Protect Yourself
Scams and identity theft are rampant. If you’ve got a telephone, a credit or debit card, or a computer, then you could be a target. Get hit, and you could spend years setting your finances and your reputation right. Often your first line of defense against becoming a victim of identity theft is simple common sense.
BFCU will never initiate a call, letter, or e-mail asking you to verify, update, or otherwise provide sensitive information, nor will we deny you access to your accounts until you provide such information.
If you are a BFCU member, remember that we already know your account number and account history, but we maintain no record of your account-related PINs or passwords. However, if you initiate the contact, we will need information to identify you to resolve your issue. And we do require information to personally identify you when you open a new account. In both cases, you initiated the contact.
MEMBER ALERT October/November 2024
Members are experiencing an uptick in fraud activity. Remember: We do not send texts asking you to verify or cancel transactions. NEVER click links in unexpected texts. If you do, look for telltale signs you’re not on our legitimate website. Fraudsters can build login pages that look amazingly similar to our legitimate login page, but there are some items they cannot spoof. Look for your security image and security phrase BEFORE you enter your password. If you don’t see them, you’re NOT on our legitimate login page. Instead of clicking links, key our web address (bdfcu.com) into your browser’s address bar and use the secure login. Or use our mobile app. And never provide sensitive account information such as your debit card number, expiration date, or security/cvv number to someone claiming to call from the “Fraud Department.” Remember, we already have that information. We’re not going to call you to ask for it. However, if you initiate the call to us, we will need to ask you to verify certain account details to prove your identity.
MEMBER ALERT May 2024
Some members have received this scam text impersonating Bulldog FCU. The link goes to a fraudulent website. Do NOT click the link. Report the text as junk and delete it from your phone. Bulldog will never ask you to unlock your account.
MEMBER ALERT September 2023
Some members have recently received scam phishing texts that appear to come from “BULLDOG FCU ALERT”. The texts may claim that an “E-Pay” of a certain dollar amount has been processed with instructions to open a link if they did not make that purchase. Texts like these are scams. Do NOT click the link. Instead, delete and/or block the number and report it as spam if you have that functionality.
Tips to fight Identity Theft
- Never click a link or open an attachment in an unsolicited e-mail. Be wary of secure emails and/or attachments.
- Never share your online banking credentials or other sensitive information, especially if you didn’t initiate the contact.
- Don’t be intimidated by an e-mail or caller who suggests dire consequences if you do not act immediately or provide/verify financial information.
- Avoid filling out forms in e-mails. Communicate sensitive information only via secure website or telephone.
- Monitor your online accounts frequently and check your statements promptly.
- Request your annual free credit report from https://www.annualcreditreport.com/ (new window/tab) (the only authorized source under federal law) from a different credit bureau every 4 months and check it carefully.
- Make your passwords long (the longer the better) and complex with a mix of upper- and lower-case letters, numbers and symbols. Never use common words or numbers that could easily be associated with you like pet names or children’s birthdates or anniversaries. Don’t reuse passwords, use the same password for multiple sites, or store passwords where they can be found. Consider using a password vault.
- Buy a shredder…and use it!
- Don’t carry your Social Security card with you. And don’t provide it unnecessarily. If a vendor or service provider asks for it, ask them why they need it and how they plan to protect it.
- Remove incoming mail from your mailbox as soon as possible, and place outgoing mail inside the post office if possible.
- Install virus protection on your devices and keep it up to date.
- Enable multi-factor authentication (MFA) when possible. It’s an extra layer of security that involves receiving a passcode through another channel, such as your phone or email. If someone has your online banking credentials, it’s unlikely they’d also have your cell phone or access to your email.
- Take advantage of the alerts in online banking and your Bulldog debit card. These free features are there for your protection. Use them.
- Remember, caller ID can be faked and websites can be spoofed. Don’t believe everything you see.
- Look for the ‘s’ in https in your browser’s address line to indicate you’re on a secure site when shopping online.
What to do if you fall victim
- Contact us (and any other affected financial institution) immediately.
- File a police report with local law enforcement. You’ll need this later.
- Contact the fraud division at one of the three major credit bureaus listed below to place a fraud alert on your file. The bureau you contact will share the information with the other bureaus.
- Report all suspicious contact to the Federal Trade Commission at http://www.ftc.gov/ (new window/tab).
- Visit IdentityTheft.gov. This one-stop victims’ resource hosted by the federal government has information and recovery plans for more than 30 types of identity theft, including child identity theft, medical identity theft, and tax-related identity theft. When you use IdentityTheft.gov to report a problem, you’ll get a PERSONAL RECOVERY PLAN that:
- walks you through each recovery step for all different kinds of identity theft
- tracks your progress and adapts to your changing situation
- pre-fills letters and forms for you.
To learn more, visit the Federal Trade Commission’s website.
Schemes, Scams & Red Flags
From debt collection schemes to online dating scams, fraudsters find countless clever ways to bilk you out of your hard-earned money. Let your guard down and you run the risk of losing money you may never be able to recover. While the variations seem limitless, most scams have 2 simple goals: 1) Steal your hard-earned money. Or 2) Get you to launder dirty money.
Never share your digital banking credentials. That’s like handing over the key to your home or the combination to your safe. If someone wants your online banking credentials so they can send you money, that’s a red flag. Once they have digital access to your account, they can drain your funds through bill pay, external and person-to-person transfers, and more. They can launder money by depositing fraudulent checks through mobile deposit then sending the funds elsewhere.
Know who you’re dealing with. If an unsolicited call or email seems fishy, trust your gut and do your research. Don’t rely on the links or phone numbers they provide. Use contact information from another source that you know is accurate. When it comes to online romance, be especially wary. If your online flame resists meeting you in person and suddenly has an urgent need for funds or can’t access banking services, run! Don’t share your online banking credentials so they can “send you money.” That’s a ploy to gain access to your account so they can carry out other nefarious activity.
If it sounds too good to be true, then it probably is. If you didn’t enter a contest or play a lottery, then you didn’t magically win one. If somebody calls you out of the blue to tell you you’ve won something, don’t give them your account information so they can “deposit your winnings.” Hang up! It’s a scam. And never pay to collect winnings.
Slow down and think. Threat actors often try to instill a sense of urgency to get you to act quickly without thinking things through. If someone tells you to act now or that your action is required immediately, that’s a red flag. These red flags can pop up in unsolicited texts or emails (e.g. Your account has been locked. Click now to verify.) or in more sinister ways when fraudsters impersonate a loved one who’s “in dire need of assistance.” It’s only human to be vulnerable to pleas for help from loved ones. But stop and think. Did that really sound like your grandson’s voice? If it did, is there someone else you can call to see if the story is plausible?
Don’t be a mule. A money mule is someone who moves illegally acquired money on behalf of someone else. Criminals recruit money mules to help launder proceeds from scams, making it harder for law enforcement to trace money trails. If you are moving money at the direction of another person, you may be a money mule. Mules can move funds through bank accounts, cashier’s checks, virtual currency, prepaid debit cards, or money service businesses. They often receive a commission for their service, or they might provide assistance because they believe they’re helping a trusted friend or romantic partner. Acting as a money mule is illegal, even if you aren’t aware you’re committing a crime. You could face federal charges for mail fraud, wire fraud, bank fraud, and money laundering, and be held personally liable for repaying money lost by victims.
Beware of strangers bearing checks. If someone sends you a check and instructs you to cash it, keep some, and send the rest back, don’t do it. Checks could be from individuals (sometimes an online flame you’ve never met in person), companies, universities and even the U.S. Treasury, and they’re all counterfeit. Random checks are usually portrayed as an opportunity for you to make money (cash the checks and send the funds back to earn a percentage of the proceeds). Or scammers could ask you to be a mystery shopper for which you’re promised payment. They’ll often include a note in the memo section such as “payment approved” to make you think the check is good. They may instruct you to deposit the checks through an ATM or mobile deposit to avoid interacting directly with a teller. And they’ll often instruct you to return the funds in the form of gift cards, leaving you on the hook to cover the full amount of the counterfeit check when it’s returned as fraudulent.
Avoid placing outgoing mail in your mailbox. A raised flag on a rural mailbox is an easy target for opportunistic fraudsters. Thieves pilfer your mail to gain access to your checks that they “wash” by chemically removing the ink so they can rewrite them in higher amounts to different payees. When writing checks, use a gel-type pen. It soaks into the check fibers and is harder to wash. Deliver your outgoing mail directly to the post office whenever possible (and don’t let incoming mail linger in your mailbox), or save time and stamps and safely pay your bills online instead.
Common Scam Red Flags
- Any unsolicited request for your online banking credentials or other personal info
- Winning something when you didn’t enter/play to win
- Being asked to pay to collect a prize or get a job
- Pressure to act immediately, sense of urgency
- Pay for work you didn’t do or that exceeds the value of the job
- Online flame who asks for money yet refuses to meet you in person
- Links or attachments in unsolicited emails
- Insistence that you wire money or pay by gift card
- Use of scare tactics (loved one in danger, computer hacked, account compromised)
- Receiving a check or overpayment and being asked to return some funds