Protect yourself from fraud and scams

With more and more attention being given to identity theft, credit card scams and other types of fraud, here is some useful information to help protect yourself.

Please remember that Oregon State Credit Union and other legitimate financial institutions will not ask you to provide personal financial data. We occasionally ask to verify information so that we may complete in-person or phone transactions initiated by you. And we won’t ask you for crucial data that is already maintained on our secure mainframe computers using the claim that “we have lost your record” or “your accounts have been compromised.”

Common scams

Spear phishing – Fraudsters send an email that contains some form of personal information of the victim that may have been previously stolen from data obtained on social networking sites, blogs or other similar websites. This personal information is used to make the communication appear legitimate with the hope of having the recipient answer questions or open a link attached to the email. This link contains malicious software used to steal account numbers, passwords and other personal financial information.

Skimming – Electronic skimmers swipe your credit or debit card through a handheld device, or they install an overlay device—a slightly different color than the machine—on an ATM or gas pump. The device gleans information—your name, account number, expiration date, security features—off the magnetic strip on the back of the card. The thief copies information from your card to a fraudulent one and sells it to a counterfeiter.

Phishing  is the act of sending an email to recipients in an attempt to get them to visit a fraudulent website and enter sensitive personal information. This information is then used by the phisher to attempt to steal people’s money or identity. Phish emails and websites try to fool the recipient by mimicking a legitimate business or financial institution. When in doubt, contact Oregon State Credit Union at 800-732-0173, or the financial institution or business to confirm they sent you the email. If it is a fake, don't click on any links and delete the email.

Vishing works like phishing but does not always occur over the Internet and is carried out using voice technology. A vishing attack can be conducted by voice email, VoIP (voice over IP), landline or cellular telephone. Messages typically indicate that suspicious activity has taken place in an account. The victim is told to call a specific telephone number and provide information to “verify identity” or to “ensure that fraud does not occur.” If the attack is carried out by telephone, caller ID spoofing can cause the victim’s phone to indicate a legitimate source, such as a financial institution or a government agency. If you receive this type of call, don't provide any sensitive personal information.

Pharming happens when scammers create a fake, malicious website that looks like the site of a real company. These skilled hacker criminals then use Domain Name Server (DNS) “poisoning” to redirect your browser to their fake site. When you are unknowingly directed to the malicious site, you seem to be on a legitimate site. You think you’re on your financial institution’s website, for instance, so you enter personal information such as your PIN number or password.

Additional online resources

  • OnGuardOnline – Practical tips from the Federal Trade Commission and the technology industry to help you be on guard against internet fraud, secure your computer, and protect your personal information.
  • FBI – Be crime smart with this scam and safety prevention information.
     
  • General consumer protection information – Timely articles, videos and podcasts that help you protect your identity your money from fraud and scams.

Contact Oregon State Credit Union at 800-732-0173, or visit a branch if you're concerned about the security of your account information. We're here to help.

Find a branch

Go to main navigation