iTHINK Financial Members Receiving Spoofed Phone Calls to Acquire Sensitive Information

iTHINK Financial has become aware of members receiving fraudulent phone calls from individuals claiming to be from the Credit Union Fraud Department. These fraudsters are using spoofing technology to make the phone calls appear to be coming from a legitimate iTHINK Financial phone number.

The fraudster claims that a fraudulent charge has been made on the member’s account and the member is asked to confirm his or her identity.

While iTHINK Financial actively monitors your accounts for potential fraud, please remember that we will NEVER initiate a call or email asking you to give us your card PIN, Online Banking username and password, or full card number. If you have any doubt about the validity of a phone call you receive from us, please hang up and call our direct number at 800.873.5100 to speak with us immediately.

Please also be aware that you can use our free Card Control service through Online Banking to lock your card until you are able to reach us. This will ensure that your card is protected until you are able to contact us.

Combat check fraud and identity theft

If you can answer Yes to any of the following questions regarding a Cashier’s or Official Check you intend to deposit, please notify your Teller or Member Service Representative immediately.

• Do you have any reason to suspect that this check is not valid?
• Have you recently advertised something for sale or purchased something over the Internet? If so, is this check payment for that item?
• Have you been asked to wire, or otherwise return, a portion of the funds back to the sender or some other third party?
• Have you recently received an email or letter stating you have won a sweepstakes or lottery? Are they claiming that all you need to do to collect your prize is provide them with your account number and other personal information so they can wire the funds into your account?
• Have you recently accepted a job offer over the internet and received a payroll advance by check, or were asked for your personal information in order to process a wire into your account? Were you asked to return a portion of the payment for tax purposes?

Please be advised: If a Cashier’s or Official Check is returned as a counterfeit or forgery, the Credit Union will have no choice but to hold you liable for the loss. Your assistance in the prevention of Check Fraud and Identity Theft is greatly appreciated. Please let us know if you have any questions or need more information.

Keyloggers – what are they and how can you protect yourself?

A keylogger is a hidden computer program that records the keystrokes you make, online and offline. After keystrokes are logged, they are secretly stored on your computer for later retrieval, or sent, via the Internet, to a thief. The crook then examines the keylog with the hope of finding passwords, or other useful information that could be used to compromise the system or steal your identity.

Any information entered into the computer can be retrieved. For example, a keylogger can reveal the contents of your personal email, or the passwords you use to access online banking. Once they gain access to your financial information, crooks can transfer funds, change billing addresses, and make purchases, often without raising any suspicion. When someone steals your wallet or purse, you know there has been a breach of your personal information. The danger of keyloggers is that you often don’t know until it is too late.

Hackers and identity thieves will place keylogger programs on your system by embedding them in “free” software you download from the Internet or through automatic installations initiated by pop-up ads or email. Once installed, the software works invisibly to monitor and record your every move.

Here are some things you can do to protect yourself:

• Adjust your internet settings to prevent your computer from installing programs automatically from the Internet or launching them automatically from email. Once you’ve disabled the automatic installation, you should see a prompt anytime an application attempts to install itself. Do not click OK, Yes, or Run This Program if prompted unless you trust the program and are fully aware of its purpose.
• Update your operating system frequently. Make sure to perform all the suggested updates as soon as possible.
• Configure your browser to use a higher security setting.
• Avoid downloading software from non-trusted web sites.
• Install a firewall. Firewalls keep programs from contacting the Internet without your permission. Adware and Spyware cannot function without sending information from your computer to the Internet.
• Scan your computer for Spyware. Free and paid services are available.

Don't get caught by a phishing scam

Phishing is an Internet scam that uses fraudulent emails to deceive consumers into disclosing their credit card numbers, bank account information, and other sensitive information.

Internet scammers send deceptive emails pretending to be from a company the victim has a relationship with. The email requests that the recipient update or validate his billing information in order to keep his account active. The email directs the victim to a look-alike website of the business, tricking him into responding to what looks like a legitimate request. The victim unknowingly submits his financial information to the scammers, who use it to make purchases and obtain credit.

If you get an email warning you that an account of yours will be shut down unless you confirm your billing information, do not reply or click on the link in the email. Instead, contact the company named in the email using a telephone number or website address you know to be genuine. iTHINK Financial would never initiate an email asking for your personal information. However, for identification purposes we may request information in response to an inquiry from you. Please call us at 800.873.5100 if you feel uncertain about the validity of an email you have received from us.

If you receive a fraudulent email, report the suspicious activity to the FTC by forwarding the email to spam@uce.gov. If you believe you’ve been scammed, file your complaint at www.ftc.gov, and then visit the FTC’s Identity Theft Web site (www.ftc.gov/idtheft) to learn how to minimize your risk of damage from identity theft.

Visit www.ftc.gov/spam to learn other ways to avoid email scams and deal with deceptive spam.

What should I do if I receive a scam letter or email?

First, it is important that you do not correspond AT ALL with the persons named in the scam letters. Any contact with the perpetrators puts you at risk of being scammed. Do not reply to their letters, emails, or call them by telephone. You can report cases of fraud to the Federal Trade Commission (FTC). If you have been victimized and lost money due to such scams, you should contact your local Secret Service office. Contact information can be found under the U.S. Government section of your local white pages or on the Secret Service’s website