money with lock

Security Center

Protecting Your Identity, Your Privacy, and Your Money

Protect yourself. The following information has been prepared to protect you from the many types of financial fraud and identity theft. Be sure to review all of the tabs below to better understand the threats and how to combat them.

Monitor and secure your accounts. Always monitor your financial accounts for suspicious activity. It’s always a good idea to periodically review all activity done on any of your accounts. A good way to secure your accounts is to create long complex passwords and enable multi-factor authentication. All Online Banking members have Multi-factor authentication enabled. If you would like additional protection, we have partnered with IDnotify to provide a robust ID theft protection program. Learn more.

Fraud Prevention. View important holiday prevention tips to help you stay safe while shopping.

 

 

Fraud Alerts

The 2017 Identity Fraud Study, released by Javelin Strategy & Research, found that $16 billion was stolen from 15.4 million U.S. consumers in 2016, compared with $15.3 billion and 13.1 million victims a year earlier. In the past six years identity thieves have stolen over $107 billion.

Report Fraud to People's Community Federal Credit Union Immediately. If you think you may have been a victim of fraud contact us immediately at 800-252-6525.

Tech Support Scams

Scammers are calling and claiming to be computer techs from well-known companies such as Microsoft, Dell, HP, and Apple. They will tell you that your computer has been infected with a virus and they will try to convince you to give them access to your computer. Once they have access, they can do anything they want, such as download malware or steal your information. Another avenue for this is popups that appear in your web browser. They can be very loud and jarring and they vary in content. Most of the popups go something like this: “Your computer has been infected with a virus! Call this number for assistance!” or “Your computer has been doing something illegal! Call this number now!” They try to make the popup as frightening as possible so that you call them immediately without thinking things through. Many times they will also try to sell you antivirus software. They are not actually selling you any software, they are stealing your credit/debit card number. Do not give them your credit/debit card number. Companies like Microsoft do not have popups that tell you to call and they will never call you to say there is a virus on your computer.

Recently, there has been an influx of scammers registering domain names that end in .cm instead of .com. When you go to these fake sites, your browser ends up with many popups warning you of infections and may even freeze your computer. Make sure you are always typing the URL into your search bar correctly.

Fake Charities

Some scammers will pretend to be from a well-known charity or even create pages on sites like ‘Go Fund Me’ after a tragedy in order to scam well-meaning people out of their money. It’s common for these types of scams to circulate on social media such as Facebook or Twitter. When you are donating, it’s very important to always verify you are donating to a real charity and that you do so through a valid method such as the charities website. It’s also a good idea to do some research on any charity before you donate to make sure your money is going to the right people and towards the right cause.

Card Skimmers Hit the Pacific Northwest and Local Gas Stations

Card skimming is on the rise in the Pacific Northwest. Locations up and down the I-5 corridor as well as local gas stations have been targeted the most. Below is some helpful information on what a card skimmer is and what you can do to be on the lookout.

• Card skimmers are devices that fit over the ATM’s card reader and often times look like they belong on the ATM. Along with card readers, there may be hidden cameras in place to capture your pin.


• Look for evidence of tampering when using a gas pump. For example, some gas pumps will place a security seal over the portion of the gas pump that controls the card reader. If that seal is broken, that is a strong indication that the card reader has been tampered with. The seal will say "void" on it if it the card reader door has been opened.

• If using an ATM; ways to detect a skimmer include lightly pulling on the card reader and pin pad to ensure neither easily detach from the machine, paying attention to colors and graphics on the machine that appear to be different than what should be expected, and paying attention to obscured or lack of flashing lights that are normally displayed on the machine.

• Pay attention to anyone who appears to be loitering or otherwise hanging around a machine with no visible purpose. If this is the case, use a different machine, report the suspicious person to the business, and/or ensure that you are covering the PIN pad when typing in your PIN number.

Here are some things you can do if you've been impacted by skimmers or if you are concerned:

• Change your PIN at one of our 4 branch ATM's or at our Hazel Dell location
• Regularly monitor credit card and account statements and look for discrepancies.


If you find any fraudulent activity on your account, please contact us immediately by calling 800-252-6525 or coming into any one of our 4 locations.

Below is an example of what an ATM skimmer may look like.  The one on the right has the skimmer in place over the card reading slot.

Identity Theft

Identity theft can occur when an individual obtains personal information, such as your social security number, date of birth, address, and financial account numbers. Once this information is obtained, the thieves will assume or take on your identity, allowing them to illegally purchase items or obtain credit.

Protect yourself. Don't become identity theft's next victim

 

People’s has partnered with IDnotify to bring you the best in identity theft protection. More information.

ID Theft Information

Learn more about protecting yourself from identity theft.

Identify Theft Resources

Credit Bureau Contact Details

 

Credit bureaus must provide free copies of credit reports to victims of identity theft.

ATM Fraud

ATM fraud can occur when individuals lose their card, give their card to someone else to use, or when their Personal Identification Number's confidentiality is compromised. By following these simple guidelines you can greatly reduce your exposure to ATM fraud.

Tips for protecting yourself against ATM fraud

  • Never write your Personal Identification Number (PIN) on your card or in your wallet. Memorize your PIN as soon as possible. Do not reveal your PIN to anyone not authorized to use the account.
  • Never use your date of birth, social security number, license number or street address as a PIN -- those are the first numbers a crook will try.
  • Don't throw away your ATM receipts at the ATM location. Keep them to reconcile your account, then dispose of them properly when you get home.
  • Always be aware of your surroundings when using the ATM. If it is late at night, try to use a machine that is well lit and avoid dark, remote locations.
  • Always make sure to retrieve your ATM card from the machine when the transaction is complete.
  • Be aware of the person behind you. Make sure no one can see you entering your PIN or how much money you withdraw.
  • Review your statement promptly to ensure all transactions are accurate. Report any discrepancies immediately.
  • Destroy old ATM cards immediately after receiving your replacement cards.

ATM Scams

In addition to the types of ATM fraud that most of us are now aware of, there are two new types of fraud that can clean out your account quickly -- card withholding and skimming.

Card withholding occurs when your card gets stuck in the ATM, you can't get it out, and you leave the card in the ATM planning to contact the financial institution the next morning. When you call you find that the card was not stuck in the ATM. What happens is that thieves put a substance into the ATM card slot which will cause your card to stick inside the ATM. They leave the ATM and wait for someone to attempt to use it. They then get in line behind you and try to watch you enter your Personal Identification Number (PIN). This is very common at drive-up ATMs where the user may not be paying attention to other people or cars nearby.

The thieves even go so far as to put up a sign on the ATM stating: "If your card gets stuck, enter your PIN three separate times to retrieve it." This gives them three tries to watch you enter your PIN. After you leave frustrated, and you're planning to contact the ATM owner the next morning, they remove your card with a pair of pliers. They can then use your card at other ATMs and Point-of-Sale (POS) terminals.

Skimming is done at businesses that offer Point-of-Sale (POS) devices for you to pay with your ATM card, such as gas stations. The thieves convince an employee to allow them to connect a lap top computer to the POS machine. The lap top is usually stored under the counter where the POS device is located. When you swipe your card in the POS device to make a payment the information on the magnetic strip on your ATM card is copied and loaded onto a disk. Thieves may also install a hidden video camera that records you entering your PIN. They then match the magnetic information to the PIN and access your accounts.

  • Before inserting your ATM card into an ATM inspect the card slot for any residue.
  • If there is residue, don't use that ATM. If there is a notice on the ATM about entering your PIN several times, don't use that ATM.
  • Always cover your hand when entering your PIN: if the thieves don't have your PIN, they can't access your account.

Actions for Fraud Victims

If you suspect fraud, it is important to act quickly to minimize potential damage and your own liability. It is important to keep a detailed account of conversations you have with authorities and financial institutions.

Credit Bureaus. Immediately call the fraud units of the three credit reporting companies -- Experian, Equifax and Trans Union. Ask that your account include a statement referencing the possibility of fraud.

Creditors. Contact all creditors immediately with whom your name has been used fraudulently -- by phone and in writing. Monitor your accounts closely for any further fraudulent activity.

Law Enforcement. Report the crime to police with jurisdiction in your case. Provide any documentation that you have collected. Get a copy of your police report. Keep the phone number of your fraud investigator handy and give it to creditors and others who require verification of your case.

Financial Institutions. If you have checks stolen or bank accounts set up fraudulently, contact the institution to report the crime. Put stop payments on appropriate outstanding checks. Close your checking and savings accounts and open new accounts. If your ATM card is stolen or compromised, get a new card and PIN. When choosing a PIN, don't use common numbers like the last four digits of your Social Security number, your date of birth, license number or street address.

U.S. Postal Service. Notify the local Postal Inspector if you suspect an identity thief has filed a change of your address with the post office or has used the mail to commit credit or bank fraud.

Social Security Administration. Call to report fraudulent use of your Social Security number.

Department of Motor Vehicles (DMV). Call to see if another license was issued in your name. Go to your local DMV to request a new number. Also, fill out the DMV's complaint form to begin the fraud investigation process. Send supporting documents with the completed form to the nearest DMV investigation office. Request a driver's license number different than your Social Security number if available in your state.

Civil Courts. If a civil judgment has been entered in your name for actions taken by your impostor, contact the court where the judgment was entered and report that you are a victim of identity theft. If you are wrongfully prosecuted for criminal charges, contact the state Department of Justice and the FBI.

Back to Top

Check Cashing Fraud

This guide provides tips for protecting yourself against check cashing fraud. Check cashing fraud occurs when individuals use information taken from your checks, or the checks themselves, to access your accounts and commit fraudulent acts. By following these simple guidelines you can greatly reduce your risk of becoming a victim.

Tips for protecting yourself against check cashing fraud

  • Always safeguard your checks. Do not leave your checks out in an open area. Never leave your checks in your car or out on your desk at the office.
  • Keep your blank checks and canceled checks in a safe place. Put them in a vault or other secure location. Destroy old blank checks if you are not going to use them.
  • Limit the amount of personal information printed on the checks to your name and address. Don't use information that could compromise your identity such as your driver's license number, social security number, and/or secret codes.
  • Don't leave your bill payments sitting in an unlocked mailbox for pickup. Many credit thieves will steal bills from rural mailboxes at the end of driveways so they can get your account information, checking information, and even your checks. Go to the Post Office directly or use a curbside USPS mailbox (the blue metal ones) and drop your bills in the slot rather than using less secure street mailboxes.
  • Be discreet when writing checks in public places. Write your checks carefully and leave no space in which figures or words can be inserted.
  • When you make an error in writing a check, be sure to destroy the check or write "canceled" across it and store it with your other canceled checks.
  • If your checks are lost or stolen, report it immediately to your financial institution.
  • Reconcile your monthly statements as soon as you can to ensure all transactions are accurate. Contact us immediately if you do not receive it when expected. Be sure to contact your institution within that time frame to ensure that proper attention is given to reconciling the problem.
  • When you reorder checks, mark your calendar. If you don't receive your checks within 15 working days, contact your financial institution immediately to inquire as to the status of the order.
  • Consider alternatives to check writing. For instance, paying by phone, online, billpay or setting up automatic payments. Fewer checks mean fewer theft opportunities.

Debit and Credit Card Fraud

Debit and credit card fraud generally occurs when cards or card numbers are compromised. By following these simple guidelines your potential for loss can be minimized.

Tips for protecting yourself against card fraud

  • Keep a list of all your cards including the account number and phone number to the issuing company.
  • Review your card statement as soon as possible. Match charges with your receipts to ensure all charges are yours and are for the correct amount.
  • Always sign a new card immediately.
  • When making a purchase with a card, make sure you get the card back and the receipt. Check the receipt for accuracy.
  • When using a card at a restaurant or store, make sure that all blank lines are marked through so that no one can change the final amount.
  • Never sign blank card receipts.
  • Only travel with the cards you plan on using.
  • Never give the account number of the card over the phone unless you initiate the call.
  • When making an order over the telephone, try to avoid using a cordless phone. Cordless phones messages can be easily intercepted by devices as unsophisticated as baby monitors and police scanners.
  • Do not write the PIN for the account on the card.

Visa also has some tips and information on security and fraud prevention located here

Phishing Scams

Phishing can take place through different mediums and the most common threat is through emails. Criminals send out phishing emails that look exactly like what comes from a legitimate company (your credit card company, credit union, government agency or any other service or business) in an effort to deceive you into divulging your personal or financial information. Some phishing emails also link to viruses or malware that will compromise your computer and result in all of your information being available to the criminals or even destroyed. Phishing emails often urge you to act quickly or else something bad will happen. For example, a criminal could send you an email that looks like it’s coming from a company you’ve just purchased a product from. You receive the product and then the "company" sends you an email saying they never received your payment and are taking you to court unless you give them your credit card information so they can process the transaction. It is very important to be cautious when dealing with emails. It is often the easiest and most successful way criminals steal your information.

Protect yourself against "Phishing Scams"

  • If you are ever in doubt about the legitimacy of an email, contact whoever sent it to you directly. If it was a company, look for the contact information online. Do not use the contact information in the email.
  • Ask yourself why someone would be sending you the email. The email might look real and sound urgent but often times if you take a minute to think it over, the email being sent might not be what it seems. Always ask why and think before you act.
  • Never give your personal information via e-mail. People's Community Credit Union will never request personal information via email.
  • Never go to any website by clicking a link in an e-mail Always type the website address in the search bar on your browser. It is very easy to "spoof" a link to a website. Also, always make sure the website has "https" in the address bar. "https" means that the website is secure and no one can look in on what you are doing.
  • Make sure your computer system has all current patches installed and keep your anti-virus/anti-spyware software up to date. Keeping your system patched and your anti-virus software up to date could be the difference between your information being secure or compromised.

Malware

“Malware” is a catch-all term used to describe malicious software. Malware is any type of software or code specifically designed to damage or do other unwanted actions on a computer system. Some malware is simply designed to destroy, while most types are designed for some sort of financial gain. That gain could be from stealing your login credentials, account information, credit card numbers, or any other data on your computer. Malware can even be used to perform other malicious activities with all of the incriminating evidence pointing back to you. There are a number of ways you can be infected with malware. You could open an attachment from a friend who’s already been infected. You could click on an infected link in an email or on a social networking site. You could even click on an infected ad on a website. Cybercriminals are always trying to find a new way to infect unsuspecting users.

Malware not only targets computers but also mobile devices. Most mobile malware is spread by downloading infected apps. Make sure the apps you download and the websites you download them from can be trusted. Also, be aware of what permissions each app accesses on your device.

Protecting yourself against "Malware"

  • Keep your operating system and applications up to date.
  • Make sure that your anti-virus/anti-malware/anti-spyware software is up to date.
  • Be selective on what sites you visit.
  • Never go to a website by clicking a link in an e-mail. Always type the website address into the search bar on your browser.
  • Beware of links on social networking sites.
  • Continue learning about cyber security threats and how to protect yourself.

Keystroke Logging

Keystroke logging is often referred to as keylogging performed by a keylogger. A keylogger (short for keystroke logger) is software that tracks or logs the keys struck on a keyboard. This is typically done stealthily without you knowing that your actions are being monitored. Although there are some legitimate uses for keyloggers, most are used for malicious intent to collect your account information, credit card numbers, user names, passwords, and other private data.

A keylogger can be installed just like any other piece of malware. With just a simple click on an infected link, anything that you type on your keyboard could be sent to someone with malicious intent.

Ransomware

Ransomware is a type of malware that takes over your computer and encrypts all the data. Once the data is encrypted, you have to pay a ransom in order to have it unencrypted. There is only a limited amount of time, normally 72 hours, for you to pay the cybercriminal to unencrypt your data. Most of the time, the longer you take to pay, the more it costs to get your data back. When that time runs out, your data is deleted. Ransomware is very effective because many people do not have backups of their data. Make sure you always have a backup of your data. If you don’t have a backup and something happens, your data it’s gone forever. Ransomware is the fastest growing type of malware that cybercriminals are utilizing.

Phone Security - Vishing Scams

Vishing is a scam similar to Phishing, the scam involves sending a spam email or pop-up message telling you that your account has been compromised and will instruct you to call a phone number to verify your account information. An official sounding automated message will ask you to enter your personal financial information such as your 16-digit credit card number. Some of these scams involve a telephone call to the victim directly in which the caller already has your credit card number but asks you to verify the valuable three digit security code.

Protect yourself against "Vishing Scams"

  • Never give your personal information over the phone. If you feel a call is suspicious, call the company directly to verify the authenticity of the call.
  • Beware of organizations asking for charitable donations. If you want to donate money, contact the organization yourself to make sure that your money is going to the appropriate place.

*Javelin Strategy & Research