Home | Hours & Locations | Contact Us

Security Alerts

January 2008 - Fraudulent Home Equity Line of Credit & Wire Transfer Activity

 

November 30, 2007 - It’s the Holiday Season!

That means increased shopping and increased activity on your accounts. Unfortunately that means more opportunity for your account information to be compromised. As a helpful hint to our members Ledge Light would like to remind you all to be more mindful of your accounts and your surroundings.

  • Always make sure to keep your credit or debit cards within eye sight when making purchases
  • Make sure the cards go back in your wallet when the transaction is complete
  • Be mindful of your account balances and check them more often
  • Keep your wallet close
  • Sign up for Notify Me for account alerts, located under the User Services tab.
  • If you do notice anything suspicious on your accounts report it immediately to one of our representatives at 860.445.1060 or 800.525.5943.

In order to make your hectic holiday schedule a little easier Ledge Light offers you free on-line banking and bill payment services to allow you to monitor your accounts 24/7 and pay your bills anytime, anywhere! No more leaving your sensitive information in the mailbox for someone to come by and snag before the Postman picks them up! Sign up here for our free bill pay and home banking or call us at 860.445.1060 or 800.525.5943 for more information.

 

October 31, 2007CUNA target of new card-activation phish attempt

CUNA, (NOT CUNA Mutual Group), is being used as the subject of a phishing message targeting your credit union members to collect personal account information, plastic card numbers, and passwords. CUNA is warning people who receive the e-mail not to click on the link to the fake web page, just delete the message. 

This new phishing-scam attempt using the Credit Union National Association's name, informs recipients about "irregular check card activity" and advises them to call a toll-free number to get any restrictions removed. Calling the toll-free number is a "bad idea," says Dorothy Steffens, CUNA's vice president of web services, 800-356-9655 ex  5719. The call is a ploy to get personal account information, possibly for identity theft purposes.

Recipients received a message as a:

    "CUNA Alert: Irregular Check Card Activity" 

    "We detected irregular activity on check card on Oct. 25/2007. For your protection, you must reactivate your card. Call us immediately at 1.866.840.2863. We will review the activity on your account with you and upon verification, we will remove any restrictions placed on your account.

    Please disregard this notice if you have already accessed the website or spoken with one of our representatives."

As a trade association for U.S. credit unions, "CUNA does not maintain any type of customer/member financial information," emphasized Steffens, adding that "your financial institution would never request personal identification information over the phone."

And while this phone number has since been disabled, a new phishing e-mail with a different phone number started making the rounds on October 30, 2007. 

October 30, 2007 California Fire Scam

Websense, Inc. announced that its security research team has discovered suspicious online scams designed by criminals to steal money from those donating to the California fire effort.

“Unfortunately, as we saw with Katrina and several other recent emergencies, there are criminals who attempt to divert monies intended for the victims by creating bogus online donation Web sites and advertising them on high-traffic Web sites,” said Dan Hubbard, vice president of security research, Websense. “These criminals are trying to take advantage of the amazing outpouring of support locally, state-wide and internationally.

Loss Prevention Recommendations:

Tips to members donating online:

  • Ensure you are dealing with legitimate organizations.
  • Contact these organizations on your own.
    • Go to their Web site rather than clicking on a link in an email sent to you.
  • Remember that legitimate organizations will not aggressively approach people for money and donations.
  • Be mindful of groups reporting to be affiliated with legitimate organizations asking for donations or requesting you to visit their Web site.
    • They may be fraudulent or hosting malicious code designed to steal personal financial information.
  • Be wary of online auctions that claim to support the donation effort.
  • Report suspicious Internet sites and emails to the government and for additional protection tips visit the Internet Crime Complaint Center at www.ic3.gov or the Federal government’s consumer information center at www.consumer.gov/Tech.htm.

If you are aware of a risk in your area, whether it has struck your credit union or not, please complete the Report a RISK Alert form.

June 1, 2007 Jury Duty Scam

The crime and fraud investigating site Snopes.com reports a jury duty scam occurring in several states. This scam has also been verified by the FBI.

Most of us take summons for jury duty seriously, but enough people skip out on their civic duty that a new and ominous kind of scam has surfaced. A caller to your home claims to be a jury coordinator. If you protest that you never received a summons for jury duty, the scammer asks you for your Social Security number and date of birth so he or she can verify the information and cancel a supposed "arrest warrant." If you give out any of this information, your identity is stolen.

The scam has been reported so far in 11 states, including Oklahoma, Illinois, and Colorado. It is particularly insidious because the scammer uses intimidation over the phone to try to bully people into giving information by pretending they're with the court system. The FBI and the federal court system have issued nationwide alerts on their web sites, warning consumers about the fraud.
November 2, 2006 - Another New Pfishing Scam

If you have received an e-mail from NAFCU - National Association of Federal Credit Unions - it is a pfishing attempt to gain personal information.  Do not respond to this e-mail.  The NAFCU is an organization that is affiliated with federal credit unions and regulatory issues.  They do not represent any other entity and would never contact a member directly to verifiy information.

Sept 21, 2006 - New VISA Phishing scam

If you have received a notice from CUSE requesting information on your VISA account do not respond.  This is a fraudulent e-mail notice.  

VISA Phishing Scam - Eastern Europe

July 10, 2006  The following is a fraudulent attempt to gain information:

Subject: Your Credit Card was used in Eastern Europe!

Information Regarding Your account:

Dear VISA Member!

Attention! Your VISA Credit Card has been violated!

Someone from Bulgaria tried to access your personal account from 2 different ATM's but with wrong pin! We were forced to freeze your Credit Card until you will confirm your identity online!

Please click the link below and enter your account information to confirm that you are not currently away. You have 3 days to confirm account information or your account will be locked.

Click on the "Confirm identity " link in the Activate Credit Card box and then enter this confirmation number: 1291-3821-1345-9233-3925

Thank you for using Visa!
Verified by Visa Team

VISA Phishing Scam

June 22, 2006 - A fraudulent e-mail from VISA has surfaced.  The subject line reads:  "Transaction Was Refused".  The e-mail asks the recipient to click on a link to change their card PIN.  The link will direct them to a fraudulent website asking for their credit union account number and PIN.  VISA will not ask for such information via e-mail.  Cardholders should be reminded not to give out their PIN number or personal information to any knid of solicitation, including phone or e-mail.

Pretexting Scam

June 22, 2006 - Protect yourself from "pretexting" scams If you get a call from a survey firm and the caller asks for any personal information--even simply where you conduct your financial business-you may be a victim of a scam known as pretexting (Consumer Action News Spring 2006). Pretexting is a con game, and it's illegal. It's designed to get just enough information from you so the pretexters can call your credit union or other financial institution and pretend to be you to gain access to your Social Security number, account numbers, or credit report. With that information, the pretexter can commit identity theft and set up accounts in your name. Under the Gramm-Leach-Bliley Act, it's illegal for anyone to use false, fictitious, or fraudulent statements or documents to get customer information from a financial institution. The law also prohibits the use of forged, counterfeit, lost, or stolen documents for the purpose of getting customer information, and prohibits the practice of using a third party to access customer information using false, fictitious, or fraudulent statements.

Identity Theft

April 19, 2006 - If you think that you may be a victim of Identity Theft you can stop by our office for an instructional booklet or visit the Federal Trade Commission website at www.ftc.gov.

Pfishing or On-Line Fraud

April 19, 2006 - If you feel that you may be a victim of Pfishing or On-Line Fraud you may file a complaint with any of the following:

  • National Fraud Info Center at 1.800.876.7060
  • Attorney General Blumenthal at 1.860.808.5318 (CT only)
  • The Internet Fraud Complaint Center (FBI) at www.IC3.gov 

Credit or Debit?

April 10, 2006 - Ledge Light Federal Credit Union strongly recommends that our members select the “Credit” option when processing transactions at retail locations.  The only time you have to select the “Debit” option is when you want to get cash back.  The equipment that Merchants use automatically prompts you for your PIN, but you can still choose the credit option by telling the cashier and following her instructions. MSNBC recently ran an article on-line called Debit Card Thieves get around PIN obstacle. For full article, click the link below. http://www.msnbc.msn.com/id/11731365/

EXCERPTS:

Many merchants incorrectly store PIN information they should be destroying after customers enter the secret code on PIN pads in stores around the country. While the information is often encrypted into something called a PIN block, the keys necessary to decrypt the information are often stored on the same network, she said. That makes stealing the PINs as easy as breaking into an office computer using a password a careless employee has taped to the screen.

Consumers might be surprised to learn that their PIN numbers are stored by merchants they shop at, and can be stolen from merchants by hackers.

While storing PINs is against network rules, many retailers inadvertently store the information, said Mike Urban, who runs Fair Isaac Inc.'s ATM fraud detection program called CardAlert. It ends up accidentally saved in temporary files and other software nooks and crannies.

Beware of Phishing

April 5, 2006 - Ledge Light Federal Credit Union will never send emails to you requesting that you confirm or provide sensitive information. This would include your username, account number, PIN, password, Social Security number, ATM/Debit card number or any other personal data that could potentially be used in an identity theft scheme. Should you ever receive an email requesting this kind of information, please contact us immediately by phone or in person.