Security Center
Last Updated: 02/18/2010
Gas Pump Skimming Scam - 02/18/2010
Credit Union Times recently reported
that criminals are now trying to steal a member's personal data (card
number and PIN) by attaching a device to a gas pump to skim personal
data. It has been reported that thieves are able to open a gas pump and
insert a device that captures card numbers while a camera positioned
nearby captures the cardholders' PIN. The fraudster then uses the stolen
data on a counterfeit card and can then access an ATM to withdraw money
from the CU member's account.
Recent losses have been reported around the Raleigh, NC area but this
particular problem may continue to grow and CU's and their members need
to be aware of this situation.
Read the full article
HAITIAN EARTHQUAKE RELIEF FRAUD ALERT
01/13/10 - The FBI today reminds Internet users who receive appeals to donate money in the aftermath of Tuesday’s earthquake in Haiti to apply a critical eye and do their due diligence before responding to those requests. Past tragedies and natural disasters have prompted individuals with criminal intent to solicit contributions purportedly for a charitable organization and/or a good cause.
Therefore, before making a donation of any kind, consumers should adhere to certain guidelines, to include the following:
- Do not respond to any unsolicited (spam) incoming e-mails, including clicking links contained within those messages.
- Be skeptical of individuals representing themselves as surviving victims or officials asking for donations via e-mail or social networking sites.
- Verify the legitimacy of nonprofit organizations by utilizing various Internet-based resources that may assist in confirming the group’s existence and its nonprofit status rather than following a purported link to the site.
- Be cautious of e-mails that claim to show pictures of the disaster areas in attached files because the files may contain viruses. Only open attachments from known senders.
- Make contributions directly to known organizations rather than relying on others to make the donation on your behalf to ensure contributions are received and used for intended purposes.
- Do not give your personal or financial information to anyone who solicits contributions: Providing such information may compromise your identity and make you vulnerable to identity theft.
Anyone who has received an e-mail referencing the above information or anyone who may have been a victim of this or a similar incident should notify the IC3 (Internet Crime Complaint Center) via www.ic3.gov
Fraudulent Investment Opportunity - 11/02/2009
We have been advised of an investment scam where fraudsters, posing as
an African energy consortium, have presented an investment opportunity
to a group of Credit Union members. The investment involved a renewable
energy project (sunlight, wind, rain, tides, geothermal heat, etc.).
Some proof was provided that these investment advisers/consultants were
officers of the consortium. In hindsight, that proof appears to have
been limited in nature and now looks very suspicious.
The members were sold on the plan and many applied for loans at their
Credit Union as well as obtained cash advances on their credit cards,
giving this money to the fraudsters to invest in this renewable energy
project. After receiving the investment funds, the fraudsters skipped
the area and the investors were left with only the worthless paper and
the outstanding loan at their Credit Union.
Unfortunately, this type of scam is serious because of the dollars
involved and the number of people who were duped. The losers in this
scheme are the ones who fell for this bogus investment as this type of
scam is not covered by any insurance company in the industry.
Mortgage Loan Modification Scams - 10/22/2009
A recent development in the ongoing subprime mortgage and foreclosure
crisis is the emergence of a new type of business which purports to
offer loss mitigation consulting, foreclosure prevention, mortgage
loan modification, or similar services. Many states are seeing an
increase in the of number of advertisements, direct-mail
solicitations and other marketing materials offering consumers
assistance in negotiating resolutions of their delinquent residential
mortgage loans with lenders and servicers, or assistance in
negotiating lower mortgage loan rates, in exchange for up-front fees.
Members who have fallen behind on mortgage payments or who are in
foreclosure or default may become targets for certain types of scams
known as "home equity theft" or "foreclosure rescue fraud."
Perpetrators of these scams claim that they can solve debt problems
and stop consumers from losing their home. Some of these scams offer
to temporarily hold onto the house while consumers catch up on their
payments. The perpetrator then uses deceptive tactics to obtain
ownership of a consumer’s home for a fraction of its market value,
and leaves the consumer homeless yet still holding the mortgage which
is now in foreclosure.
Other scams falsely claim that they can stop a foreclosure or tax
sale, charge substantial up-front fees and fail to deliver the
promised results. Members should be advised they do not need to pay
fees for foreclosure prevention help. Many not-for-profit HUD
approved housing counselors will help members negotiate with their
lender for free.
Members should be advised to explore all available options for
requesting a mortgage loan modification. Encourage them to contact
their own lender or mortgage servicer or a HUD approved housing
counselor if they believe they will have difficulty in making their
mortgage payments.
E-mail Scam - 10/02/2009
The Department of Homeland Security's Computer Emergency Readiness Team (CERT) is warning Internet users to be on guard against a convincing e-mail virus scam disguised as a message from auditors at the Internal Revenue Service.
CERT recently reported: "The attacks arrive via an unsolicited e-mail message concerning an inquiry by the IRS and may contain a link or attachment. If users click on this link or opens the attachment, they may be infected with a malicious code, including the Zeus Trojan."
The Zeus Trojan steals sensitive data, and it is especially interested in on-line banking credentials. According to Gary Warner, director of research in computer forensics at the University of Alabama, Birmingham, this fake IRS notice has been ongoing for several weeks now.
A word to the wise: Do not click on attachments included in unsolicited e-mails, especially those that encourage you to act quickly or suffer some scary fate. These are attempts to plant malicious software on your computer.
Also, note that the IRS has stated emphatically that it does not communicate with businesses or citizens via e-mail.
|
