Current NIHFCU Fraud Alerts

IMPORTANT REMINDER: NIHFCU will NEVER ask you to update account information via email by clicking on a link or calling a number different from our main line. Should you receive an email with this request, it a fraud. DO NOT RESPOND and IMMEDIATELY DELETE IT from your inbox. If you mistakenly respond to a fraudulent email, please call us immediately at 301-718-0208. Report suspicious emails to web-scam@nihfcu.org.

September 29, 2008

NIHFCU has become aware of a fraudulent email circulating on the web claiming to be an official request for personal information from Digital Insight or your financial institution. The scam is designed to trick recipients into clicking a link in the fraudulent e-mail for the purpose of acquiring sensitive data, such as passwords or financial information.

The most common example we have seen includes the following:

Subject: Attention – Important Customer Information

Body: As a [Name of Financial Institution] customer, your privacy and security is a primary task for us. We have been dedicated to customer safety and protection and our mission remains as strong as ever. We inform you that your Net Banking account is about to expire. It is strongly recommended to update it immediately. Update form is located here: [LINK]

NIHFCU members: This is a fraud. Do not call or click on any links in this email. If you did respond, please contact us immediately.

IRS Warns of Rebate Scams: January 31, 2008

WASHINGTON (AP)—Even before Congress passes an economic stimulus package, identity thieves are using promises of tax rebates to trick people into revealing financial and personal data, the Internal Revenue Service warned Wednesday. Under one scheme, the IRS said, people are receiving phone calls telling them they can only receive a rebate if they provide bank account information for a direct deposit.

The tax agency stressed that it does not collect information by telephone and that no legislation has been enacted that would allow it to provide advance payments to taxpayers or that specifies the details of those payments.

The House last week, as part of an economic stimulus package, approved tax rebates of $600 and $1,200 respectively for most individuals and couples, with another $300 per child. The Senate is now considering a slightly different version. The IRS also repeated past warnings of e-mails, supposedly coming from the agency, where people are asked to enter personal information on a form needed to obtain a tax refund.

A new scam, it said, involves an e-mail notification that a person’s tax return will be audited with instructions to click on links to complete forms with personal and account information.

Businesses and accountants are also getting e-mails with instructions to download information on tax law changes. Clicking on these links could download “malware” onto the recipient’s computer that gives the scammer remote access to the computer hard drive. In another telephone scam, a caller claims to be an IRS employee who says the taxpayer has not cashed a refund check and asks the person to verify his or her bank account number.

On Tuesday, at a Senate Finance Committee confirmation hearing for Douglas Shulman, the nominee to be IRS commissioner, Sen. Charles Schumer, D-N.Y., expressed concern that taxpayers would be victimized by tax prepares and lenders who charge high interest rates for short-term advances on their stimulus rebates.

The IRS advised people not to click on any link from an e-mail purporting to come from the tax agency. People receiving questionable e-mails can contact the IRS through phishing@irs.gov.

Phishing Alert – December 15, 2007

From: “Credit Union National Association”

Sent: (day of week/month/day/year/time)

Subject: Irregular activity on your check card .

We detected irregular activity on your check card on (date). For your protection, you must verify this activity before you can continue using your card. Call us immediately at (1.800.319.xxxx). We will review the activity on your account with you and upon verification, we will remove any restrictions placed on your account. Please disregard this notice if you have already accessed the web site or spoken with one of our representatives..

Copyright © 2007 - Credit Union National Association, Inc

NIHFCU MEMBERS: This is a fraud. Do not call or click on the link in the email text (we have removed it from this alert for your protection.)

h2 Phishing Alert – November 20, 2007

NIHFCU has learned of the following fraudulent email circulating on the internet targeting credit union members nationwide. It reads as follows (or similar):

Subject: Notification of Card Deactivation

Dear Credit Union Member,

The personal identification number (PIN) was entered incorrectly more than 3 times.

For your protection we have deactivated your card.

To reactivate your card please complete the authentication form or call 425-906-6090.

Thank you for choosing our services.

Kind Regards,

Credit Union Customer Service

NIHFCU MEMBERS: This is a fraud. Do not call or click on the link in the email text (we have removed it from this alert for your protection.)

Phishing Alert – November 5, 2007

NIHFCU has learned of the following fraudulent email circulating on the internet targeting credit union members nationwide. It reads as follows (or similar):

Subject: Potential SPAM:Customer Warning

“Dear Credit Union National Association Customer, we regret to inform you that we have received numerous fraudulent emails which ask for personal account information. The emails contained links to fraudulent pages that looked legit. Please remember that we will never ask for personal account information via email or web pages. Because of this we are launching a new security system to make Credit Union National Association accounts more secure and safe and have deactivated access to your card account.

To activate it please call us immediately at 360 717 3498. Activation is free of charge and will take place as soon as you finish the activation process.

Before activation please

-make sure your account balance has not been changed

-make sure your details have not been changed

-review recent transactions in your account history for any unauthorized transfer

If you find any type of suspicious activities please contact us immediately. Please include in your message the transaction ID Number and the unauthorized transfer date & time.

Please do not reply to this message. For any inquiries, contact Customer Service.”

THIS IS A FRAUD. DO NOT RESPOND.

Phishing Alerts – October 31, 2007

1. A new phishing-scam attempt using the Credit Union National Association’s (CUNA) name informs recipients about “irregular check card activity” and advises them to call a toll-free number to get any restrictions removed.

The call is a ploy to get personal account information, possibly for identity theft purposes.

Recipients received a message as a “CUNA Alert: Irregular Check Card Activity”. It says:

“We detected irregular activity on check card on Oct. 25/2007. For your protection, you must reactivate your card. Call us immediately at 1.866.840.2863. We will review the activity on your account with you and upon verification, we will remove any restrictions placed on your account. Please disregard this notice if you have already accessed the website or spoken with one of our representatives.”

2. NIHFCU is also aware of another phishing scheme fraudulently appearing to be from the National Credit Union Association (CUNA). This 2nd scheme entitled “For Your Security We Deactivated Your Card Account. It asks the recipeint to call a fraudulent phone # (likely outside of the DC/MD/VA area) to get the restriction removed.

NIHFCU members: These emails are fraudulent attempts to steal your personal identification. If you have responded to the e-mail, please contact NIHFCU at 301-718-0208.