Blog

New Venmo Scam Targets Payment App Users

“A new Venmo scam is making the rounds nationally, one that can lead to massive financial losses in your Venmo account.

Payment apps are a fairly new invention, especially peer-to-peer apps that are connected to your bank account or a credit card. Unfortunately, what is not new is phishing scams.”

Continuing reading this article at idtheftcenter.org.

Cyber Security Tip: Who’s that friend request from?

Social Media friends or foes?

Cyber criminals often create fake profiles to befriend you. The ultimate goal is to get you to leak confidential data to them (either about you or the company you work for). Be careful of the friend requests you accept on any Social Media sites (Twitter, Snapchat, Instagram, Facebook, LinkedIn, etc.).

Trust no Social Media “friend” (unless you know them in real life and you’re absolutely, positively sure they can be trusted).

Beware of Wire Fraud

Protecting our members from fraud is always a top priority at Georgia’s Own. One of the areas in which financial institutions are seeing an escalation of fraud relates to wire transfers.  Unsuspecting members are deceived into transferring or receiving funds electronically to/from fraudsters. Wire fraud is an intentional act to defraud another individual or entity of his/its money and this is a federal crime.

Fraudsters use a variety of tools including phishing emails, compromised websites/emails, and fake friend requests on social media sites to commit these crimes.

Examples of Wire Fraud:

• Wire request sent to an individual’s name for a real estate closing, instead of an Attorney’s office.
• An email is sent from “a family member who is in jail”, or a person “getting a divorce and they don’t want the rest of the family to know, and they need help”, so the money has to be sent to the lawyer representing them.
• An email is sent from “a member who is travelling overseas and needs some money wired to them because they got robbed in a foreign country and they have no cash.”
• A social media friend sent an email that they received an inheritance and they want to transfer the funds to the United States. The recipient is then asked if the money could temporarily be deposited to the recipient’s account and an offer is made to pay a percentage of the money to the recipient, once the money is transferred to a safer bank. The victim would provide their account number for the transfer to be completed.

Always verify where the money is supposed to be wired to — especially if you get wire instructions by email. Hackers can alter emails (even from people you’ve been working with for several weeks) and instruct you to send money to the wrong place. Be vigilant; always call the recipient to verbally verify the wire instructions. Anyone can be a victim of this type of fraud and should take every precaution to protect themselves.

Receiving Funds:

When you receive funds into your account it’s important to verify you actually received a “real wire deposit” into your account. Fraudsters like to take advantage of their victims when they sense the victim is somewhat confused by promising to send a wire transfer but actually sending the funds using a different (reversible) method. Ask yourself these questions:

• Who sent the funds?
• What were the funds for?
• Where did the funds come from?

Preventing Wire Fraud:

Here are some general rules you should follow to guard against becoming a victim of fraudulent wire requests.

• Confirm email requests from a known party by phone or in person, in case their email has been hacked.
• Be wary of email-only wire transfer requests and requests involving urgency.
• Never wire money to people whom you don’t know – regardless of how convincing or legitimate their wire request looks and sounds.
• Ignore any offer from someone you don’t know who asks you to deposit a check in your account and then instructs you to wire that money to someone else.
• Never open attachments in unsolicited email.
• Frequently update anti-virus and anti-malware programs.
• Closely monitor your bank accounts on a daily basis.

What should a Georgia’s Own member do if they become a victim of a wire fraud?  Please contact [email protected].  We also recommend that members contact local law enforcement, as well as the FBI’s Internet Crime Complaint Center (ic3) at www.ic3.gov.

With fraud scams becoming more sophisticated and more prevalent, Georgia’s Own is not only ensuring our policies and procedures are thorough and practiced, but we also want to educate our members on what they can do to avoid being victims of fraud. That’s why we remain committed at Georgia’s Own to protecting our members from being victims of fraud.  We also want to raise awareness as to what our members should do to stop these fraudsters. After all, prevention is the best protection when it comes to fraudulent activity.

Equifax Breach: What You Need to Do Right Now

You’ve probably seen the news regarding the recent data breach involving Equifax. Even though this is not a Georgia’s Own event, we want to make members aware of the facts as well as recommend some resources to help you respond to the data breach.

Chances are good that the Equifax data breach affects you. What do you do next? The short answers: Consider a credit freeze. Scrutinize your credit statements. And check your credit reports from all three credit bureaus.

Equifax says hackers used a website application vulnerability to access the personal information of about 143 million U.S. consumers, or more than half of the country’s adult population. Credit bureaus such as Equifax are an especially sensitive target because they handle detailed financial records, and it’s nearly impossible for consumers to avoid credit reporting. Every time you apply for credit, the personal data — including your name, birthdate and Social Security number — you share can be stored by a reporting bureau.

Most credit card issuers and lenders report consumer activity to all three major U.S. credit bureaus, and your data is likely duplicated at Experian and TransUnion. There’s no reassurance in the fact that only one bureau was hacked.

“On a scale of 1 to 10, this is a 10, and that’s because of the quality of the data … your Social Security number is the skeleton key for your identity,” said Adam Levin, founder of CyberScout, a company offering identity theft and data breach defense services.

Freeze your credit for the best protection

Credit freezes prevent stolen information from being used to open new accounts in your name by restricting access to your records. Without access to your credit history, most creditors won’t open a new account.

“We have to assume that our personal information is exposed and act accordingly,” Levin said. He said a credit freeze has become “a critical thing to do.”

Credit expert Barry Paperno, who blogs at Speaking of Credit, agreed: “That’s the most extreme method, but it’s also the most effective.”

But this most effective method will cost you in money and inconvenience.

A freeze might cost you a small fee, which varies from state to state, but it’s better than a credit monitoring service. A freeze can prevent fraud, while monitoring alerts you fraud might have happened. It’s the difference between using a deadbolt to keep thieves out rather than a security camera to catch them after the fact.

You’ll also have to pay to lift the freeze each time you apply for credit or need to allow a potential landlord or employer to check your credit. You’ll receive a PIN to “thaw” your credit. Keep it in a safe place.

Here’s how to request a freeze:

• Equifax: Call 1-800-349-9960 or go online
• Experian: 1‑888‑397‑3742 or go online
• TransUnion: 1-888-909-8872 or go online 

Even with your credit frozen, you’ll still have access to your credit records and scores. If you don’t already have a way to regularly monitor your score and report information, consider signing up before you place a freeze. Some credit card issuers and many personal finance websites offer them for free. Watching for a big, unexplained change can alert you to potential fraud.

Place fraud alerts if a freeze is too much

If you don’t want to lock out all creditors — perhaps you’re in the middle of mortgage shopping or refinancing — you can place a 90-day fraud alert on your credit. This tells potential creditors to verify your identity before issuing credit in your name.

Contact one of the three bureaus, and it will notify the others.

Monitor your own credit

You’re entitled to at least one free credit report from each credit bureau every 12 months via AnnualCreditReport.com. If you haven’t accessed your credit reports within the past 12 months, do it now. If you’ve reviewed them recently, placing a fraud alert on your credit files allows renewed access.

Use your reports from the bureaus, and any free score and report services you have, to watch for:

• New accounts that you didn’t open
• Credit inquiries that don’t match when you applied for credit
• Balances that don’t match your statements

Deal with your credit cards

Freezing keeps new accounts from being opened, but doesn’t stop fraudulent charges on an existing account. Take these steps to protect yourself:

• Check your email and regular mail. Some consumers whose account numbers were compromised are being notified by credit card issuers that they’ll be sent a new card and the old one will be deactivated.

• Even if you’re not notified by your issuer and you think your data wasn’t in this breach, don’t relax. Stay vigilant by checking your credit card statements for changes you don’t recognize. If something looks fishy, dig further. Often there’s a phone number listed with the merchant name for the transaction.

• Consider signing up for text or email alerts about credit transactions. Many issuers let you set them for charges above a certain amount.

If you see a charge you think isn’t yours, call your issuer right away to dispute it. Your card issuer can’t charge interest or fees on the transaction while it’s being investigated.

What was exposed? Is my data out there?

The data accessed includes:

• Information such as names and addresses, birthdates, Social Security numbers and some driver’s license numbers
• Credit card numbers for approximately 209,000 consumers
• Some documents from about 182,000 consumers’ credit report disputes, including personal identifying information

Consumers can check whether their information is affected at www.equifaxsecurity2017.com. However, the “Check potential impact” process asks you to input the final 6 digits of your Social Security number, which gives security experts pause.

Equifax also opened a call center that you can reach at 866-447-7559. It will notify the subset of consumers whose credit card numbers or dispute documents were affected by mail.

Should I sign up for the free Equifax monitoring?

Equifax is offering all U.S. consumers free credit and identity theft monitoring for one year. But the risk doesn’t disappear after a year. Someone who has your Social Security number has it — and might try to use it — forever.

The service is through TrustedID, an Equifax company. The terms of service include waiving your right to participate in a class-action lawsuit or class arbitration and agreeing to use individual arbitration. The National Consumer Law Center has called upon Equifax to strike that clause. Failing that, the NCLC advises consumers they can opt out of the forced individual arbitration by notifying Equifax in writing within 30 days.

If you have any additional questions, you can reach out to us or visit identitytheft.gov/databreach to learn more about protecting yourself after a data breach.