Member Safety and Protection 

Protect yourself from today’s common scams

Today’s criminals are more sophisticated and brazen than ever. Staying vigilant and protecting your identity and money is difficult but we’ve compiled some helpful information for you.

Scams During Natural Disasters

Cyber scams often rise during major events like natural disasters, taking advantage of people’s desire to help. It’s important to be cautious when donating or seeking assistance.

1. Recognizing Red Flags in Scams
   • Watch for Misspellings or Strange URLs:
     Scammers often create fake websites with suspicious domain names. If you notice a misspelled URL or a security warning when accessing a site, proceed with caution.
   • Urgency and Emotional Appeals:
     Scammers target current events, like disasters, to make their fake requests seem more urgent. These scams are more convincing when they’re tied to real-world crises.
     
     
2. Protect Yourself When Seeking Help
   • Beware of Phony Assistance Offers:
     If someone claims to be offering help, especially after a disaster, verify their identity. Scammers may try to steal sensitive personal information or even identity details. Remember, only donate to campaigns that go to people you know.
   • Watch Out for Phishing Attempts:
     Phishing emails, spam phone calls, and text messages can direct you to fraudulent websites. Be cautious about unsolicited contact, especially if it claims to be from a government agency or charity.
     
     
3. How to Safeguard Your Donations
   • Check for Legitimacy:
     Before donating, research the organization. The Better Business Bureau recommends checking a charity’s credibility on Give.org. GoFundMe also maintains a list of verified fundraisers for transparency.
   • Be Skeptical of Social Media Ads:
     Not all paid ads are trustworthy. Always confirm the legitimacy of any organization or fundraiser you come across online.

Final Tips

• Double-check URLs and contact information.
• Look for clear explanations of how donations will be used.
• Stick to trusted platforms and official channels for donations and assistance.

Stay informed and protect yourself and others from fraud. For more information on resources, view our Member Assistance Page.

Spoofing

Spoofing is a type of cyber fraud where a fraudster disguises their email to make it appear that it came from a recognized source like a company or someone you know.  Oftentimes, the bad actors take advantage of your trust to hide their criminal intent, which is often to steal username and password information.

Here are some tips on recognizing a spoofed email:

1. Verify Email Addresses
   • Carefully check the sender’s email address for any discrepancies or unusual variations.  A common variation is extra letters or characters in the email address or domain name.
2. Urgent Requests
   • Be suspicious of emails that request sensitive information or ask you to take immediate action, especially if it references payments or deliveries
3. Poor Grammar and Spelling Errors
   • Be on the lookout for typos or anything that seems out of place.
4. Unexpected Attachments or Links
   • Do not respond or take action, especially those requesting personal information or urgent actions, especially from senders you don’t recognize or don’t typically work with.

If you suspect an email is spoofed, contact the sender through a different communication method to verify the email’s authenticity.

Identity Theft

Identity theft occurs when someone uses your personal information such as your name, Social Security number, driver’s license, credit card number, or birth date to access your bank accounts, open new accounts, or apply for credit cards or other loans in your name.  It is the nations fastest growing financial crime.

Identity theft could be happening to you for months before you find out about it, and you don’t have to shop online or fall for a telemarketing scam to become a victim. Fortunately, there are many ways to protect yourself. The following sites offer a wealth of information on protecting yourself as well as actions to take if you suspect your identity has been stolen.

• United States Government -Identity Theft 
• Federal Trade Commission – Consumer Advice 
• Federal Trade Commission – Identity Theft

What to do if your identity is stolen 

Contact the three major credit bureaus and ask them to place a “fraud alert” in your file, so lenders and other credit report users will be careful before starting or changing accounts in your name.

• Equifax: 800.525.6285
• Experian: 888.397.3742
• Trans Union: 800.680.7289
• Contact First City Credit Union and any credit card company or financial institution that you do business with. If necessary, close old accounts and open new ones, and select new passwords and PINs (personal identification numbers). Your call also may alert the credit union to scams that might be targeting other members.
• File a complaint with the Federal Trade Commission. Trained counselors provide information on how to resolve problems and repair damage to your credit records. They may refer certain cases to law enforcement agencies, regulatory agencies, or private entities that can help. For information, call 877.IDTHEFT (877.438.4338) or visit the Federal Trade Commission website.
• Contact local police or authorities where the identity theft occurred. Fill out a police report detailing what happened. Get a copy of the completed report- that can help clear up questions and problems when dealing with creditors and other financial institutions.
• New federal law entitles all consumers to ask each of the three major credit bureaus for free copies of their reports once in every 12-month period. Go to www.ftc.gov/credit or call 877-382-4357 for more details and to see when you can make your requests. You don’t have to ask all three credit bureaus for your reports at the same time; you can stagger your requests if you prefer. Do not contact the credit bureaus directly for these free annual reports. They are only available by calling 877-322-8228 or going to www.annualcreditreport.com. You can make your requests by phone or online, or download a form to mail your requests.

You may also review our common warning signs Common Warning Signs (PDF) and member scam resource pages RCS Member Scam Resource (PDF).

Scams – Common Warning Signs

Scams are often hard to detect at a quick glance; however, these common red flags can help. Keep in mind, it is not uncommon for fraudsters to use intimidation tactics and urgent requests.

1. Pretending to be from an organization you know.
   • Scammers often pretend to be contacting you on behalf of the government, your medical and/or financial institutions, or other known organizations such as utility service, universities, schools, non-profit organizations and more.
   • Scammers use technology to change the phone number that appears on your caller ID, so the name and number you see might not be real.
2. Scammers say there is a problem or prize.
   • Scammers will use scare tactics to make you think you are in trouble with the government, you owe money, someone in your family has an emergency, there is a virus in your computer and more.
   • Another scamming tactic includes saying there is a problem with one of your online accounts and verifying personal identifying information. First City Credit Union will NEVER call, email or text you asking for your personal information.
   • Other scamming tactics include lying to say you have won money in a lottery or sweepstakes, but you have to pay a fee to access the cash.
3. Scammers pressure you to act immediately.
   • Scammers do not want to give you time to think. If you are on the phone, they might tell you not to hang up so you cannot confirm their story.
   • Some scammers will go as far as to say they are threatening to arrest you, sue you, take away a license, or deport you.
4. Scammers tell you to pay in a specific way.
   • Scammers often insist that you pay be sending money through a money transfer company or by putting money on a gift card and having you send it to them.
   • Some scammers will also send you a check (a fake check), tell you to deposit it, and then send them money.

Five Ways to Avoid a Scam

1. Block unwanted calls and text messages.
2. Do NOT give your personal or financial information in response to a request you did not expect.
   • Real or legitimate organizations will not call, email, or text you to ask for personal information like your social security number, bank account or credit card numbers.
3. Resist the pressure to act immediately.
   • Real or legitimate businesses will give you time to make a decision. Anyone who pressures you to pay or give them your personal information is a scammer.
4. Know how scammers tell you to pay.
   • NEVER pay someone who insists you pay with a gift card or by using a money transfer service such as account to account transfer, Zelle®, CashApp, Venmo or other money transferring services.
   • NEVER deposit a check and send money back to someone.
5. Stop and talk to someone you trust.
   • Before doing anything else, tell us, a friend, family member, neighbor, or someone you trust what has happened to you. Talking about it could help you realize you are about to be scammed.
   • First City Credit Union is here to help our members who may feel as if they are victims of fraud. If you feel you may be a victim of a scam, call 1-800-944-2200 or visit a local First City Branch immediately.

Other Helpful Tips to Protect You

Email

• Don’t always trust the display name – criminals will spoof the email name to appear to be a legitimate sender.
• Check for misspelled words, bad grammar, and/or typos within the content.
• Be cautious of clicking links and opening attachments DON’T CLICK unless you are confident of the sender or expecting the attachment.
• Asking you to share a one-time passcode sent to your device (when they called you).
• Check the salutation – many legitimate businesses will use a personal salutation.
• Do not provide personal information when asked.
• Be suspicious of “urgent” or “immediate” response needed or “unauthorized login attempt” of your account.
• Don’t believe everything you see. Brand logos, names and addresses may appear legitimate.
• The recipient group seems random or unusual (e.g. all last names begin with the same letter).
• The email appears to be a reply to a message that you didn’t actually send.
• Monitor the sender’s email address for suspicious website addresses (URLs & domains) – often using similar letters and numbers.
• If something seems suspicious; contact that source with a new email or phone call, rather than just hitting reply.

Passwords

• Never give out your password to anyone. Never give it to friends, even if they’re really good friends. A friend can – maybe even accidentally – pass your password along to others or even become an ex-­friend and abuse it.
• Don’t use just one password. Using different passwords for different sites ensures that a breach at one site does not compromise your other accounts.
• Make the password at least 8 characters long. 10 or 12 characters is even better. Longer passwords are harder for thieves to crack.
• Include numbers, capital letters and symbols.
• Password Protect Phones – Use a “password” or fingerprints for your phone. The information we have on our phones is too important to not protect.

Miscellaneous

• Phishing Attacks Don’t fall for “phishing” attacks. Be very careful before clicking on a link (even if it appears to be from a legitimate site) asking you to log in, change your password or provide any other personal information. It might be legit or it might be a “phishing” scam where the information you enter goes to a hacker. When in doubt, log on manually by typing what you know to be the site’s URL into your browser window.
• Secure Devices Make sure your devices are secure. The best password in the world might not do you any good if someone is looking over your shoulder while you type or if you forget to logout on a cybercafe computer. Malicious software, including “keyboard loggers” that record all of your keystrokes, has been used to steal passwords and other information. To increase security, make sure you’re using up­-to-­date anti-­malware software and that your operating system is up­-to-­date. 

And remember that First City will never call, email, or text you asking for your username, password, PIN, or other personal information.   If in doubt, call us directly at 800-944-2200, option 9.