Security - Hawaii First FCU

Learn About Identity Theft

People have been getting phone calls and text messages stating that their debit or credit card has been blocked. To reactivate their card, they are instructed to call a phone number and provide their card number and PIN. Once scammers obtain this information they are able to make authorized purchases from the victim’s account.

Never respond to any request asking for any personal or financial information, especially debit or credit card information.

Hawaii First will never ask you to enter your debit card, PIN, or Social Security number over the phone. You can always contact us directly (not using the phone number provided in a suspicious message) to confirm if there is anything unusual happening with you account or card.

Terms and Definitions

Identity Theft

is the theft of a person’s financial information, especially credit cards and social security number, with the intention of using that data to commit fraud and create a phony persona.

Phishing

is the process of seeking to obtain personal information illegally through email or pop-up messages in order to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, or other sensitive information.

Vishing

is short for “voice phishing.” In a new twist, identity thieves are sending spam that warns victims that their credit union/bank account or PayPal accounts were supposedly compromised. However, unlike typical phishing emails, there is NO website address; instead, the victim is urged to call a phone number to verify account details.

Vishing also comes in the form of phone calls. Never call a number you receive from a spam email and certainly DO NOT enter/disclose any private information. If you want to call your credit union, use the normal phone number you regularly use, not the phone number you get in an email.

Phishing

Smishing

is a text-message fraud that occurs when criminals, posing as financial institutions, attempt to dupe mobile-phone users into sending personal information through text messaging.

Credit Monitoring

Credit monitoring is a valued, desirable security service for credit union members. Many members use free annual credit reports as a means of monitoring their credit in an effort to detect fraud, and it works! But, did you know that if you became a victim of fraud, more frequent monitoring, like the daily monitoring available with AlertMe, may potentially reduce your out of pocket expense and may reduce potential fraud losses by as much as 50% or more? Click on the AlertMe banner to learn more or to subscribe to this service.

FREE ANNUAL CREDIT REPORT –

The FACT act allows all consumers the right to obtain one free credit report from each of the three credit reporting services (Equifax, Experian, TransUnion) once a year. This means you can obtain a free copy of your credit report every four months, if you keep track of which credit bureau you select. For example, select Experian in January, Equifax in May, and TransUnion in October. You can repeat this pattern each year.

Click on this link Annual Credit Report to obtain your free annual credit report.

Along with AlertMe Credit Monitoring Service, Hawaii First FCU also has the following products and services available to help you minimize your changes of having your identity stolen:

Direct Deposit

This Service is a secure way to deposit funds directly into your account from a company, merchant, and/or employer. Eliminating “live” checks provides faster availability of funds without the hassle of waiting in line.

Home Banking

If you have access to a computer, this is a service you cannot live without! Home Banking allows you to review transaction history and transfer funds between accounts without having to leave the comfort of your own home. Your information is protected with security features and a series of personal questions that only you can answer.

PayIt

Our bill payment service eliminates the potential for mail theft and it saves you the postage. At only $6.00 a month, members can elect to pay all or some of their bills online and no longer have to worry about rushing to the Post Office before closing to mail your bills.

Be Aware of These Scams!

“Smishing” Scams Targets Credit Unions Via Text Messaging

Fraudsters are now sending text messages to Credit Union and other financial institution members’ wireless devices to lure them into giving personal information. Because wireless devices use SMS, a communications protocol, to send text messages, this is called “Smishing.”

Credit unions across the country are reporting that their members are receiving unsolicited text messages. It’s an attempt at Smishing, the latest form of phishing. In Smishing, an e-mail tries to lure a recipient into giving personal information via SMS, the communications protocol used to send text messages to a wireless device. The recent scam is targeting credit union and other financial institution members.

In Smishing, the members receive a text message via cell phone warning that their bank account has been closed due to suspicious activity. It then tells them they need to call a certain phone number to reactivate the account.

Unsuspecting callers who dial the number provided in the text message will be taken to an automated voicemail box that prompts them to key in their credit card or debit card number, expiration date, and PIN to verify their information.

If you have any questions concerning your account or credit/debit card, contact your financial institution using a telephone number obtained independently, such as the phone number from your statement, a telephone book, or other independent means.

Loss Prevention Recommendations

Don’t display your wireless phone number or email address in public. This includes newsgroups, chat rooms, websites, or membership directories.

If you open an unwanted message, send a stop or opt out message in response.

Check the privacy policy when submitting your wireless phone number or email address to any website. Find out if the policy allows the company to sell your information.

Contact your wireless or Internet Service Provider about unwanted messages.

NCUA Phishing E-Mail Alert

The NCUA does not ask credit union members for personal account information.
Anyone who has received a fraudulent phishing e-mail reportedy from NCUA should forward the entire e-mail message to phishing@ncua.gov.
Do not open any attachments to the e-mail, in case they contain malicious code that will infect your computer.

If you have received any type of email you consider to be a hoax, please file a complaint at www.ic3.gov.

Phishers Use Fake Caller ID Numbers

In a new phishing scam, con artists are using phony caller ID numbers to solicit personal information and money. Thanks to the phony caller IDs, the “spoofers” are able to convince victims that they’re receiving a call from the bank, credit union or credit card company. The scammers use this technique to acquire sensitive personal information, or even money, from the victims.

The frightening aspect of this scam is that few people would ever think that the names and phone numbers appearing on their caller ID screens were not genuine. However, scammers are already using phony caller IDs and are posing as representatives of banks, credit card companies and government agencies.

Loss Prevention Recommendations

Do not assume that the information displayed on your phone regarding who the caller is is accurate. It can easily be spoofed.
Never give out personal or financial information over the telephone unless you know EXACTLY with whom you are dealing.

Jury Duty Scam!

This has been verified by the FBI (their link is also included below). Please pass this on to everyone in your contact list. It is spreading fast so be prepared should you get this call. Most of us take those summonses for jury duty seriously, but enough people skip out on their civic duty, that a new and omnious kind of fraud has surfaced.

The caller claims to be a jury coordinator. If you protest that you never received a summons for jury duty, the scammer asks you for your Social Security number and date of birth so he or she can verify the information and cancel the arrest warrant. Give out any of this information and bingo; your identity was just stolen.

The fraud has been reported so far in 11 states, including Oklahoma, Illinois, and Colorado. This (swindle) is particularly insidious because they use intimidation over the phone to try to bully people into giving information by pretending they are with the court system. The FBI and the federal court system have issued nationwide alerts on their web sites, warning consumers about the fraud.

Click here or here to learn more.

Marriott Data Compromise

On November 30, the Marriott International Hotel chain announced that its Starwood Preferred Guest reservation database suffered a breach. This breach ultimately exposed the information of up to 500 million guests. Marriott has notified regulatory authorities while continuing to work with law enforcement and leading security experts to support its investigation.

More information on the Marriott database breach can be found here.

Although the system is designed to protect card numbers and expiration dates for payment cards, the company has not ruled out the possibility that the hackers have accessed the system’s encryption key(s).

As of now, we are aware of the breach and have not received any notice that our cardholders (debit cards/VISA credit cards) have been affected at this time. However, we highly suggest that you continue to monitor your account history and statements for any unusual or unauthorized transactions with Hawaii First or any other financial institutions you may have accounts or a credit card with.

Always remember to be diligent in monitoring any and all of your financial accounts. Careful monitoring is the first line of defense for any potential fraud. Over the next few weeks, we will do our best to keep you updated on any developments in this situation.