Latest Fraud Alerts
Yahoo recently announced another huge security breach and we wanted to remind everyone about some standard practices for when security breaches occur. Breached information from the Yahoo incident included user names, email addresses, telephone numbers, birth dates, password hashes and security questions. It’s estimated that this breach affected more than one billion accounts, which poses a serious question: If I have a Yahoo account, what should I do now?
- First and foremost, change your password and security questions IMMEDIATELY and set up multifactor authentication if available. For security purposes, it’s best to have different complex passwords for all your online sites. The reason behind this is, once hackers have your password, they have programs built to exploit any other sites that you use the same email/password combination on.
- Beware of phishing emails asking for more information regarding your security questions. Hackers can use stolen credentials to craft emails that may appear to be legit, for example asking you to verify your security questions, but are actually just steps to victimize you even further.
If you suspect that you've been a victim of any fraud or breach in security, please contact our Member Solutions Center immediately at 800.442.2800.
- Look for tamper-evident stickers. If the security seal near the credit card unit looks tampered with, as if someone tried to open it, it might be compromised.
- If you have the choice, use the pump closest to the cashier. Criminals are less likely to apply skimmers or other criminal tolls so close to the attendant.
- When in doubt, use cash. While yes, credit cards lend convenience, you can never be safer than using cash.
- Pay inside. If cash isn't an option, head inside to handle your debit/credit card transaction.
In the recent days, there has been an increase in call volume regarding members receiving text messages and phone calls asking for their 16-digit card number to either activate cards or verify fraud transactions. These calls and texts are fraudulent and are an attempt by fraudsters to steal a member's card information.
- Please Note: Honor Credit Union will never ask for your personal information - including credit or debit card numbers over the phone. If you receive a call or text message asking for your information, please hang up immediately and/or do not respond. If you think your account has be compromised or you are a victim of fraud, please call us at 800.442.2800 as soon as possible.
- Fraudulent Phone Numbers Include
Social Engineering Scams Targeting Consumers
The significant amount of data breach activity affecting the card industry in recent months has generated an increase in socially engineered fraud scams aimed at consumers. Criminals are taking advantage of vulnerable consumers by leveraging Phishing, text and phone channels to trick them into providing personally identifiable information. The geographic areas where these scams are operating, as well as the information criminals are attempting to gather, are completely diverse. Here are some examples of recent scams operating in the US:
Automated Vishing calls: Consumers are receiving automated phone calls from a blocked source stating that their payment cards have been blocked. Cardholders are asked to enter their full card number and PIN or CV2 information to reactivate their card. If the calls go unanswered a voicemail message is left instructing the consumer to contact a number to reactivate their account.
Text Smishing messages: Text messages referencing compromised cards and suspended accounts are typical. A number is provided within the text message for reactivation. Most messages do not reference a particular financial brand name. Affected regions have been varied.
If you suspect that you've been a victim of fraud, or if you notice any suspicious account activity, please contact us immediately at 800.442.2800.