Fraudsters are finding more ways than ever to try and steal your personal information. They’ll often target as many people as possible, in the hopes that at least a few people will be trusting enough to fall prey to their scam. They will try to scare or pressure you into acting quickly so you don’t have time to think or talk to someone you trust.
To keep yourself and your personal information secure, be on the lookout for the following scams, and share this information with your loved ones so they can protect themselves as well. As always, CoastHills will never call, email or otherwise ask for your username, password, account number, credit or debit card number, PIN or CVV code (the three digits on the back of your card). If someone calls and asks you for any personally identifying information, hang up and call us at (805) 733-7600.
If you are concerned you may have unintentionally provided any personally identifying information, please change your passwords immediately and call us.
Phishing Scams -
You receive an email from what appears to be a company you do business with. Inside the email, that business is telling you that your account has been compromised and to regain access, you’ll need to click on the link provided. Stop right there. This type of fraud is called phishing and when you click that link, you are granting access to your device by downloading a hidden malicious code that can then be used to access personal information on your device.
How to protect yourself from a phishing scam:
Always be cautious about opening attachments or links whether it’s from an unknown source or a company (or even friend) you do business with. Look for grammatical errors within the email, slight alterations to the email address format or domain, requests for login credentials or urgent action demands. To check for disguised links, hover your cursor over the link and check the url that pops up to make sure it matches, before clicking.
Smishing Scams -
This type of scam acts in the same way as phishing, however through a text rather than an email asking you to reveal personal identifying information such as passwords or credit card numbers. For example, you receive a text from someone saying they represent a company you do business with. They’re texting to notify you that your account has been restricted, they’ll just need to verify your Social Security Number to provide you with full access again.
How to protect yourself from a smishing scam:
Be wary if you receive a text from a strange phone number, especially if it includes a suspicious link. Again, look for spelling or grammatical errors, a sense of urgency and requests for money or personal information.
Caller ID Spoofing Scams -
Fraudsters may use caller ID spoofing to impersonate a company you do business with, such as your financial institution. The name of your financial institution or the phone number may appear on your caller ID as legitimate. The caller on the other end tells you that they have flagged a fraudulent transaction on your account. They ask for your account number for verification and start to push you for more personal identifying information – using fear as a tactic.
How to protect yourself from a caller ID spoofing scam:
Look out for an unfamiliar phone number – maybe you recognize the caller ID display name but not the phone number associated with it. In some cases, the other end of the call may be a pre-recorded message, if it’s a person they’ll give you a sense of urgency or request payment or personal information. If you are unsure, hang up and call the company back using the phone number published on their website – do not redial the number from your phone.
Website Spoofing Scams -
You may receive a phishing email or smishing text that includes a link to a website. You click on the link and the website you’re taken to looks nearly identical to the trusted company you do business with – the domain (or web address) even looks the same. However, once you’re on the spoofed website, any personal identifying information you provide will be accessed by the fraudsters.
How to protect yourself from a website spoofing scam:
First, take a close look at the url. The most common tactic is to create a url that is nearly identical to a legitimate website’s url but may be off by a letter or use a number in place of a letter. Also, check for SSL certification, which is an added level of security for every visitor on a website. To do this, click the icon that looks like a lock to the left of the url in the address bar at the top of your web browser. You should see “Connection is secure” in the dropdown.
Whaling Scams -
Similar to phishing scams, whaling is when a fraudster sends an email that appears to come from a trusted source, which has enough personal details or references to sound legitimate. Likely, that personal information was found through internet research by the fraudster and will direct you to click on a link that leads to a spoofed website that looks identical to the legitimate site. This spoofed site will start collecting your information or will download malware onto your device.
How to protect yourself from a whaling scam:
A whaling attack is harder to recognize than a standard phishing attack since fraudsters will usually invest more time to make the communications look legitimate. However, some common signs an email may be a part of a whaling attack are the sender’s email address is not an exact match of the domain of the company the email claims to be from, there’s a request to share personal information or wire money and as common with other scams, there’s a sense of urgency that encourages the recipient to act quickly.
Gift Card Scams -
Another common tactic used by fraudsters is having you put money on a gift card like Google Play or Target, then telling you to give them the gift card number and PIN. The reason this tactic is so common is because gift cards are easy for people to find and buy. They also have fewer protections, similar to cash. Once you use the gift card, the money is gone.
For example, you may receive a phone call from someone who says they work for the IRS and that you owe back taxes. If you don’t pay right away, something bad will happen. However, you can rectify what you owe with a gift card.
How to protect yourself from a gift card scam:
First, no real business or government agency (law enforcement, the IRS, the court system, etc.) will ever insist you pay them with a gift card. If you receive a call or message from an unknown source who insists gift cards are the only way to rectify a payment, pay for a service, receive a prize or even someone you met online who suddenly needs money – it’s a scam. Once they have the gift card number and PIN, they have your money.
Peer-to-Peer (P2P) Payment Scams -
While P2P services are typically a safe way to transfer money, there is always the risk of fraudsters trying to access your funds. Unlike bank accounts and debit or credit cards, balances held in P2P services may not be protected by FDIC insurance or federal law – which may leave you vulnerable to claims of unauthorized use or fraud and could make resolving claims of fraud more difficult.
How to protect yourself from a P2P scam:
To lower the risk of being victimized by fraudsters, we recommend you only conduct P2P transactions with people you know. It’s also recommended to never hold a balance on your P2P service since they likely aren’t insured and if a fraudster gains access to your account, your money will be gone. Most transactions are immediate and irreversible, a fact scammers are known to exploit.
Steps you can take to further protect yourself -
It’s important to keep an eye on your financial accounts, which you can do by setting up alerts within CoastHills Online and Mobile Banking to receive an email, text or push notification when there’s activity on your account.
- Set up alerts in Online Banking:
Log in to Online Banking and select ‘My Settings’ at the top of the page. Scroll down to ‘Other Settings’ and select ‘Alerts & Notifications.’ Click the ‘Add an Alert’ button, then select Large Deposit. Choose from the dropdown which deposit account you would like to receive an alert for, and the dollar amount the deposit should equal or exceed.
For ex. If a deposit in SUPER CHECKING – 80 equals or exceeds $100. That means, you will receive an alert anytime funds $100 or more is deposited into your account.
- Set up alerts in Mobile Banking:
Log in to the CoastHills Mobile App and select ‘More’ at the bottom of your screen. Choose the gear widget in the top right corner, then ‘Push Notifications.’ From there, find the deposit account your tax return will be sent to and click the button to the right of ‘Large Deposit’ to turn it green. You can then change the amount to your preference by clicking anywhere in that row.
For ex. Large Deposit equal to or over $100.00. That means, you will receive a push notification any time funds $100 or more is deposited into your account.
You should also monitor your credit regularly. By doing so, you’ll stay ahead of any problems like identity theft. Visit AnnualCreditReport.com where you’ll gain FREE access your credit reports every 12 months, from the three major credit bureaus: Equifax, Experian and TransUnion. This is the only site that grants you FREE access to your credit reports by federal law.
With a CoastHills Super Checking account, you’ll have access to IDProtect1, which features credit file monitoring, total identity monitoring, fully managed identity theft resolution services and more. For more information, visit our Super Checking page.
1 IDProtect® Service and Cellular Telephone Protection Identity theft protection for Super Checking account holders and eligible family members with our comprehensive identity theft protection service includes credit file monitoring, 3-in-1 credit report, continuous monitoring of more than 1,000 public databases, identity fraud expense reimbursement, fully managed identity theft resolution services, and more. Registration and activation are required to receive some of these benefits. Cellular telephone protection is available for Super Checking account holders to receive up to $400 per claim of replacement or repair costs for damage or theft for the first four cellular telephones listed on a bill paid through a Super Checking account for the billing cycle preceding the month in which damage or theft occurred. Cellular Telephone Protection is subject to a $50 co-payment per claim and a maximum of two cellular telephone protection claims per year. IDProtect® service is a personal identity theft protection service available to Super Checking account owners, their joint account owners and their eligible family members. The service is available to non-publicly traded businesses and their business owner(s) listed on the account and their eligible family members (service not available to employees or authorized signers who are not owners). Service is not available to a “signer” on the account who is not an account owner. Service is not available to clubs, organizations and/or churches and their members, schools and their employees/students. For revocable grantor trusts, the service is available only when a grantor is serving as a trustee and covers the grantor trustee(s) and their eligible family members. For all other fiduciary accounts, the service covers the beneficiary, who must be the primary member, and their eligible family members (fiduciary is not covered). Family includes: Spouse, persons qualifying as domestic partner, and children under the 25 years of age and parents(s) of the account holder who are residents in the same household. Special insurance program notes: the descriptions herein are summaries only. They do not include all terms, conditions and exclusions of the policies described. Please refer to the actual policies for complete details of coverage and exclusions. Insurance is offered through the company named on the certificate of insurance. Insurance products are not a deposit; not NCUA insured; not an obligation of the Credit Union; and not guaranteed by the Credit Union or any affiliated entity.