Protecting Your Accounts

Fraudsters use many different methods in their attempts to steal your confidential information. They may contact you by phone, mail, email or by texting and will be “phishing” for information. Phishing is defined as the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

A typical case may involve an email that appears to come from a reputable company that you recognize and do business with, such as your financial institution. The email may warn you about a “serious problem” that needs your “immediate attention.” The email will ask you to click on a button to go to the institution’s website, and you could either be directed to a phony site that looks just like the real thing, or you could be directed to the company’s actual website, except a pop-up window quickly appears for the purpose of harvesting your confidential financial information. In either case, you’ll be asked to update your account information or to provide information for verification purposes, such as your social security number, your account number, your birthdate, or your online banking password. If you provide the requested information, you may find yourself the victim of identity theft and fraud.

In the event we contact you for any reason, we may provide you with information and ask you to confirm it, such as “Did you recently make a $10 purchase at Target?” but we won’t be “fishing for confidential information” by asking you to provide us with your social security number or your account number, because we already have that information on file.

However, in the event you contact one of our representatives regarding your account, we will ask you to provide us with information in order to verify that you indeed are the account owner.

These procedures are in place to protect our members and their accounts.

Identity theft occurs when someone uses your personal information, such as your name, birthdate, social security number or credit card number, without your permission, to commit fraud or other crimes. Skilled thieves may use a variety of methods to get hold of your information:

1. Dumpster Diving. They rummage through trash looking for bills or other paper with your personal information.
2. Skimming. They steal debit/credit card numbers by using a special storage device when processing your card.
3. Phishing. They pretend to be a financial institution or company and send spam or pop-up messages to get you to reveal your personal information.
4. Changing Your Address. They divert your billing statements to another location by completing a change of address form.
5. Old-Fashioned Stealing. They steal wallets and purses; mail, including bank and credit card statements; pre-approved credit offers; and new checks or tax information. They steal personnel records, or bribe employees who have access to steal it for them.

1. Shred financial documents before discarding them.
2. Protect your social security number by memorizing it and leaving it at home in a secure place instead of carrying it with you.
3. Be cautious about who you provide your social security number to and don’t give it or any other personal information out unless you are sure about who you are dealing with, why they need it and what they plan to do with it.
4. Call the post office immediately if you are not receiving your mail.
5. Review your bank statements regularly.
6. Review your credit report annually.

If you believe your confidential information has been compromised, contact us immediately at 770-441-9235 to alert us of the situation. If you have disclosed any sensitive information, you should also contact one of the three major credit bureaus listed below to discuss placing a fraud alert in your file.

You should also file a police report and report the incident to the Federal Trade Commission at www.consumer.gov/idtheft or by calling 1-877-IDTHEFT

Members with Excel checking accounts have the opportunity to enroll in our identity theft resolution service known as Kasasa Protect. If you do not have an EXCEL checking account and would like to add one to take advantage of this program, you can submit an online checking account application now, or visit one of our branches and meet with a member service representative.

Kasasa Protect includes all of the following:

• Lost Wallet Protection
• Dark Web Monitoring
• Full Service Identity Theft Resolution
• 24/7 Credit Monitoring
• Monthly Credit Score and Plotter
• Annual Credit Report

For more information about this valuable benefit and how you can enroll, call member services at 770-441-9235.

EXCEL’s NetBranch Online Banking security features verify the owner of the account by authenticating the user’s ID and password, and will also verify that the computer being used to access the account has been authorized. In most cases, members will only need to provide their user ID and password to access their accounts online. However, there are times when additional security measures will require users to provide additional information.

During the first visit to NetBranch Online Banking, the system will prompt users to select and answer multiple challenge questions (for instance, what is the name of the street you grew up on?), which can then be used, when necessary, to authorize future visits. If you are using a computer you have not used before or you purchase a new one, you may be asked to answer one or more of these pre-determined “challenge” questions (established by you) to verify that both the user and the computer that is attempting to access your accounts are authorized. These challenge questions may also be presented on other occasions, as necessary, to protect your accounts and verify users.

This method of security is called "Multifactor Authentication." For more information about our online banking security systems, visit the "Security" section of our website, accessed via the menu bar at the bottom of each page of our website at www.excelfcu.org or by clicking on this direct link: Security Information.

Another case of fraud may involve a caller posing as a representative from the "Security and Fraud Department at VISA®" who sounds official and even provides a "badge number." He says he’s notifying you regarding suspicious activity on your account. The caller asks if you’ve made a purchase lately of "$287" in "Arizona". When you respond "no" the caller assures you that you will receive credit and asks you to verify the address they have on file (he then provides you with your correct address). Up until this point, the information you’ve discussed has either been false or public, but the caller then says he needs to verify that you are in possession of your card and asks for the 3-digit PIN on the back of your card. They are now asking you to provide them with confidential information. This is the information they need in order to apply charges to your card. Don’t provide them with this information!

While we do have a fraud prevention department that may contact you in the event they notice suspicious activity on your account, they will not ask you for your PIN, security or authorization code.

If someone contacts you claiming to be from the security and fraud department and you have doubts regarding their authenticity, hang up and contact the financial institution directly using the official contact information found on their website (see the official telephone numbers shown below for EXCELs debit and credit card services center).

In the event you discover irregular activity on your EXCEL debit or credit card, or you believe your card has been lost or stolen, or you need to verify that a call is legitimate, contact the appropriate card services center listed below as soon as possible.

If the card services fraud department discovers irregular activity on your account, they will attempt to reach you to verify recent transactions. New transactions may not be authorized until current charges are confirmed. For this reason, it’s very important to include cell phone numbers and home phone numbers on your account and keep them and other contact information up-to-date. If your contact information changes or you haven’t provided us with your cell phone number, logon to NetBranch Online Banking or call us at 770-441-9235 to update your contact information as soon as possible.

Check scams are always evolving. Some scams we’ve heard about work like this; an unexpected check arrives in the mail for a sweepstakes you’ve supposedly won or a letter arrives offering to pay you, in advance, for working at home. The letter instructs you to deposit the check, keep some money for yourself, and send the rest back to them. The letter includes an explanation as to why they need some of the money back that seems plausible, but according to the National Consumer League, “There is no legitimate reason for someone who is giving you money to ask you to wire or send them money back.” Cashing the check they’ve sent to you doesn’t necessarily mean it’s legit and the money you receive from it can be charged back to you once the check bounces. And, if you’ve already sent money to the fraudster, of course you’ve lost that too.

If you have received a check or money order and you have reason to believe it may be counterfeit, speak with member services at 770-441-9235 before you do anything. Be sure to retain the actual check or money order and the envelope that it came in (if possible), in the event a law enforcement agency needs to see them.

1. Do not provide your personal information in response to an unsolicited request, whether it’s over the phone or the internet. Emails and Internet pages created by fraudsters may look exactly like the real thing. They may even have a fake padlock icon that ordinarily is used to denote a secure site. If you did not initiate the communication, you should not provide any information.
2. If you believe a contact may be legitimate, contact the financial institution directly yourself. You can find phone numbers and websites on the monthly statements you receive or you can look them up in the phonebook or on the Internet. The key is that you are initiating the contact, using contact information that you have verified.
3. Do not provide your password over the phone or in response to an unsolicited Internet request. A financial institution would never ask you to verify your account information online, nor would they initiate a call to you asking you to provide your account number or online banking password. Only when you initiate a call to the financial institution will they ask for your account number, and under no circumstances will anyone, or should anyone, from a financial institution ask you for your password. Thieves armed with your password and your account number can help themselves to your money.
4. Do not share your online banking password with anyone. You are the only person who should know your password. If you suspect your password has been comprised, log into online banking and change your password immediately.
5. Do not share your debit or credit card PIN, security or authorization code with anyone and be cautious when using your cards in public. It’s important to keep your cards in your possession or at least in site at all times in order to protect your name, the card numbers, and the security code - which is all the fraudsters need to use your card.
6. Review account statements regularly to ensure all charges are correct and if you have electronic Internet account access, periodically review transactions online to catch and stop unauthorized activity early.
7. If you receive a check or money order “out of the blue” from someone you don’t know, or the check is made out in an amount larger than the amount you agreed to for goods or services, or you see any signs that the check or money order has been altered in any way (for example, the face amount or signature appears to have been erased or written over), do not deposit the check in your account under any circumstances. Depositing or cashing a counterfeit check can result in a substantial loss to you and if you knowingly deposit a check that is fraudulent, you may be subject to prosecution for check fraud. Speak with a representative at your financial institution if you have any doubts about the validity of a check.

For more tips about how to prevent identity theft and guard against fraud:
www.mycreditunion.gov/protect/Pages/Prevent-Identity-Theft.aspx

To report online scams, contact the Internet Crime Complaint Center:
www.ic3.gov

To report a fraudulent cashier’s check to the federal government:
Contact your local FBI office:
www.fbi.gov/contact-us/field

Contact the Postal Inspection Service:
http://ribbs.usps.gov/locators/find-is.cfm

Contact the US Secret Service:
www.secretservice.gov/field_offices.shtml