Mortgage Application
About Us
Membership
Savings Products
Loan Products
Current Rates
Services
On-Line Services
Security Alerts
Scholarships
Info Desk
 

Security Alerts -

Current Alerts

REMINDER:  ISU Credit Union will never solicit personal/private information through e-mail or phone calls.

If you receive a suspicious phone call or email please let us know by calling 812-234-1021 or 800-628-1021 or email at info@isucreditunion.com.

09-05-08

Details: When Hurricane Katrina first hit in 2005, scams popped up within hours. Hurricane Gustav is no different, and Hanna, Ike and others will likely be the same in the days and weeks to come.

Online scams are likely to pop up in your inbox. How can you determine what is a scam and what is authentic?  Chances are that any e-mail asking for donations is a scam. But the e-mail scammers are very tricky. They have created e-mails that sound authentic, tear at your heartstrings, and make you feel compelled to "donate" to disaster relief.

So, to help protect you from scams that are almost certain to find you, we provide the following information. 

Phishing Scams

Prior to Hurricane Gustav's landfall, the Louisiana Attorney General's office started seeing bogus e-mails asking people to "confirm" their bank information before the hurricane hit. These e-mails sent people to bogus Web sites that could then be used by scammers for financial fraud and identity theft.

Also, Web sites that claim to be legitimate Hurricane Gustav relief organizations have been created. They ask people to donate money by giving your financial information. The donated money will go straight into the pockets of con artists. The scammers can use this information to steal your identity, as well.

Here's an example of what an e-mail could look like:

    "Please give your charitable donations to the victims of Hurricane Gustav. The chaos and destruction experienced by the region and its victims is unimaginable. But you can help these people regain their lives by giving them some hope. Your donation will go a long way to giving these victims their lives back. Our prayers and compassion go out to them. Make a generous donation to the American Red Cross by (clicking this link)." [A bogus but legitimate-sounding domain name is listed here] 

This scam sounds legitimate and plays on your emotions.

Action: If you want to make a donation through the Red Cross or another disaster relief organization, go to an organization's office itself, or the official Web site by typing in the domain name, like RedCross.org.

Viruses and Malware

These e-mails usually are geared to getting you to open them and click on the attachment, which then infects your computer with a virus or malware.

For example, the subject line of an e-mail might read something like "80% of city under water" or "Entire neighborhoods completely washed away." Attached are photos related to the subject line-either real or bogus. The attachments often contain viruses or malware that track everything you do on your computer or give the sender complete access to your computer.

Action: Delete e-mails such as this. Don't click on the attachments.

Variations of the Nigerian Fee Scam

In this scam, the sender plays on your emotions again. You are supposed to help someone retrieve large amounts of money that are, for some reason, tied up in relation to an area the hurricane has hit.

Action: As with any other scam e-mail, delete it.

Investment, Energy, and Security Scams

Since 10% of the natural gas and 5% of the crude oil that Americans consume is produced off the U.S. Gulf Coast, it is very likely that a hurricane in the Gulf of Mexico will produce some investment, energy and security scams. After Hurricane Katrina, the SEC reported that e-mails being circulated claimed certain penny stocks would skyrocket in value. Reasons varied. Some were supposed to rise because of "refinery glitches."

Action: Delete all e-mails promoting stocks, futures, and other investments related to any hurricane.

E-mails that relate to a disaster to sell unrelated products

What do weight loss products have to do with a hurricane? Nothing. But there are some that will try to sell products that have nothing to do with hurricane relief. Here's an example of what one of these emails might look like:

Subject: Entire street washed away Officials predict that as many as 45 people were washed away when flooding destroyed this New Orleans neighborhood. Hours after Gustav struck, entire neighborhoods were no more. Winds in excess of 120 mph uprooted trees and flooding washed away any evidence of civilization.  Read more... [Link to a weight-loss product]

Action: Ignore and delete these e-mails.

E-mails asking for individual donations to help a victim's family

These scams are simple. They are often just a one- or two-sentence e-mail asking for a donation. For example:

Subject: My younger sister has only the clothes on her back thanks to Hurricane Gustav. Please help her with a donation.

Action: Delete these e-mails.

Hate Web Sites

These Web sites claim a disaster is "the wrath of God." They might claim the victims were "wicked" and got what they deserved. Then they ask people to donate to them, either for financial or identity theft purposes.

Action: Delete these e-mails.

Chain Letters

Here's an example: "Every time this e-mail is forwarded, 25 cents will be donated to Hurricane Gustav victims." Completely bogus.

Action: Delete these e-mails and do not pass them along.

Scammers Claiming To Be Official Government Agencies, Banks, Credit Card Companies, Etc.

Scammers who try this will claim they can help victims by expediting insurance claims or donating money. They often use replicas of well-known logos, like credit card and insurance companies. The goal of these scams is to steal credit card, bank, and Social Security numbers, as well as other personal information.

Action: Delete these e-mails

Contractor Scams

Contractor scams are more common offline than online. Scammers pose as contractors and ask people for money so they can do immediate, upfront repair work. Of course, since they are not real contractors, they will never show up to do any repair work. Some real contractors also take advantage of the disaster by price gouging. Since there is a shortage of legitimate contractors, people are relieved to find someone to do their work. State attorney generals has already warned that their offices will prosecute price gouging.

Action: Be skeptical and deal with only reputable contractors.

Fee-based Spam

These e-mails offer to locate people you know who may have been a hurricane victim.

Action: Delete these e-mails.

08-06-08

We have been informed that members are being called at home and on their cell phones stating their card has been suspended.  This is NOT from ISU Credit Union or our credit card processor. 

 

These members are victims of a vishing scam.  The member is told their card has been suspended and directed to call a (800) number to “reactivate” their account.  Once the member calls, they are prompted to provide personal information including:

  • Name
  • Card number
  • PIN number
  • CV value on the back of the card
  • Expiration date

 

For more information on vishing, please visit the FBI Website at http://www.fbi.gov/page2/feb07/vishing022307.htm.

07-10-08

ISU Credit Union members and non-members have been receiving emails alerting them they have 1 new message from ISU Credit Union. Please be aware this message is NOT from us.Please DO NOT click on the link or put in your account number.

Members and non-members have also been receiving phone calls asking them to activate their Debit Card and asks for their card and Personal Identification Number (PIN). Please DO NOT enter this information.

As always, ISU Credit Union will never solicit personal/private information through email or phone calls.

4-10-08

There is a newly reported scam which involves unsolicited text messages sent to cell phones. The message urges the recipient to call a number provided for information about discrepancies and then solicits individual account information and pin numbers. 

Cell phone users should be weary of unsolicited text messages. Such messages should be deleted and all deleted text messages should be removed, if possible, as the perpetrators have been known to use Spyware in conjunction with their text message solicitation.

2-6-08

Some ISU Credit Union members have reported receiving a solicitation from a company called Nationwide Biweekly Administration, Inc. This solicitation is encouraging members to contact them to rearrange their mortgage payment plan. Please be advised that this is NOT CONNECTED TO, ASSOCIATED WITH, OR ENDORSED BY THE ISU CREDIT UNION. If you have any questions regarding your mortgage loan or specifically your payment plan, please contact the ISU Credit Union at 812-234-1021

or toll-free 800-628-1021

2-5-08

IRS Name Used in Phony Email and Telephone Scam

Summary:

The IRS has reported that their name and logo are being used fraudulently to lure taxpayers into divulging their financial information.

Details:

The Internal Revenue Service has issued an alert, warning that the IRS name and logo is being used by fraudsters attempting to access the taxpayer financial information through e-mail, telephone, and cell phone text messaging.

Note: The IRS does not ask for personal identifying or financial information via unsolicited e-mail, telephone calls, or text messaging. 

The following scams are being used to trick taxpayers into divulging financial account  information for fraudulent purposes:

  • Taxpayers receive a phone calls telling them that they are eligible for a sizable rebate for filing their taxes early, and they are told to provide their financial account information for direct deposit.
  • Taxpayers receive e-mails that claim they are eligible for a tax refund of a specific amount, and they are instructed to click on the link in the e-mail to access the refund claim form, which requires them to disclose financial account information.
  • E-mail notifications addressed to individual taxpayers claim that their tax returns will be audited. The individual is instructed to click on the link within the e-mail and complete forms disclosing personal and financial account information.
  • Businesses, accountants, and "Treasury" managers are receiving bogus e-mails regarding tax law changes. To obtain information on publications for businesses, estates taxes, excise taxes, exempt organizations, as well as IRAs and other retirement plans, the recipient is instructed to click on a series of links. The IRS suspects that clicking on these links downloads "malware" onto the recipient's computer, which can be used to search for financial records and other private information.
  • A person claiming to be an IRS employee telephones taxpayers to say the IRS has mailed them a check that has not been cashed. The caller then asks for verification of financial account information. 

Loss Prevention Recommendations:

If you receive an unsolicited e-mail purporting to be from the IRS, take the following steps:

  • Do not open any attachments to the e-mail; they could contain malicious code that will infect your computer.
  • Forward a questionable e-mail claiming to be from the IRS to phishing@irs.gov.
  • Use instructions contained in an article online at www.irs.gov titled "How to Protect Yourself from Suspicious E-Mails or Phishing Schemes." http://www.irs.gov/individuals/article/0,,id=155344,00.html
  • Contact the IRS at 800-829-1040 to determine whether the IRS is trying to contact you about a tax refund.
  • Remember that taxpayers do not have to complete a special form to obtain a refund.
  • If you have received this, or a similar hoax, please file a complaint at www.ic3.gov.
  • Educate your membership on "Phishing".
    • Post "phishing warnings" on your web site, in newsletters and in your lobby.
    • Post a notice on your credit union's Web site that you will never solicit personal or private information via e-mail.
    • Use the  Federal Trade Commission Web site, www.onguardonline.gov.
      • Consumers can take interactive quizzes designed to enlighten them about identity  theft, phishing, spam and online-shopping scams.
      • Elsewhere on the site, consumers can find detailed guidance on how to monitor their  credit histories, use effective passwords and recover from identity theft.
  • If a member is a victim of a "phishing email", take appropriate steps to help protect him/her.
    • Block and reissue the compromised credit/debit cards.
    • Report to credit bureau.
    • Order credit report.
  • A good resource for this topic is Anti-Phishing Working Group at  http://www.antiphishing.org
  • If you have been the victim of a spoof e-mail or Web site, you should contact your  local law enforcement, a U.S. Postal Inspector, or the FBI.

 


 
© Copyright 2007, Indiana State Federal Credit Union. All Rights Reserved.
Privacy Statement | Account and Fee Disclosures