November 1, 2023
Text Scam Alert
Our credit union wants to alert you about a text messaging scam that is impacting members across Maine. If you receive an unsolicited text message from someone claiming to be with a Maine-based credit union about a suspicious online purchase made with your debit card, do not click any links in the message!
As a friendly reminder, you should never click on links received in emails or text messages from people you do not know. Anytime you receive an alert about a financial transaction from someone other than your trusted credit union, be wary! This is a big red flag for fraud. Our credit union will never contact you by phone, text, or email and ask you to verify your banking account number, passwords, Social Security number, or other personal information. Always reach out to our credit union at the number listed on our website if you are uncertain about a communication or need assistance.
June 16, 2023
Fraud Alert! Reminder - STOP Before Giving Your Information
Unfortunately, we are again hearing from our members that fraudsters are attempting to steal their financial information, such as online/mobile banking passwords and credit card and debit/ATM numbers. As a reminder, University Credit Union will not contact you requesting you to share account information. Fraudsters can spoof real numbers (including your credit union’s phone number), and falsely claim there has been potential fraudulent activity on your account in attempt to scare you into providing your account information.
If you are contacted by someone asking you provide passwords or any information that appears on your debit, ATM, or credit card (such as card number, CVV number, name on the card, expiration date, address, zip code), DO NOT share anything with them. HANG UP IMMEDIATELY. Again, please remember these fraudsters can mask phone numbers and make it appear as though they are calling from a valid number, even an University Credit Union number. If you are unsure at all as to whether the representative calling you is from University Credit Union, hang up and contact us at 800.696.8628.
June 2, 2023
Fraudsters are contacting members by calling, text message, or email claiming to be the UCU Fraud Team stating suspicious activity was spotted on their account. The scammer then asks the member to provide their Digital Banking username and password, and Secure Access Codes in order to "protect" their account.
If you receive a suspicious call, text or email from someone claiming to be from UCU, ignore it, don’t click any links and/or hang up. If you're unsure if the communication is legitimate, please call us directly at 800.696.8628.
Remember, UCU will never ask you to do this. If you have experienced a similar scenario recently and provided sensitive information, please contact us immediately at 800.696.8628.
January 26, 2023
Fraudsters acting as ‘fraud protection’ are contacting people in a variety of ways including through internet fraud with pop-ups on computers. The fraudsters are then instructing the members to withdraw large amounts of cash to protect their funds from ‘fraud,’ specifically directing on what to tell branch staff such as ‘for home repairs,’ as to avoid getting caught. The fraudsters are then instructing the members to purchase gift cards to secure their funds and give to the fraudsters. UCU will never ask you to do this.
If you have experienced a similar scenario recently and provided sensitive information, please contact us immediately at 800.696.8628.
August 31, 2022
Fraudulent Calls / Spoofed Numbers
Members have notified us that they have received calls spoofing known UCU phone numbers. Please understand that UCU will never contact you and request login credentials, as we would already have that information. If you are unsure of who you are speaking to, hang up and contact UCU directly as you typically would.
Please do not give any information over the phone as we believe this to be a scam. If you have responded to a similar call recently and provided sensitive information, please contact us immediately at 800.696.8628.
August 15, 2022
Current Fraud Trends to be Aware of to Identify and Prevent Financial Fraud
What Is a Brute Force Attack?
- A brute-force attack is a trial-and-error method used by fraudsters to obtain payment card information such as an account number, card expiration date, PIN, or Card Verification Value 2 (CVV2).
How Members Can Help Prevent Brute Force Attacks
As with all fraud, there are steps that members can take to help protect their account information. It is good practice to:
- Use strong passwords and change them often. Having a strong password policy is the simplest and most effective way of thwarting a brute force attack. Don’t include personal information in your passwords, avoid recycling passwords, and change them frequently.
- Utilize two-factor authentication for accounts. This adds another layer of security to protect your personal information.
- Ensure the security on your electronic and mobile devices is up to date.
- Never open attachments or click on links from unknown individuals or companies as it could enable malicious software.
- Contact your credit union right away if you believe your information has been compromised!
What Is Spoofing?
- Spoofing is the act of disguising a communication from an unknown source as being from a known, trusted source. In this case, fraudsters were contacting members saying that they were calling on behalf of a credit union.
How Members Can Prevent Falling Victim to a Spoofing Scam
Given this activity, sharing these helpful tips with your members can help protect them against fraud.
- Never share credit union account information or social security number. Your credit union will never contact you by phone, email, or text with a request for this information. If you receive a request like this, chances are, it’s fraud!
- If you receive an unsolicited call or text message from someone claiming to be a representative of the credit union, you should hang up (if contacted by phone) and call your credit union using a phone number listed on your statement to verify the contact is legitimate. If they get push back from the person on the other end, it is likely a scam.
It’s also good practice to:
- Monitor credit card accounts, banking accounts, and credit reports regularly.
- Change account passwords often and avoid using the same username and password on multiple sites or personal information.
- Never open attachments or click on links from unknown individuals or companies.
- Contact the credit union right away if you believe your information has been compromised!
July 8, 2022
Fraudsters are acting as employers and hiring new employees remotely. They are sending checks that require payment back to the 'employer' or associates by other direct means, such as third party person to person payment apps, for equipment or other supplies. This is an employment scam. If you have concerns about a scenario like this contact the credit union.
UCU Blogs & Articles
Online Safety Guide
University Credit Union is committed to the security and confidentiality of your personal and financial information. With the increased speed and convenience of today's technology comes increased risk for fraud. You are your own best defense and the best way to begin safeguarding your financial information is to become informed about safe online practices. Here are some important tips to keep in mind while conducting business online:
- Set strong passwords. A strong password is at least 8 to 10 characters in length and is a combination of upper and lower case letters, numbers, and special characters. Do not use names, birth dates, telephone numbers, Social Security numbers, or anything that could be easily guessed. Avoid passwords that spell a word, name, or recognizable sequence. Change your password frequently. Never write it down or share it with anyone.
- Never reveal personal information via electronic methods. Do not use e-mail or text message to send information such as account numbers or your Social Security number. Beware of e-mails asking for personal Information. Legitimate companies will never e-mail to ask for your Social Security number, PIN, or password.
- Remember e-mails and links are not always what they seem. Do not open e-mails from an unknown source and avoid clicking on links embedded in e-mails, especially if you are prompted to login. These links could direct you to a fraudulent website. Instead, type in the web address in your browser before logging in. Beware of e-mail attachments from sources you are unsure of as these files can allow viruses or malware access to your computer.
- Make sure the website is legitimate and secure. If you navigate to an URL (web address) that you did not type in, take the time to verify that the URL you are viewing matches what you would expect. Fraudulent websites deliberately use URLs that are similar to the website they are imitating. Make sure a website is secure before submitting personal information online. A secure URL begins with https://.
- Monitor your account activity. Review your account history often and thoroughly review your monthly statements. Investigate any suspicious items and notify us immediately of unauthorized activity.
- Keep your protection software up-to-date. Install anti-virus, anti-spyware, and anti-malware programs on your computer. Keep these programs on and update them frequently. It is also helpful to confirm that your operating system (i.e. Windows) and browser (i.e. Internet Explorer, Firefox, etc.) have the latest security updates.
- Avoid using public computers for financial activity. Do not use public access computers to view your online banking account. Computers accessible to the public may be infected with malicious software or viruses.
- Remember to log off. When you are finished with a site, log off instead of just closing the page or your browser. Do not leave your computer unattended while you are logged in to a site.
Did you know that UCU...
- Ensures strong security measures for on-line banking through Online Banking and the Mobile App. You can deter fraud with your challenge questions, username, and password. Your security image and phrase confirms you're on the real UCU website.
- Offers eAlerts on Online Banking that can notify you via text or e-mail regarding events that take place on your account?
- Has a fraud monitoring system in place to detect unusual transactional behavior? If we notice something unusual, we will contact you to confirm a transaction. Please notify us if you are traveling to aid us in properly identifying unusual activity.
- Will never call, e-mail or otherwise contact you to ask for login credentials? We will, however, ask "out of wallet" security questions during a phone call to verify your identity.
Contact UCU at 800.696.8628 with any questions or concerns about safe online financial practices. Notify UCU immediately if your account information has been compromised or if your debit card is missing or stolen.