Blog

Fraud alerts: COVID-19 scams to look out for

With so much uncertainty in our world right now, the presence of COVID-19-related fraud and scams is an unfortunate reality. Now, more than ever, it’s important to be vigilant about your protected information and, as your financial institution, we’re committed not only to providing the utmost security for your accounts, but also to increasing awareness around common schemes. We’ll keep an updated list of known scam attempts and tips to stay safe, so check back often to remain in the know. And remember: we will never call you and ask for your account information, social security numbers, or other sensitive material.

The FTC is a great resource for consumers during this time. See below for their recommended best practices and visit their website to learn more.

• Don’t respond to texts, emails, or calls about checks from the government. Here’s what you need to know.
• Ignore online offers for vaccinations. There are no products proven to treat or prevent COVID-19 at this time.
• Be wary of ads for test kits. The FDA recently announced approval for one home test kit, which requires a doctor’s order. However, most test kits being advertised have not been approved by the FDA, and aren’t necessarily accurate.
• Hang up on robocalls. Scammers are using illegal robocalls to pitch everything from low-priced health insurance to work-at-home schemes.
• Watch for emails claiming to be from the CDC or WHO. Use sites like coronavirus.gov and usa.gov/coronavirus to get the latest information. And don’t click on links from sources you don’t know.
• Do your homework when it comes to donations. Never donate in cash, by gift card, or by wiring money.

Be on the lookout for some of these trending scams being reported from the FTC. This blog post is a great way to stay in touch with what other consumers have seen as well.

• The top complaint categories relate to travel and vacations, online shopping, bogus text messages, and all kinds of imposters.
• While reports of robocalls are way down overall, we’re now hearing about callers invoking the COVID-19 pandemic to pretend to be from the government, or making illegal medical or health care pitches, among other topics.
• If you’re getting calls, emails, or texts, or you’re seeing ads or offers online, keep a few things in mind: First, the government will never call out of the blue to ask for money or your personal information (like Social Security, bank account, or credit card numbers). And second, anyone who tells you to pay by Western Union or MoneyGram, or by putting money on a gift card, is a scammer. The government and legit businesses will never tell you to pay that way.
• The big states have, not unexpectedly, the biggest number of reports. You can check out how many people are reporting what in Georgia.

Below are some additional tips from the Department of Justice’s National Center for Disaster Fraud. If you believe you are a victim of a scam or attempted fraud involving COVID-19, you can report it without leaving your home by calling their hotline at 866.720.5721 or via the NCDF Web Complaint Form.

• Be cautious of unsolicited healthcare fraud schemes of testing and treatment through emails, phone calls, or in person.  The U.S. have medical professionals and scientist working hard to find a cure, approved treatment, and vaccine for COVID-19. Learn more about what to avoid
• Be the lookout for an increase in cryptocurrency fraud schemes including but not limited to blackmail attempts, work from home scams, paying for non-existent treatments or equipment, or investment scams. Read more on how to report these scams
• Be wary of unsolicited telephone calls and e-mails from individuals claiming to be IRS and Treasury employees.  Remember, the IRS’s first form of communications is by mail—not by phone. Learn more about fraudulent schemes related to IRS

New Venmo scam targets payment app users

“A new Venmo scam is making the rounds nationally, one that can lead to massive financial losses in your Venmo account.

Payment apps are a fairly new invention, especially peer-to-peer apps that are connected to your bank account or a credit card. Unfortunately, what is not new is phishing scams.”

Continuing reading this article at idtheftcenter.org.

Cyber Security Tip: Who’s that friend request from?

Social Media friends or foes?

Cyber criminals often create fake profiles to befriend you. The ultimate goal is to get you to leak confidential data to them (either about you or the company you work for). Be careful of the friend requests you accept on any Social Media sites (Twitter, Snapchat, Instagram, Facebook, LinkedIn, etc.).

Trust no Social Media “friend” (unless you know them in real life and you’re absolutely, positively sure they can be trusted).

Beware of Wire Fraud

Protecting our members from fraud is always a top priority at Georgia’s Own. One of the areas in which financial institutions are seeing an escalation of fraud relates to wire transfers.  Unsuspecting members are deceived into transferring or receiving funds electronically to/from fraudsters. Wire fraud is an intentional act to defraud another individual or entity of his/its money and this is a federal crime.

Fraudsters use a variety of tools including phishing emails, compromised websites/emails, and fake friend requests on social media sites to commit these crimes.

Examples of Wire Fraud:

• Wire request sent to an individual’s name for a real estate closing, instead of an Attorney’s office.
• An email is sent from “a family member who is in jail”, or a person “getting a divorce and they don’t want the rest of the family to know, and they need help”, so the money has to be sent to the lawyer representing them.
• An email is sent from “a member who is travelling overseas and needs some money wired to them because they got robbed in a foreign country and they have no cash.”
• A social media friend sent an email that they received an inheritance and they want to transfer the funds to the United States. The recipient is then asked if the money could temporarily be deposited to the recipient’s account and an offer is made to pay a percentage of the money to the recipient, once the money is transferred to a safer bank. The victim would provide their account number for the transfer to be completed.

Always verify where the money is supposed to be wired to — especially if you get wire instructions by email. Hackers can alter emails (even from people you’ve been working with for several weeks) and instruct you to send money to the wrong place. Be vigilant; always call the recipient to verbally verify the wire instructions. Anyone can be a victim of this type of fraud and should take every precaution to protect themselves.

Receiving Funds:

When you receive funds into your account it’s important to verify you actually received a “real wire deposit” into your account. Fraudsters like to take advantage of their victims when they sense the victim is somewhat confused by promising to send a wire transfer but actually sending the funds using a different (reversible) method. Ask yourself these questions:

• Who sent the funds?
• What were the funds for?
• Where did the funds come from?

Preventing Wire Fraud:

Here are some general rules you should follow to guard against becoming a victim of fraudulent wire requests.

• Confirm email requests from a known party by phone or in person, in case their email has been hacked.
• Be wary of email-only wire transfer requests and requests involving urgency.
• Never wire money to people whom you don’t know – regardless of how convincing or legitimate their wire request looks and sounds.
• Ignore any offer from someone you don’t know who asks you to deposit a check in your account and then instructs you to wire that money to someone else.
• Never open attachments in unsolicited email.
• Frequently update anti-virus and anti-malware programs.
• Closely monitor your bank accounts on a daily basis.

What should a Georgia’s Own member do if they become a victim of a wire fraud?  Please contact [email protected].  We also recommend that members contact local law enforcement, as well as the FBI’s Internet Crime Complaint Center (ic3) at www.ic3.gov.

With fraud scams becoming more sophisticated and more prevalent, Georgia’s Own is not only ensuring our policies and procedures are thorough and practiced, but we also want to educate our members on what they can do to avoid being victims of fraud. That’s why we remain committed at Georgia’s Own to protecting our members from being victims of fraud.  We also want to raise awareness as to what our members should do to stop these fraudsters. After all, prevention is the best protection when it comes to fraudulent activity.

Equifax Breach: What You Need to Do Right Now

You’ve probably seen the news regarding the recent data breach involving Equifax. Even though this is not a Georgia’s Own event, we want to make members aware of the facts as well as recommend some resources to help you respond to the data breach.

Chances are good that the Equifax data breach affects you. What do you do next? The short answers: Consider a credit freeze. Scrutinize your credit statements. And check your credit reports from all three credit bureaus.

Equifax says hackers used a website application vulnerability to access the personal information of about 143 million U.S. consumers, or more than half of the country’s adult population. Credit bureaus such as Equifax are an especially sensitive target because they handle detailed financial records, and it’s nearly impossible for consumers to avoid credit reporting. Every time you apply for credit, the personal data — including your name, birthdate and Social Security number — you share can be stored by a reporting bureau.

Most credit card issuers and lenders report consumer activity to all three major U.S. credit bureaus, and your data is likely duplicated at Experian and TransUnion. There’s no reassurance in the fact that only one bureau was hacked.

“On a scale of 1 to 10, this is a 10, and that’s because of the quality of the data … your Social Security number is the skeleton key for your identity,” said Adam Levin, founder of CyberScout, a company offering identity theft and data breach defense services.

Freeze your credit for the best protection

Credit freezes prevent stolen information from being used to open new accounts in your name by restricting access to your records. Without access to your credit history, most creditors won’t open a new account.

“We have to assume that our personal information is exposed and act accordingly,” Levin said. He said a credit freeze has become “a critical thing to do.”

Credit expert Barry Paperno, who blogs at Speaking of Credit, agreed: “That’s the most extreme method, but it’s also the most effective.”

But this most effective method will cost you in money and inconvenience.

A freeze might cost you a small fee, which varies from state to state, but it’s better than a credit monitoring service. A freeze can prevent fraud, while monitoring alerts you fraud might have happened. It’s the difference between using a deadbolt to keep thieves out rather than a security camera to catch them after the fact.

You’ll also have to pay to lift the freeze each time you apply for credit or need to allow a potential landlord or employer to check your credit. You’ll receive a PIN to “thaw” your credit. Keep it in a safe place.

Here’s how to request a freeze:

• Equifax: Call 1-800-349-9960 or go online
• Experian: 1‑888‑397‑3742 or go online
• TransUnion: 1-888-909-8872 or go online 

Even with your credit frozen, you’ll still have access to your credit records and scores. If you don’t already have a way to regularly monitor your score and report information, consider signing up before you place a freeze. Some credit card issuers and many personal finance websites offer them for free. Watching for a big, unexplained change can alert you to potential fraud.

Place fraud alerts if a freeze is too much

If you don’t want to lock out all creditors — perhaps you’re in the middle of mortgage shopping or refinancing — you can place a 90-day fraud alert on your credit. This tells potential creditors to verify your identity before issuing credit in your name.

Contact one of the three bureaus, and it will notify the others.

Monitor your own credit

You’re entitled to at least one free credit report from each credit bureau every 12 months via AnnualCreditReport.com. If you haven’t accessed your credit reports within the past 12 months, do it now. If you’ve reviewed them recently, placing a fraud alert on your credit files allows renewed access.

Use your reports from the bureaus, and any free score and report services you have, to watch for:

• New accounts that you didn’t open
• Credit inquiries that don’t match when you applied for credit
• Balances that don’t match your statements

Deal with your credit cards

Freezing keeps new accounts from being opened, but doesn’t stop fraudulent charges on an existing account. Take these steps to protect yourself:

• Check your email and regular mail. Some consumers whose account numbers were compromised are being notified by credit card issuers that they’ll be sent a new card and the old one will be deactivated.

• Even if you’re not notified by your issuer and you think your data wasn’t in this breach, don’t relax. Stay vigilant by checking your credit card statements for changes you don’t recognize. If something looks fishy, dig further. Often there’s a phone number listed with the merchant name for the transaction.

• Consider signing up for text or email alerts about credit transactions. Many issuers let you set them for charges above a certain amount.

If you see a charge you think isn’t yours, call your issuer right away to dispute it. Your card issuer can’t charge interest or fees on the transaction while it’s being investigated.

What was exposed? Is my data out there?

The data accessed includes:

• Information such as names and addresses, birthdates, Social Security numbers and some driver’s license numbers
• Credit card numbers for approximately 209,000 consumers
• Some documents from about 182,000 consumers’ credit report disputes, including personal identifying information

Consumers can check whether their information is affected at www.equifaxsecurity2017.com. However, the “Check potential impact” process asks you to input the final 6 digits of your Social Security number, which gives security experts pause.

Equifax also opened a call center that you can reach at 866-447-7559. It will notify the subset of consumers whose credit card numbers or dispute documents were affected by mail.

Should I sign up for the free Equifax monitoring?

Equifax is offering all U.S. consumers free credit and identity theft monitoring for one year. But the risk doesn’t disappear after a year. Someone who has your Social Security number has it — and might try to use it — forever.

The service is through TrustedID, an Equifax company. The terms of service include waiving your right to participate in a class-action lawsuit or class arbitration and agreeing to use individual arbitration. The National Consumer Law Center has called upon Equifax to strike that clause. Failing that, the NCLC advises consumers they can opt out of the forced individual arbitration by notifying Equifax in writing within 30 days.

If you have any additional questions, you can reach out to us or visit identitytheft.gov/databreach to learn more about protecting yourself after a data breach.