Fraudulent Emails Claiming to be from NACHA
January 2012 -
Further to notices issued last year (March, February and September), NACHA - The Electronic Payments Association has received reports that individuals and/or companies continue to receive fraudulent emails that have the appearance of having been sent from NACHA. These emails vary in content and appear to be transmitted from email addresses associated with the NACHA domain (@nacha.org). Some bear the name of fictitious NACHA employees and/or departments.

NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.

Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.

If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system.

Always use anti-virus software and ensure that the virus signatures are automatically updated.  Ensure that the computer operating systems and common software application security patches are installed and current.  Additional information and guidance on phishing is available from the Federal Deposit Insurance Corporation (FDIC).

If you receive a suspicious call please report the incident to Sb1 by emailing us at "phishing@sb1fcu.org" or by calling 800.806.9465.

fasdf


Fraudulent emails purporting to be from the IRS are surfacing.
June 2011 - If you receive any unsolicited email claiming to be from the IRS, disregard them. Generally, the IRS does not send unsolicited emails to taxpayers. Furthermore, the IRS does not discuss tax account information with taxpayers via email or use email to obtain sensitive financial and personal information from taxpayers. The IRS does not request financial account security information, such as PIN numbers, from taxpayers.


Recent Fraud reported by Sb1 members.
June 2011 - Several members with GSK email addresses have reported receiving an email with a subject line of "Your Wire fund transfer" that we suspect is a fraud attempt.  The email claims that an outgoing wire fund transfer was not processed by an "intermediary or beneficiary bank" and asks the recipient to click on a link to view a report.

Sb1 urges members to not click on this link.

Please remember, Sb1 will never contact you to request personal information.
If you receive a suspicious call please report the incident to Sb1 by emailing us at "phishing@sb1fcu.org" or by calling 800.806.9465.


Phishing attempt to collect credit card information.
October 2010 - There have been reports of recent phishing attempts to obtain member credit card account numbers, expiration dates and electronic signatures. In cases reported to NCUA, the perpetrator(s) sent fraudulent e-mails, represented to look like they came from the NCUA, to credit union members and the general public.

The emails state the NCUA will add $50.00 to the member's account for taking part in a survey. The link embedded in the message directs members to a counterfeit version of NCUA's website with an illicit survey that solicits credit card account numbers and confidential personal information.

Members affected by this scam, and variants of this scam, should be advised to forward the entire e-mail message to "Phishing@ncua.gov."


Viruses asking for Credit Card or other Banking information:
February 2010 - Viruses and other malware have been targeting online banking users. These viruses may create a web page that appears at first to be part of NetBanker itself.  The web pages tend to look generic and usually do not feature the the credit union's name or logos specifically on the fraudulent page.

If you are asked for your login credentials, or are suspicious of any unusual activity on NetBanker, please contact us directly by by emailing "phishing@sb1fcu.org" or by calling 800.806.9465.


New text message based phishing scam.
November, 2009 - Recent reports from a few Sb1 members have come in detailing attempted phishing scams via text message.  The text message contains an alert that their Credit Union card is locked and provides a 1-800 phone number to dial.  Do not call this number.  This is the point in the scam where you will be asked to provide your card number, expiration date and Personalized Identification Number (PIN).


Phishing Alert from NACHA
(National Automated Clearing House Association)
November, 2009 - Be aware of a recent report of a phishing email that is circulating.   The message is being sent to look like an alert from the NACHA regarding a rejected ACH transaction.  The emails are fraudulent and contain a link to a fraudulent website that looks like the real NACHA website.  The link is also thought to contain malware that will automatically install itself onto your PC.


Credit Card Scam to get your security number:
October, 2009 - A recent scam has been reported where the scammer will pose as a Credit Card company representative investigating a recent purchase that looks suspicious.  They will provide some pieces of information and ask you to verify your 3-digit security number.  Don't provide this information.  The Credit Card company already knows your security number and you should hang up immediately and call the number on the back of your card directly to ensure you are truly speaking with a representative of the Credit Card company.

For more on how the scam works, click here.


IRS Scam Making Rounds:
September, 2009 - A malicious file is hitting mailboxes across the country at a rate of 90,000 messages per hour.

The e-mail looks as if it comes from "no-reply@irs.gov," and warns users that they need to review a tax statement on the IRS Web site. The overall theme is that the user was caught hiding income from the IRS and they have a chance to fix it. The catch is that they will first need to download and install a file that infects computers with a virus or shuts them down completely.

If you have received a "notice of unreported income e-mail" from the IRS, delete it and do nothing else. If you do get a notice of unreported income e-mail or any e-mail from the IRS that asks for a response in the future, do not respond. The IRS does not use e-mail to get information to taxpayers.


Phishing scam delivered via text message.
August 2009 - Several members have reported being called and sent text messages concerning alleged credit card fraud occurring in India.  The messages claim to be from "your Credit Union."

These messages are not legitimate FALCON calls. (For more information about FALCON, see the earlier post below.)


An alert for anyone transacting business with parties using an Sb1 check for payment or deposit:
July 2009 - Sb1 has been informed that unofficial checks and cashiers checks are in circulation that appear to come from Sb1 but are in fact counterfeits.

If you have received a check from a third party, that is drawn from the Credit Union, and you are unsure of its validity, please call Sb1 immediately to verify the check's legitimacy.

If the check is indeed an official Sb1 cashier's check we will be able to verify the item quickly. When calling to verify a check please have a copy of the check in question available to fax to Sb1.

This following link provides a helpful explanation of how these scams work:
How overpayment scams work >>


The Consumer Federation of America's tips against fake check scams:
  • Never agree to pay to claim a prize.
  • Never agree to pay for grants from the government or foundations.
  • Never agree to cash checks and send the money somewhere as part of a job working from home.
  • Never agree to wire money to anyone you have not met in person and known for a long time.
If it seems suspicious, consult your state or local consumer protection agency, the Federal Trade Commission, the U.S. Postal Inspection Service or another trusted source.

Remember that there is no legitimate reason why anyone who wants to give you a check or money order would ask you to send money anywhere in return.


Phishing attempt reported by Sb1 members.
Several Sb1 members have received calls claiming to be from the Credit Union. The caller claims to be calling about a "frozen" Visa account and goes on to ask members to provide their 16 digit card number.

These attempts have the hallmark signs of a Phishing scheme. Sb1 would like to remind you to never provide sensitive account information for such a call.

Sb1 will never contact you to request personal information.

If you receive a suspicious call please report the incident to Sb1 by emailing us at "phishing@sb1fcu.org" or by calling 800.806.9465.

Click here to learn more about ID Theft >>

Beware of calls identifying themselves as FALCON Alert phone calls.
May 2009 - FALCON Alert is legitimate service which monitors your daily Visa  purchases for suspicious activity. In the event that your purchasing habits don't follow your typical buying patterns you may receive a call from FALCON to simply verify your recent purchases (which they already have a record of) were in fact made by you. Neither FALCON nor Sb1 will ever call to verify your personal information.

Recently, several members have reported receiving calls from people claiming to represent Falcon who were asking to verify personal information. These calls would specifically name Sb1 in the call but they were not placed by FALCON.

If you receive a suspicious call please report the incident to Sb1 by emailing us at "phishing@sb1fcu.org" or by calling 800.806.9465.


There have been recent fraud attempts involving cashier's checks, supposedly for mystery shopping.

April 2009 - Sb1 does have a legitimate mystery shopping program but members would never be asked to payout money of their own as discussed in the scam attempts in the video below.


If you feel that you have been targeted for one of these types of attacks you can always report suspicious activity to Sb1 by emailing us at "phishing@sb1fcu.org" or by calling 800.806.9465.

Other ways to protect yourself:
  • Never provide personal information such as Social Security Number, address or date of birth.
  • Never provide personal account information such as passwords and PIN numbers to anyone.
  • Never provide your Credit Union or Bank account number.
  • Never provide the security code from the back of your credit cards.