Fraud Alerts / Security
Counterfeit Cashier's Check Alert
The credit union has received several inquiries regarding
counterfeit checks. These checks are being used in a variety
of scams in an attempt to gain excessive amounts of cash from
unsuspecting consumers. Several scams include the following:
Work-At-Home/Secret Shopper Ads - Perpetrators examine newspapers, websites, and online job postings offering small but fast employment. Generally they will forward the unsuspecting consumer a counterfeit check and request that the amount over what was agreed, be returned in the form of a Western Union transfer.
Online Sales - Consumers are sent counterfeit checks to pay for an item purchased online with a request that the over payment of funds be sent back to the purchaser.
Often times, these counterfeit items look very genuine and authentic. Emory Alliance encourages all consumers to follow the guidelines issued by the US Department of Justice and the Federal Bureau of Investigation to avoid becoming a victim of these scams.
Click here to learn more about the latest scams and get tips from the FBI on how to avoid becoming a victim.
Internet / E-Mail Fraud Alert
Recently, there have been multiple e-mail fraud attempts, known as "Phishing", that were initiated via e-mail sent to both the general public and to some credit union members that appeared to be from NCUA. This false e-mail asked the recipient to click on a link to verify their credit union account registration. If the recipient proceeded to do so, the link directed them to a false website and asked for their credit union account number and PIN, along with other personal information. NCUA DOES NOT ask credit union members to provide such personal information. Please delete these emails immediately. If you believe you have received a fraudulent phishing e-mail purportedly from NCUA please forward the
entire e-mail message to Phishing@ncua.gov.
Beware of Fraudulent E-Mails
Storm Worm virus
Around holidays, such as Valentine's Day, look out for spam e-mails spreading Storm Worm malicious software (malware). An e-mail directs the recipient to click a link to retrieve an electronic greeting card (e-card). Once the user clicks the link, malware is downloaded to the computer, which becomes infected as part of the Storm Worm botnet. A botnet is a network of compromised machines under the control of a single user. Botnets are typically set up to facilitate criminal activity such as spam e-mail, identity theft, denial of service attacks, and spreading malware to other machines through the Internet.
The Storm Worm virus has capitalized on various holidays in the last year by sending millions of spam e-mails with an e-card link included. Valentine's Day has been identified as another target.
FBI identifies recurring fraudulent e-mail scams
The FBI reports that cybercriminals are sending fraudulent e-mails to unsuspecting recipients about a complaint that has been filed with the Department of Justice, the Internal Revenue Service, the Social Security Administration, or the Better Business Bureau. They claim that the complaint names the recipient or their company.
The e-mails appear to be legitimate messages from the above departments. They address the recipients by name, and other personal information may be contained within the e-mail. The scam appears to be an effort to secure Personally Identifiable Information (PII), such as Social Security numbers and birthdates. The nature of these scams is to create a sense of urgency for the recipient to provide a response by clicking on a hyperlink, opening an attachment, or initiating a telephone call.
The FBI suspects this e-mail refers to a complaint that is in the form of an attachment, which actually contains virus software designed to steal passwords from the recipient. The virus is wrapped in a screensaver file, which most anti-virus programs are unable to detect as malicious in intent. Once downloaded, the virus is designed to monitor user name and password logins, and record the activity, as well as other password-type information, entered on the compromised machine.
Vishing attacks increase
Many people have received an e-mail, text message, or telephone call, supposedly from their credit card or debit card company directing them to call a telephone number to re-activate their card due to a “security issue.” The IC3 has received multiple reports of variations of this scheme known as "vishing."
Vishing operates like phishing with scammers trying to persuade consumers to divulge their Personally Identifiable Information (PII), claiming that their account was suspended, deactivated, or terminated. Recipients are directed to contact their financial institution via a telephone number provided in the e-mail or by an automated recording. Upon calling the telephone number, the recipient is greeted with "Welcome to the (name of bank or credit union) …" and asked to enter their card number in order to resolve the pending security issue.
For authenticity, some fraudulent e-mails claim the bank or credit union would never contact customers to obtain their PII by any means, including e-mail, mail, or instant messenger (but not by telephone). These e-mails further warn recipients not to provide sensitive information when requested in an e-mail and not to click on embedded links, claiming they could contain "malicious software aimed at capturing login credentials."
A new version recently reported involves sending text messages to cell phones, claiming the recipients' online banking account has expired. The message instructs the recipients to renew their online banking account by using the link provided.
If you receive this type of email, DO NOT RESPOND.