CUNA Alert: Irregular Check Card Activity Phishing Notice
The following email message was received by several credit union members.
This is a phishing email, with a phone call response requested. When you call the number, it asks for your card number, your PIN number, and the expiration date of the card. DO NOT RESPOND to this email as it is a hoax.

From: Credit Union National Association [mailto:webmaster@cuna.gov.cabrillo.com]
Sent: Tuesday, October 30, 2007 5:50 AM
Subject: CUNA Alert: Irregular Check Card Activity

Date: October/30/2007

We detected irregular activity on your check card on October/30/2007.
For your protection, you must verify this activity before you can
continue using your card.

You will need to reactivate your card before we can review the activity.

Call us immediately at 1.888.697.0469. We will review the activity on
your account with you and upon verification, we will remove any
restrictions placed on your account. Please disregard this notice if you have
already accessed the web site or spoken with one of our representatives.

Again, DO NOT RESPOND to this email as it is a hoax.
If you have been victimized by a spoofed e-mail or website, please call the credit union right away at 858-547-7400.

Overseas Check Fraud
One of the newest scams in today’s society is known as overseas check fraud. This form of check fraud is typically targeted toward elderly people but everyone is a potential victim. While you may not be in this group you should be aware, because some of your loved ones could be. This is how it typically works:

• You will receive an unexpectedly large check in the mail.
• The accompanying letter will ask you to call to redeem your prize.
• The operator you reach, will probably sound foreign and ask you to deposit the check and send one of your own checks back to them to cover insurance or another unrelated charge.
• The check you deposited will bounce, and they will disappear with the money you sent to them.

Remember, if it seems too good to be true, it probably is. Never give account information over the phone, and NEVER send a check. Be aware, thousands of people are defrauded by this scam every year. If you are sent anything suspicious, report it immediately to the Federal Trade Commission FTC at 1-877-FTC-HELP or visit them online at http://www.ftc.gov.

Taking Steps To Keep You And Your Credit/Debit Card Purchases Safe
In an effort to prevent potential fraudulent activity on your card, the credit union will be implementing a new security procedure on April 18, 2007, that will deny transactions that seem potentially fraudulent. To make sure unusual purchases do not get declined, please keep personal information updated, especially phone numbers, and inform the credit union at 858-547-7400 when you will be making larger purchases than normal (such as a big-screen TV or expensive jewelry), or if you’ll be making purchases while out of the country. This new security procedure will help protect you from fraud and help prevent loss.

NAFCU Phishing E-mail
There is an e-mail that is being sent out with the subject line, "NAFCU Notice - Security Measures" asking credit union account holders to verfiy account information. DO NOT click on the link to "log in" to your account, this is a fraudulent email. The email appears as follows:

Dear Federal Credit Union account holder,

We have recently noticed many attacks to our database and this requires to
rebuild our system integrity. We regulary screen our members account information
to reduce fraud and ID-theft.

This security measure is intended to help protect our members
and their bank accounts. We are sorry for any inconvenience. However, failure in updating your account records will result in suspension or limiting your account access.

Click here to login to your account.

Copyright 1999-2006 National Association of Federal Credit Unions. All rights reserved.
Please do not reply to this email as it will not be reviewed.

Financial Service Centers Cooperative, Inc. (FSCC) Phishing Notice
There is an e-mail that is being sent out with the CU Swirl logo on it and referring to a $25 reward survey if you click on the link and provide personal information such as card number, pin number and account number. DO NOT OPEN THIS E-MAIL!!! It is not from FSCC and can possibly contain a virus. The e-mail appears as follows:

New Phishing Method: Customer Survey Phishing Scam
The latest phishing scam involves an online survey. The scam e-mail you may receive starts with: "The Online department kindly asks you to take part in our quick and easy 5 question survey. In return we will credit $50.00 to your account - Just for your time!" The e-mail goes on to describe how it only takes two minutes, your answers will help them. It is well done and looks authentic. Of course, this fraudulent email doesn't really take you to the credit union or bank website. The web page itself and the initial questions they ask look quite authentic.

The catch, of course, is that they say that in order to credit your $50 reward, they need your credit union or bank User ID and password, as well as your credit card number, expiration date, three digit security number, Social Security number, ATM PIN Number, zip code, mother's maiden name and email address.

The ploy of using a $50 reward for a customer service survey can be an effective phishing lure.

If you have been victimized by a spoofed e-mail or website, please call the credit union right away at 858-547-7400.

Telephone-Based Phishing Attacks
Another fraud trend surrounding Phishing involves using your phone. This new form of fraud involves emails, which are sent to consumers directing them to dial a telephone number instead of going to a website to update their personal information. When the consumer dials the fraudulent phone number, they are directed to enter their personal information (i.e. card number, PIN, security code, etc.). Of course once this happens, your personal information has been stolen and will be used without your permission.

DO NOT PROVIDE your personal information without checking the source of the request.

REMEMBER, the credit union will NEVER ask you to send your personal information via email or telephone!

Steps you can take to Avoid Being a Victim• ONLY use your card PIN for ATM and POS transactions.
• NEVER respond to any email that directs you to update your personal information by dialing a telephone number or utilizing a website. ONLY use the customer service number on the back of your card.
• REMEMBER, the credit union will NEVER ask you to send your personal information via email or telephone! You should never provide your personal information or any PIN numbers or codes in response to an unsolicited phone call, fax, letter or email.
• Please report any phishing emails with suspicious phone numbers to your local federal law enforcement agency. Most agencies now have specific cyber threat units that are well-versed in investigating these claims.
• Never click on the link provided in an e-mail you believe is fraudulent.
• Do not open an attachment to an unsolicited e-mail unless you have verified the source.
• Do not be intimidated by an e-mail or caller who suggest dire consequences if you do not immediately provide or verify information.
• If you believe the contact is legitimate, go to the company's website by typing in the site address directly or using a page you have previously book marked, instead of a link provided in the e-mail.
• Visit the FTC (Federal Trade Commission) website, www.onguardonline.gov. You can take quizzes about ID theft, phishing, spam and online-shopping scams. Elsewhere on the site, you can find detailed guidance on how to monitor your credit history, use effective passwords and recover from identity theft.

If you think you have been a victim, please call the Credit Union right away at 858-547-7400.

Recently, the credit union was a victim of one of the fastest-growing frauds called “phishing”. Phishing involves bogus email messages that look like they are legitimate credit union messages. The scammers use credit union logos in these emails to make the recipient think the message is from the credit union. The fraudulent email usually asks for personal information, such as account information, credit card and/or Social Security numbers. In this recent case of phishing, the fraudulent email asked you to confirm your “Online Bank” passwords. We did NOT send this message, as the credit union would NEVER ask you to send your personal information via email.

Here is how to protect yourself from future Phishing Scams:
Never respond to an unsolicited email that asks for personal financial information. If you think this may be a legitimate message, call the credit union right away to verify them as the sender.

Report suspicious emails to the Internet Crime Complaint Center at www.ic3.gov. This is a partnership between the FBI and the National White Collar Crime Center.

Look for the VeriSign™ logo. When you see this button, click on it and a screen will pop up with identity verification and assurance that the website is secure and encrypted.

In the future, if you think you have been scammed, please contact the credit union immediately at 858-547-7400.

Remember, the credit union will NEVER ask you to send your personal information via email. You should never provide your personal information in response to an unsolicited phone call, fax, letter or email.

We apologize for the inconvenience and confusion this recent phishing has caused and we want to assure you that we are taking all measures possible to keep your personal information safe.

If you have been the victim of identity theft, contact:

1. Federal Trade Commission
FTC, Consumer Response Center
600 Pennsylvania Avenue
NW, Washington D.C., 20580
1-877-382-4357

2. Fraud Units at the three principal credit reporting agencies:

Equifax
1-800 525-6285
P O Box 740250
Atlanta, GA 30374-0250

Experian (formerly TRW)
1-888-397-3742
P O Box 1017
Allen, TX 75013

Trans Union
1-800-680-7289
P.O. Box 6790
Fullerton, CA 92634

Contact the major check verification companies if checks were stolen or bank accounts were set up by an identity theft:
a. CheckRite 1-800-766-2748
b. ChexSystems 1-800-428-9623
c. CrossCheck 1-800-552-1900
d. National Processing Co (NPC) 1-800-526-5380
e. SCAN 1-800-262-7771
f. TeleCheck 1-800-710-9898

For the latest facts and statistics about identity theft, visit idtheftcenter.org.

MasterCard® SecureCode
Have you made an online purchase recently? Have you been asked for your MasterCard SecureCode? This is a new service to enhance your existing MasterCard account. A private code means added protection against unauthorized use of your card when you shop at participating online merchants.

Once you've registered and created your own private SecureCode (which you may do at this website), you will be automatically prompted by your financial institution at checkout to provide your SecureCode each time you make a purchase with a participating online merchant. Your SecureCode will quickly be confirmed by your financial institution, and then you may complete your purchase. Your SecureCode will never be shared with the merchant. It's just like entering your PIN at an ATM.

When you correctly enter your SecureCode during a purchase at a participating online merchant, you confirm that you are the authorized cardholder and your purchase is then completed. If an incorrect SecureCode is entered, the purchase will not be completed. Even if someone knows your credit or debit card number, the purchase cannot be completed without your SecureCode at a participating merchant.

If you would like further information regarding the MasterCard SecureCode, or if you’d like an online demonstration, please visit MasterCard® SecureCode™.

Click Here for information to help you avoid internet scams.

For Your Information
In today’s age of information fraud and identity theft, it is important to check your credit report annually. It is also important to review your credit report before making a major purchase so you can have any errors corrected before it slows down your credit approval or prevents you from getting the best possible loan terms.

Good news! As of December 1, 2004, residents of California are entitled to order one free credit report per year. The simplest way to get your free credit report is to visit this website (www.annualcreditreport.com), which will allow you to view your credit report online immediately. Upon viewing your credit report, you may also dispute items online to work toward a very quick resolution.