Fraud Awareness

Request a Callback

Number Spoofing

Fraudsters change their caller ID to disguise their identity from the person they are calling.

What to look out for:

  • Where a card has been recently compromised through fraud, the fraudsters latch onto the victim, once they see a card has been blocked as a result of the fraud that they have committed then they call the victim and apply number spoof by changing their caller ID to match the genuine phone number of the real financial institution and luring the victim info a false sense of security by saying  “the caller ID of this call is the same as the number on the back of bank card”
  • The scam can span over several days. Posing as the bank, the fraudsters continually call the victim, building up a rapport, sourcing more and more information with each interaction and in the background, they are setting up fake profiles, applying for loans, overdrafts etc.
  • Finally, they request the victim to open a new account and move all the money to the new account and they disappear with all the members funds from the new account.
  • Fraudsters have many ways of using number spoofing to their advantage, the following is one such example.  If in doubt call Credit Union Plus directly on 046 90 21395 or call into any of our branches to discuss your suspicions with an advisor. 

 

How to safeguard yourself:

  • Never move money for anyone, to anyone, and never if there is a sense of urgency.
  • Turn off (power down) your phone before you ring to confirm if the call is genuine.  Fraudsters can keep the phone connection open after a call has connected and when the member thinks they have hung up to dial the number back, the fraudsters can stay connected and reconnect the call again to keep the ruse in play

 

Don’t use phone code as your bank app code’ Gardaí warn, as accounts robbed using stolen handsets

What to look out for:

Anti-fraud Gardaí are advising people to make sure their smartphone access code is different to their online banking codes, after cunning criminals were found to have watched people while they open their phone, memorised the code, stolen the phone, and then accessed their bank accounts.

Safety Tips:

  • Never use the same passcode for your Mobile Phone & Internet Banking Login.
  • Always have different passwords.
  • Choose passwords & pins that are easy for you to remember but difficult for someone to guess (avoid obvious words like ‘password’, birthdays, pet names etc.).
  • Avoid using the same password across multiple online accounts. If your information was stolen, the fraudster may then try your password on other accounts.
  • Never share your usernames or passwords.
  • Never allow web browsers (e.g. Google Chrome, Internet Explorer) to remember your passwords as you may be putting your information at risk.
  • Use finger print detection and an alphanumeric PIN with more than 4 digits where possible for mobile devices.
  • Activate two factor authentication (where available).
  • Consider using a ‘password manager’. It frees you from having to remember multiple complex passwords as you only need to remember the master password.

 

Phishing emails

Fraudsters sometimes send emails pretending to be from your bank, credit card company or another company you trust, usually asking you to click on a link or open an attachment. The emails may seem genuine and convincing but are designed to trick you into sharing your personal information, such as your username, full PIN or credit card number. They will often make urgent threats and try to scare you into providing your details.

 

What to look out for:

  • Check for misspellings or unfamiliar sender addresses
  • Unexpected emails which claim to come from a financial institution
  • Urgent requests and threats
  • Claims that your account has been compromised
  • Requests to “Open an Attachment” or “Click a Link”

 

Safety Tips:

  • Be suspicious of unsolicited emails. Listen to your instincts – if something doesn’t feel right then stop and question it.
  • If you are suspicious:
    • Call the sender, if possible, to verify they sent the email, using a trusted number or visit their website by typing the address directly into your browser. Phone numbers provided in the email could be fake.
    • Do not reply to the email, fill out any forms or follow any of the instructions specified.
    • Do not click on any links as they may try to direct you to fake websites.
    • Do not open attachments as they may infect your computer with malicious software.
  • Consider setting up different email addresses for different purposes; such as one for your bank / Credit Union to contact you on, another for family and friends and another for social media accounts.

 

You should never:

  • Click on or open suspicious links and attachments.
  • Respond to unsolicited emails.
  • Share your banking details or other personal information if requested via email.

 

Credit Union Plus will never:

  • Send you an email with a link directly to the login page of our online channels.
  • Send you an email with a direct link to your latest e-Statement.
  • Ask you to click a link in an email with an urgent warning about suspicious activity on your account.
  • Ask you to transfer money out of your account to protect yourself from fraud.
  • Ask you to share your full online banking login details.

 

 

Smishing texts

Fraudsters may send texts pretending to be from Credit Union Plus. They target mobile users by sending texts with links to fraudulent websites to trick you into providing your online banking details or card details. CREDIT Union Plus will never send you a text with a link to a site that asks you for your full online login details or one-time passcodes.

 

What to look out for:

  • Text messages claiming to be from your bank, asking you to confirm financial or personal information.
  • Often they claim that urgent action is needed or there will be negative consequences.
  • They may ask you to click on a link directing you to a website, or to provide a number to call in order to “verify” or “update” your personal current account.
  • Fake links lead to fake websites where you may be asked to provide personal information. The fraudster then uses that information to transfer money from your account.

 

Safety Tips:

  • Do not respond unless you are entirely satisfied that the text is genuine. If you are not sure, we can check it for you.
  • Do not use a phone number provided in the text which could be fake.
  • Do not click on any links.
  • Delete the text.
  • If you have clicked on a suspicious link, call us as soon as possible.

 

Vishing calls

Be vigilant if you receive a phone call out of the blue from someone claiming to be from your bank, credit card company or another company you trust. They may claim that your account has been compromised and ask you for your bank card or bank account details. Credit Union Plus will never call and ask you for your full Online Login Details or one-time passcodes that they’ve sent to you in a text. They will never ask you to download any software so they can take control of your computer or phone, or to move your money to a “safe” account.

 

What to look out for:

  • Unexpected calls claiming to be from your bank, credit card company or well-known company that you trust.
  • Being asked to confirm your password, full login PIN or bank account number.
  • Urgent requests and threats.
  • Claims that your account has been compromised or there is something wrong with a payment.
  • Requests to transfer money out of your account, for example using a money transfer service.
  • The fraudster might tell you the first four digits of your card number and ask you to confirm the rest.
  • Being asked if you made a recent transaction at a well-known store, such as a supermarket. The fraudster is only guessing this information to sound more believable.
  • Claims that some payments have already been made from your account to a foreign country and that they can ‘stop’ any more going through.

 

Safety Tips:

 

  • Don’t give away personal or banking information. No matter what story you are told, if it seems a bit odd or out of the blue, don’t give away your passwords, personal details or banking details.
  • If you receive a suspicious call, hang up and don’t call back any number the caller may have given you. Remember: Credit Union Pus will never ask for your full login PIN or full banking details over the phone.
  • If you have accidentally shared your banking information over the phone and you are worried, call us immediately.  Fraudsters can stay on the line after you have finished the call, so either use a different phone to report the incident or wait a few minutes and then call someone you know first, so that you can be sure the fraudster has disconnected completely.

 

Using social media

The more information you post online, the more you put yourself at risk of becoming a potential target for fraudsters. For example, if a fraudster obtains your full date and place of birth, they could try to use this information to access your accounts.

 

Safety Tips:

 

  • Check your privacy and security settings. They help you control who sees your profile and what you post.
  • Limit how much personal information you share. The more information you post, the easier it is for a fraudster to piece together and use it for identity theft.
  • Only connect with people you know.
  • Be suspicious of strange requests, even if it seems to come from a friend who claims that they need some money urgently or they need your bank account details. Their social media account may have been compromised, so always speak with them directly first to make sure it is genuine.
  • Links in messages, tweets, posts, and online advertising may contain malicious content. Even if you think you know the source, if it doesn’t seem right, delete it.

 

Card and ATM safety

Help keep your money safe by knowing how to protect your bank cards and PIN and what to look out for when using an ATM.

 

Safety Tips:

 

  • Avoid letting your card out of sight when using it to pay for goods and services.
  • When making a contactless payment, make sure you check that the amount you are paying is correct before tapping your card on the payment device.
  • Always cover your card PIN when entering it on the keypad in a shop or supermarket and make sure no-one is looking over your shoulder.
  • Do not choose a card PIN that might be easily guessed e.g. your date of birth, numbers in descending or ascending order, e.g 5432 or 1234, or four of the same numbers, like 1111.
  • Don’t reveal any of your banking details such as your card number, PIN or full password if requested by email or over the phone.
  • When shopping online, check the website is secure before entering card details. Look for an image of a lock to the left of the web address.

 

Using public Wi-Fi

When you access public Wi-Fi, you can never be sure who has set up the network and, more importantly, you don’t know who is connected to it. Malicious users could intercept anything you are doing online including capturing your passwords and reading private emails.

 

Safety Tips:

 

  • Avoid using public Wi-Fi to check your bank accounts, make a payment or shop online. Use 3G or 4G instead of public Wi-Fi when entering personal information where possible.
  • Avoid installing any system or application updates on your device while using public Wi-Fi.
  • If you see anything suspicious while using public Wi-Fi, report your concerns to the manager of the organisation providing access to the Wi-Fi service.

 

Protect your devices

By clicking on a fake link in an email, text, your social media account, or on a pop-up ad online, you could be allowing malware to download and infect your device. Make sure that you properly protect your mobiles, tablets, laptops or computers to help safeguard against fraud.

 

Safety Tips:

 

  • Use up to date anti-virus software on your devices.
  • Install the latest operating software updates as soon as possible. You will normally receive a prompt to update it.
  • When downloading apps, go directly to a legitimate source, such as the official App store or the Play store.
  • If your device is lost or stolen, most smart phones and tablets have a capability to be remotely wiped. This will prevent sensitive information from falling into the wrong hands.
  • Secure access to your device by using a strong PIN, password, passcode or fingerprint detection.
  • Clear all information on your device before selling or disposing of it.
  • If you suspect that your device may be infected, do not log on to your online banking until any malicious software has been removed by a reputable IT service professional.

 

Use strong passwords securely

Using a strong password makes it harder for fraudsters to gain access to your online accounts. A weak password can be cracked in less than five minutes.  Make sure you know the recipe for creating strong passwords and how to keep them safe.

 

Safety Tips:

 

Create a strong password

  • Make it long, usually at least 10-12 characters.
  • Choose one that is easy for you to remember but difficult for someone to guess (avoid obvious words like ‘password’, birthdays, pet names etc.).
  • Use a sentence or three or four random words (mix in upper and lowercase letters, numbers and special characters throughout the password if you want to use them, or are required to by the site or system you are logging into).

Keep passwords secure

  • Avoid using the same password across multiple online accounts. If your information was stolen, the fraudster may then try your password on other accounts.
  • Never share your usernames or passwords.
  • Never allow web browsers (e.g. Google Chrome, Internet Explorer) to remember your passwords as you may be putting your information at risk.
  • Use finger print detection and an alphanumeric PIN with more than 4 digits where possible for mobile devices.
  • Activate two factor authentication (where available).
  • Consider using a ‘password manager’. It frees you from having to remember multiple complex passwords as you only need to remember the master password.

 

Shopping online

Today’s fraudsters are highly skilled at creating fake websites which appear genuine and persuading consumers to share payment information. Know what you can do to shop online safely.

 

Safety Tips:

 

  • Always go directly to the online shopping site by typing the web address into your browser, or access it via a search engine (e.g. Google, Bing). Links on websites or in emails are not always safe and should be avoided.
  • When entering login details or personal information, check for the following:
    1. The web address (URL) has changed from ‘http’ to ‘https’.
    2. A closed padlock icon is present.
    3. Your browser address window may be green.

Always make sure to shop only on sites where the web address includes ‘https’, but remember that a fake site can also be ‘secure’, so this isn’t the only thing to look out. Take into account the whole look and feel of the website.

  • Always ensure you are buying only from reputable retailers, whether from personal experience or trustworthy recommendations. If it is not a well-known shopping site, do some research and look for independent reviews rather than trusting testimonials on the site itself.
  • Making card payments on shared or public computers should be avoided.
  • Log out of the website completely when you have finished.

Identity theft

Identity theft occurs when a fraudster steals your personal information and uses it to impersonate you. They can carry out fraudulent activity such as trying to access your bank accounts, opening a credit card account in your name or getting payment from a supplier.

 

Safety Tips:

 

  • Be cautious when posting personal information online, such as on social media. The more information you post online about yourself the easier it may be for a fraudster to steal your identity.
  • Never give your full Online Login details to anyone.
  • Cancel lost or stolen credit or debit cards immediately.
  • Lock all valuable documents away securely.
  • Clear all information on your device before selling or disposing of it.
  • Shred confidential information such as bank statements before you throw them away.

 

Investment Scam

Fraudsters are seizing the opportunity of the current low interest rate environment by offering people high interest returns on various investments, particularly in crypto-currency. Fraudsters can be very convincing, they may have created a professional and legitimate looking company website. If it’s too good to be true it probably is.

 

What to look out for:

 

  • The fraudster usually pressurises you into acting quickly and without thinking.
  • The fraudster instructs you to make an urgent payment.
  • The fraudster sends you a text message with a link to their fake website.
  • The fraudster may promise an insurance or protection, saying your capital will be protected.
  • The fraudster may promise a quick and profitable return with little or no risk.

Safety Tips:

 

  • Always seek independent financial and legal advice before making any investments.
  • Only use regulated entities. All Financial Services Providers which hold an authorisation from the Central Bank of Ireland (‘Central Bank’), or where applicable, the SSM (the Single Supervisory Mechanism – European Central Bank), to provide financial services in Ireland are listed in the Central Bank Registers section. Prior to entering into a financial services transaction, members of the public can check the regulatory status of the firm they are dealing with.
  • Never disclose security details, such as your Online Login password.
  • Be suspicious of unsolicited emails. Listen to your instincts – if something doesn’t feel right then stop and question it.
  • Be wary where the investment is being endorsed by celebrities – they may not know their name is attached to the advertisement.
  • POP-UP ads are not trustworthy and clicking them should be avoided.
  • Be wary of crypto-currency investment advertisements.

 

Remote access fraud

Fraudsters sometimes make “cold calls”, pretending to be from a reputable technical support or IT company. They persuade you to allow them to take control of your computer remotely over the phone so that they can fix, upgrade or protect your computer. They may ask you to log on to your online banking account or ask for bank, credit card or other personal details. Credit Union Plus will never call and ask you for your full online login details or to confirm details that they’ve sent to you in a text. They will never ask you to download any software so they can take control of your computer or phone, or to move your money to a “safe” account.

 

Safety Tips:

 

  • Never give control of your computer remotely to someone who calls unexpectedly, no matter how genuine they seem.
  • Beware of fraudsters asking you to download legitimate apps which will allow them to get remote access to your device.
  • Beware of fraudsters claiming to be from a legitimate company and informing you that you have a suspicious transaction on your account.
  • Don’t disclose full personal or banking details to an unsolicited caller.
  • Don’t disclose your Visa Debit or credit card details.
  • Beware that fraudsters can spoof Caller ID numbers to make it look as though they are calling from somewhere legitimate.
  • Never log on to your online banking while a third party is connected to your device, even if the caller is very persistent.
  • Always fully log off your online banking sessions and never give away your full Login details.
  • Never transfer money out of your account based on an instruction from a cold caller, no matter what story you are told.