DEPARTMENT OF REVENUE ISSUES WARNING ON NEW PHISHING EMAIL ATTACK
The Pennsylvania Department of Revenue reminded the public and tax practitioners to beware of phishing scams that involve fraudulent email messages designed to steal sensitive information, such as passwords, usernames, or personal financial information.
The Internal Revenue Service (IRS) recently issued a warning about a phishing scam that tried to trick tax professionals into “signing” a new e-Services user agreement. “We want everyone to be extremely cautious. Don’t click on any email sent by someone you don’t recognize,” Secretary of Revenue Dan Hassell said. “It’s always a good idea to be especially careful so that sensitive information doesn’t fall into the wrong hands.”
According to the IRS, the scam email claimed to be from “e-Services Registration” and used “Important Update about Your e-Services Account” in the subject line. The email stated, in part, “We are rolling out a new user agreement and all registered users must accept its revised terms to have access to e-Services and its products.”
According to the Federal Trade Commission, phishing scams target recipients through fraudulent emails, texts, or copycat websites. The goal of scam artists is to get you to share valuable personal information, such as account numbers, Social Security numbers, or login identifications, and passwords. Scammers use your information to steal your money, your identity, or both.
SAME DAY ACH DEBITS – IN EFFECT NOW
The Automated Clearing House (ACH) is essentially the rails connecting banks and credit unions in the United States, allowing over $40 trillion to move between various accounts. As part of an effort to improve the ACH payments system, you may notice a change in the times during the day that we apply electronic debits to your account.
Keep In Mind:
Expect certain electronic payments to be taken out of your account more quickly or instantly. (as quick as the same day they’re made – please take this change into consideration when you have ACH debits deducted from your account. Americo has no control over when the ACH files are received and you may need to make changes to ensure funds are available in your account to cover your automatic debits.)
If you are making payments with the expectation that they won’t post for a couple days, this will affect you. (If you have automatic drafts, such as your water bill, power bill, cable bill, etc., this would be a good time to review your agreement with the service provider and verify the effective date of your payment, as it will be deducted from your account on that day.)
Benefits of same day ACH include faster payment times and better control of your cash flow. If you have any questions, please give us a call at (814) 833-0433 ext.209.
ACH debits include electronic payments, automatic drafts, paper check conversions, or any electronic withdrawal from your account utilizing Americo’s routing and transit number.
EQUIFAX DATA BREACH
Equifax Inc. recently announced a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. Criminals exploited a U.S. website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017. The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed.
Recommended steps to help protect your information from being misused:
- Visit equifaxsecurity2017.com and see if your information was exposed. (select potential impact from the menu and enter your last name and the last six digits of your Social Security number)
- Monitor – Monitor – Monitor! Regularly review all activity on your credit reports, credit cards, bank and financial accounts, and dispute or report unauthorized activity as soon as it’s detected.
- Consider freezing your credit reports. That stops thieves from opening new credit cards or loans in your name, but it also prevents you from opening new accounts. (if you want to apply for something, you need to lift the freeze a few days beforehand) (keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts)
- Add a fraud alert on your credit report file. A fraud alert notifies lenders that they should take extra steps to confirm your ID, such as calling you at a preset phone number, before issuing new credit.
WEB & PHONE SCAM
The credit union has been receiving calls from members concerning a fraud scam. While using the web, several members have reported a black screen popping up. Once at this screen, users are prompted “not to touch anything” and contact Advanced Tech Live (844-307-7653). At this point, members are asked for personal information (name, address, account number, routing number, ect.) which has led to several cases of fraud. We encourage everyone to read more about online safety at: https://www.americofcu.com/fraud-protection/be-safe-online/
Some members of the credit union have reported that they received text messages asking for account information from First National Bank. DO NOT reply to this message – this message is NOT from Americo Credit Union. Americo FCU would NEVER call, text or email you requesting personal information, account information or debit/credit card information.
The credit union has been receiving calls from members concerning a fraud scam. If you receive a phone call (reported with multiple 7’s) saying that your debit/master card has been deactivated ignore the phone call. Do not follow the prompts or press any buttons. Do not give any person information. REMEMBER AMERICO FEDERAL CREDIT UNION WILL NEVER TEXT, EMAIL, OR CALL YOU BY PHONE ASKING YOU FOR PERSONAL OR ACCOUNT RELATED INFORMATION SUCH AS ACCOUNT NUMBERS, SOCIAL SECURITY NUMBERS, PASSWORDS OR PINs. IF YOU RECEIVE SUCH A REQUEST, PLEASE LET US KNOW BY CALLING 814-899-6608 or 814-833-0433. DO NOT REPLY DIRECTLY TO THE REQUEST.
NCUA “SPOOFING” ALERT – TEXT MESSAGING
“Spoofing” allows perpetrators to mimic a phone number and then generate text messages. Whether you recieve a text with some type of warning or one just requesting information, do not be persuaded to respond. Also, keep in mind that clicking any link or going to any advertised website within this text is also a scam. Do not attempt to conduct any type of financial transaction, and disregard the message entirely.
PROTECT YOUR COMPUTER, SMARTPHONE AND OTHER MOBILE DEVICES
Be suspicious of unprompted windows that appear without clicking on a hyperlink
Deploy browser security tools and set security settings to disallow popups and certain scripts from running
Always log out of online banking and other sensitive online applications and accounts before going to other websites, so that the sessions do not remain active
CELL PHONE TEXT SCAM ALERT
Individuals are being hit by text messages that indicate their MasterCard has been compromised. Recipients are asked to call (866) 691-1096 and provide account numbers and PIN’s to resolve the problem.
This call is not from your credit union and is a scam to attempt to gain your MasterCard debit and/or credit card information. NEVER give our personal or account information by phone, email or text message. Americo FCU will NEVER call, text or email you requesting personal or account related information that we already have on file.
If you have received this phone call and entered your MasterCard information, please contact the credit union immediately at (814) 833-0433 or (814) 899-6608 during normal business hours to report this. After business hours, please call the Customer Service number listed above.
FRAUDULENT PHONE CALLS
Fraudulent phone calls are being reported. The automated call states your MasterCard has been deactivated and to press 1 to reinstate your card. Then you are requested to enter your card number.
DO NOT reply to this message – this message is NOT from Americo Credit Union. Americo FCU would NEVER call, text or email you requesting personal information, account information or debit/credit card information.
If you have received this phone call and entered your card information, please contact the Credit Union immediately at 814-899-6608 to report this. Thank you.
CELL PHONE SCAM
It has come to our attention that some of our members have received a call on their cell phone that their Americo FCU Debit Card has been compromised, and to press 1 to order a new card.
This call is not from your credit union and is a scam to attempt to gain your debit card information. DO NOT provide this information about your account. Americo FCU will never call, text or email you requesting personal or account related information.
If you have received this phone call and entered your Debit Card information, please contact the credit union immediately at 814-899-6608 to report this.
TEXT MESSAGE SCAM ALERT
It has come to our attention that a few of our Members have received a Text Message stating a company needs to verify the member’s Credit Union Debit Card transactions and to call 407-900-2634. When the member calls this number they are requested to enter their card number, expiration date and PIN number.
These text messages are not from your credit union and is a scam to attempt to gain your card information. DO NOT provide this information about your account. Americo FCU will NEVER text, call, or email you requesting personal or account related information such as account numbers.
If you have received this text and entered your card information, please contact the Credit Union immediately at 814-833-0433 to report this. Thank you.
It has come to our attention regarding an email Phishing attack resembling a Secure Message from FiServ. This message prompts the recipient to open an attachment from their mobile device to firstname.lastname@example.org to receive the mobile login URL. This email advises the recipient to open an attachment that contains “zero day” malicious software (malware). The malware may request or capture the user’s passwords or personal financial information, and may disrupt or damage the user’s systems.
If you receive such an email, delete it immediately. Never open it, never click on its links, never open its attachments, and never reply or forward it. If you have clicked on it, notify the credit union as soon as possible.
Please note that a valid secure message will never contain a .zipfile, or any other compressed file. You should always be alert for emails that contains unfamiliar or suspicious links or attachments, is unsolicited and/or from an unknown sender, is sent multiple times from different senders, or contains poor grammar or incorrectly spelled words.
eMAIL FRAUD ALERT
It has come to our attention that some of our members have received a phishing email that references the “eNFact” product. The email directs the recipient to click on a link that takes them to a mock – Fiserv site that we believe may install malicious software.
If you receive this phishing attack via email, do not open the email and do not click on the link.