BE VIGILANT TO PROTECT YOUR IDENTITY AND SENSITIVE INFORMATION.
Phishing Phone Calls
Xceed recently received notification that a caller claiming to be an employee of Xceed Financial Credit Union contacted a member asking to verify transactions due to a card compromise. The member was asked to reset their PIN to “1234” and provide the card number. The callers telephone number was 888.654.5201 and they claimed to be located in a Texas contact center used when Xceed is busy.
- Xceed does not have a contact center in Texas
- Xceed will never initiate a call and request your personal information
- These calls are not being initiated by Xceed and are a phishing attempt to obtain personal and/or account information
- The telephone numbers may vary as it is common that multiple numbers are used in phishing attempts
- If you suspect that your personal or account information has been compromised please contact us immediately at 800.XFCU.222.
Counterfeit Cashier’s Checks
We are not aware of any Xceed Financial Credit Union members being targeted by this scam, but we have been informed by Coast Central Credit Union, Eureka, California, of counterfeit cashier’s checks being circulated. The counterfeit items bear the institution’s name using a correct routing number but are markedly dissimilar to authentic cashier’s checks.
These counterfeit checks do not resemble the bank’s authentic items and may be identified by the following:
- The Check amount is $3950.00.
- The Remitter is American Mega Lottery Payment out of Las Vegas, Nevada and London, England.
- The Check numbers begin with 121XXX, they have a six digit serial number
Skimmer fraud perpetrated at stand-alone ATMs is on the rise!
An overlay skimmer is a device that fits over the card reader slot of an ATM or gas pump pay station. This skimmer is used to record the data contained on the magnetic strip on the back of a credit, check, or ATM card, including the account number. Skimmers are usually placed on stand-alone ATMs, such as those found at 7/Eleven stores, gas stations, or some Costco locations. They work because they’re nearly invisible, mimicking the ATM card slot and fitting like they’re part of the ATM. Some skimmers are multi-part – a card-reader sits in the ATM where the card is swiped, and a camera is hidden from view to capture the PIN as well.
One simple way to protect your account is to shield the keypad with one hand while entering the PIN with the other hand. This can also help block the view of “shoulder surfers.” In addition, stay vigilant when choosing an ATM, and examine each ATM before use to determine if the card reader looks legitimate. If the ATM seems to have been tampered with in any way, find a different ATM to use.
National Credit Union Administration (NCUA)-Impersonation Telephone and Text Messaging Scam
A new phone scam has been reported by the NCUA. Citizens are receiving phone calls and text messages from individuals who claim to work for the NCUA and asking for personal and financial information. The caller usually tells the citizen that his or her credit or debit card has been frozen or blocked. The caller then asks for the victim’s Social Security number, account number, date of birth, and home address to supposedly verify the information. Members should not provide this or any other information to the caller. The NCUA will not request personal or financial information in this manner.
Note that the NCUA will never:
- Make an unsolicited request for a member’s personal identification number.
- Request that a member share their personal information on a call that they did not initiate.
- Text message a member and ask them to call a number
Los Angeles County Sheriff’s Department-Impersonation Telephone Scam
A new phone scam has been reported by the Los Angeles County Sheriff’s Department. Citizens are receiving phone calls from individuals who claim to be LA County Sheriff’s Department employees. The caller usually tells the citizen that a warrant has been issued for their arrest for failure to appear for Jury Duty. The caller will tell the victim that they have to pay a sum of money, or face arrest by a sheriff’s deputy. The caller will instruct the victim to either get a money order, conduct a wire transfer, of buy a gift card (usually Green Dot) and send it to a specific location to pay the fine.
Note that the LA County Sheriff’s Department will never:
- Call to solicit money for fines.
- Solicit warrant information by phone.
- Ask for a money order, gift card, or wire transfer.
- Visit your home to collect a fee for a warrant.
Credit Union Account Reactivation Scam
We are not aware of any Xceed Financial Credit Union members being targeted by this scam, but members of Navy Federal Credit Union have received bogus emails stating that services on their account are being disabled. The bogus email includes a link that is supposed to re-activate the services – instead, clicking on the link facilitates identity theft by compromising the members’ machines and information.
Here’s what the email subject line looked like:
From: Navy Federal Credit Union
Subject: Online banking access compromised
If you receive anything similar to this email, do NOT respond and delete it immediately! Also, do not click any links in the email, download pictures, and do not “unsubscribe” or acknowledge the email in any way since that could compromise your security.
Online Safety Tips:
- Xceed Financial will never make unsolicited requests for your personal information, so never share your private info via email or on a call you did not initiate.
- Use extra caution when clicking on any link in an email.
- Watch out for pop-up messages. If you’re visiting a website and get a prompt to update Flash, Java, or Acrobat PDF Reader in order to view content or a video, don’t click. Only perform these updates when you see an update prompt while turning on or restarting your computer.
- Choose “friends” carefully. Social networking sites have made it easier for hackers to gather information about you. Be suspicious of people who attempt to “friend” you or become part of your professional network.
IRS-Impersonation Telephone Scam
An aggressive and sophisticated phone scam targeting taxpayers, including recent immigrants, has been making the rounds throughout the country. Callers claim to be employees of the IRS, but are not. These con artists can sound convincing when they call. They use fake names and bogus IRS identification badge numbers. They may know a lot about their targets, and they usually alter the caller ID to make it look like the IRS is calling.
Victims are told they owe money to the IRS and it must be paid promptly through a pre-loaded debit card, depositing cash to a bank account, or wire transfer. If the victim refuses to cooperate, they are then threatened with immediate arrest, deportation or suspension of a business or driver’s license. In many cases, the caller becomes hostile and insulting.
Or, victims may be told they have a refund due to try to trick them into sharing private information.
If the phone isn’t answered, the scammers often leave an “urgent” callback request.
Note that the IRS will never:
- call to demand immediate payment, nor will the agency call about taxes owed without first having mailed you a bill;
- demand that you pay taxes without giving you the opportunity to question or appeal the amount they say you owe;
- require you to use a specific payment method for your taxes, such as a prepaid debit card;
- ask for credit or debit card numbers over the phone; or
- threaten to bring in local police or other law-enforcement groups to have you arrested for not paying.
Xceed Financial Credit Union Impersonator
In the past, we learned of two situations where fraudsters have tried to gain people’s private information by pretending to be Xceed Financial. The individuals targeted were non-Xceed Financial members, and they both received loan offers/applications from an entity that called itself “Xceed Financial Inc.” Here’s what we know.
- The first person received a loan application by email. The “application” was a simple Word document that did not contain Xceed Financial’s exact name, logo, and address. This is how the email appeared (“xxxxx” was the recipient’s first name):
From: <[email protected]>
Date: Mon, Sep 3, 2012 at 11:08 AM
Please fill the form and e-mail back as soon as
possible. note that you must be working with proof of
income. you must be able to pay off in 3 yrs max.thanks
> ** CRAIGSLIST ADVISORY — AVOID SCAMS BY DEALING LOCALLY
> ** Avoid: wiring money, cross-border deals, work-at-home
> ** Beware: cashier checks, money orders, escrow, shipping
> ** More Info: http://www.craigslist.org/about/scams
> This message was remailed to you via: [email protected]
> If this email is a scam or spam please flag it now:
- The second person received a “pop-up” while searching loan options/rates on the internet. The loan application provided to him was similar to the first one, but it was a better fake – it included Xceed Financial’s logo and address on the top.
If you have any questions or think you are being targeted by this imposter, please contact us (the REAL us!) immediately at 800.XFCU.222 (800.932.8222).
Fraudulent Emails Appearing to be from the FDIC
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of a fraudulent e-mail that looks like it was sent from the FDIC. The FDIC has confirmed that it does not issue unsolicited emails to consumers or to business account holders. The email is an attempt to collect personal or confidential information, or to load malicious software onto the recipients’ computers.
Be on the lookout for this fraudulent email! Here’s what we know about it.
- The subject line reads “Changes in FDIC security requirements.”
- The e-mails are addressed to “Dear Client,” and state, “Your account ACH and Wire transactions have been temporarily suspended for your Security, due to the expiration of your security version. To download and install the newest Updates, follow this link security.” A hyperlink is then provided.
- The email concludes with, “As soon as it is set up, your transaction abilities will be fully restored. Best regards, Online security department, Federal Deposit Insurance Corporation”
- The following address is provided at the bottom of the message:
“FDIC Public Information Center
3501 North Fairfax Drive, Room E-1002.Section 515. Arlington, VA 22226
Fax Number: 703.562.2296 Email Address: [email protected]”
Email Security Tips:
- Never click on a link in an email from an unknown source.
- If you receive this fraudulent email, do not click on the link provided and delete the email immediately.
Email/Telephone Phishing Scam
Xceed Financial and other credit unions (as well as banks) across the country have been notified that members are being targeted by a scam involving automated phone calls (robo-calls) and text messages informing them their credit or debit card has been blocked. The fraudsters are trying to obtain cardholder information, with the intent of committing fraudulent activity against member accounts.
Some members receive these calls at their place of employment. The message claims that the member’s card has been deactivated and asks the member to call a “Card Activation Line” phone number and enter their 16-digit card number, expiration date, and PIN.
Fraud Awareness Tips:
- Xceed Financial Federal Credit Union will never make unsolicited requests for your personal identification number.
- Never share your personal information on any call that you did not initiate.
If you think you may have been a victim of this or any other financial scam, contact us at 800.XFCU.222 right away so we can take the steps necessary to secure your accounts.
It has come to our attention that a few consumers have received loan offers from “Xceed Financial Inc.,”which is in no way associated with Xceed Financial Credit Union. We believe this to be a scam. The reported incidents were received by non-members of the Credit Union, and were linked to advertisements on Craigslist as well as internet “pop-ups.” The loan offers were accompanied by fraudulent loan applications, some of which even displayed our logo. If you receive such solicitation, please report it to us and/or the appropriate authorities.
As a reminder, to better protect yourself from this and other types of scams, consider the following preventive measures:
- Exercise caution when surfing the web.
- Visit only trusted sites and only click on search results for sites you know.
- Do your research to ensure legitimacy of an individual or company prior to sharing personal information or entering into transactions over the Internet.
- Be wary of unsolicited attachments and “pop-ups.”
- Trust your instincts – if an email, attachment or “pop-up” seems suspicious, don’t open it.
- Turn off the option to automatically download attachments or allow “pop-ups.”
- Apply additional security practices, such as filtering certain types of attachments and “pop-ups,” and using a firewall.
- Keep your software up-to-date. This includes your operating system, applications, and security-related software.
The National Association of Federal Credit Unions (NAFCU) recently informed Xceed that fraudsters, claiming to be from NAFCU, are contacting consumers, telling them their debit cards have been compromised, and instructing them to enter their 16-digit card numbers for verification purposes. NAFCU, however, does not call or email anyone to ask for debit card information. Should you receive one of these calls or emails requesting your financial account information or sensitive personal data, do not provide the requested information.