ID Safety Tips

 ID Safety Tips

At Leadco Community Credit Union, one of our top priorities is to keep information about your accounts private. We’re proud to have earned your trust by offering the highest level of security, using the latest encryption technology for online transactions, plus virus protection and firewalls.

We access your personal information only when necessary to service or maintain your accounts. In addition, you have the opportunity to select your own passwords or codewords to access your accounts.

We do not share any of your information with third parties except as allowed or required by law and as necessary to provide you with services. Our complete privacy statement is available on the Privacy tab.

ID Theft: Don’t Become a Victim!

The Federal Trade Commission (FTC) receives more than 86,000 complaints annually from victims of identity theft.

It happens when, people take your name, Social Security Number (SSN), credit card or some other piece of your personal information for their use. Then they use this information without your knowledge to commit fraud or theft.

Armed with personal data, such as your SSN, date of birth and mother’s maiden name, identity thieves can take over your existing accounts, open new ones, and obtain credit cards, a passport, a driver’s license, Social Security benefits and loans. They can change your mailing address. And they can cost you irreplaceably in money and reputation.

Steps to Protect Yourself

Here are some simple steps you can take to protect yourself and your personal information:

NEVER GIVE OUT your personal information. This includes account numbers, expiration dates, SSN, passwords or Personal Identification Numbers (PINs) to anyone. Always safeguard this information to keep it confidential.

Watch out for phishing scams in which someone calls or emails you and claims to be from one of your financial institutions or service providers (Internet provider, credit card company, etc.) and wants to “verify” your information. Hang up and call the company back using a telephone number you find (NOT ONE THEY GIVE YOU) to check whether it was a legitimate inquiry or to notify them about these abuses.

Minimize your creditors. Cancel unused credit cards.

Clean out your wallet. Limit the amount of identification and the number of credit cards you carry.

Use only secure Web sites when making transactions over the Internet. Look for the “lock” icon on the Web page.

Don’t leave envelopes with checks inside in an unsecured mailbox. Try to use a sealed U.S. Post Office mailbox for your correspondence. If you have an “open” mailbox, make an effort to pick up your mail promptly. Don’t leave mail in your mailbox overnight or on weekends.

Completely destroy or shred copies of credit card receipts, statements from financial institutions, tax returns and loan applications before discarding them. Keep the ones you need in a SECURE place.

Look for statements from financial institutions and verify that the account information is correct.

Watch for unexplained interruptions in your mail service. If there is one, contact your local post office and verify that your address has not been changed without your knowledge.

Review a copy of your credit report at least once a year. Get your free copy at www.annualcreditreport.com.

Attention! Copiers Pose New Fraud Threat

It has just been announced that the newest culprit to identity fraud is the photocopier. Most of the digital copiers manufactured in the last five years have disc drives, the same type of data-storage mechanism that is found in computers.

Unknowingly, many Americans have been using copy machines that retain the data being scanned. If the data on the copier’s disc is not protected with encryption or an overwrite mechanism, sensitive information like social security numbers and financial account numbers could get into the wrong hands.

Many copier makers are adding the necessary security features, but many machines in public venues and offices are still not protected. Before making copies, ask if the copy machine you are using has data security installed. If it does not or if it is uncertain, go somewhere else. Also find out ahead of time if your tax preparer’s machines have data security installed.

Ten Tips to Online Security

Internet security is frequently in the news. If your personal computer (PC) doesn’t have adequate security, others may gain unauthorized access to the information stored on your PC and/or your PC’s browser; and, with this information, they may also gain unauthorized access to your accounts and personal information. You should take precautions to protect your PC from unauthorized access and use.

Here are a few tips to help you safeguard your personal and account information when using the Internet and online services:

• Install anti-virus and spyware-detection software, and a firewall and update on a regular basis, as recommended by the software providers. Remember, new viruses continue to be created. And, by keeping anti-virus and anti-spam software up-to-date, it makes it more difficult for scammers to access your personal and account information. Always check to make sure the security software is running before accessing the Internet. And back up important files to a disk to protect them from viruses.
  Keep your PC and browser updated with patches that are released by your system vendor. Be sure to download patches only from official vendors’ Web sites, and not from third-party Web sites.
• Do not respond to emails, Web pages or telephone inquiries requesting you to verify your account information. Leadco Community Credit Union will never ask you to verify your account information, user name or password via an email using a non-secure Web site. Never provide personal or account information or respond to any attempt to collect this information. Forward all suspicious emails to us at mail@leadco.org (LINK TO EMAIL), and to your Internet Service Provider.
• Use “strong” passwords and NEVER share your password with anyone — even someone you know. At Leadco Community Credit Union, you can select your own online password and change it as often as you’d like. It is good practice to change all your passwords every 30-60 days. Choose an alphanumeric password that contains a mix of numbers and letters. Random characters—including upper and lowercase letters—can help and the longer the password the better. Do not use numbers or words that can be easily guessed (such as your phone number, street address or child’s name).
• Protect your personal information. It’s valuable. Be choosy and limit the amount of personal information you give to a site. Be sure to treat your Social Security Number with care and read the site’s privacy statement.
• Look beyond the logo. Fraudulent emails or Web sites can appear legitimate as scammers often include actual logos and images they have stolen. They also convey a sense of urgency, stating that if you fail to provide, update or verify your personal or account information, access to your accounts will be suspended. Be sure to look beyond the logo and NEVER give out your information.
• Use your spam filter. If your email service offers spam filters, be sure to take advantage of them. They can greatly minimize the number of fraudulent emails and spam that shows up in your inbox. Also, many email providers give you a way to mark an email as spam which helps your filter detect and fight spammers.
  Type, don’t click. If you do open a suspicious email, don’t click on any links. By clicking on the links, you could unknowingly download a virus or spyware to your computer. Even if you think the email is legitimate, type Web addresses into your browser instead of clicking on links. If the email is from an institution you do business with, create bookmarks to visit the Web site.
• Delete emails from unknown senders with nonsensical information or typos in the subject lines.
  Protect your credit card when shopping online. When you get to the screen where you enter your credit card number, make sure there is an “s” (stands for “secure”) after the http in the Web address. For example, https. Secondly, check to see if there is a tiny locked padlock in the bottom right of the screen. Lastly, if you’re not familiar with the company, try to confirm a physical address, not just a P.O. Box.

Leadco Community Credit Union Credit Union is committed to ensuring that your account information via the Internet is safe. We take all possible steps to establish a secure, encrypted connection after you enter your Account Access sign-on information and click on the Logon ID button, on Leadco Community Credit Union’s Internet Banking home page. We ask that you, too, help protect your PC and account information.

When Leadco Community Credit Union Contacts You by Email

Leadco Community Credit Union will never send you an email asking you to call and verify personal information.

Most of the time, Leadco Community Credit Union contacts you by email to provide more information about a product or service. Leadco Community Credit Union may contact you by email when:

You have made an application with us and we need information from you or want to provide you with the status of your application.
You have requested information about a Leadco Community Credit Union product or service.
You have signed up to receive promotional or informational emails.

Links in these emails will take you to our Web site for further information. Any action that you take in response to these emails, such as applying for a loan or checking application status, will take you to a secure site that asks you to sign on.

Email Marketing from Leadco Community Credit Union

From time to time, Leadco Community Credit Union will send out marketing and informational emails to those members who have signed up to receive these communications.

Communications Regarding Your Account

If we do need to contact you concerning your accounts, we will send you an e-message within Account Access. That is our safe and confidential place to communicate with you.

Fraudulent Emails

Consumer Alert: Beware of “Phishing” Emails

“Phishing” is an online scam that hopes you’ll bite and give out personal information that can be used to steal your identity. An email may look as if it comes from Leadco Community Credit Union and includes a message that encourages you to link to a fraudulent site that looks similar to Leadco Community Credit Union’s Web site.

Sadly, these phishing scams occur often and are aimed at members and customers of all financial institutions, including Leadco Community Credit Union.

It is very important to remember that Leadco Community Credit Union will never send you an email asking you for confidential information.

Phony emails can appear from all kinds of services, such as your Internet Service Provider (ISP), retailers, online auction sites and others. They’ll often use legitimate “From” email addresses, logos and links. Remember, they are trying to get you to take immediate action without thinking about the consequences.

Currently, there are two basic types of Internet phishing schemes:

An email asks you to provide personal account information online. The email links to a false Web site that’s been constructed to resemble that of your financial institution, where you are told to verify certain information.
An email asks you to provide personal account information by calling a fraudulent phone number. When you call, you’re asked to provide such things as card numbers and PINs to verify their information.

What kind of information are they looking for?

Your Social Security number (SSN), bank and credit card account numbers, PINs and date of birth for starters. With that kind of information, they can steal your identity and open new accounts that you might not find out about until fraudulent charges start showing up on your credit report.

Remember, you should never reply to an email that:

Requires you to enter personal and confidential information, including your SSN, account number(s), login ID numbers, etc.
Threatens to close or suspend your account(s).
States that your account has been compromised in some way and you need to confirm your information.
Asks you to enter an account access code or personal password in any way.
How can you protect yourself?

Here are some tips to protect yourself from “phishing”:

If an email looks at all suspicious or is from an unknown source, don’t click on links, provide any information or open any attachments.
Don’t trust a link from an email just because it takes you to a site that looks legitimate. Scammers can copy those easily.
Verify with the company that the email is legitimate before submitting any personal information online or by phone.
Try not to fill out forms contained emails. You can never be sure where the information is going or who sees it along the way.
Email headers can be forged. Be suspicious until you know for sure.
If you click on a link from an unsolicited email, make sure there’s an “s” after the http in the address and a lock at the bottom of the page, signifying a secure site that is encrypted. This is no guarantee, however, that the site is legitimate.
Did you respond to a fraudulent email?

If you mistakenly answered a fraudulent email, do the following:

Change your Account Access password from an uninfected PC.
Ensure that you have a current firewall, anti-virus software and spyware detection software installed on your PC.
Run a virus scan on your PC, and clean up any viruses or Trojans that are detected.
Change your Account Access password again.

For your ongoing protection, we recommend that you carefully review your account transactions on Leadco Community Credit Union Online Account Access, and then every week or so on an on-going basis. Immediately report any fraudulent transactions or activity to Leadco Community Credit Union.

Contacting Leadco Community Credit Union About Fraudulent Emails

If you believe that you have received a “phishing” email, rather than a legitimate email from Leadco Community Credit Union, forward it to: mail@leadco.org or review along with the name of your ISP. Do not change the original subject line of the email and do not send emails that require a response. Leadco Community Credit Union will not respond to emails sent to the phish alert address.

For more information on “phishing,” check out the FTC site.

Examples of Fraudulent Emails and Scams

The following are examples of recent fraudulent email and telephone scams. Please visit this page to learn about common scams and the latest alerts.

Confirm Email Address, Account Information or Identity

In many fraudulent email scams, you are requested to confirm your email address, account information or your identity for one of many reasons, including:

New account registration
Change in email address or password
Account information has been amended
Numerous login attempts—account restricted
Your account was accessed by one or more foreign IP addresses

The email provides a link to what appears to be a Leadco Community Credit Union site but is really a fraudulent Web site. This is an attempt to steal your personal information or download spyware. These emails are fraudulent. Leadco Community Credit Union will NEVER send you an email REQUESTING confidential account or personal information.

Service Deactivation Threat

Fraudulent emails often circulate claiming some account services will be deactivated or deleted. It asks you to sign in to a fraudulent Web site to renew these services in an attempt to steal your personal information.

Virus Alert—Install Software Update

Another fraudulent email claims “our” firewall has determined that emails containing worm copies are being sent from your computer. It asks that you install updates for worm elimination and “your computer restoring.” A file is attached and may be be named something like “Update-KB1218-w86exe”. This email or any like it are NOT from Leadco Community Credit Union. This is a scam. Any action taken as a result of such an email could compromise your computer. Leadco Community Credit Union will NEVER send you an email requesting the download of software.

“Account Manager” Scam

One email and the Web scam offers to let you become an “Account Manager” or “Transfer Agent” for a third party, usually someone in an ex-Soviet bloc country.

Scammers try to solicit you through an email or an advertisement on the Web, offering to let you “work from home” and be an Account Manager or “Money Transfer Agent” for them, thus letting you “earn” commissions (usually 5%) for your trouble. They then transfer money OUT of an unsuspecting person’s account and into yours. Once the money is in your account, they ask you to send it to them via Western Union.

Counterfeit Cashier’s Check Scam

In response to a listing on an Internet auction or other site, a buyer (often from a foreign country) purchases the item and sends you a cashier’s check for a lot more than the agreed-upon selling price. The buyer then asks you to wire the excess funds back. Within a week, the credit union is notified that the check is a worthless counterfeit and you are out thousands of dollars. In these scams, the cashier’s checks are excellent counterfeits and very difficult to spot.

In another twist to this scam, the buyer requests your credit union account and routing numbers so that he or she may wire funds to your account. Do NOT give your account numbers to anyone.

Million Dollar Sweepstakes or Windfall Scam

In another widespread scheme, a person receives an unsolicited letter, email or fax from an “official” in a foreign government offering to share a multimillion dollar windfall in “over-invoiced contract funds.” It sounds too good to be true—and it is.

The “official” claims to need your credit union account number and other personal information to transfer the money out of his country. And he will also “need” up-front cash from you to bribe other officials. You could lose the entire contents of your checking account. Beware! Remember…if an offer sounds too good to be true—it probably is!

Visa®/MasterCard® Security Code Scam

In this scam, the caller claims to work for the fraud department at Visa or MasterCard and tells you his badge number. He then asks if you recently purchased an anti-telemarketing device for $500. When you say “no,” he tells you that his fraud department has been watching that company. He offers to block the charge. Because he has secured your name, credit card number and expiration date from a charge receipt, he is convincing when he provides you with this information to verify.

What he does not know—and wants you to divulge—is the three-digit security code on the back of your card. Without it, he cannot use your credit card number to shop on many sites on the Internet. Don’t give out your code. Hang up.

To begin with, credit card companies—such as Visa and MasterCard—are not the credit card issuer. Financial institutions—such as banks and credit unions—issue credit cards. And credit card companies DO NOT call cardholders asking to disclose any information about their cards.

Monitoring Your Credit Record With Free Credit Reports and Alerts

Whether you are taking precautions or you’ve become a victim of one of the recent personal data computer breaches in the news, there are some immediate actions you can take to maximize protection of your financial information.

Through protections under the federal Fair Credit Reporting Act, you have options for monitoring your credit record that are available at no charge.

Receive a free credit report every twelve months from each of the three consumer reporting companies:

Call 1-877-322-8228 or visit www.annualcreditreport.com

Or, mail a request to:

Annual Credit Report Request Services
PO Box 105283
Atlanta, GA 30348-5283

If you are deployed, place a free “active duty alert” on your credit bureau files to minimize the risk of identity theft while you’re away:

Request the alert by calling Equifax at 1-800-525-6285 or visiting www.equifax.com. (Link below)
Alerts are in effect for one year.
Your name will be removed from nationwide consumer reporting companies’ marketing lists for pre-screened offers of credit and insurance for two years.

Place a free “90-day fraud alert” on your credit bureau files:

Request the alert by calling Equifax at 1-800-525-6285 or visiting www.equifax.com. (Link below)
The credit reporting company you contact will immediately notify the two other major credit reporting agencies of the alert. You’ll receive written confirmation from all three that the alert has been placed.
You’ll be asked to provide a phone number where you can be reached so creditors can call to confirm your identity before opening a new account.
You’re immediately eligible for a free credit report from each of the three credit reporting companies and should make a point to request them. The companies must provide them within three business days of your request.

Continue to monitor your accounts on a routine basis, and promptly alert your financial institution of unauthorized transactions or suspicious activity.

If Identity Theft Strikes—Here’s What to Do

If you think you are a victim of identity theft, take these steps immediately.

1. Notify any one of the three major credit bureaus and place a Fraud Alert on your credit report. This can help prevent an identity thief from opening additional accounts in your name. Once the credit bureau confirms your fraud alert, the other two credit bureaus will automatically be notified.

Equifax: 1-888-766-0008
Experian: 1-888-397-3742
TransUnion: 1-800-680-7289

2. Contact Leadco Community Credit Union or other financial institutions and credit card companies. Close the affected accounts and open new ones with new Personal Identification Numbers (PINs) and passwords.

3. File a report with your local law enforcement agency. Your local police department can file a miscellaneous incident report. Even if you do not catch the criminal, having the police report can help you clear up your credit records. Be sure to obtain a case number and ask for a copy of the report.

4. Contact all the businesses that have opened accounts in your name without your permission. Close the accounts and let the businesses know that the accounts were opened fraudulently. Make sure you communicate with the businesses in writing.

5. Notify the Federal Trade Commission (FTC). Call 877-ID-THEFT (877-438-4338) or visit www.consumer.gov/idtheft. (Link above) By sharing your identity theft complaint with the FTC, you will provide information that can help law enforcement officials track down identity thieves.

6. Report stolen mail. File a report with the U.S. Postal Service. Call your local Postal Inspector or visit www.usps.com.

7. Call the Social Security Fraud Hotline. Immediately report that your card has been lost or stolen by calling the Hotline at 1-800-269-0271. Be sure to obtain a new driver’s license and number.

8. Report stolen checks. If your checks are stolen or misused, stop all payments and contact these check verification companies:

Telecheck: 1-800-710-9898
Certegy, Inc.: 1-800-437-5120

You can also call SCAN 1-800-262-7771 to find out if bad checks have been passed in your name.

9. Alert the Securities and Exchange Commission (SEC). If you identify suspicious activity in your investment accounts, call the SEC at 1-800-732-0330.