Skip to content

Active Alerts


August 15, 2022

Current Fraud Trends to be Aware of to Identify and Prevent Financial Fraud

 What Is a Brute Force Attack?

  • A brute-force attack is a trial-and-error method used by fraudsters to obtain payment card information such as an account number, card expiration date, PIN, or Card Verification Value 2 (CVV2).

How Members Can Help Prevent Brute Force Attacks

As with all fraud, there are steps that members can take to help protect their account information. It is good practice to:

    • Use strong passwords and change them often. Having a strong password policy is the simplest and most effective way of thwarting a brute force attack. Don’t include personal information in your passwords, avoid recycling passwords, and change them frequently.
    • Utilize two-factor authentication for accounts. This adds another layer of security to protect your personal information.
    • Ensure the security on your electronic and mobile devices is up to date.
    • Never open attachments or click on links from unknown individuals or companies as it could enable malicious software.
    • Contact your credit union right away if you believe your information has been compromised!

What Is Spoofing?

  • Spoofing is the act of disguising a communication from an unknown source as being from a known, trusted source. In this case, fraudsters were contacting members saying that they were calling on behalf of a credit union.

How Members Can Prevent Falling Victim to a Spoofing Scam

Given this activity, sharing these helpful tips with your members can help protect them against fraud.

  • Never share credit union account information or social security number. Your credit union will never contact you by phone, email, or text with a request for this information. If you receive a request like this, chances are, it’s fraud!
  • If you receive an unsolicited call or text message from someone claiming to be a representative of the credit union, you should hang up (if contacted by phone) and call your credit union using a phone number listed on your statement to verify the contact is legitimate. If they get push back from the person on the other end, it is likely a scam.

It’s also good practice to:

  • Monitor credit card accounts, banking accounts, and credit reports regularly.
  • Change account passwords often and avoid using the same username and password on multiple sites or personal information.
  • Never open attachments or click on links from unknown individuals or companies.
  • Contact the credit union right away if you believe your information has been compromised!

July 8, 2022

Employment Scam

Fraudsters are acting as employers and hiring new employees remotely. They are sending checks that require payment back to the 'employer' or associates by other direct means, such as third party person to person payment apps, for equipment or other supplies. This is an employment scam. If you have concerns about a scenario like this contact the credit union.

 


Resources

FTC Consumer Information

Maine Consumer Protection

Learn How You Can Protect Your Identity


 

Online Safety Guide

University Credit Union is committed to the security and confidentiality of your personal and financial information. With the increased speed and convenience of today's technology comes increased risk for fraud. You  are your own best defense and  the best way to begin safeguarding your financial information is to become informed about safe online practices. Here are some important tips to keep in mind while conducting business online:

  • Set strong passwords. A strong password is at least 8 to 10 characters in length and is a combination of upper and lower case letters, numbers, and special characters. Do not use names, birth dates, telephone numbers, Social Security numbers, or anything that could    be easily guessed. Avoid passwords that spell a word, name, or recognizable sequence. Change your password frequently. Never write it down or share it with anyone.
  • Never reveal personal information via electronic methods. Do not use e-mail or text message to send information such as account numbers or your Social Security number. Beware of e-mails asking for personal Information. Legitimate companies will never e-mail to ask for your Social Security number, PIN, or password.
  • Remember e-mails and links are not always what they seem. Do not open e-mails from an unknown source and avoid clicking on links embedded in e-mails, especially if you are prompted to login. These links could direct you to a fraudulent website. Instead, type in the web address in your browser before logging in. Beware of e-mail attachments from sources you are unsure of as these files can allow viruses or malware access to your computer.
  • Make sure the website is legitimate and secure. If you navigate to an URL (web address) that you did not type in, take the time to verify that the URL you are viewing matches what you would expect. Fraudulent websites deliberately use URLs that  are similar to the website they are imitating. Make sure a website is secure before submitting personal information online. A secure URL begins with https://.
  • Monitor your account activity. Review your account history often and thoroughly review your monthly statements. Investigate any suspicious items and notify us immediately of unauthorized activity.
  • Keep your protection software up-to-date. Install anti-virus, anti-spyware, and anti-malware programs on your computer. Keep these programs on and update them frequently. It is also helpful to confirm that your operating system (i.e. Windows) and browser (i.e. Internet Explorer, Firefox, etc.) have the latest security updates.
  • Avoid using public computers for financial activity. Do not use public access computers to view your online banking account. Computers accessible to the public may be infected with malicious software or viruses.
  • Remember to log off. When you are finished with a site, log off instead of just closing the page or your browser. Do not leave your computer unattended while you are logged in to a site.

Did you know that UCU...

  • Ensures strong security measures for on-line banking through Personal Finance Manager and Mobile Finance Manager. You can deter fraud with your challenge questions, username, and password. Your security image and phrase confirms you're on the real UCU website.
  • Offers eAlerts on Personal Finance Manager that can notify you via text or e-mail regarding events that take place on your account?
  • Has a fraud monitoring system in place to detect unusual transactional behavior? If we notice something unusual, we will contact you to confirm a transaction. Please notify us if you are traveling to aid us in properly identifying unusual activity.
  • Will never call, e-mail or otherwise contact you to ask for login credentials? We will, however, ask "out of wallet" security questions during a phone call to verify your identity.

Contact UCU at 800.696.8628 with any questions or concerns about safe online financial practices. Notify UCU immediately if your account information has been compromised or if your debit card is missing or stolen.

Past Alerts