All You Need to Know About Overpayment Scams
Great news – you’ve just received a check, and you’ve been overpaid! But there’s a catch: the check writer wants you to send the surplus back to them. Unfortunately, though, if you follow these directions, you’ll be buying right into a scam. Overpayment scams are fairly common, and for the unaware, they can be difficult to spot. Let’s take a look at these scams and what you need to know to avoid falling victim to these ruses. What is an overpayment scam? In an overpayment scam, fraudsters target an individual who’s selling a large item online, such as a car. The scammer will reach out to the seller, offering to buy their car for more than the asking price. Then, they’ll send the seller payment in the mail. At this point, the seller is thrilled. But, when the check comes, it brings with it a surprise – they’ve been overpaid. Soon after, the alleged buyer contacts the seller to ask them to refund the surplus. The seller may think it’s strange, but they comply, not wanting to keep money that isn’t theirs. The next thing they know, the original check hasn’t cleared and they realize they’ve been scammed. Not only have they not been paid for the purchase they believed the check writer was buying, but they’ve also lost the money they’ve sent back to the scammer. Red flags When selling an item on an online platform, look out for these red flags, which can alert you to a possible overpayment scam: If you encounter any of these red flags while trying to sell an item online, do not engage with the “buyer.” Block their email address and mark it as spam to avoid further contact from the scammer. You may also want to report them to the platform you’re selling the item on to help stop them from reaching out to others. How to avoid overpayment scams The FTC offers the following tips for avoiding overpayment scams when selling online: If you’ve been targeted If you believe you’ve been targeted by an overpayment scam, there are steps you can take to mitigate the damage. First, report the scam to your financial institution, as they may be able to reverse the payment. Next, alert the FTC at ftc.gov so they can do their part in catching the criminals. Finally, you can let your local law enforcement agencies know about the scam and warn your friends and family about it as well. Don’t get caught in an overpayment scam! Use this guide to stay safe.
Protecting Our Members After the NationalPublicData.com Breach
In today’s digital landscape, data breaches have become all too common. The most recent incident involves a hacker known as “USDoD,” who allegedly breached the systems of National Public Data, a company that aggregates data to provide background checks. This breach, which is believed to have started in or around April 2024, resulted in the theft of personal records that were later posted for sale and eventually released by other criminal groups onto the dark web. As a credit union committed to the security and privacy of our members, we want to keep you informed about this incident and provide you with actionable steps to protect yourself from potential fraud and account takeovers. Understanding the Breach The breach at National Public Data exposed a significant amount of personal information. While this breach did not directly involve our credit union’s systems, the compromised data could still affect our members if their personal details were included. Currently, available information suggests that this breach involved personal information—such as names, addresses, contact information, and potentially Social Security numbers—not credit or debit card information. At this time, we do not believe card data was compromised in this event. How This Could Affect You Even though credit and debit card information was not compromised, the exposure of personal data still poses a risk. Cybercriminals may use this information to engage in identity theft, phishing scams, or account takeovers. They could impersonate you, gain unauthorized access to your accounts, or create new accounts in your name. Steps to Protect Yourself Fraud Alert: A fraud alert is a warning placed on your credit report that tells creditors to take extra steps to verify your identity before issuing credit in your name. This can be particularly helpful if you believe your personal information may have been compromised, as it makes it harder for identity thieves to open new accounts. How to Place a Fraud Alert: Credit Freeze: A credit freeze (also known as a security freeze) is a more robust protection that locks your credit report, preventing creditors from accessing it entirely. This means that new credit accounts cannot be opened in your name while the freeze is in place. Unlike a fraud alert, a credit freeze does not expire and remains in place until you remove it. How to Place a Credit Freeze: Our Commitment to Your Security At SRI Federal Credit Union, your security is our top priority. We are continuously monitoring our systems and taking proactive measures to protect your accounts. We also encourage you to take these precautions to safeguard your personal information. If you have any questions or concerns, please do not hesitate to reach out to our member services team. Together, we can protect your financial well-being and maintain the trust you’ve placed in us.
10 Back-to-School Hacks to Beat Inflation
Back-to-school season is here, and while it’s known as the second-biggest shopping season of the year, it’s shaping up to be more expensive than ever. But don’t worry! You can trim your back-to-school spending and keep your budget intact with some smart strategies. At SRI Federal Credit Union, we’re here to help you make the most of your money with our Visa and account products. Here are 10 back-to-school hacks to beat inflation and make your finances work for you: Create a realistic budget for your back-to-school shopping and stick to it. Start with a list of essential items and set a target amount for each category. This will help you avoid impulse purchases and stay within your financial limits. Plus, using any of our SRI FCU Visa cards can help you track your spending easily. One of the best ways to save money is to start shopping early. This will help you take advantage of sales and avoid the last-minute rush when prices may be higher. Planning ahead also means you can use our SRI FCU Mobile App to manage your finances on the go. Before heading to the stores, check out the inventory of supplies and clothes you already have at home. This can help you avoid buying more of what you already have and save a lot of money. Many states offer tax-free holidays, where certain items are exempt from sales tax. Plan your shopping around these dates to maximize your savings. For items you’ll need to buy many of, like notebooks, pens, and paper, buying in bulk can be cost-effective. You’ll generally find discounts on bulk purchases at warehouse stores and office supply retailers. Harness the power of technology to find the best deals as you shop for school supplies, gear, and clothing this season. A price comparison website or app will automatically compare prices across different retailers to find the best deal. Thrift stores, consignment shops, and online marketplaces like eBay and Facebook Marketplace can be treasure troves for gently used clothing, backpacks, and other school supplies. While buying the cheapest option available may be tempting, investing in high-quality items can save you money in the long run. Many retailers offer student discounts on many items, from clothing to electronics. Check out the sites of your favorite retailers to see what they offer before completing a purchase. Using an SRI Federal Credit Union Visa card can be particularly beneficial during back-to-school shopping. For example, our Visa Uchoose Rewards cards offer cashback and rewards on purchases, giving you a little extra back from your spending. Just remember to pay off the credit card bill in full to avoid interest charges. By incorporating these tips and utilizing the financial products offered by SRI Federal Credit Union, you can navigate the back-to-school season with ease and keep your budget intact. Happy shopping! 1. Set a Budget and Stick to It
2. Start Early and Plan Ahead
3. Take Inventory of What You Already Have
4. Shop During Tax-Free Holidays
5. Buy in Bulk
6. Use Price Comparison Tools
7. Consider Secondhand Options
8. Choose Quality Over Quantity
9. Take Advantage of Student Discounts
10. Leverage Cashback and Rewards Programs
What is a Credit Report?
Q: I’ve heard that I should be checking my credit report regularly to ensure my ongoing financial wellness. What is a credit report and how do I read mine? A: Your credit report plays a crucial role in measuring your financial health and the outcome of many related opportunities. Whether you’re applying for a loan, a credit card, or even a job, your credit report can significantly influence the outcome. A credit report is an important part of your financial health, so it’s important to understand what you’re looking for when you review it. Here’s everything you need to know about a credit report and how to read one. What is a credit report? A credit report is a detailed record of your credit history compiled by credit bureaus. It includes information about your credit accounts, such as loans, credit cards, and mortgages, as well as your payment history, credit limits, and balances. Credit reports are used by lenders, landlords, employers, and others to evaluate your creditworthiness and financial responsibility. There are three major credit bureaus in the United States: Equifax, Experian, and TransUnion. Each bureau collects and maintains its own version of your credit report, so it’s important to check all three regularly to ensure complete accuracy. What’s in my credit report? Understanding the components of your credit report can help you better manage your credit and identify any errors or fraudulent activities. Here’s what you’ll typically find in a credit report: Why does my credit report matter? Your credit report is more than just a summary of your financial history. It’s a tool that can affect many aspects of your life. Here are some reasons why your credit report matters: How can I access my credit report? Under the Fair Credit Reporting Act (FCRA), you are entitled to a free credit report from each of the three major credit bureaus once every 12 months. You can request your free reports through AnnualCreditReport.com. Here’s how to review your credit report effectively. First, verify that all personal information is correct. Look for any errors in your credit accounts, such as incorrect balances or payment statuses. Next, look for any potentially unauthorized accounts. If you spot any accounts you don’t recognize, it could be a sign of identity theft. Now review the list of inquiries to ensure you recognize all the entities that have accessed your report. Unauthorized hard inquiries can also indicate fraud. Finally, examine all public records and collections on your credit report. If you’ve resolved a debt, make sure it’s reflected correctly. How can I improve my credit report? Maintaining a healthy credit report requires hard work and responsible financial behavior. Here are some tips to improve and maintain your credit report: Your credit report is a vital tool in your financial toolkit, influencing many aspects of your life. Use this guide to learn what a credit report is, how to read one, and how to improve yours for optimal financial wellness.
All You Need to Know About One-Time Password Scams
One-time passwords (OTPs) are a crucial security feature in our digital age by offering an extra layer of protection for online transactions and account logins. Unfortunately, though, scammers often try to hijack these codes to steal sensitive information, money, or both. Here’s what you need to know about one-time password scams and how to avoid them. What is a one-time password scam? One-time password (OTP) scams are designed to trick individuals into sharing their OTPs, which scammers then use to gain unauthorized access to accounts. Here are the various ways these scams go down: Whichever method is deployed in an attempt to steal your OTP, the scammer will then use it to access your accounts and possibly steal your identity Red flags Avoid falling victim to a one-time password scam by watching out for these red flags: Protect yourself Staying safe from OTP scams requires vigilance and adopting best practices for online security. Here are some steps you can take: If you’ve been targeted If you believe you’ve been scammed and/or have shared your OTP, take immediate action. First, change the passwords on all affected accounts and those that have similar login credentials. Next, inform the host organization of the account that it’s been compromised. They can help secure your account and guide you on additional steps to take. Monitor your accounts in the ensuing weeks and months, keeping a close eye on your financial statements and account activity for any unauthorized transactions. Finally, file a report with your local consumer protection agency, the Federal Trade Commission (FTC), and the Internet Crime Complaint Center (IC3). You may also want to consider identity theft protection at this time if sensitive information was compromised. One-time password scams can be difficult to spot and wreak massive damage. Use this guide to learn about one-time password scams and how to prevent yourself from falling victim. Stay safe!
All You Need to Know About Pig-Butchering Scams Category: Scams: Phishing Scams
You may have received a text or chat message in recent months about an attractive-looking investment opportunity. The message may have seemed to be sent mistakenly, but it’s all too real. In fact, it’s likely a pig-butchering scam.
Let’s take a look at these prevalent scams and how you can avoid falling victim. What is a pig-butchering scam? “Pig butchering” refers to the practice of fattening up a hog before slaughter. This scam, which originated in China, has been spreading around the world since COVID. In a pig-butchering scam, a fraudster creates a fake online persona, usually accompanied by an attractive photo and a luxurious lifestyle that is showcased in more photos to flesh out their story. Then they’ll initiate contact with a target on dating or other social media platforms, pretending to have reached out by mistake. Somehow, they’ll transition from there into a chat about the target’s life, family, work and more. To make themselves sound more believable, the scammer will invent details about their own life. They’ll use this to create a real rapport with the target until they’re actual friends, albeit with only a remote connection. Next, the scammer will start dropping hints about a fabulous investment opportunity. They’ll brag about their own success with this investment, sometimes even sharing screenshots of an alleged brokerage account with handsome earnings. They’ll try persuading the victim to invest in this “opportunity” as well, building on their growing relationship, until the victim agrees to join in the supposed opportunity. Once the victim agrees to go along with the investment, the scammer will offer to help them with the investing process. They may explain exactly how to wire money to a crypto wallet and, ultimately, to a bogus brokerage. Sometimes, they’ll recommend that the victim starts with a modest investment, which will soon show a (fabricated) gain. They may even allow the victim to withdraw some funds, which will convince the victim that the investment is genuine. Here’s where things get really ugly. Once the faux trust has been established, and the pig has been good and fattened, the scammer will persuade the victim to invest heavily in this “stock”. The victim, sure it is a legitimate opportunity that will only show gains, is more than happy to do so. They will even sometimes pursue mortgaging their house to get in on this investment. Other victims have liquidated their retirement savings or taken out loans. The scammer will continue to put pressure on the victim, watching gleefully as they pour more and more of their savings into the alleged investment. When the victim has sunk a significant amount of money into the investment, the scammer will suddenly disappear, leaving the victim with a useless “investment” and no way to recover their funds. Red flags Watch out for these red flags that can alert you to a possible pig-butchering scam: Stay safe Don’t get butchered! Follow these tips to stay safe. First, thoroughly research every investment opportunity before dropping any of your funds in it. Next, only use a registered and secure investment platform or app. Stay away from investments that guarantee quick, high returns and press you to act quickly. Be wary of any strangers who’ve contacted you “by mistake” and insist on pursuing the relationship. As with any scenario, never share your sensitive information with an unverified contact. If you believe you’ve been targeted by a pig-butchering scam, alert the FTC and your local law enforcement agencies. Do not engage with the scammer and be sure to block their number and/or email address from your devices. Finally, let your friends know the scam is happening in your circle. Stay safe!
Don’t Get Caught in an Investment Scam!
Investment is rarely without risk. Nearly every investment option carries with it the possibility of loss. What many don’t realize though, is that in addition to the typical risks, investing also carries the danger of falling prey to an investment scam. Investment scams can include promises of high return for minimal investments that never materialize, scammers posing as financial planners and offering useless – even harmful – advice for a hefty fee, and illegal securities offered as IRA investments. However, the most common investment scam is the Ponzi scheme. Let’s take a closer look at this scam and how you can avoid falling victim. What is a Ponzi scheme? Named for the original pyramid scammer Charles Ponzi, a Ponzi scheme is simply a sophisticated way that scammers rob from Peter to pay Paul. The orchestrator of the scheme will promise high returns to investors, often through a fictitious investment opportunity or business venture. Instead of using investments to generate profit, though, the scammer uses these funds to pay returns to their earlier investors. This creates the illusion of a profitable enterprise. The scheme grows, with more investors joining, and the scammers at the top of the pyramid making the most money. Eventually, the entire house of cards comes toppling down, with investors losing significant amounts of money. How to spot a Ponzi scheme Look out for these key characteristics of a Ponzi scheme to ensure you don’t get caught: Protect yourself from Ponzi schemes Ponzi schemes are fairly common, but with a little bit of knowledge and awareness, you can protect yourself from falling victim. Here’s how to protect yourself from Ponzi schemes: If you’ve been targeted If you believe you’ve been targeted by a Ponzi scheme or investment fraud, report it to the appropriate authorities as soon as possible so they can do their part in apprehending the criminals. You can alert the Securities and Exchange Commission (SEC), the Financial Industry Regulatory Authority (FINRA) and the Federal Trade Commission (FTC) as well as your local law enforcement agencies. Ponzi schemes and other investment scams prey on the universal desire for easy money, but the only beneficiaries from these ruses are the scammers at the top of the pyramid. Stay alert, and stay safe!
Don’t Get Caught in an Emergency Scam!
It’s your grandson on the line and he’s in deep trouble! He’s telling you he’s been kidnapped for ransom, or perhaps he’s in trouble with the police and needs money for bail. Whatever the “emergency,” he’s asking you to wire money ASAP! You may already be calculating how much you can send, but pause for a moment, because you’re likely being scammed. Here’s what you need to know about emergency scams and how to protect yourself. How the scams play out In an emergency scam, a target receives a phone call, email or text message allegedly from a close relative. The caller claims to have been caught in hot water, which can be anything from a kidnapping, an issue with the police, a car accident or even getting stuck overseas with no money. Sometimes, the call will include another party, such as the “kidnappers” or “police officers” who are supposedly involved in the emergency. The caller will then ask the target to send over money as soon as possible using a wire transfer or prepaid debit card. They’ll also demand that this information not be shared with any other family members. They’ll claim to be embarrassed that they’ve gotten into this situation and ask that you honor their request to keep it quiet. While emergency scams are commonly played out with a grandparent of an alleged caller, they can also target parents, uncles, aunts, and siblings of the “caller”. They may even call posing as a friend or old neighbor of the target in an attempt to lure them into the scam. Unfortunately, if the target follows the directions of the caller and sends over money, these funds will go directly into the pockets of a scammer. How emergency scams lure victims If you’re reading the description of an emergency scam and thinking that no one could possibly fall for one of these ruses, think again. Scammers use several convincing methods to convince their targets that they are actually the callers they claim to be. First, the scammer will troll the target’s social media pages to learn their name, home address, job details, date of birth, and any other details about their life. Sometimes, they’ll hack the target’s email account to get this information. Next, scammers may pretend to be an “authority figure” who allegedly authenticates the caller’s story. They may pose as a lawyer, police officer, or even a doctor. Victims are often pulled into the scam when they hear an alleged authority figure on the call with their relative. Finally, some scammers go the extra mile by using AI to clone the “caller’s” voice. They simply scrape an audio clip they find on the internet and then use a voice-cloning program to make the emergency sound legitimate, even though it never happened. Red flags Here are some signs that can alert you to the possibility of an emergency scam: Protect yourself Follow these tips to keep yourself safe from emergency scams: Emergency scams play on the target’s emotions and assume they will act quickly to save their relative from a hairy situation. Stay calm and alert, and use the information here to avoid getting caught in an emergency scam.
All You Need to Know About Spoofing Scams
Scammers have been at their game since time immemorial, but modern technology has weaponized them in new and dangerous ways. In particular, spoofing has become more sophisticated and difficult to spot. Let’s take a look at spoofing, how it works, and red flags that can alert you to a possible spoofing scam What is spoofing? Spoofing is the criminal act of disguising a communication from an unknown source to appear as if it’s being sent from a trusted and known contact. The ultimate goal of spoofing is to get the target to share their sensitive information and/or their money with the scammer. For example, a spoofer may pretend to represent a victim’s credit card company and lead them into sharing their account details. Types of spoofing Cybercriminals have a variety of ways to pull off their spoofing. Here are the more common forms: In email spoofing, an attacker sends an email message appearing to be from a known or trusted source. The emails typically include links to harmful websites or attachments that will infect the victim’s device with malware. Alternatively, the scammer may use social engineering to persuade the recipient to share sensitive information. In IP spoofing, an attacker tries to gain access to a system by sending messages via a bogus or spoofed IP address, which appears to be from a recognized, trusted source, such as one on the same internal computer network. The spoofed IP address will mask the true source, which is a third party that is out to infect the victim’s device with malware and steal their information. Here, attackers make a phone call to a target that appears to be from a known caller. The scammer will often pose as the victim’s bank or credit union. The victim, believing they are speaking with a representative of their financial institution, will disclose their account information and even passwords, which can lead to the scammer emptying their accounts and/or stealing their identity. Sometimes, the scammer will provide the victim with a phone number to call, which will allegedly connect them with their bank or credit union. This number, of course, will only connect the victim to a scammer. 4. Facial spoofing In this most recent form of spoofing, a scammer uses a photo or video of a target’s face to simulate their facial biometrics. This enables them to unlock accounts that can only be opened via facial recognition. 5. Website spoofing In website spoofing, a scammer will create a bogus site that looks just like a reputable website that the victim often visits. Attackers will lure victims to this site for the purpose of stealing their login credentials and personal information. In this scam, also known as smishing, a victim will receive a text message on their personal device appearing to have been sent via a trusted source, such as the victim’s financial institution, place of work, or doctor’s office. The text will ask the victim to share personal information. They’ll often do so, mistakenly believing the sender of the text message to be who they claim to be. There are three players involved in MitM attacks: the victim, the party the victim is attempting to communicate with, and the “man in the middle”, otherwise known as the scammer who is intercepting the communications. In these spoofs, the scammer tries to eavesdrop on the interaction between the victim and the other party. Alternatively, they may try to impersonate the other party to get at the victim’s personal information. Deepfakes and spoofing Deepfakes is a relatively new and dangerous tool for spoofers. A deepfake is a fake image, video, or audio clip that has been edited to appear authentic. For example, a scammer may create a deepfake video using an image and audio recording of a celebrity and make it appear as if they are telling you to open a link or support a specific cause. Scammers use deepfakes to trap victims and appear as if they represent a trusted source. Protect yourself Spoofing is a formidable danger for consumers across the economic spectrum, but with the right tools and knowledge, you can avoid falling victim to these scams. Here’s how to protect yourself from a spoofing attack: Red flags Look out for these red flags that can alert you to a possible spoofing attack: If you’ve been targeted If you believe you’ve shared sensitive information with a scammer through a spoofing attack, there are steps you can take to mitigate the damage. First, contact your financial institution to let them know about the attack. You may place a credit alert or a credit freeze on your accounts, making it difficult or impossible for a scammer to open a line of credit or take out a loan in your name. If you believe your identity has been stolen, check out identitytheft.gov to learn what your next step should be. Finally, change the passwords on all your accounts to protect them from further attacks. Spoofing has gotten a lot more dangerous in recent years, but with proper awareness and basic protective measures, you can avoid getting scammed. Use the tips outlined here to stay safe.
6 Ways to Tell if a Website is Safe
In today’s digital age, where we rely on the internet for everything from furniture shopping to staying informed and entertained, safeguarding ourselves online is essential. The online landscape is filled with fraudsters using advanced techniques to exploit vulnerabilities. Accidentally stumbling upon an unsafe website can expose you to malware, including spyware that steals sensitive financial data and ransomware that locks your device and demands payment for its release. These threats can lead to devastating consequences such as drained bank accounts, fraudulent loans taken out in your name, and even identity theft. It’s crucial to stay vigilant and take proactive measures to protect yourself from online scams and threats. Fortunately, with the right steps and protective measures, you can easily avoid unsafe websites. Here are six ways to tell if a website is safe and secure. Secure websites like ours will have an SSL, or a Secure Sockets Layer. An SSL is a digital certificate that verifies a website is authentic and will automatically encrypt all personal information and financial data. There are two primary indicators of an SSL, both of which are easily visible in the site’s URL that’s displayed in your web browser: It’s important to note that most browsers will hide the beginning of the URL, which generally includes these two indicators of an SSL. However, you can easily read the entire URL by copying and pasting it to another tab, a Microsoft Word document or a Google Drive doc. Some browsers will also reveal this info if you hover over the left-hand side of the URL. In addition, clicking on the padlock icon will reveal more information about the site’s security. Next, look at the URL carefully. Are there any misspelled words? Does the URL mimic a well-known site or retailer? Scammers will often lure victims by creating bogus sites that look like they represent well-known companies. However, careful scrutiny of the URL will reveal basic spelling errors that give the scam away. You may also find that the site, which allegedly represents a famous company, belongs to a public domain, such as Gmail or Yahoo, as opposed to a private business domain, like Amazon.com. This, too, will tell you that you’re likely looking at a scam. Legitimate companies are eager to have you connect with them for any reason. They’ll generally display their contact information on their home page or provide a link through which to easily access it. Scammers, on the other hand, try to keep themselves as invisible as possible. You likely won’t find any tabs that say “Contact Us” or “About Us” on their website. You may find their email address on their site, but a phone number and street address will be glaringly absent or clearly made up. Authentic companies will take the necessary steps to make a professional impression on visitors to their website. Scammers, on the other hand, will not. Use their carelessness to your advantage by looking out for spelling mistakes and typos throughout the site. You can also be on the lookout for cheap design elements, including images that are clearly not original and logos that are poorly created. Each of these clues can signify a scammy website. If you enter a site’s URL into your computer and a warning pops up to alert you that the site you’re attempting to access is not safe, do not ignore it. You can choose to advance to this site, or back out. Unless you’re absolutely sure the site is secure despite the warning, it’s best not to choose to advance to the site. Websites that are flagged by devices generally do not pass the most basic security tests as detailed above. Scammy websites will try to trick you into downloading malware through pop-ups and embedded links. Sometimes, the links will be used to generate ad revenue through clicks. Whatever the intent, it’s important to know that reputable sites will not flood your screen with pop-ups and random links for you to click. If you encounter a site like this, you’re likely looking at a scam and should exit as soon as possible. Then, close your browser and have your security system run a scan on your device to find any possible vulnerabilities or safety breaches. Don’t get stuck on an unsafe site! Use the tips here to stay safe.