Protect your money...and your identity!
One of the biggest crimes affecting our world today is Identity Fraud. If your personal information is hacked, you can potentially lose everything—including your identity. Identity Fraud is a serious issue. According to a 2016 identity fraud study conducted by Javelin Strategy & Research, fraudsters have collectively stolen $112 billion in the past six years.
At OE Federal, we do our best to keep our members and their money safe. Our members’ security is our top priority; that’s why we are constantly updating and evaluating the security measures we use to protect you. We also make sure to provide the knowledge and tools that can help our members outwit and outsmart any possible threats on their own.
Unfortunately, the majority of people don’t realize they are a victim of Identity Theft until it’s too late. To keep your identity and money as safe as possible, it is important that you recognize when your identity is at risk, what scammers are looking for, and how to protect yourself.
Signs that you may be a victim of Identity Theft:
- Unsuspected rejection on a loan
- Receiving past due notices on Credit Cards you did not open
- Receiving past due notices on Loans you do not have
- Being contacted by collection agencies for bad checks you never wrote
- Receiving a confirmation letter from the US Postal Service about mail forwarding that you did not request
- Charges on your account you do not recognize
Each of these are tell-tale signs you have become a victim of Identity Theft.
What they want...
Identity theft is possible when someone else has access to confidential information about you. Certain confidential information would be:
- Debit/ATM Card Numbers
- Card Expiration Dates
- Credit Card Numbers
- Card Security Codes
- Personal Identification Numbers (PIN)
- Social Security Numbers
- Driver's License Number, Birth Date, Mother's Maiden Name.
It is also important to report your lost or stolen OE Federal cards as soon as possible using one of these numbers:
- Member Service: 800.877.4444
- Lost/Stolen Visa: 844.665.5275
What they do...
Hackers and scam artists are good at what they do, which means you must stay vigilant. Below are examples of common types of scams/fraud that financial institutions see far too often:
- Contest scams: You have “won” something and the person needs you to cash their fraudulent check and send them back some of the money for taxes, postage, shipping, etc.
- Secret Shopper Scams: You are “hired” to be a secret shopper, and your first job is to evaluate a money transfer service. You’re sent a check to deposit and withdraw against to wire to a third party. And of course, you’re on the hook for the money you had withdrawn before you knew it was a fraudulent check. Learn more at the Federal Trade Commission Consumer Information page.
- Craigslist Scams: One of the most common Craigslist scams is when the buyer purchases your goods from Craigslist, but “accidentally” sends extra money. They’ll offer that you can wire the difference back to them and perhaps take some extra money for your troubles. In this scam, the original check they sent is fraudulent, and you’ll end up owing the bank for the money you withdrew. To stay safe on Craigslist, follow the tips they recommend on their site—visit the Craigslist Avoiding Scams page.
- Social Media Scams: Through sites like Facebook and Instagram, the fraudster targets individuals who have an account at a Credit Union or certain financial institution. The member is contacted with an offer to deposit fraudulent checks via mobile deposit, keep half of the funds, and then use a wire transfer service like MoneyGram or Western Union to transfer the other half to someone else.
- “Computer Hacking” Scams: You’ll receive a call telling you that your computer is being hacked. The scam artist will say that they will stop the hack if you allow them to dial into your computer. And for a fee, they will protect your computer for one year or more! Don’t buy into it.
- Email Scams: You receive an email from an unknown party, and it contains a link that you’re “supposed” to click. When you do, your computer’s system becomes infected with malware. Learn more here.
Recognize OE Federal
Since these fraudsters use sneaky tactics to try to get your personal information, we want to make sure that you know how to recognize when it is actually OE Federal both online and off.
To verify you’re at OE Federal’s website, look for the following:
- The website address says: https://oefcu.org. Make sure the https is at the beginning of the web address since that means you’re establishing a secure connection.
- An unbroken, solid lock icon verifies the correct security certificates and means it is our website.
If you receive a call from someone saying they’re from OE Federal and they ask personally identifiable information such as your social security number or account number, hang up and don’t give it to them! The only time OE Federal asks for personal information is when the Call Center Member Representative receives your call and needs to verify your identity before proceeding. If you receive a suspicious call, hang up and call us immediately at 800.877.4444.
If you receive what seems to be an email from OE Federal that requests you to click on a link and provide personal information, don’t do it. We will never email you to ask for your personal information. However, be aware of confirmation emails from us (or other institutions) wanting to confirm that you’ve made changes to your accounts--especially if you did not make them (email, phone number, address, etc.). This could be a case of an account take over.
OE Federal will never use text messaging as a way to collect your personal information either. If you receive a text message asking you to click on a link to “verify” your account or identity, don’t do it. We will never ask for this information via text message.
Has someone stolen your identity?
If your ID has been stolen, you need to take action in defending your reputation right away. The Federal Trade Commission has great resources to help you understand what to do next.
Here are important actions you need to make immediately to prevent further damage:
1. Contact the three major credit bureaus and request a fraud alert be placed on your file
- Equifax - (800) 525-6285
- Experian - (888) 397-3742
- Trans Union - (800) 680-7289
2. Order copies of your credit report to find out if any fraudulent accounts have been opened in your name
3. Contact OE Federal and your other financial institutions (by phone and writing) to report the crime and monitor your accounts
4. Request OE Federal and your other financial institutions to flag your accounts and request notification for any unusual activity
For more information, please visit the following links:
- BALANCE: The Basics of Identity Theft
- The Federal Trade Commissions
- The Anti-Phishing Group
- On Guard Online
- California Office of Privacy Protection - California Residents
Arby's Restaurant Group Data Breach - February 2017
Arby’s Restaurant Group recently announced that a data breach occurred on their payment systems beginning in January 2017. With over 3,330 restaurants across the country, Arby’s states that not all restaurants were affected; however, Arby’s does believe that over 355,000 credit and debit cards have been compromised.
If you have used your credit/debit card at an Arby’s restaurant, OE Federal recommends that you monitor your accounts closely. If you notice fraudulent account activity, contact the Credit Union immediately by calling 800.877.4444.
At this time, Arby’s does not have any further information to provide. Arby’s Restaurant Group has an ongoing investigation and will release information as it comes forward, such as affected restaurant locations.
Aggressive and Misleading Third Party Mortgage Marketing - January 2017
It has come to our attention that OE Federal members with a mortgage loan may receive misleading letters from third-party entities. These often look very official and stress urgency in a quick reply. The letters offer to lower the rate and/or monthly payment, provide services to facilitate a bi-weekly payment plan, retrieve copies of your recorded documents for a fee, and other unsolicited services.
Please be advised that these letters are not mailed to you by OE Federal Credit Union. These third party entities gather this information in bulk from public records after your deed is on record at your county recorder. They then 'spam' multiple financial institution’s members or customers. OE Federal will never have a third party contact you by letter or by phone to discuss your membership. If you receive a similar letter or have questions regarding this, please contact our Real Estate Department at 800.877.4444
Yahoo! Breach - December 2016
On December 14, 2016, Yahoo! announced a breach to their servers which Yahoo believes took place in August of 2013, affecting over 1 billion accounts. It is believed that the details of information taken include: names, email addresses, telephone numbers, encrypted or unencrypted security questions and answers, dates of birth, and encrypted passwords. Yahoo! recommends that all users change their passwords if they have not done so already. This is a separate incident from the account breach announcement earlier this year that affected 500 million accounts. To learn more, visit the Yahoo! website.
Remember, it is important to have different passwords for all the sites you visit. If you are a Yahoo! user and share the same Yahoo! password with other websites, we encourage you to reset those passwords as well. Some characteristics of a strong password include, but are not limited to: at least 8 characters, at least 1 uppercase letter, at least 1 number, at least 1 special character, no dictionary words or names, and not easily guessed. To learn more about how you can protect yourself from Identity Theft, click here to watch a video from our financial fitness partner, BALANCE.
Holiday Scams - December 2016
The holiday season is a time for cheer. It is also a time to be vigilant and aware. Would-be scammers and fraudsters try to take advantage during the holidays. A scam that has received a lot of attention this season is the "Missed Delivery Notice." This is an email that is sent to you from what seems to be a legitimate note from USPS, UPS, FedEx, etc. claiming that you missed a delivery. The email then asks you to click a link to enter personal information to claim your package. In some cases, the email requests that you download a form to complete, which then leads to inadvertently downloading a malware virus to your PC.
How to spot these type of emails: legitimate emails from parcel companies will not request that you download documents and provide personal or financial information. Also, if you hover over the link in question, the URL link will not show as the supposed sender’s website, such as the UPS website.
To learn more about other holiday scams and how to avoid them, review our article here. And remember, OE Federal will never contact you by phone or email requesting your personal or financial information. If you receive a call or email that you question, contact the Credit Union immediately.
Wells Fargo - October 2016
Wells Fargo has been fined $185 million for illegally opening accounts for existing customers. More than 2 million accounts were opened without customer permission. The financial ramification to consumers is still being sorted through.
OE Federal has teamed up with BALANCE, our financial fitness partner, to provide members with free access to expert financial resources and counseling for those individuals who may have been affected by Wells Fargo’s practices.
To learn more about what happened, click here, or to set up a free one-on-one meeting with a BALANCE counselor, please call (888) 456-2227.
Yahoo Breach - October 2016
On September 22, 2016, Yahoo! announced a breach to their servers which took place in 2014. Hackers stole information associated with at least 500 million Yahoo! user accounts. The details of information taken include: names, email addresses, telephone numbers, encrypted or unencrypted security questions and answers, dates of birth, and encrypted passwords. The data breach is the largest discovered in the history of the Internet. Yahoo! recommends that all users change their passwords if they have not done so since 2014. To learn more, visit the Yahoo! website.
Remember, it is important to have different passwords for all the sites you visit. If you are a Yahoo! user and share the same Yahoo! password with other websites, we encourage you to reset those passwords as well. Some characteristics of a strong password include, but are not limited to: at least 8 characters, at least 1 upper-case letter, at least 1 number, at least 1 special character, no dictionary words or names, and not easily guessed. To learn more about how you can protect yourself from Identity Theft, click here to watch a video from our financial fitness partner, BALANCE.
Wendy’s Card Compromise - August 2016
Wendy’s announced they were involved in a payment card data compromise affecting those who made purchases in some Wendy’s restaurants between Fall 2015 and Spring 2016. This compromise may include OE Federal Visa debit and credit cards.
If you made a purchase at a Wendy’s restaurant during this time period, we encourage you to closely monitor your Visa and/or Checking Account over the next few months and notify us immediately if you find any unauthorized activity. To report unauthorized activity on your account, notify us by calling 800.877.4444.
Wendy’s recently released information regarding this data breach, including a letter from Todd Penegor, President and CEO of The Wendy’s Company, and a listing of potential Wendy’s restaurant locations that were affected by the breach: