Fraud Alerts

Home

Join Our Membership

Special Offers

Online Services Overview

Loans for You

Business Services

Online Services Enrollment

Fraud Alerts

The following list provides information about current scams and schemes. This information is provided as a service for the protection of our AEA Federal Credit Union members and members of the communities we serve. Please call our Security Manager, Mike Meline, at (928)373-5464 if you have provided any personal information to anyone you do not personally know.

If you receive a telephone call or any other communication from someone purporting to be employees of AEA Federal Credit Union, VISA Card Services, or anyone who needs information about your Visa Check card, ATM Card, or account; please ask if you can call us back. Then call us back at (928) 783-8881. At that point, we can be sure that you are speaking to us, not a criminal who is trying to get you to release valuable information that could be used in a crime.

Remember: Real financial institutions will never send you an e-mail addressed "dear member" or "dear customer" and require you to submit your personal information. Please call your financial institution and verify all such communications.

Please note: The e-mails will commonly have misspelled words, poor punctuation, and improper word usage. I have not corrected anything in the e-mails. I have removed all links from the e-mails for safety and security reasons.

Nov 10, 2009	Security Advisory for Holiday Season 2009 Please read the following article, it contains information about a holiday scam. The article is posted as found at http://www.easysol.net/newweb/Industry-News/Security-Advisory-for-Holiday-Season-2009 Easy Solutions Alerts Online Users on Phishing Emails that Pose as Shipping Companies Easy Solutions Inc., leader in fraud prevention, alerts online users about fraudulent emails that pose as shipping companies with the intention of steal users’ identity. Customers need to be aware of such scams and keep alert, especially during this holiday season. Sunrise, FL November 9, 2009 - Easy Solutions Inc, a leading security vendor specialized in fraud prevention, has released a security advisory alerting online users on an increased number of phishing (scam) emails that appear to be from shipping companies like, UPS and FedEx. These messages typically include a malicious file or link that claims to be the invoice of a misguided package, but in reality, attempts to infect the user's system with malicious software that is able to steal login credentials which can be used to run up bills or commit crimes. “More important than the rise in the number of phishing emails is the high complexity of the malware included as payload, which includes code encryption to avoid antivirus detection”, explains Easy Solutions Regional Director for the Americas, Ricardo Villadiego. “Although the first wave of this attack was related with shipping companies, like UPS and FedEx, we also started detecting phishing emails that pose as Facebook and Western Union messages. We anticipate this malicious activity will get worse as we approach the holiday season”, added Villadiego. To protect against phishing / pharming attacks Easy Solutions recommends: Keep your antivirus up-to-date. Avoid opening attachments or links contained in unsolicited email messages. Be cautious of all emails or pop-ups that ask for personal or financial information. Never click on links in email, even if they appear to be normal emails from your bank, instead type in the web address of the trusted site. Don’t reply to the malicious email, delete it immediately. To learn more about phishing and how to protect yourself and your business please visit: http://www.easysol.net/newweb/Services/detect-monitoring-service
Oct 1, 2009	Text Message Fraud AEA Federal Credit Union has been informed of a text message fraud where members of financial institutions are receiving text messages from fraud rings. This activity is currently happening in New York. Please recognize that this could happen in any area; never provide your card information to someone who contacts you directly. If you are asked to provide protected information, please call the organization directly, using numbers you obtain yourself.
Jul 17, 2009	Cisco: SMS, Smartphone Attacks on the Rise New research from Cisco says criminals are finding new techniques, new targets with fraudulent text messages and "smishing" campaigns by Joan Goodchild, Senior Editor, CSO July 14, 2009 New research released today by Cisco warns criminals are rapidly adapting to a more modern economy and continue to find new ways to exploit people with mobile phones and through social networks and text messages. The Cisco 2009 Midyear Security Report finds that much like a successful business, the criminal underground works together to understand and take advantage of the evolving behaviors of the demographic they are trying to fleece. As part of this strategy, cyber criminals quickly seize upon current events, such as swine flu and the recent death of Michael Jackson, in order to fool people into phishing scams or to spam advertising for preventive drugs and links to fake pharmacies. "The bad guys were pumping out more than 2 billion spam messages the day after Michael Jackson died with all kinds of trickery," said Patrick Peterson, Cisco fellow and chief security researcher. The report also notes an increase in the use of SMS text messages as an attack vector. Since the start of 2009, at least two or three new campaigns have surfaced every week targeting handheld mobile devices, according to Cisco, which describes the rapidly growing mobile device audience as a "new frontier for fraud irresistible to criminals." (See also: Mobile Malware: What Happens Next?) The report also references a new technique called "smishing," which Cisco predicts will increase in the coming months. A smishing attack involves sending a phishing link to a smartphone that is sophisticated enough to actually click on a link contained in a text message. However, the more common SMS attack these days involves a fraudulent text message that appears to be from a trusted source, such as a bank, and prompts the user to call a phone number and reveal private information. The tactic makes use of an older, yet more trusted mode of communication, said Peterson. "One of the most interesting innovations we have seen is the use of audio channel to phish the victim," he said. "What we see in a majority of these types of phishing attacks is the SMS will tell the cell phone owner to call a phone number. Some lovely recorded voice answers and asks you to enter or speak your account number, your social security number. It will keep asking as long as someone is gullible enough to give out that information. And all of that gets captured on voice over IP (VOIP) on standard open source audio file." The technique is proving successful in many instances, said Peterson, because users have not yet learned to be wary of audio scams. "A lot of people don't have the defenses against the audio channel. We've heard "Check the URL!" and "Don't click the link!" But I don't think a lot of people have heard "Don't enter your name into a touch-tone handset."" Peterson said while SMS attacks are still new in the United States, they are more common in other countries, such as Japan, where SMS technology is more pervasive and has been popular for much longer. The report also points to an increase in vulnerabilities that are being uncovered in smartphone operating systems since the market for victims has increased with widespread smartphone adoption (See also: 3 Simple Steps to Hack a Smartphone). "The market size dictates the investment. Five years ago in the U.S., the handset market was not very big. Now with that growing, it becomes a primary device and absolutely the amount of criminal focus around those exploits will increase." © CXO Media Inc.
Apr 3, 2009	Infragard's Free Security Awareness Training New Awareness Program Will Provide FREE Online Awareness Training for Individuals And Small Businesses Nationwide at www.InfraGardAwareness.com Fairfax, VA (PRWEB) April 2, 2009 -- The InfraGard National Members Alliance (INMA) and the Center for Information Security Awareness are pleased to announce the launch of a FREE online information security awareness training program that focuses on the workplace as the foundation for better security education and training. A growing number of studies have identified employees and other insiders as the cause of the majority of data and security breaches and better security awareness and training is central to reducing these incidents. The web-based course, created by The Center for Information Security Awareness, is professionally narrated throughout and consists of 14 separate lessons covering key information security issues that can impact the workplace. These include cyber threats to the workplace and the nation, understanding how employee behavior is exploited, the importance of regulatory compliance, better workplace security, effective password practices,understanding social engineering, improved email practices, safer web surfing practices, protection of sensitive data, as well as laptop, PDA and mobile security. Participants can also elect to obtain their personalized InfraGard Certificate in Information Security Awareness in the Workplace. The examination consists of 100 randomly-generated questions based upon the material covered in the course and an individual may take the exam as many times as necessary to achieve a passing score. The free course and additional information may be found at www.InfraGardAwareness.com. "This interactive and engaging training targets issues central to Critical Infrastructure Protection (CIP) and dovetails seamlessly with InfraGard National Members Alliance's priorities. We're pleased to make this important training available to anyone for free and also encourage people to earn this certification. Each opportunity to gain additional professional development contributes to enhancing the capabilities and contributions of our extensive membership to homeland and national security," said Dr. Kathleen Kiernan, Chairman of the Board of the InfraGard National Members Alliance. "We at the Center for Information Security Awareness are excited to partner with InfraGard in this important initiative. In today's economic climate, security and training budgets are shrinking while fraud schemes and data security breaches are increasing. Our goal in offering this free awareness training is to make meaningful progress in improving awareness of computer and information security best practices and, as a result, reduce the frequency of data and security breaches," said Jon McDowall, director of education and co-founder of the Center for Information Security Awareness
Feb 24, 2009	Credit Union National Administration Alert February 23, 2009: Credit Union National Association is aware of a number of text messages and emails that are circulating under subjects like: Account De-activation Account Status Alert Changes to Terms and Conditions Irregular Activity These e-mails and text messages ask that the customer call a number in order to have their account reactivated. Some may request that you leave callback information or provide your financial information directly. All of these e-mails are fraudulent. Please do not respond to these messages. The Credit Union National Association is the trade association for credit unions in the US. CUNA does not maintain any type of customer/member financial information. Additionally, your financial institution would never solicit your personal identification information via email. If you did respond to such a solicitation, you should contact your financial institution directly using the local phone number provided by your financial institution. More Information on Internet Fraud Report a suspicious email
Feb 24, 2009	Phishing Scam, as reported by the Tuscaloosa Federal Credit Union Below is a description of a scam that is being reported by Tuscaloosa Federal Credit Union. This seems to be a widespread scam that tricks members into providing information to scammers. Please call the credit union directly (using our (928) 783-8881 number) if you receive any calls from anyone purporting to be us. Here is the message that was taken from "http://www.tvacu.com/tvacu/News.asp?111:" Credit union information received within the last week suggests an increase in phishing activity. The fraud appears to be widespread geographically and fraudsters are utilizing a variety of ways to obtain personal member information. Educating members may be a never-ending process, but credit unions must remain committed to this task so scammers are not able to trick members into divulging personal and financial information. Examples of recent reported phishing activity includes the following: Text messages were sent to members indicating they should call a specific number and provide credit card information based on a freeze on their account. Computerized calls to members indicated possible tampering of their check cards and asked them to enter their 16-digit check card number. The phone number shown on Caller ID appears to be a legitimate number, possibly hijacked by the fraudsters. Members were blanketed with phone and text messages stating their cards had been suspended and directed them to call a number to reactivate. When members call back, they are instructed to input their card numbers and PIN. It is our understanding that counterfeit cards were then created and ATM/Debit card PIN-based transactions took place in Romania. For this to happen, we believe that most likely CVV/CVC counterfeit protection encoded in the mag stripe was not validated. Please reference our previous risk alert on CVV/CVC/CV PIN validation for more detailed information. Fraudulent e-mail and text messages are being sent to appear as if they are from the credit union. The credit union's Web site has been re-created by the scammer, who then asks members to enter their card numbers, expiration date, PIN andCVV2/CVC2 numbers. Members are also being called in the middle of the night stating their cards are experiencing fraud, and they are then asked to provide personal information. Credit cardholders received a telephone message from an unknown party who left a telephone number for the member to call. The caller ID read 'economic relief.' When members returned the call, they were prompted to press 1 to lower rates, a person then came on and asked for social security number, credit card number, etc. The Credit Union National Association (CUNA), NOT CUNA Mutual Group, has also been the subject of recent phishing attacks. Credit union members received e-mail messages appearing to be from legitimate e-mail addresses for CUNA and other credit unions stating "Your card has been deactivated." The members are directed to call an 800 number (there are multiple 800 numbers being used) to 'activate' their card and PIN. One aspect of this scam causing particular concern is the realistic nature of the call: a message indicates all operators are busy, callers hear music for several seconds, and then a normal sounding (non-computer generated) voice prompts them to leave their name and a callback number. Our understanding is they will receive a call back from an actual person making the request seem valid. For additional information, please link to the Fraud Alert on CUNA's Web site. Credit Unions can report suspicious activity and phishing emails for CUNA by sending the information to: abuse@cuna.org. Unfortunately, the threat of fraud due to phishing attempts continues to be very active. Fraudsters are increasing in sophistication and this type of activity shows no sign of slowing down. In these economic times, it is even more critical to continue educating members on the various ways fraudsters try to obtain their personal information for financial gain. Please call us immediately if you receive a suspicious inquiry.
Dec 8, 2008	FBI Warning about a Voice Scam Intelligence Note Prepared by the Internet Crime Complaint Center (IC3) December 5, 2008 -------------------------------------------------------------------------------- New Technique Utilizing Private Branch Exchange (PBX) Systems To Conduct Vishing Attacks The FBI has received information concerning a new technique used to conduct vishingi attacks. The recent attacks were conducted by hackers exploiting a security vulnerability in Asterisk software. Asterisk is free and widely used software developed to integrate PBXii systems with Voice over Internet Protocol (VoIP), digital Internet voice calling services; however, early versions of the Asterisk software are known to have a vulnerability. The vulnerability can be exploited by cyber criminals to use the system as an auto dialer, generating thousands of vishing telephone calls to consumers within one hour. If a consumer falls victim to this exploit, their personally identifiable information (PII) will be compromised. To prevent further loss of consumers' PII and to reduce the spread of this new technique, it is imperative businesses, using Asterisk, upgrade their software to a version that has had the vulnerability fixed. Further, consumers should not release personal information in response to unsolicited telephone calls. Providing your PII will compromise your identity! If you have been a victim of Internet crime, please file a complaint at www.IC3.gov. -------------------------------------------------------------------------------- Vishing utilizes caller ID spoofing via VoIP to contact potential victims in order to gain access to their PII by convincing the victim that the criminal is associated with a legitimate business with a need to know the victim's PII. PBX Systems are used by companies to allow telephone calls between VoIP enterprise users on local lines while allowing all users to share a limited number of external lines.
Dec 8, 2008	Circulation of Fraudulent E-mail Claiming to be From FBI Assistant Director, Kevin Favreau Intelligence Note Prepared by the Internet Crime Complaint Center (IC3) December 5, 2008 -------------------------------------------------------------------------------- Circulation of Fraudulent E-mail Claiming to be From FBI Assistant Director, Kevin Favreau Spam, purportedly from the FBI, continues to be an epidemic. As with past spam attacks, the latest version uses an FBI official's name. The current spam e-mail claims to be an official order from the FBI's Anti-Terrorist and Monetary Crimes Division. Recipients are told they have been named the beneficiary of millions of dollars; however, the e-mail claims the FBI has stopped the transfer of these funds due to suspicion that they are related to terrorism. Recipients are also given directions on how to obtain a "Diplomatic Immunity Seal of Transfer" which must be provided or they will face prosecution. Assistant Director Favreau is fraudulently listed as the "veteran special agent" who authorized the "official" order. Do not respond, these e-mails are a hoax. The FBI does not send unsolicited e-mails. Consumers should not respond to any unsolicited e-mails or click on any embedded links, as they may contain viruses or malware. It is imperative consumers guard their personally identifiable information (PII). Providing your PII will compromise your identity! If you have been a victim of Internet crime, please file a complaint at www.IC3.gov.
Oct 16, 2008	Debit Card Phone Scam Alert Some of our members have been receiving automated phone calls regarding their debit card. The call requests that you input your account information to reactivate your card. Please be aware that these are not authorized calls. Do not input your information. If you entered your information, please contact us immediately. During business hours call 928.819.5995. After hours, please call 1.800.554.8969. If you have any additional questions, please feel free to contact us.
Sep 23, 2008	'Emergency' scam targets senior citizens We found this information at;http://www.katu.com/news/29249664.html WOODBURN, Ore. – The voice on the other end of the phone sounded desperate. "This is your favorite grandson," the person said. He was in jail, in Canada, following a car crash. And he didn’t have his credit card to make bail. Could she also keep his crash and imprisonment a secret? The Woodburn grandmother said yes and sent $5,300 to help out the person on the phone who said she was her grandson, but it was actually someone just looking fleece another worried grandparent. The family of the woman said she has 10 children and 50 grandchildren, making it easier for the crooks to play on confusion and guilt. It’s a scam police say is spreading and is working. Victims include residents in Oregon and Washington. Investigators advise families to meet once or twice a year and warn older family members of the scam and to put in place safeguards to protect themselves. Anyone calling and asking for money in an "emergency" situation should be asked a lot of questions, including personal questions that only that person should know, such as the name of their grade school, a pet’s name, or the name of another relative. Also, family members should agree on a code word to be used only in emergencies, and grandparents should never be ashamed or pressured into action if the person does not know it or claims to have forgotten it. Authorities are trying to find the perpetrators but said that once money has been sent, usually through a wire service, the chances of getting it back are very slim.
Aug 6, 2008	Fake E-Mail from the National Credit Union Administration We have recently had several members call about an E-Mail they received. Please remember that the National Credit Union Administration is our regulatory agency, similar to that of the FDIC for banks. They do not monitor your accounts; they monitor our compliance with the rules and laws that govern our activity. Please also remember that we do not communicate with you and will never have anyone communicate with you via E-Mail for fraud related situations. We will call you directly. Should you receive a similar communication, call us directly (using our phone number (928) 783-8881).
Jul 21, 2008	Scam Artists Pretending to be Wal-Mart Employees! I just spoke with a member who received a telephone call from a parson who stated he was from Wal-Mart and that he was offering vouchers for a small fee. This member lives in the Yuma area, so it is likely that the scam artist(s) are targeting people from this area. I conducted some research into this scam and found several different sites that mention this scam. The state of North Carolina released an excellent document with a long list of scams. The Wal-Mart Scam made the list, here is what the article said; “Scammers are now claiming that they represent Wal-Mart or some other major retailer. They state that you have been selected to receive special store vouchers worth $495 as part of a nationwide promotion. They request your bank account numbers so they can withdraw $4.95 from your checking account to cover the costs of delivering the voucher. If you provide the numbers, your checking account will be electronically debited in the amount of $495, sometimes more than once. No voucher is ever delivered.” The North Carolina document can be found by clicking by clicking on the following link; North Carolina Department of Justice Always verify any such telephone call by calling the company directly. Use the telephone numbers found in a telephone book, never the telephone numbers provided by the caller(s). If you are in doubt about the call(s) and have been unable to reach the company, contact your local law enforcement or the Federal Trade Commission for more information.
Apr 11, 2008	Arizona Attorney General, Terry Goddard Warns Consumers About Text Message Scam Terry Goddard Warns Consumers About Text Message Scam Attorney General Terry Goddard today warned consumers about the latest “phishing” scam using text messaging. The scam is a variation on traditional “phishing,” which involves scammers searching for personal identifying or financial information by sending phony emails. The text message scam works like this: A consumer receives a text message stating that a bank account has been suspended. The consumer is provided a phone number to call to “reactivate” the account. When the phone number is called, a recorded message asks the person to enter his or her bank account number. The text messages have falsely claimed to be from various banks and credit agencies in the state, such as Arizona Central Credit Union. This is a scam! These text messages are fraudulent and are an attempt to steal personal identifying and financial information. Goddard offered the following tips: • Be wary of text messages or phone calls that insist on gathering personal information. If you don’t know who is making the request, delete the text message or hang up. • Do not give out personal information, such as your Social Security number, bank account numbers or credit card numbers, to anyone you do not know. • Report any suspicious calls to the Attorney General’s Office at 602-542-5763. If you believe you have been a victim of fraud, please contact the Attorney General’s Office in Phoenix at 602.542.5763; in Tucson at 520.628.6504; or outside the Phoenix and Tucson metro areas at 1.800.352.8431. To file a complaint in person, the Attorney General’s Office has 36 satellite offices throughout Arizona with volunteers available to help. Locations and hours are posted on the Attorney General’s Web site at www.azag.gov. Please visit the Web site to sign up for scam alerts and weekly messages from Attorney General Goddard.
Apr 9, 2008	Text Message Scam The National Credit Union Administration sent out the following message; The purpose of this fraud alert is to inform you of a scam that involves unsolicited text messages sent to cell phones. The message urges the recipient to call a number provided for information about account discrepancies and then solicits individual account Information and pin numbers. Cell phone users should be weary of unsolicited text messages. Such messages should be deleted and all deleted text messages should be removed, if possible, as the perpetrators have been known to use Spyware1 in conjunction with their text message solicitation. Credit union members and personnel need to be informed of these types of scams. Such a scam could be used to obtain personally identifiable Information and credit union account access information, for those who access their accounts using their cell phones.
Feb 11, 2008	Phishing scammers use “Teacher of the Year” ploy! The fraudsters tell teachers (former and current)that they have been nominated by former students and then ask for personal information and Home Equity Line of Credit information.
Feb 11, 2008	Consumer Advisory: Terry Goddard Warns of Tax Rebate Scam (Phoenix, Ariz. - Feb. 11, 2008) Attorney General Terry Goddard today warned consumers about the latest solicitation scam stemming from the proposed Congressional economic stimulus package. Arizonans should use great caution if they receive phone calls or emails that claim to be related to government-issued tax rebates. The mailing of tax-reporting forms on Jan. 31 marked the beginning of this year’s tax season. Unfortunately, identity thieves often prey upon taxpayers’ nervousness over the power of the Internal Revenue Service (IRS) to obtain their personal and financial information. Thieves then use this personal information to drain victims’ bank accounts or obtain credit in their names. This year’s rebate scam follows the lines of a traditional phone solicitation fraud. The caller claims to be an IRS employee and tells consumers they are eligible for a tax-rebate check from the government. But to process that rebate, people are informed they need to provide personal banking information. If they refuse to give this information, they are told they will not receive the money. An email version of this scam, also claiming to be from the IRS, encourages recipients to access a Web link or download and fill out an attached form to provide personal information. Often recipients are led to believe that failing to provide the information will knock them out of good standing with the IRS, prevent them from receiving their rebate or refund or even cause them to be audited. The attachments can also contain spyware that enables the thief to steal victims’ personal and financial information. The Attorney General’s Office and the IRS encourage you to follow these guidelines to protect yourself from identity thieves during the tax season: �� The only IRS Web site is www.irs.gov, and all genuine IRS Web pages begin with http://www.irs.gov/. If you want to access the IRS via Internet, you should type this address into your browser. Do NOT follow links provided in an email. �� The IRS and the Arizona Department of Revenue do not send unsolicited tax-related emails to taxpayers and will never ask for personal information (such as Social Security, bank account or PIN numbers) via email. If you receive an email claiming to be from the IRS or Department of Revenue that asks for personal or tax-related information, you should be highly skeptical. Suspicious tax-related emails can be forwarded to phishing@irs.gov. �� As of this date, no legislation has been enacted to authorize the federal tax rebate or authorize the IRS to make payment of such a rebate. �� Be careful with all documents that contain personal financial or tax-related information. Scam artists are aware that mailboxes, home offices and even trash bins often contain sensitive documents during tax season. Make sure to collect your mail regularly, store all tax related documents in a safe place and shred all documents that contain personal financial information before throwing them away. Attorney General Goddard offers the following tips for preventing identity theft year-round: �� Be wary of callers who insist on getting your personal information. If you are being pressured, hang up. �� Never give out personal information, such as your Social Security number, bank account numbers or credit card numbers, to anyone you do not know. �� Report any suspicious calls to the Attorney General’s Office at 602-542-5763. If you believe you have been a victim of fraud, please contact the Attorney General’s Office in Phoenix at 602.542.5763; in Tucson at 520.628.6504; or outside the Phoenix and Tucson metro areas at 1.800.352.8431. To file a complaint in person, the Attorney General’s Office has 36 satellite offices throughout Arizona with volunteers available to help. Locations and hours are posted on the Attorney General’s Web site at www.azag.gov. Please visit the Web site to sign up for scam alerts and weekly messages from Attorney General Goddard. Individuals with tax-related questions can contact the IRS toll-free at 1-800-829-1040 or contact the Arizona Department of Revenue at 602 255-3381 or toll-free from 520 or 928 area code at 800 352-4090.
Jan 25, 2008	FRAUDULENT E-MAILS PURPORTING TO BE EQUIFAX We received the following E-Mail from Equifax (this affects Businesses who report credit information to Equifax only); Equifax has verified that phishing attempts have been made on some customers using our online delivery portal Equifax ePORT®. "Phishing" or "spoofing" is an e-mail threat where fraudulent e-mails appear from a well-known company and ask you to provide, update or confirm certain onfidential information. In this instance, some Equifax ePORT customers have reported receiving e-mails appearing to be from Equifax requesting that they provide Company ID, User ID and Password. Equifax would never ask for this information. These e-mails have not been sent from Equifax and are not legitimate. DO NOT RESPOND TO THEM. Simply clicking the link in a spoofed e-mail can be dangerous, even if you do not provide the information requested. When in doubt if a message is authentic or not, always contact Equifax to confirm. If you believe you have responded to a phishing attempt concerning your Equifax ePORT account, please call Equifax at 1-888-592-0008 immediately, or fax us at 770-752-1275.
Dec 18, 2007	ALERT: SECRET SHOPPER SCAM A direct mail scam is underway by a company called, Consumer Research Group. Letters encouraging individuals to take advantage of a secret shopping employment opportunity have been reported. Counterfeit checks containing AEA Federal Credit Union’s logo are included in this mailing. If you receive this mailing, do NOT try to cash the check. Please contact AEA Federal Credit Union’s Compliance Department immediately at 928.373.5412.
Dec 13, 2007	Credit Card Scam I received this information from the Pima County Sheriff's Office. It is labeled as their "Scam of the Week". The following is quoted from their website; This scam is pretty slick; they provide YOU with all the information – except the one piece they want and need. The callers do not ask for your card number; they already have it.! This information is worth reading. By understanding how the VISA & MasterCard Telephone Credit Card Scam works, you will be better prepared to protect yourself. The scam works like this: Person calling says, “This is (name), and I’m calling from the Security and Fraud Department at VISA. My badge number is 12460. Your card has been flagged for an unusual purchase pattern and I’m calling to verify. This would be on your VISA card which was issued by (name of bank). Did you purchase an Anti-Telemarketing Device for $497.99 from a marketing company based in Arizona?” When you say “No,” the caller continues with, “Then we will be issuing a credit to your account. This is a company we have been watching and the charges range from $297 to $497, just under the $500 purchase pattern that flags most cards. Before your next statement, the credit will be sent to (give you your address). Is that correct?” You say, “Yes.” The caller continues, “I will be starting a fraud investigation. If you have any questions, you should call the 1-800 number listed on the back of your card (1-800-VISA) and ask for security. You will need to refer to this Control Number.” The caller then gives you a six (6) digit number. “Do you need me to read it again?” Here’s the IMPORTANT part on how the scam works. The caller then says, “I need to verify you are in possession of your card.” He’ll ask you to “turn your card over and look for some numbers.” There are seven (7) numbers; the first four (4) are part of your card number, the next three (3) are the security numbers that verify you are the possessor of the card. These are the numbers you sometimes use to make Internet purchases to prove you have the card. The caller will ask you to read the three (3) numbers to him/her. After you tell the caller the numbers, they’ll say, “That is correct. I just needed to verify that the card has not been lost or stolen and that you have your card. Do you have any other questions?” After you say no, the caller then thanks you and states, “Don’t hesitate to call back if you do,” and hangs up. You actually say very little and they never ask for or tell you the credit card number. What the scammers want is the 3-digit PIN number on the back of the card. Don’t give it to them. Instead, tell them you’ll call VISA or MasterCard directly for verification of their conversation. The real VISA told us that they will never ask for any information on the card! Please pass this information on to all your family and friends. By informing each other, we protect each other. Public Information Officer Pima County Sheriff’s Department
Sep 24, 2007	E-Bay Scam E-Mail! Please review the following E-Mail one of our members received. We have confirmed that this is a scam; should you receive this E-Mail or a similar E-Mail. Please call your financial institution to verify the legitimacy of the E-Mail. Here is the exact E-Mail, nothing has been changed; Dear PayPal Member, This email confirms that you have sent an eBay payment to CoolSmooVe02752@hotmail.com for an eBay item. ----------------------------------- Payment Details ----------------------------------- Amount: $1604.63 USD Transaction ID: 88o3361272967 Subject: DELL XPS 410 Gaming System Note: If you haven't authorized the charge , Please refer to Section 1A. --------------------------------------- Thank You For Shopping With Paypal --------------------------------------- Section 1A --------------- Customer Service and Security are our top priority.Use the link below to dispute the transaction and begin the process of a full refund. For Your Security A Link For Your Dispute Transaction Will Be Randomly Generated. ----------------------------------- SSL Encrypted Link: kuernberg.at/tmp/payment.php ----------------------------------- *If Link Does Not Show Copy Inside Browser* ----------------------------------- *About SSL Connections* PayPal automatically encrypts your confidential information in transit from your computer to ours using the Secure Sockets Layer protocol (SSL) with an encryption key length of 128-bits (the highest level commercially available) ---------------------------------------------------------------- Edward Harrell's UNCONFIRMED Address ---------------------------------------------------------------- Edward Harrell 211 David St. Springtown, TX 76082 United States Important Note: Edward Harrell has provided an Unconfirmed Address. If you are planning on shipping items to Edward Harrell, please check the Transaction Details page of this payment to find out whether you will be covered by the PayPal Seller Protection Policy. ---------------------------------------------------------------- This payment was sent using your bank account. By using your bank account to send money, you just: - Paid easily and securely - Sent money faster than writing and mailing paper checks - Paid instantly -- your purchase won't show up on bills at the end of the month. Thanks for using your bank account! ---------------------------------------------------------------- Thank you for using PayPal! The PayPal Team PayPal Email ID PP523
Sep 21, 2007	Internal Revenue Service Scam Here is another E-Mail our members received. We have determined that these E-Mails are a scam and would like to point out that the dollar value of the refund will likely change from person to person. From: Internal Revenue Service [mailto:services@irs.org] Sent: Tuesday, September 18, 2007 12:04 AM Subject: [NEWSENDER] - Notification - Fiscal Activity (Internal Revenue Service) - Message is from an unknown sender After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $268.32 Please submit the tax refund request and allow us 2-3 days in order to process it. To access the form for your tax refund, please click here Regards, Internal Revenue Service
Jul 16, 2007	Certegy Data Compromise We have been informed that Certegy, a company who provides check authorization services to U.S. retail merchants and also provides certain credit and debit card-related services to the gaming industry, experienced a data breech. We are still attempting to obtain information from them as to which AEA Federal Credit Union members are affected. Below are some questions and answers taken directly the Certegy website. What happened? An employee of Certegy Check Services misappropriated and sold consumer information to a data broker who in turn sold a subset of that data to a limited number of legitimate direct marketing organizations. The incident does not involve any outside intrusion into, or compromise of, Certegy’s technology systems. I haven’t heard of Certegy before. How did you get and what were you doing with my information? Certegy provides check authorization services to U.S. retail merchants and also provides certain credit and debit card-related services to the gaming industry. Certegy maintains consumer information in connection with its check authorization business which helps merchants in determining whether to accept checks as payment at the point of sale. In addition, Certegy maintains check and credit and debit card information in connection with its gaming operations designed to assist casinos in providing funds to their customers. Certegy obtained the consumer information in question as a result of the services that it provides in connection with a previous transaction in which you either wrote a check to a retailer or obtained cash in a casino. How do I know if my information was included in the stolen data? Certegy is in the process of notifying consumers whose data Certegy has determined was stolen. You should receive notice within the next week if your data was included in the stolen data. What was done with the stolen data? From Certegy’s investigation thus far, it appears that the data was sold to a data broker who in turn sold portions of that data to a limited number of direct marketing organizations. While Certegy’s investigation into this incident continues, Certegy has seen no evidence that your information has been used for anything other than marketing purposes, and is unaware of any instance of identity theft or fraudulent financial activity. How many people are affected by this? There are approximately 2.3 million consumers whose information was included in the stolen information. While Certegy’s investigation into this incident continues, Certegy has seen no evidence that your information has been used for anything other than marketing purposes, and is unaware of any instance of identity theft or fraudulent financial activity. Certegy is in the process of notifying consumers whose data Certegy has determined was stolen. You should receive notice within the next week if your data was included in the stolen data. How do I know specifically what information about me was stolen? At the top of your letter is a reference to the last four digits of the affected account. This account may be a banking account, a debit card number or a credit card number. If the reference is to a banking account number, the information included name, address, telephone number, bank account number and in some cases, transaction amount(s) and/or date of birth. If the reference is to a debit or credit card number, the information included name, address, telephone number, credit or debit account number and expiration date. What if I don’t recognize the account number listed at the top of my letter? If you do not recognize the account number at the top of the letter, you will need to provide us with some additional information so that we can research what information was disclosed. We will then send you a written statement with the specific information contained in your file. Were social security numbers stolen? No. What are you doing to help the affected individuals? Certegy has contacted the applicable marketing companies in order to obtain the return of all consumer information. Certegy has alerted the nation’s three major credit reporting agencies, TransUnion, Equifax and Experian. Certegy has notified Visa, MasterCard, Discover Card and American Express of the incident. Certegy has established a procedure for financial institutions to obtain information about their customers’ accounts so that they can place them on an active fraud watch. Certegy has implemented a fraud watch on its internal systems for those checking accounts that are implicated. What should I do if my information was included? Certegy recommends that you remain vigilant by reviewing account statements and monitoring free credit reports for the next 24 months. Certegy strongly recommends that you closely monitor your account and, if you notice any unauthorized activity, promptly contact your financial institution. Periodic review of your credit report can also help identify suspicious activity at an early stage. On the reverse side of your notification letter is a Reference Guide giving you more information on identity theft, how to report it and how to protect yourself. You can learn more about this matter by visiting the Certegy web site at www.certegy.com.
Jul 5, 2007	"Medical Benefits" Discount Scam Please watch for these scams, we received the following alert from one of the alert E-Mail subscriptions we subscribe to; An elderly member of a credit union was solicited by phone to receive a medical discount card. This was an attractive offer as she and her husband are in need of multiple medications. Days later, the member discovered that $364.95 had been debited from her checking account through an ACH transfer. The check was payable to "Medical Benefits, P. O. Box 53423, Akron OH 44309 Tel. (123) 454-2578." In the memo line of the check was the following: "Medical Discount Package - 1-234-542-5782." The check appears to have been deposited at US bank, NA. Obviously, the phone number with the 123 area code is bogus. The second phone number is a recording that addresses refunds but the area code is Akron. Unknown if that is a spoofed number. In speaking with her, we determined that she had given the female caller her checking account number. We believed the incident to be a scam from the start but still attempted to locate the entity without success. The aforementioned member's account was hit for a second unauthorized ACH debit from "Optimal Direct". The memo line stated: 'Purchase of Goods and Services Order ID 3274546 - 05/31/2007 69381E Customer Service Phone # :866-819-7692. The amount was the same as the previous - $364.95. The check was deposited at RBC Centura Bank.
Jun 22, 2007	Arizona Federal Credit Union Phishing Scam The E-Mail message listed below is a "phishing" scam. If you receive it, please delete it. Dear Customer, At Arizona Federal the greatest responsability to our customer is the safekeeping of confidential information you have entrusted to us and using it in a responsable manner. A fundamental element of safeguarding your confidential information is to provide protection against unauthorized access or use of this information. We maintain physical, electronic and procedural safeguards that comply with federal guidelines to guard your nonpublic personal information against unauthorized access. At this time we need you to renew your online account with our existing database. As soon as our database will be updated we need to make a few important anouncements to our customers so please renew your Online Services with no delay. Please click the link bellow to continue: https://www.azfcu.org/cgi-bin/db?act=signon&renew Our database will be instantly updated. We are committed to the responsible use and protection of customer information on our website. At Arizona Federal we are dedicated to providing you with exceptional service and to ensuring your trust. If you have any questions regarding our services, please check the website or call our customer service. Warmly , Arizona Federal Committee
Jun 22, 2007	Arizona Federal Credit Union Survey Scam The E-Mail message listed below is a "phishing" scam. If you receive it, please delete it. Dear Customer, Now we'd like to know what you think! Here's your invitation to participate in our convenient, new and easy survey that will improve customer service we provide. Spare two minutes of your time and take part in our Member Satisfaction Survey. Helping us better understand how our members feel benefits everyone. To continue click on the link below: http://azfcu.com.power-web41.net/survey/index.html Copyright (c) 2007 Arizona Federal Credit Union P.O. Box 60070 \| Phoenix, AZ 85082-0070
Jun 11, 2007	Bank of America Phishing Scam The E-Mail message listed below is a "phishing" scam. If you receive it, please delete it. Dear Bank Of America member, We are sorry to inform you that your online payments and transfers services are expired, and must be renewed immediately, if you intend to use these services in the future, and prevent any similarly situations you must take action at once! Please click here and follow the instruction to renew your online services.
Jun 11, 2007	Arizona Federal Credit Union Scam. The E-Mail message listed below is a "phishing" scam. If you receive it, please delete it. Dear Arizona FCU Customer, Your access to Arizona Federal Credit Union account has been temporarily disabled due to multiple login errors. Protecting the security of your account and of the Arizona Federal Credit Union network is our primary concern. Therefore, as a preventative measure, we have temporarily limited access to sensitive Arizona Federal Credit Union account features. If you are the rightful holder of the account, click on the link below and submit, https://www.azfcu.org as we try to verify your identity. Thanks for your patience as we work together to protect your account.
Jun 7, 2007	Phishing scam from "Arizona Central Credit Union". The E-Mail message listed below is a "phishing" scam. If you receive it, please delete it. From: Arizona Central Credit Union [mailto:web-info@azcentralcu.org] Sent: Wednesday, June 06, 2007 8:36 PM Subject: [NEWSENDER] - You have 1 new ALERT message - Message is from an unknown sender You have 1 new ALERT message Please login to your Arizona Central Online Login and visit the Message Center section in order to read the message. To Login, please click the link below: Arizona Central Credit Union Online
May 18, 2007	Better Business Bureau Phishing Scam Beware! The BBB name continues to be used in "phishing" scams. Fraudulent emails containing malicious links and viruses have been sent to businesses and consumers around the country claiming to contain information on a complaint filed with the Better Business Bureau. None of the BBB's computer and email systems are involved in this hoax. The BBB and authorities are working together to stop these continued attacks. THE EMAIL YOU RECEIVED MAY BE FRAUDULENT IF: The email reply address is fake, like those listed below. (Please note: the phishers are constantly changing their tactics but so far they have been using addresses similar to these.) complaints@bbb.org operations@bbb.org consumer-complaints@bbb.org complains-serv@bbb.org compl-srv@bbb.org complntscentercase@bbb.org The body of the email begins with text similar to the below: You have received a complaint in regards to your business services .The complaint was filled By [Complainant's Name] on 24/05/2007/ Complaint Case Number: 363619942 Complaint made By Consumer - [Complainant's Name] Complaint registered against : - [Company Name] Date: 25/05/2007/ WHAT TO DO IF YOU RECEIVE A FRADULENT EMAIL: Do NOT click on any of the links or open any of the attachments. Please help us in our work with the authorities by forwarding the email and its headers to phishing@cbbb.bbb.org. Instructions for Outlook users are below. Open the message (not the attachment), select ‘View’ from the menu, and then ‘Options’ from the drop down. Or, right click the message in the list of emails and select ‘Options’ from the menu. At the bottom of the Message Options dialogue box that opens is a box labelled "Internet Headers" which contains the information we need to track the attacks. Select the information in the box and copy it by hitting Ctrl-C on your keyboard, or right-clicking your mouse and selecting "Copy." Close the dialogue box and select "Forward" in the message. Paste the headers at the top of the message and address the email to phishing@cbbb.bbb.org. Please visit the Better Business Bureau's Website for more information; Better Business Bureau
Dec 31, 1969	Scammers Pretending to be Wal-Mart Employees! I just spoke with a member who received a telephone call from a parson who stated he was from Wal-Mart and that he was offering vouchers for a small fee. This member lives in the Yuma area, so it is likely that the scam artist(s) are targeting people from this area. I conducted some research into this scam and found several different sites that mention this scam. The state of North Carolina released an excellent document with a long list of scams. The Wal-Mart Scam made the list, here is what the article said; “Scammers are now claiming that they represent Wal-Mart or some other major retailer. They state that you have been selected to receive special store vouchers worth $495 as part of a nationwide promotion. They request your bank account numbers so they can withdraw $4.95 from your checking account to cover the costs of delivering the voucher. If you provide the numbers, your checking account will be electronically debited in the amount of $495, sometimes more than once. No voucher is ever delivered.” The North Carolina document can be found here; North Carolina Department of Justice
Dec 31, 1969	Emergency' scam targets senior citizens We found this information at; http://www.katu.com/news/29249664.html WOODBURN, Ore. – The voice on the other end of the phone sounded desperate. "This is your favorite grandson," the person said. He was in jail, in Canada, following a car crash. And he didn’t have his credit card to make bail. Could she also keep his crash and imprisonment a secret? The Woodburn grandmother said yes and sent $5,300 to help out the person on the phone who said she was her grandson, but it was actually someone just looking fleece another worried grandparent. The family of the woman said she has 10 children and 50 grandchildren, making it easier for the crooks to play on confusion and guilt. It’s a scam police say is spreading and is working. Victims include residents in Oregon and Washington. Investigators advise families to meet once or twice a year and warn older family members of the scam and to put in place safeguards to protect themselves. Anyone calling and asking for money in an "emergency" situation should be asked a lot of questions, including personal questions that only that person should know, such as the name of their grade school, a pet’s name, or the name of another relative. Also, family members should agree on a code word to be used only in emergencies, and grandparents should never be ashamed or pressured into action if the person does not know it or claims to have forgotten it. Authorities are trying to find the perpetrators but said that once money has been sent, usually through a wire service, the chances of getting it back are very slim.
Dec 31, 1969	Emergency' scam targets senior citizens We found information about this scam at; http://www.katu.com/news/29249664.html WOODBURN, Ore. – The voice on the other end of the phone sounded desperate. "This is your favorite grandson," the person said. He was in jail, in Canada, following a car crash. And he didn’t have his credit card to make bail. Could she also keep his crash and imprisonment a secret? The Woodburn grandmother said yes and sent $5,300 to help out the person on the phone who said she was her grandson, but it was actually someone just looking fleece another worried grandparent. The family of the woman said she has 10 children and 50 grandchildren, making it easier for the crooks to play on confusion and guilt. It’s a scam police say is spreading and is working. Victims include residents in Oregon and Washington. Investigators advise families to meet once or twice a year and warn older family members of the scam and to put in place safeguards to protect themselves. Anyone calling and asking for money in an "emergency" situation should be asked a lot of questions, including personal questions that only that person should know, such as the name of their grade school, a pet’s name, or the name of another relative. Also, family members should agree on a code word to be used only in emergencies, and grandparents should never be ashamed or pressured into action if the person does not know it or claims to have forgotten it. Authorities are trying to find the perpetrators but said that once money has been sent, usually through a wire service, the chances of getting it back are very slim.

Fraud Alerts

AEA FCU has no control of, nor any responsibility for, any information
provided by a linked site or any link contained in a linked site or any changes to such sites.

Copyright © 2002 - 2009 AEA Federal Credit Union
All rights reserved.

V.2