Loader

Avoid falling victim of fraud schemes and holiday Scams

Posted on December 19, 2019 | Blog

by Bridget Monk, Card Services Specialist at Downeast Credit Union

Fraud schemes are not limited to the holidays, but they do tend to spike during this high-spending time of the year. Technology has created many more options for cardholders to conveniently access accounts and make purchases. Unfortunately, this also means fraudsters are scheming up more sophisticated avenues.

Downeast Credit Union wants you to take action to keep your accounts safe this holiday season. Be alert and remain skeptical about calls, texts, and emails and not fall victim to fraud schemes / Holiday scams.

Some fraud methods you may see:

Brute Force schemes are attempts to crack a password or username, find a hidden web page, or find the key used to encrypt a message using a trial-and-error approach to guess correctly. This is an old attack method, but it’s still effective and popular with hackers as they work, whether to crack a single card number or complete BIN.

Skimming is perpetrated by using electronic devices to secretly scan and store credit and debit card numbers and PINs. ATMs and some unattended terminals, such as gas stations, are targets for this practice. This information can then be sold to fraudsters or used to commit theft directly. Fraudsters can use the numbers to make online purchases or to create fake cards for in-store transactions.

Phishing is the fraudulent practice of sending emails appearing to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.

SMiShing (SMS phishing) is the act of attempting to acquire personal information such as passwords and details by posing as a trustworthy entity through SMS text messages on cell phones. SMiShing messages may come from telephone numbers that are in a strange or unexpected format with links to fake websites. A typical SMiShing occurrence can begin with a cardholder receiving a text message inquiring about a suspicious transaction on an account. In reality, the fraudster is looking to obtain other information from cardholders such as debit/credit card numbers, CV2 codes, expiration dates, PINs and other web login credentials.

Vishing is the telephone equivalent of phishing. It is described as the act of using the telephone to scam the user into surrendering private information that will be used for fraudulent purchases or identity theft.

 

Some holiday scams you may see:

Seasonal Travel Scams

  • Beware of deals that are too good to be true
  • Cardholders should always know who they are booking their travel through

  • Holiday Charity Scams

  • A legitimate charity will welcome donations whenever the cardholder chooses to make it. Fraudsters will pressure them to make it immediately
  • Don’t make any donation with a gift card or wire transfer

  • Account Takeover

  • All user information is targeted in data breaches, not just payment card information
  •  

    Please Note:

    Legitimate SMS text messages from DECU will NEVER include:

  • Requests for cardholder’s data, such as card numbers, PINs, CV2 Codes, or Expiration Dates
  • Vague reference of a “merchant” transaction; details should be included
  • Hyperlinks to unknown websites
  • Phone numbers as hyperlinks
  •  

    If you believe you are a victim of any of these scams, please immediately call a DECU member service representative at 1-800-427-1223 so that we can help.