Identity Theft Prevention and Protection
The best protection against many types of fraud and identity theft is knowledge. The best way to safeguard your personal, private information is to NEVER give it out via telephone, U.S. mail or email. Arlington Community Federal Credit Union will NEVER solicit personal information from you, and other organizations should have no need to initiate such a request either.
The only time we will ever ask you to verify information is when we have reason to believe your Arlington Community FCU Visa account may have been compromised. When this occurs, our representative will call you and ask you to verify your past several transactions. They will never ask you to provide additional information, and they will never ask you to verify your PIN, any of the numbers on the back of your card, your Arlington Community FCU member number or any other personal, private information. If you have any reason to question whether the person is actually calling on behalf of Arlington Community FCU, please call our call center at 703.526.0200 to verify the caller’s identity. We’ll be happy to authenticate the reason for the call and will never be offended by your asking.
No one wants to be a victim of fraud. To help you prevent identity theft, Arlington Community FCU has compiled a list of resources that will help keep you up-to-date on the latest scams and provide you with the information you need to protect yourself and your money. Below is some general information about fraud prevention as well as a list of resources you can use to protect yourself from this crime and to help you if the unfortunate does occur.
Identity Theft is the fastest growing crime in the United States, impacting one out of every 23 persons. It occurs when someone steals someone else’s personal, private information and then pretends to be that person… usually in the commission of a felony.
Here are a few tips to help you minimize your risk of identity theft:
- NEVER give out personal information over the phone or Internet unless you initiate the transaction and are sure of the recipient
- Do NOT carry your Social Security card in your wallet
- Make copies (front and back) of all cards and pieces of information you carry with you, so that if your wallet is stolen, you have the numbers you will need. Be sure to keep the copies in a secure location such as a safe
- Do NOT preprint your Social Security Number or Driver’s License number on your checks. And, do not allow a merchant to write those numbers on your check either
- Be careful with receipts and pre-approved credit card offers – be sure to destroy all unused offers immediately – possession and regular usage of a personal shredder is a good idea
- Remove mail promptly from your mailbox each day. If you plan to be out of town for an extended period of time, ask the Post Office to hold your mail until you return
- Check your FREE credit report annually to ensure all information is accurate and that there is no incorrect information present
Phishing scams are generally “spoofed” emails and fraudulent web sites that often contain stolen images from trusted sources to make it appear they’re being sent by someone (or organization) you already know. These emails then ask you to provide or “verify” your personal, private information (passwords, credit card numbers, account numbers, etc…). Phishing solicitations for personal information can also take place over the telephone. If you are contacted in this manner, get the caller’s name and phone number. Then, call the number of your financial institution, credit card company, etc… (whoever the caller claims they’re representing), and ask if that person is actually employed there. Do not use the phone number provided by the caller.
To avoid phishing, be cautious when using the Internet and when responding to telephone solicitations:
- Be suspicious of any email that is marked urgent request and asks for personal information
- If you are not sure if an email is authentic, do not click on the links contained in the email
- NEVER fill-out emailed forms that request personal information
- Double check that web sites you are submitting your credit card or personal information through are secure. Look for https:// to appear in front of the address you are using in your browser bar
- Review your statements regularly to make sure there are no irregularities
- Be suspicious of emails that claim to be from your financial institution (if they request information from you)
- Install a firewall, as well as an anti-spyware, program on your computer
- Update your browser with security patches regularly
- To report phishing emails you have received, forward them to the Federal Trade Commission and the Internet Fraud Complaint Center of the Federal Bureau of Investigation
Skimming is the act of capturing magnetic information from a credit or debit card and then using it for fraudulent purposes. Skimming can be performed either with a handheld device or a magnetic reader attached to a credit or debit card portal.
To help prevent your card from being skimmed:
- If an ATM or credit card machine looks tampered with, try to find an alternative machine
- Protect your PIN number with your body when you enter it into an ATM or credit machine
- If a waiter or store clerk must take your card in order to charge it, try to keep the person in sight as they do so
SMiShing is a form of criminal activity using text messages to prompt individuals to provide the “SMiSher” with their personal, private information usually for the purpose of financial gain. The term is a combination of “SMS”, the technical term for texting, and “phishing”. SMiShing victims usually receive a text message which reads something like, “We’re confirming you recently applied for a credit card at ABC Credit Union. You will be charged a fee of $50 unless you cancel your application on this URL: www.???.com.” When visiting the URL, the member is prompted to download a program which turns out to be a Trojan Horse and extracts other private, personal information from the member sending it to criminals responsible for the fraud.
To protect themselves, members are advised to NEVER respond to such text messages. Arlington Community FCU will never text you requesting you to provide an personal, private information. And, there is no reason a legitimate business should do so either.
Vishing is the criminal practice of using the telephone to gain access to private, personal information for the purpose of financial gain. The term is a combination of “voice” and “phishing” and is typically used to steal credit card numbers, PIN numbers, account numbers and other information used in identity theft schemes. Often, the “vishing” caller states that they are calling to alert the member that their credit card, debit card or other account has been compromised and they need to provide, validate or verify certain member information in order to maintain the member’s account/card in working order. Often, the call is automated and requires the member to respond by calling a separate phone number or by logging in to a web site to provide the requested information. And sometimes, the caller has already accessed part of the information necessary to commit theft on the member’s account. They’re just missing one last piece the information necessary to commit fraud… like a PIN number or the numbers printed on the backside of a credit card. While legitimate financial institutions usually provide members with a free monitoring service to protect them from identity theft and will make calls to verify “unusual” transactions made using a member’s account or card, these calls will always be made by a live person. And, the caller will only ask members to verify their past several transactions not their account numbers, their PIN numbers, the code on the back of their card, etc…
To protect themselves, members are advised to be highly suspicious when receiving messages directing them to call or go to a web site and provide credit card or other account information. Rather than provide this information, members should call their credit union, bank or card company directly to verify the validity of the message.