These are examples of common fraud schemes (not necessarily experienced by Direct Financial members).
Criminals can take advantage of the fear and uncertainty around COVID-19. They can attempt to take money and steal information. Do not respond directly or click on links in messages you receive via text, phone call or email; especially from an unknown or untrusted source and particularly those involving:
CDC Impersonators: These can come as fake phone calls, emails, social media posts, or web sites.
Phishing Attacks: The most common are regarding: Fake cures, treatments, and testing kits; and refunds or cancelations from airlines and shipping companies.
Visit the following FTC link for further details: http://www.ftc.gov/coronavirus/scams-consumer-advice
You get an email, phone call or text message informing you that fraud has been detected on your account. This communication may even appear to come from your own financial institution. You are asked to provide information, usually a credit card number or log in credentials, to resolve the supposed fraud or to prevent the account from being closed.
Generally done by phone, the fraudster takes advantage of your desire to be helpful. In a common version, you receive a call telling you that your grandchild needs money, sometimes with further explanation that they have been in an accident or arrested. The fraudster asks you to wire or send money through Western Union, further advising "Don't tell Mom and Dad", so the grandchild won't get in trouble.
Generally done by phone call, the scammer will call you pretending to be from a government agency such as the Social Security Administration, the IRS, or even Medicare. They will often threaten that something bad will happen if you do not provide your personal information or provide what they are requesting. Your caller ID may even say the call is from the government, but caller ID can be faked. A scammer may also impersonate law enforcement, such as FBI, threatening that you may be arrested if you do not provide personal information or do not send them money. No government agency or law enforcement official will ever ask you for your personal information over the phone or request that you send them money! Visit the following FTC link for further details: http://www.consumer.ftc.gov/articles/how-avoid-government-impersonator-scam
You see a pop-up message on your computer that tells you your computer has a virus. The message may look similar to legitimate anti-virus software messages. In some case, the fraudster is trying to sell you bogus security software that does little or nothing. In other cases, this fraud may involve illegitimately capturing credit card information, or installing malicious software such as a keystroke logging program. If you click to accept a download, you have likely allowed the installation of malicious software and given control of your computer to the fraudster.
The scammer will contact their victims via phone call, email, or text and pose as someone from an often-well-known business such as Amazon or Norton Anti-Virus. The scammer will generally state that something is wrong with your account or that a charge has been made for something you didn’t purchase. They will request that you contact them immediately to rectify the issue and at that point they may also request access to your device to process a refund. Once they gain access to your device, they ask you to login to your online banking which in the process of doing so they are stealing your login credentials/gaining access to your accounts and account information. Visit the following FTC link for further details: http://www.consumer.ftc.gov/articles/how-spot-avoid-and-report-tech-support-scams
Scammers advertise jobs the same way legitimate employers do — online (in ads, on job sites, and social media). They promise you a job, but what they want is your money and your personal information. They will often send you a check and ask you to purchase equipment or material for the job. They may also ask you to purchase gift cards with the funds. No legitimate potential employer will ever send you a check and then tell you to send on part of the money or buy gift cards with it. The check will bounce, and the bank will want you to repay the amount of the fake check. Visit the following FTC link for further details: http://www.consumer.ftc.gov/articles/job-scams
A scammer will contact their victim via an online sales ad, such as an ad on Craigslist or Facebook Marketplace, asking to purchase the item. The scammer will send their victim a check in an amount that is more than the agreed upon purchase price and ask the victim to send the overage back to them immediately. The check gets returned and the victim is left to cover the loss. Visit the following FTC link for further details: http://www.consumer.ftc.gov/features/fake-check-scams
Scammers will contact their victims through fake profiles on dating sites and apps, or through popular social media sites like Instagram, Facebook, or Google Hangouts. They will then strike up a relationship with their victims to build trust, often talking or chatting several times a day. Then, the scammer will make up a story and ask for their victim to send them money. Often times the scammer will continue to manipulate their victim for months at a time before asking for money. Visit the following FTC link for further details: http://www.consumer.ftc.gov/articles/what-you-need-know-about-romance-scams
Generally initiated via email or postal mail, a letter is sent by the scammer stating that you have won a lottery. Within the letter, there’s often instructions asking you to send funds and/or your bank account information, to pay for processing fees, taxes, and other miscellaneous fees in order to receive your winnings. No legitimate lottery will ever require payment or bank account information to receive your winnings. Visit the follow FTC site for further details: http://www.consumer.ftc.gov/articles/fake-prize-sweepstakes-and-lottery-scams
If something sounds too good to be true, it probably is!
Read the NEFCUOnline Account Access FAQs
Your Credit Union has taken many steps to ensure the security of NEFCUOnline. We provide system and transaction security through strong authentication, encryption and digital certification software. Access to your account via NEFCUOnline is only allowed through the devices you have designated to have access to your account. You will be required to use your username and a valid password to access the system. For your protection, your credit union recommends that you memorize your password and do not write it down (just like an ATM PIN). You should never give your password to anyone or let anyone see you enter your password when you are logging in to NEFCUOnline. In addition, you should change your password periodically and do not use easily identified passwords such as birth dates, years, etc. To better protect you, you will have only a limited number of tries to input the password correctly. If you accidentally become locked out of NEFCUOnline, you will need to call Direct Financial at 800.966.8200 or stop in to one of our branches for assistance.
With Shared Access, you can grant access to designated individuals. As the account holder, you determine which accounts your subuser(s) should see and you choose whether you want them to have “View Only” access or whether you want them to perform certain types of transactions such as internal transfers and bill payments. If you opt to grant access to BillPay, you must set a per transaction limit. Any transactions submitted by a subuser that exceed this limit will require your approval before they process.
To get started, click on “Additional Services” and select “Share Access with Others” from the dropdown menu. This link will take you to the page where you can add subusers, manage their permissions, or revoke access at any time. If you have any pending transaction to approve, they will also be displayed at the top of this page.
Your information is kept strictly confidential. NEFCUOnline requires a combination of the correct username and corresponding password to access any confidential information. Plus, login is only allowed from the device(s) that you have designated to have access to your account. Unless you share your login information with others and give them physical access to your devices or you opt to grant access to another user through the Shared Access (entitlements) feature, no one but you will be able to access your account information through NEFCUOnline or over the Internet.
Transaction data that appears in NEFCUOnline is refreshed each time NEFCUOnline is loaded. Consequently, there is no account data storage outside the Credit Union with NEFCUOnline.
Turbo Tax and FinanceWorks data is stored within Digital Insight systems. Digital Insight systems are secured with encryption, perimeter and internal firewalls, screening and filtering routers, intrusion detection, strict authentication, virus protection, and application security. Digital Insight network architecture is structured so servers that store member information are not directly connected to the Internet.
Additionally, Digital Insight employs policies and procedures to ensure the highest level of security throughout their organization including physical controls such as retina eye scan authentication for access to their data centers, administrative controls such as clear personnel policies and background checks, and a team of security specialists who provide 24/7 support. In addition, Ernst & Young performs an SSAE 16 Audit (the latest AICPA standard) of Digital Insight's service controls, and measures their effectiveness. This assessment includes physical facilities as well as Internet operations.
As always, some Credit Union employees have access to member financial data by virtue of their role at the Credit Union. However, that access is governed by internal policies and by several layers of security safeguards. In addition, the Credit Union's security is examined annually by external auditors and by the National Credit Union Administration (NCUA).
Each year, millions of Americans discover that criminals have fraudulently assumed their identities. A fraudster using a stolen Social Security number or other personal information can quickly run up thousands of dollars in purchases before the victim becomes aware that their identity has been stolen.
Identity theft has become the fastest-growing crime in America, a crime which usually leaves victims with the responsibility of cleaning up a web of phony purchases, bogus accounts, and damaged credit ratings.
Take Action to Avoid Identity Theft
If you are concerned about potential identity theft for your child or children under 18 years of age, you can use this form to send a letter to the three primary credit bureaus. You will need to enter your information three times, since the form creates letters to all three bureaus.
If you are concerned that your child under the age of 18 is a victim of identity theft, you should contact the three credit bureaus and ask them to search for your child’s information. Visit the following FTC’s website for further information: How To Protect Your Child From Identity Theft | FTC Consumer Information
If you think you are a victim, call us at 800.966.8200.
Visit the sites below for further information on fraud prevention and what to do if you become a victim.
To help limit the amount of telemarketing calls you receive and your chances of a scammer contacting you, you can register your phone number(s) with the National Do Not Call Registry here: http://www.donotcall.gov/
To stay up to date on scams, visit the following summary page on the FTC website and subscribe to Consumer Alerts by clicking on “Get Email Updates”: Scam Alerts | FTC Consumer Information
Identity Theft Resources
ReportFraud.ftc.gov is the federal government's website where you can report fraud, scams, and bad business practices.
Money Smart for Older Adults Guide
Visit consumer.ftc.gov to find tips and learn how to avoid scams.
Consider placing a security freeze with the three major credit reporting agencies. This can be done online or by phone. A security freeze prohibits, with certain specific exceptions, the credit reporting agency from releasing the consumer’s credit report or any information from it without the authorization of the consumer.
EquifaxSecurity Freeze | Freeze or Unfreeze Your Credit | Equifax®
ExperianSecurity Freeze Center at Experian
TransunionCredit Freeze | Freeze My Credit | TransUnion
The Attorney’s General Office is also another Consumer Protection resource that you can reach out to if you are a victim of fraud. Visit this direct link to the Vermont AGO’s website: Scams - Office of the Vermont Attorney General
If you think you have become a victim of identity theft, or if you have any questions, call the Contact Center at 800.966.8200.