Identity Theft
What is Identity Theft?
Identity theft involves stealing or taking over the identity of another person or business and using it for personal gain. Any personal information can be used by an identity thief to impersonate you. This includes your name, address, phone numbers, social security number, driver's license number, date of birth, credit card numbers and bank account numbers. This information is then used to obtain credit cards, to apply for loans, to open new bank accounts and to redirect mail in your name without you knowing this has happened.
How do Identity Thieves get your personal information?
• Steal your wallet or purse containing your identification and credit and debit cards
• Steal your mail
• Complete a change-of-address form to divert your mail to another location
• Rummage through your garbage
• Surf your shoulder at ATMs to obtain PINs
• Access public-record Web sites
• Break into and enter your house or car
• Obtain personnel or customer files in your workplace
Have you heard of 'vishing' the newest scam?
In a new twist, identity thieves are sending spam that warns victims that their credit union/bank account or PayPal accounts were supposedly compromised. However, unlike typical phishing emails, there is no website address in these phishing messages. Instead, the victim is urged to call a phone number to verify account details.
The automated voice message says: "Welcome to account verification. Please type your 16-digit card number." The goal is to get the victim to enter their credit card number. In these reported scams, no mention of the credit union, bank or PayPal is made.
Security experts tracking this scam and other instances of "vishing", short for "voice phishing", say the frauds are particularly despicable because they imitate the legitimate ways people interact with financial institutions. In fact, some vishing attacks don't begin with an e-mail. Some come as calls out of the blue, in which the caller already knows the recipient's credit card number. This increases the perception of legitimacy, the caller ask for the valuable three-digit security code on the back of the card.
Vishing appears to be prospering with the help of Voice over Internet Protocol, or VOIP, the technology that enables cheap and anonymous Internet calling, as well as the ease with which caller ID boxes can be tricked into displaying erroneous information.
Phishing is a dangerous sport - don't get caught in the criminals' nets!
Phishing is the term used to refer to E-mail fraud. E-mails are sent to unsuspecting people, asking them to confirm or verify their account information, social security number, PIN or other important information. Often, they warn of dire consequences, such as account closure or fines, if the recipient fails to respond. DON'T BELIEVE THEM AND DON'T RESPOND! Theses criminals are looking for an easy way to "phish" out your valuable information and use it to steal your identity - or worse!
Remember that Westerra Credit Union will NEVER initiate a call or E-mail and ask you for your account information. We already have it and have no reason to request this information from you. Please keep your information safe.
Here are some valuable tips to remember:
• Never share your PIN, account numbers or social security number with unknown sources.
• Never click on a link, or use a phone number in an E-mail. Look the number or website up yourself to be sure you are accessing the real institution.
• Never E-mail your account numbers, PIN or social security number. E-mail is NOT SECURE. Use our home banking product to send us secure information. If you can't access our home banking site, call us, fax us or send us an E-mail with your name and phone number only.
• Contact us immediately if you ever suspect fraud, or receive suspicious E-mails or phone calls about your Westerra accounts.
What do you do if you are a victim?
Call Westerra Credit Union immediately if you suspect that you are the victim of identity theft or if there is unusual activity on any of your accounts.
If you have given out your credit, debit or ATM card information:
• Report the incident to the card issuer immediately
• Cancel your account and open a new one
• Review billing statements carefully after the incident
• If the statements show unauthorized charges, send a letter to the card issuer via regular mail (keep a copy) describing each questionable charge
Credit Card Loss or Fraudulent Charges
Your maximum liability under federal law for unauthorized use of your credit card is $50 (policies vary). If the loss involves your credit card number, but not the card itself, you have no liability for unauthorized use; in general, you may only be liable for a very small amount but always check with the card issuer for their exact policy.
Your liability depends on how quickly the loss is reported. You risk unlimited loss by failing to report an unauthorized transfer within 60 days after your statement containing unauthorized use is mailed to you.
If you have given out your account information:
• Report the theft to the financial institution as quickly as possible
• Cancel your account and open a new one
If you have downloaded a virus or ‘Trojan Horse':
Some phishing attacks use viruses and/or a ‘Trojan Horse' to install programs called "key loggers" on your computer. These programs capture and distribute any information you type to the phisher, including credit card numbers, usernames, passwords, Social Security Numbers, etc. If this occurs, you likely may not be aware. To minimize this risk, you should:
• Install and/or update anti-virus and personal firewall software.
• Update all virus definitions and run a full scan.
• If your system still appears compromised, fix it and then change your
password again.
Check your other accounts - suspects may have accessed different accounts: eBay account, PayPal, your email ISP, online bank accounts, and other e-commerce accounts.
If you have given out your personal identification information:
Identity theft occurs when someone uses your personal information such as your name, Social Security number, credit card number or other identifying information, without your permission, to commit fraud or other crimes. If you have given this information to a phisher, you should do the following:
• Report the theft to the three major credit reporting agencies, Experian, Equifax and TransUnion Corporation, and do the following:
• Request that they place a fraud alert and a victim's statement in your file
• Request a FREE copy of your credit report to check whether any accounts were opened without your consent
• Request that the agencies remove inquiries and/or fraudulent accounts stemming from the theft
Major Credit Bureaus:
Equifax
Experian
Trans Union
Identify Theft Resources:
Federal Trade Commission-Identity Theft
Internet Crime Complaint Center
Identity Theft and Fraud
Notify the credit union and any other financial institutions you use to request a flag on your account and contact you regarding any unusual activity:
• If bank accounts were set up without your consent, close them
• If your ATM card was stolen, get a new card, account number and PIN
• Contact your local police department to file a criminal report
• Contact the Social Security Administration's Fraud Hotline to report the unauthorized use of your personal identification information
• Notify the Department of Motor Vehicles of your identity theft
• Check to see whether an unauthorized license number has been issued in your name
• Notify the passport office to watch for anyone ordering a passport in your name
• File a complaint with the Federal Trade Commission
• Ask for a free copy of "ID Theft: When Bad Things Happen in Your Good Name"
• File a complaint with the Internet Fraud Complaint Center(IFCC) by visiting their website: http://www.ic3.gov/.
For victims of Internet fraud, the FBI's Internet Fraud Complaint Center provides a convenient and easy reporting mechanism that alerts authorities of suspected criminal or civil violations. Document the names and phone numbers of everyone you speak with regarding the incident. Follow-up your phone calls with letters. Keep copies of all correspondence. If you see a suspicious-looking email message claiming to be from Westerra Credit Union, please let us know. We continually monitor such reports and act on them promptly. Additionally, also consider contacting the FBI's Internet Fraud Complaint Center at http://www.ic3.gov/ .
