scam often works is because of the sophisticatedway it’s executed. The scammers use high-level spoofing technology to make it appear as if Apple Support is actually calling the victim. Apple’s iconic logo even appears on the victim’s phone as the call comes in. Unless the victim is aware of this ruse and knows to be on the lookout for it, it’s difficult to determine this call is a scam.

How do I know the caller isn’t really an Apple representative?

In high-tech scams like this one, it can be challenging for targeted victims to separate fact from fiction. If you receive a call like the one described above, and you’re unsure if the caller is a legitimate Apple representative, it’s fairly simple to find out the truth. As soon as the caller starts asking for your Apple ID password, iCloud credentials or verification codes to provide you with support, you’ll know you’re talking to a scammer. Apple has made it clear that its reps will never ask for any of this information over the phone.

What is Apple saying about this scam?

The Apple Support Twitter feed is full of tweets from iPhone users asking if these calls are legitimate. Apple provides these users with a link to a helpful article about avoiding phishing scams. The tech giant has also warned users to verify a caller’s identity before providing any personal information over the phone. Unfortunately, though, this step can be difficult to carry out in real life when the caller ID makes it appear as if the scammer is calling directly from Apple Support.

Perhaps the best advice the company gives for avoiding this scam is, “If you get an unsolicited call from someone claiming to be from Apple, hang up and contact us directly.” If you follow this advice, you’ll never run the risk of sharing your personal information with an alleged Apple Support representative who is really a scammer.

Apple also advises iPhone users to activate two-factor authentication as an added layer of protection for their accounts.

Scammers are always looking for new ways to hack the personal information of unsuspecting victims. Always be on the alert for scams like this one and never share sensitive information over the phone. Stay safe!

Your Turn: Have you been targeted by the Apple Support scam? Tell us how you recognized the scam in the comments.

SOURCES:
https://www.forbes.com/sites/daveywinder/2019/05/05/apple-warns-iphone-users-not-to-answer-apple-support-calls/#2945e1ca5f48
https://www.fox29.com/news/scam-alert-iphone-users-warned-not-to-answer-calls-from-apple-support-unless-they-requested-them
https://support.apple.com/en-gb/HT204759

4 Super-Scary Scams To Watch For This Halloween

September 26, 2019September 13, 2019 / destinationscreditunion / Leave a comment

Don’t let a Halloween scam spook you! Stay a step ahead of those crooks by looking out witch with pumpkin face for these four scams this season.

The shipping scam

The internet is brimming with Halloween-themed stores in the months leading up to Oct. 31. Lots of these retailers offer an impressive selection of costumes, accessories and decorations at great prices.

Unfortunately, though, some of the retailers that own such sites will never deliver the ordered goods. That’s because, though the company may exist, and will appear legit, at the end of the day there was never a real intent to ship the item(s). The delivery date may be postponed until after Halloween, or the order might get canceled without notification. Sometimes, the shopper will receive the promised package on time – only the package is empty!

Before placing an order with a seasonal store, look for the company’s physical address and phone number. Check what the Better Business Bureau (BBB) has to say about it and look for information about return and refund policies in case things go south. Finally, as always, be careful about sharing your credit card information with an unsecure site. Look for the lock icon near the URL and the “s” after the “http” in the web address; both indicate you’re on a secure site.

It’s also a good idea to order your costumes and décor in September. This way, you’ll have time on your side if you need to return a costume or a product that didn’t turn out as expected. You’re also less likely to purchase goods from iffy retailers and vendors you don’t recognize when you aren’t pressed for time. Finally, you won’t be forced to spend a ton of money on last-minute shipping costs when you make your purchase early in the season.

The fraudulent offer

In this scam, a bogus company advertises a “Super Special Deal” for “Today Only” offer, or something similar. It will offer amazing Halloween goods for prices that are too good to be true and lure lots of unsuspecting customers into the trap. Unfortunately, the company is bogus and the offer doesn’t actually exist. If you purchase the advertised product, you’ll never see the product – or your money.

As with all potential scams, check out a company’s authenticity and a website’s security before purchasing.

The fake ticket scam

Planning to take a trip to an amusement park, attend a concert or take in another event on Halloween? Be wary of the fake ticket scam, in which third-party vendors sell bogus tickets to unsuspecting customers right before an event. They’ll also tack on an exorbitant commission, claiming that they need to charge extra because of the last-minute purchase. Of course, the ticket is bogus and they’ll pocket the ticket money, plus the commission.

Make sure to get your tickets to any event you’d like to attend well in advance. Contact the event organizers directly to make sure you’ve reached the right address. If you find tickets being sold online near Halloween time, do a quick online search to see if the event has already sold out. Check for spelling mistakes and erroneous information about the date and time of the event on the ticket, as well.

The bogus purchase scam

In this scenario, scammers try to convince you that you ordered something you have no recollection of purchasing just to get you to share your personal information. Once the scammers have this data, they’ll do anything from emptying your accounts to taking out loans in your name or committing full-blown identity theft.

If you receive any emails, phone calls or text messages asking you about a costume you never ordered or a ticket you never purchased, do not engage with the sender or caller. Delete the emails or flag them as spam. Also, block the contact from calling or texting you again. With any luck, the scammer will get the message that you’re not an easy target and leave you alone.

Here’s wishing you and yours a safe and frightfully fun Halloween from all of us here at Destinations Credit Union!

Your Turn: Have you ever been targeted by a Halloween scam? Tell us about it in the comments.

SOURCES:
https://www.scam-detector.com/article/halloween-fake-shops
https://help-center.pissedconsumer.com/top-5-halloween-scams/
http://legalshred.com/halloween-scams/

7 Naughty Scams To Watch Out For This Holiday Season

December 4, 2018November 26, 2018 / destinationscreditunion / Leave a comment

‘Tis the season to be jolly! And unfortunately, ’tis also the season for scammers to go after Man sitting among computers with santa hat on your hard-earned dollars. Keep your money safe by reading up on the most common scams taking place this time of year and practicing caution.

Phishing emails

Always popular, phishing scams get even more prevalent before the holidays. They can take the form of bogus delivery confirmation requests seeking your information or even a personalized letter to your child from “Santa.”

Be extra careful this holiday season when it comes to sharing personal information online or with an unverified requester.

Fake charities

Sadly, many scammers will capitalize on the goodwill that flourishes this time of year by asking you to make a donation to a charity that does not actually exist. Verify the authenticity of any charity you’d like to make a contribution to by checking it out on a website like CharityNavigator.org. Also, it’s best to contact a charity on your own instead of following a website or email link.

Package theft

It’s holiday time, and those UPS and FedEx trucks are everywhere, dropping off boxes of goodies all over the neighborhood.

Usually, these drop-offs go as planned. Unfortunately, though, some 23 million customers will have their packages stolen from their doorsteps this year.

Don’t be one of them! If possible, and especially when ordering something expensive, arrange for a delivery that requires your signature upon receipt. Otherwise, track your order and know when to look out for it so you can bring it inside as quickly as possible after it’s dropped off.

When sending a gift to someone else via Amazon, consider sending it to an Amazon Locker location instead of to the recipient’s household. There’s no fee for using this service, and this way, your gift is safe.

Bogus sites

You might get lucky and find that perfect gift at a super-low price, but don’t believe any ads or websites that are practically giving away the good stuff for free. These are, quite likely, scams. Once you click an ad link and place an order, you’ll never hear from the site again. Worse yet, they may use the information you shared to empty your accounts.

Only shop on reputable sites. Remember to check the website address/URL before placing an order. It may look strikingly similar to a popular site, but if one letter is off or missing completely, the site is bogus and you need to get out. Also, always look for that important “s” after the “http” in the web address to verify a site’s security.

Fake freebies

Did you really just see a Facebook post offering you a new iPhone, completely free of charge? If you have, run the other way and don’t look back! You’re looking at a scam, designed to lure you into sharing your information with criminals or unwittingly installing malware on your device.

Fake freebies run the gamut from new phones, complementary cruises and various luxury gift items to free holiday-themed downloads, like music, wallpaper and games.

If you’re offered any outrageous free gifts by text message, email or social media posts, ignore them. Downloads, though, may be safe, but need to be carefully vetted for authenticity before you accept them.

Defunct gift cards

Many scammers sell expired or empty gift cards this time of year, hoping to make a profit on a card that isn’t worth more than the plastic used to make it.

Ask to inspect any gift card you purchase before you finalize the sale. Check to see if the activation code is exposed. If it is, the scammer has probably already used the card or has copied the information and will use it soon.

Temporary holiday jobs

Lots of businesses are hiring extra hands to get them through the busy holiday season. Don’t get stuck working for criminals!

Many scammers will pose as employees of recognized businesses and post help-wanted ads on social media platforms and popular websites. When a job seeker follows the links in these ads, they are directed to a bogus site that looks just like the site of the company the scammer claims to represent. They’ll be asked to share personal information to submit an application. The scammer will then make off with this information and the promised job will never materialize.

If you’re looking for a seasonal job, apply in-person or directly on a business’s website. Do not follow any links.

As always, be aware and be cautious when enjoying the holiday season. Don’t get grinched! Stay alert and use caution to keep your money – and your information – safe.

Your Turn: Have you been targeted by these or any other seasonal scams? Tell us all about it in the comments.

SOURCES:
https://www.aarp.org/money/scams-fraud/info-2017/holiday-season-scams-photo.html
https://www.moneytips.com/9-scams-to-watch-out-for-this-holiday-season
https://www.consumer.ftc.gov/articles/0074-giving-charity#Signs

Brought to you by Destinations Credit Union.

What You Need To Know About Smishing Scams

June 14, 2018June 14, 2018 / destinationscreditunion / Leave a comment

How do you communicate with your nearest and dearest when you’re on the go and can’t close-up of mobile phone on logging screen make a phone call? Do you send a VoiceNote? Use WhatsApp? Or, do you send an simple text message?

In a world where apps can almost run our lives for us, the humble SMS has outlived them all – and it’s still going strong. Unfortunately, though, texting has come under attack as one of the most vulnerable mediums for identity theft and more.

Here’s what you need to know about an SMS-based scam called “smishing.”

How it works

Smishing scams are similar to email phishing scams in which scammers target victims by sending an email that appears to be from their bank or credit union, internet service provider or one of their favorite businesses. Smishing scams use text messages instead of emails, but their goal is the same as phishing scams: to establish contact with the victim and access their personal information.

The scam begins with a supposedly urgent text appearing to be from the victim’s financial institution of choice. Sometimes, it’s from a bank or credit union with whom they have never done business!

The text claims the victim’s checking account is locked and that the victim must take immediate action to restore it. Alternatively, the text may alert the victim about a large, unauthorized purchase that was charged to their account. The scammer warns that, if the charge is not contested immediately, the victim will be responsible for the transaction. There are more variations, but they will always convey a sense of urgency to induce panic and trigger immediate and mindless obedience.

The victim is then instructed to call a specified number and, upon doing so, will be asked to share personal financial information. Once they’ve got their hands on this info, the scammer is free to steal the victim’s identity, empty their accounts or go on a shopping spree on the victim’s dime.

Who are the victims?

Smishing scams primarily target people who use mobile banking apps and sites. Victims who use their phones to manage their accounts don’t question when their financial institution appears to contact them by text message and, unfortunately, these smishing scams are often successful.

It isn’t just online banking users who need to be wary of smishing. Fraudsters have widened their net and have recently started sending messages to any cellphone number they can get their hands on.

If you own a checking account and a cellphone, you are vulnerable to a potential smishing scam.

Recognizing smishing scams

If you know what to look for, you’ll be able to spot a smishing scam at first glance.

The credit union’s credit and debit card fraud detection partner may text you if the network detects suspicious activity on your account. Destinations Credit Union’s card fraud detection department’s phone number is 1-800-889-5280. Do not respond to the text, simply call the Fraud detection department and give them the reference number.

Destinations Credit Union will not use a text message to alert you of a lockdown on your account; we prefer to use more personable contact methods to help ensure your privacy and personal security.

Also, the phone number the smishing text instructs you to call is not ours. We service our members from our own premises, and our number is 410-663-2500. If you’re told to contact us at a different line (other than the card fraud number above), it’s not us you’re calling!

You can also spot the smishing scam just by looking at the phone number. The text will often appear to come from a number that is obviously fake. Alternatively, it can appear to have come from one of your contacts who is kindly letting you know about the trouble with your account. In such cases, ask your friend (directly, not in response to the message) if they actually sent it. If they have no idea what you’re talking about, someone is using their number to lure you into a scam.

If you’ve been targeted

If you receive a suspicious-looking text that might be a smishing scam, do not engage the texter! Jot down the scammer’s number and delete the message. Let us know about the smishing attempt and tell all your friends. You can also alert the FTC at ftc.gov so they can help catch those criminals.

If you’ve fallen for such a scam and your accounts have been compromised, alert your credit card companies and be sure to let us know as well. We’ll help you mitigate the damage and regain control of your finances.

Protecting yourself

You can’t insulate your phone against these scams, but there are some proactive steps you can take to protect yourself, your device and your money.

Always use two-factor authentication. Most credit unions require a two-factor sign-in, but if you have the choice of opting out of this extra step, don’t take it! It’s not worth the added risk.
Strengthen your passwords. Never double your password use across different accounts, websites and apps. Make sure your passwords are strong and unique. Consider using a password manager like Dashlane or 1Password.
Don’t respond. Ignore text messages from unknown numbers, even if they’re not alerting you about a problem with your accounts. A text from an unknown source may be the scammer’s first attempt at establishing contact and determining if you’re a willing target for a future scam.

Make sure you are always on the alert for smishing scams. Don’t let those crooks get their hands on your money!

Your Turn: Have you been targeted by a smishing scam? Tell us all about it in the comments!

SOURCES:
https://www.usatoday.com/story/tech/columnist/saltzman/2017/07/03/delete-suspicious-text-messages-on-your-smartphone/439647001/
https://www.google.com/amp/amp.timeinc.net/fortune/2017/07/07/smishing-scam
https://money.usnews.com/money/blogs/my-money/2015/01/23/5-scams-that-target-your-bank-account
https://www.cnbc.com/2017/05/12/this-growing-fraud-will-drain-your-bank-account.html

Medical Identity Theft

April 12, 2018April 5, 2018 / destinationscreditunion / Leave a comment

Scammers never rest. Even when the government and financial institutions take added image of medicare card merging into money measures for protecting consumers against fraud, scammers are dreaming up new ways to con you out of your money – and your identity.

In the latest wave of identity theft, scammers are cashing in on Medicare’s extra level of protection. In order to help prevent ID theft, Medicare is replacing the Social Security numbers that had appeared on its old cards with an 11-digit code. The new cards aren’t in circulation yet. They will be mailed out within the next 13 months, but scammers are already using them for a new variation of identity theft.

Here’s how the scam works: A caller pretending to be a Medicare representative will phone a beneficiary and ask for payment in exchange for the new ID. The victim willingly complies. In reality, though, the new cards are free and are being mailed out automatically. The caller might also claim to be a Medicare representative who is not after the victim’s money but needs their medical information to send out their new card or to update their system.

In another iteration of this scam, a caller will ask a victim if they want to purchase Medicare’s prescription drug coverage, or Part D. Part D is voluntary and is not necessary for Medicare coverage, but the caller will insist the victim must purchase Part D or risk losing their entire coverage.

In another ruse that is not limited to Medicare members, the caller will ask for the victim’s checking account number and Social Security number to deposit a supposed refund from their medical insurance company.

Once the scammer has the victim’s medical information, though, there’s an endless amount of damage they can do, including (but not limited to):

Posing as the victim to see a doctor and using their insurance to pay the bill,
Obtaining prescriptions they don’t need and then selling them or misusing them,
Purchasing medical equipment,
Filing a false health claim.

Protect yourself from being the next victim! Here’s what you need to know about medical identity theft.

What it can cost you

According to the Ponemon Institute, the average medical identity theft costs the victim a whopping $13,500 to fix. But it’s a lot more than money at stake. There are several significant ways medical identity theft can affect you.

1.) Loss of health coverage

Medical identity theft can cause you to lose your health coverage. Scammers might max out your benefit limits, leaving you at a real disadvantage in case of a medical emergency.

2.) Ruined credit history

Medical identity theft can wreak havoc on your credit history. You may have spent years building and maintaining an excellent score, but scammers can bring all of that tumbling down by racking up tremendous hospital bills in your name and then disappearing. The outstanding bill will then go to collections and you might not even be aware of it until creditors come calling.

3.) False medical records

The scammer may be seeing doctors, receiving treatment and obtaining prescriptions under your name. All of this will be documented on your medical records. This can prove to be extremely dangerous, or even fatal, when you seek medical attention in the future.

4.) Higher premiums

When insurance companies take note of the maladies you’ve “contracted” or the many doctors you’ve been “seeing,” your premiums will likely rise.

Preventing medical scams

Learn to recognize the signs and take proactive steps to ensure that you’re not the next victim of medical identity theft.

Know that Medicare will never call you for information. The agency will always reach out to its members via mail. By simply being aware of this fact, you can immediately identify a scammer on the phone.
Be wary of bills from third-party providers. If you receive notices regarding your medical information from a third-party provider that do not look familiar, or that contain inaccurate information regarding your medical history and recent treatment, alert your insurance provider immediately.
Study your Explanation of Benefits (EOB). Every health insurance company provides its members will an EOB. Be sure to take a hard look at yours. If you spot any treatments you don’t remember receiving, notify your insurance provider immediately.
Check medical records. It’s a good idea to review your medical records on a regular basis and check for any suspicious doctor visits, prescriptions or maladies.
Review your credit. It’s always prudent to check your credit history several times a year. If you see any unfamiliar charges, immediately ask for a fraud alert and place a freeze on your credit.

Fixing your medical history

If you spot something suspicious on your medical records, it’s crucial that you take the necessary steps to correct it so it doesn’t affect your medical treatment in the future.

Send a copy of the documents detailing the discrepancy or error to every medical professional and facility involved in your care, including doctors, hospitals, labs and private clinics. It’s best to send a copy of these documents and keep the original documents for your own records. To ensure the documents were received by the correct parties, send them through certified mail and get a receipt.

Fighting back

Have you been victimized by medical identity theft? Report the incident to prevent future scams!

You can report your scam on the Federal Trade Commission (FTC) website at ftc.gov, or by calling the agency at 1-877-438-4338.

If you are a member of Medicare and suspect fraud, call 800-MEDICARE for assistance or visit Medicare.gov. Alternately, report the scam to your own insurance provider.

You deserve to live out your years in health and happiness without worrying about medical identity theft. Make sure you take the necessary precautions to ensure you’re not the next victim!

Your Turn: Have you had to repair damages caused by medical identity theft? Share your experience with us in the comments!

SOURCES:
https://www.google.com/amp/s/www.cnbc.com/amp/2018/02/07/beware-theres-a-new-wave-of-medicare-scammers.html
https://www.thebalance.com/common-types-of-medical-identity-theft-4157717
https://blog.sdfcu.org/2018/01/medical-identity-theft/

How To Protect Yourself From Identity Theft

December 14, 2017December 12, 2017 / destinationscreditunion / Leave a comment

Chances are, you or someone you know has had their identity stolen at one point or Image of Man cloning credit information another. It can be expensive, stressful and extremely complicated to recover from. Here are seven ways to help protect yourself and your most important data from identity thieves.

Secure Your Hardcopies

Most of us think of identity theft as a digital crime, but many thieves are just as eager to get their hands on your paper documents. While online accounts are password-protected, important paper documents are often left in a drawer or simply tossed in the trash, where dumpster-diving thieves can find them.

What’s the solution? Buy a safe and a shredder. What’s not shredded goes in the safe. Of course, the same level of care should go into protecting your physical credit cards. Don’t put your wallet in your back pocket. Make it a habit to check to see you have all your cards and IDs when you get home at the end of the day. This will help you be aware of missing items earlier so you can cancel lost or stolen cards before too much damage is done.

Examine Your Financial Statements

Reviewing your financial statements is a good practice. Not only will this help you track financial habits, it will also alert you to any fraudulent charges. Credit unions and banks do a lot to protect consumers from fraud and identity theft, but only you know what you purchased and what you didn’t, so look closely at those statements!

Choose Good Passwords

Many people have one simple password they use for all devices and platforms. This is convenient, but dangerous. Yes, there is reason to worry that having multiple hard-to-remember passwords may make it more difficult for you to access your own accounts, but potential identity thieves will have a more difficult time too.

If you’re worried about remembering your own passwords, check out these easy and safe ways to store your passwords from Gizmodo.

Protect Your Computer

Malware is just one way identity thieves steal your data. Invest in a good and reputable antispyware program to make sure your hardware is safe from invaders.

Another way to protect your computer is to encrypt your hard drive. Apple computers and PCs alike will offer the option to encrypt all data in your hard drive. Go to your security settings and choose to activate the encryption option.

Be Aware of Suspicious Emails and Websites

If an email looks suspicious, it probably is. Make your email inbox a tightly curated collection. If you have too many promotional emails, start clicking the unsubscribe button. This will help you spot suspicious, unsolicited mails.

The same goes for websites. Your browser or antivirus software may try and warn you about suspicious websites before you enter them. Don’t disregard those warnings.

Use Two-Factor Identification

The most convenient option is not always the most secure, but given the choice between convenience and security, your best bet is the more secure one. Two-factor identification for email accounts and other important online accounts will add an extra step to the security process for log-ins, most often making use of your phone number as well.

Secure Your Wi-Fi and Avoid Public Wi-Fi

Public Wi-Fi is often insecure and can be a great way for thieves to get to your data. Steer clear if you can. If you have no choice, be sure to avoid all online banking or password logins while using public Wi-Fi. Additionally, be sure to secure your own home Wi-Fi with a unique and hard-to-guess password.

SOURCES:
http://www.identitytheftkiller.com/10-ways-to-avoid-id-theft.php
https://www.wikihow.com/Prevent-Identity-Theft

Protecting Yourself Against Card Cracking Scams

December 12, 2017December 8, 2017 / destinationscreditunion / Leave a comment

In a recent scam targeting cash-strapped millennials, fraudsters are once again cashing Image of man touching fraud prevention icon in on people’s naivety and goodwill. Only this time they’re using social media to make it happen.

What makes the scam especially cruel is that fraudsters specifically look for victims who are short on funds, such as students with large loans hanging over their heads, struggling single parents or young professionals searching for a job. People who are desperate for cash also prove to be desperate enough to believe almost anything that will help them earn them a quick buck. Unfortunately, this vulnerability, coupled with the broad reach and easy plundering that scammers are granted by using social media, has made card cracking more successful in luring victims than many other scams.

Card cracking scams start with an innocent-looking social media post that appears like the dozens you scroll through every day. The post may show up on the victim’s Twitter feed, Facebook page or on Instagram, and it will always showcase some form of quick cash. It might be an easy-to-win contest with a huge reward for the winner. It can be a dream job that will instantly be yours – as soon as you follow the instructions. It may even be a complete giveaway, such as a cash bonus or a gift card that you’ll be granted just for sharing some information. If you click on the embedded link, you’ll be asked for your checking account information, your PIN or your online banking credentials.

Once the scammers have this information, they can do any number of things with their prize, from withdrawing large sums of cash from your account to using your debit card number for a massive shopping spree. They may even help themselves to funds you have in your account, such as a paycheck or student loan.

In another iteration of card cracking, scammers will tug on victims’ heartstrings, claiming their personal accounts are frozen and they have no access to money. They’ll ask the victim to allow them to access the victim’s account for simple transactions such as depositing checks. Once the checks are in, the scammer will cash in on the amount, and a few days later, when the check bounces, the scammer will be long gone. This variation is sometimes played out in person, on college campuses.

In yet a third scheme, card crackers promise victims a cut of fraudulent funds if the victim allows them to use their account. Victims often rationalize this crime by assuring themselves that they’re not actually playing a part in the fraud. Of course, they will still be held accountable when the scammers are busted.

Sadly, falling victim to a scam can be especially harmful for a millennial who is just beginning to build their credit history.

Don’t be the next victim. Here’s how to protect yourself from card cracking:

1.) Never share personal information with a stranger

You’ve heard it a thousand times, but this rule cannot be overstated. Never share sensitive information with a correspondent whose identity you can not verify with absolute certainty. You wouldn’t think of giving your checking account number to a solicitor you met on the street; why would you share it with a stranger online?

Of course, victims of card cracking and similar schemes believe the scammers are legitimate. That’s why it’s important to authenticate a web address, company or offer by asking for a street address or phone number. Additionally, by educating yourself about these scams, you’ll be able to spot one immediately.

2.) When it’s too good to be true, it usually is

Remembering this rule of thumb will go a long way toward helping you recognize scammers. Free or easy money exists only in fairy tales. Don’t believe the Facebook post that promises you’ll land that dream job you’ve been searching for if you only hand over your account passwords. Ignore the offer for a free gift card and don’t believe the sob story about frozen accounts leaving people penniless.

3.) Never cash a check for someone else

You are not a credit union or a check-cashing business. If someone approaches you in person or online and asks you to cash a check for them, politely refuse. Unless you would trust this person with your life, there is no reason to believe their tale is legitimate or that their check will be honored.

4.) Report suspicious activity

If you notice any suspicious activity on your account, report it immediately. You may have fallen prey to a card cracking scam and you don’t even know it!

Scammers may be smart, but you can be smarter. When you’re educated, alert and aware, you’ll be able to spot most scams before it’s too late.

Your Turn: Have you recently spotted any card cracking scams on your social media platforms? Share what tipped you off in the comments!

SOURCES:
http://info.rippleshot.com/blog/what-you-need-to-know-about-card-cracking
https://www.google.com/search?q=card+cracking+scam&rlz=1CDGOYI_enUS753US753&oq=card+cracking&aqs=chrome.1.69i57j0l3.10532j0j7&hl=en-US&sourceid=chrome-mobile&ie=UTF-8
https://www.nextadvisor.com/blog/2016/07/18/know-about-card-cracking-scams/

Reaching Your Financial Destinations

Destinations Credit Union: Moving Forward, Banking Smarter

identity theft