Fraud & Identity Protection

Defense Against Fraud
Data breaches have become all too common these days with hackers making headlines by stealing credit and debit card information. At Mission Fed, we take threats like these very seriously. That’s why we automatically enroll all Mission Fed cardholders in real time text alerts. Mission Fed will never call you and ask for your Digital Banking username and/or password, Mission Fed account number, Debit or Credit Card number and PIN, or any other private information.

Our automated system includes:

• • Immediate Alerts
    When suspicious activity is detected in your account, our automated system will contact you by text at your mobile number on file.
  • 2-Way Communication
    You can take action the second you receive your alert—by replying to the text or interacting with the automated system on the phone; simply follow the instructions to answer questions regarding your recent card activity.

Confirm we have your current mobile number on file through Online Banking

Don’t delay — to ensure that you receive these important alerts, log into Online Banking to confirm or update your contact information.

If you would like to stop receiving fraud text messages, you can text STOP to 91937. If you would like to continue our Fraud Text Alerts Service, there’s nothing you need to do. If you have any additional questions, please call us so that we may assist you. Thank you!

Note: Programs are subject to change without notice. Wireless provider text message and data rates may apply.

With the popularity of digital payments using Zelle^®, Venmo, PayPal and other peer to peer (P2P) payment apps increasing, scammers are increasingly working to scam consumers. It’s important to know what you can do to help protect yourself — and your money — when sending or receiving money digitally. Members should be aware of these common P2P scams.

“Older” Digital Payment Scams:

Here is how this scam commonly works:

• A scammer will send a fake text alert (which appears to be from Mission Fed) and warn you of suspicious Zelle or other P2Ptransfers on your account or ask if you initiated a transaction.
• If you respond to the text message, the scammer will call you from a number which appears to be from the credit union’s Fraud Department but is actually the scammer’s phone number.
• The scammer will call to discuss the suspicious transactions but will first ask you to “verify your identity” by asking for your mobile or online banking username.
• The scammer will tell you that you will receive a text message with a passcode, which you must provide over the phone as a part of the identify verification process.
• In reality, the scammer is attempting to log into your account by entering your username and accessing the “forgot password” feature. This feature will trigger a passcode which is sent to your mobile device.
• Once the passcode is provided to the scammer, he or she can reset your online banking password, log into your account, and rapidly transfer funds out of your account via Zelle or another P2P payment app.

“Newer” Digital Payment Scams

As consumers become more aware of common scams, scammers are becoming more and more clever. The traditional scam described above (although similar) has evolved.
Here is how this scam commonly works:

• Typically, this scam is initiated with a fake text alert (which appears to be from Mission Fed). The text will ask if you attempted to transfer a large sum of money via Zelle. You will be given the option to choose “YES” or “NO”.
• If you respond “NO”, the scammer will call from a number which appears to be from the credit union’s Fraud Department and tell you that the funds can be recovered.
• The scammer will tell you that to recover your funds, you must use Zelle or another P2P payment app to transfer funds to yourself using your own mobile device number. Before you transfer funds, the scammer will instruct you to first disable the mobile number associated with your Zelle or other P2P account.
• Once disabled, the scammer will link your mobile number to their Zelle or other P2P account, which generates a passcode that is sent to your mobile number.
• The scammer will ask you to provide the passcode. Once provided, the fraudster can successfully link your mobile number to their account.
• When you transfer funds via Zelle or another P2P account, the funds are directed to the scammer’s account and not your account.

Scams are on the rise. Be cautious about unsolicited text messages or phone calls even if they appear to be from Mission Fed. If you receive a suspicious phone call or text message appearing to be from the credit union, hang up or do not respond to the text. Instead, contact us directly at the number on the back of your debit or credit card or at the phone number on our website.

Help Protect Yourself

Treat Zelle, Venmo and other peer to peer payment (P2P) apps like cash. Only use them to send money to friends, family, and other people you know and trust. Never use Zelle, Venmo or other P2P apps to buy things from strangers on the internet or to invest in that “once in a lifetime” opportunity that you found on social media.

To read additional tips from Zelle to stay safe from scams and fraud, visit Pay It Safe | Zelle (zellepay.com).

This content is provided for informational purposes only. Zelle and the Zelle-related marks are wholly owned by Early Warning Services, LLC and are used herein under license.

Stay Alert to Scams

At Mission Fed, we want to help make sure your personal information and accounts are always secure. Important tips to help you stay alert to scams from fraudsters impersonating Mission Fed, the IRS or other financial institutions:

• Keep private information private. Avoid giving out private info and passcodes over the phone, especially during an unexpected call. Mission Fed will never call to ask for a one-time passcode unless you initiated the request.
• Don’t rely on caller ID. Scammers can make it look like the call is coming from Mission Fed or another company to trick you into sharing private information. Please don’t trust caller ID — it’s not always who it says it is.
• Question requests to transfer money. If you receive an unfamiliar request asking you to transfer money to anyone — including sending money to one of your other accounts — beware. Don’t be pressured into sending money via gift cards, online wires, Zelle® or any third-party payment apps.
• When in doubt, reach out. If you’re suspicious about a call, text or email — whether from Mission Fed or another business — don’t respond. Reach out to the company directly using a trusted source such as their website or the phone number on the back of your card.

Know the Scams

Online scams, quick money schemes or even a request from a friend or family member may compromise your information. Help protect your personal information and accounts by reviewing some of the common questions about scams in this Fraud & Identity Protection FAQ section.

More Resources

In addition to being aware of scams, you can help protect your information with these tools. Mission Fed offers the following services to help you manage your money and watch for fraud:

• Mastercard® ID Theft Alerts – Mastercard’s ID Theft Alerts can be used with Mission Fed Debit and Credit Cards to monitor charges for suspicious activity.
  • Mastercard Zero Liability Protection
• Online Banking transaction alerts – Set up alerts via email or on your phone when charges over a certain dollar amount clear your account and stay on top of your balances.
• NCUA Fraud Prevention Center

This content is provided for informational purposes only. Mastercard is a registered trademark of Mastercard International Inc. Zelle and the Zelle-related marks are wholly owned by Early Warning Services, LLC and are used herein under license.

Mobile phones are used for everything from obtaining information at the drop of a hat to accomplishing daily tasks. As with other technology, some simple rules should be followed to limit your exposure to identity theft and other fraud:

• DO NOT share your secure credentials or one-time identification codes with anyone – even someone claiming to be a Mission Fed employee.
• Keep your phone’s operating system secure. This is particularly important with systems that use open source technology.
• Keep an eye on your phone’s behavior. If your phone starts to act differently — somewhat erratic or funny — take it to a technician for an inspection. Malware (short for malicious software) can cause things to look or act differently, and watching for red flags may catch suspicious activities before they can do some damage — like transmitting identity information.
• It’s best to read the list of permissions that an app requests before you install it. Ask yourself:
  • “Do these permissions make sense for the app I purchased?”
  • Another example may be a game that requests permissions for SMS (Short Message Service) texting or access to your contact list. “Does this game really need these permissions?” If the answer is no, choose to not allow the permission being requested.
• Read the fine print when subscribing to services, and stay alert to links you are accessing.
• Do not click on an email or SMS link unless you know the email or text is from a valid and trusted source. Just like email on your computer, links to fraudulent sites can be disguised in what appear to be valid sources, exposing you to identity theft or fraudulent purchases.
• If you ever suspect that your account at Mission Fed — or any other organization — has been exposed or compromised, contact that organization immediately.

Information is not intended to provide technological or security advice. Contact your authorized service provider for details of your service agreement and consult with a technology support service for questions related to mobile phone security. Mission Fed does not endorse or recommend any of the products or services represented herein.

If you are a victim of identity theft, be sure to keep records and details of conversations and correspondence and follow these four steps:  

1. Place a fraud alert on your credit reports and review your credit.
2. Close the accounts that you know, or believe, have been tampered with or opened fraudulently.
3. File a complaint with the Federal Trade Commission.
4. File a report with your local police or the police in the community where the identity theft took place.

For more information, visit IdentityTheft.gov

This content is provided for informational purposes only.

It can be overwhelming to know and understand the many ways your accounts and information can be compromised. Below are commonly used terms used to describe fraudulent activity.

Card Scanning/Skimming
A device used to scan and save information from credit cards, driver’s licenses, passports, medical cards and other laminated cards. Unfortunately, these devices are readily accessible to buy online.

Data Breach
The unintended disclosure of information that compromises the security of personal information, and can often lead to instances of identity theft.

Drive-by Download
Software that secretly and automatically installs on your computer when you visit certain websites. The user is usually unaware that anything was installed until after the fact.

Fraud
Any act or practice resulting in the loss of someone’s rights or property. It usually involves making false and misleading representations with the intention of cheating or stealing from another person.

Hacker
Someone who exploits security holes in technology for any purpose.

Hidden Dialers
Programs that can use your computer to dial expensive phone calls that later show up on your phone bill.

Identity Fraud
Identity fraud is different from identity theft. ID fraud is using personal information that is made up rather than stolen from a real person.

Identity Theft
Identity theft occurs when a thief steals someone else’s personal information as their own, creating a new identity of an existing person. Some ID theft items can include a social security number, driver’s license number, usernames and passwords, employee ID number, mother’s maiden name, and account information, including bank and credit union accounts.

Keystroke Logging
A software development tool that captures the user’s keystrokes. Its intended use is to measure employee productivity on clerical tasks. Keylogging has been abused by individuals who can easily buy the tool to spy on computers and obtain passwords or encryption keys.

Mail Fraud
Thieves steal paper mail from your mailbox to obtain personal information, pre-approved credit card applications, medical insurance statements or any other information that will help them get credit in your name.

Malware
Short for “malicious software,” it refers to any harmful software. Malware includes computer viruses, worms, Trojan horses, and also spyware.

Pharming
Hackers redirect internet traffic from one website to a different, identical-looking site in order to trick you into entering your username and password into the database on their fake site. Your computer or computer’s server has been hijacked into going to the fake site.

Phishing
Thieves trick someone into giving them confidential information, usually through links within emails sent to the user falsely claiming to be a legitimate business or company in order to scam the user into giving private information. In most cases, these emails appear to come from financial institutions.

Pretexting
Thieves collect individuals’ personal information under false pretenses such as posing to be from a charity or other legitimate organization. This is typically done over the phone or via email.

Scam
A dishonest or fraudulent scheme intended to convince someone to send money to a contact that is not typically in their known social circles. Scams can happen in many forms from phone calls, emails, text messages and more.

Security Alert
A statement added to one’s credit report when a credit bureau is notified that the consumer may be a victim of fraud. It remains on file for 90 days and suggests that creditors should request proof of identification before granting credit in that person’s name. Once a security alert is in place, the report is no longer available for online viewing.

Smishing
Similar to phishing, thieves’ trick someone into giving them confidential information via text messages sent to the user falsely claiming to be a legitimate business or company in order to scam the user into giving private information. In most cases, these text messages appear to come from financial institutions.

Spam
Unsolicited commercial emails. Many of these come from legitimate companies but many also come from questionable businesses.

Spoofing
A fraudulent website or email that appears to be from a well-known company and attempts to get you to provide, update or confirm personal information. Similar to pharming.

Spyware
General term for any technology that gathers information about a person or organization without their knowledge. Advertisers or other interested parties often use spyware programming to gather and relay information.

Trojan Horses
Unlike a virus, Trojan horses contain or install malicious programs that can run autonomously, masquerading as a useful program, or hack into the code of an existing program and executes itself while that program runs.

Viruses
Malicious programs with the ability to replicate and install themselves, or infect, a computer without the computer user’s knowledge or authorization. Viruses are often unintentionally downloaded when the user accidentally clicks on a link to a virus.

Vishing
Using Voice over Internet Protocol (VoIP) phone numbers to steal user information.

Worms
Computer viruses which can self-replicate by resending themselves via email or a network message.

Learn more http://www.identitytheft.com

This information is provided for educational purposes only.

The most effective way to protect yourself from phishing scams is to never click on the link or open attachments provided in an email or text you don’t fully trust. Mission Fed will never ask members for ATM passwords or Online Banking account logins.

Additional steps you can take:

• Treat any unsolicited email or message cautiously, even if from a “known” sender.
• Do not be intimidated by an email or caller who suggests dire consequences if you do not immediately provide or verify certain information. Beware of the sense of URGENCY.
• If you believe the contact is legitimate, go to the company’s website by typing in the site address directly or using a page you have previously bookmarked, instead of a link provided in the email.
• Use the FTC (Federal Trade Commission) website, onguardonline.gov to learn more. Consumers can take interactive quizzes designed to enlighten them about identity theft, phishing, spam and online-shopping scams. Elsewhere on the site, consumers can find detailed guidance on how to monitor their credit histories, use effective passwords and recover from identity theft.

Other Types of Scams:

Zelle® is a preferred method of payment for scammers because it allows you to send money easily without verifying who’s on the receiving end.

• Watch out for an in-app cash request for payment from someone you just met or haven’t spoken to in a while. Unexpected requests even from someone you know should be validated before taking any action.
• Any sense of urgency should raise flags.
• Keep your phone locked and secured when it’s not being used. Unlocked phones allow scammers to quickly open the app and send money directly to their own Zelle accounts.

Gift Cards are a scammer’s favorite way to get paid!

• Never purchase gift cards from a stranger and watch out if you are promised something too good to be true.
• Never share gift card numbers via email or to strangers over the phone.

Watch out for Vishing and Smishing scams where the fraudster attempts to steal information over the phone or via text message.

• If you receive an unexpected call or message from your financial institution requesting information, hang up and call the number on the back of your card.
• Beware of callers asking to verify account details, PIN, Verification Code, or Card Security information.
• Urgent calls or messages stating your account is suspended or closed.

Disclosures:
This content is provided for informational purposes only. Zelle and the Zelle marks used herein are trademarks of Early Warning Services, LLC.

There are no rules in love and war, and that applies especially to scammers who prey on people in online dating or family-member-in-need situations. Here’s what to watch for:

• Someone whom you meet online (and usually living in a foreign country) develops a relationship with you over time and then starts asking for money to pay off debts or business expenses so they can come and meet you.
• Someone contacts you online or over the phone and says that a distant relative or family member in the military has gotten ill or arrested, and asks you to send money to help them out.

Check cashing scams are tried and true, and people of all ages fall victim. Here’s a common scenario:

• The scammer reaches out to a member with a “job opportunity,” or looking for help with “research.”
• The scammer sends a check with instructions to the member to deposit it and then wire transfer only a portion of it back, so the member thinks they get to keep the difference.
• But the check is counterfeit and the wire transfer is taking actual money out of the member’s account

ATM skimming is when bad actors try to use the latest technology to steal your card info. Here’s how card skimming works and how you can prevent it:

• Thieves install a card reader on an ATM machine to read your card info when you swipe/insert it.
• They also need your PIN, so they’ll have someone nearby watching or will install a small camera on the machine so they can see your hand on the keypad.
• Prevent skimming by using well-known ATMs at your credit union or bank, and always cover your hand when entering your PIN.

Yes, computer scams are common. Here’s how they try to trick people into sharing credit card info:

• A mysterious pop-up on your screen says your computer has a virus and you need to call the number on screen right away.
• You make the call and the person on the other end of the call pretends to be a computer tech who can remove the virus after they have your card info to pay for the service fee.
• The scammer pretends to fix the issue, which never existed in the first place, and then they make additional fraudulent charges with your card hoping you won’t notice.

Keep calm and watch for these red flags: 

• The person on the phone asks you to purchase gift cards in large amounts from a technology store.
• Once you have the cards, they ask you to read them the info on the cards over the phone.
• As soon as they have the gift card info they can charge the cards and you have no way to get your money back.