October 21, 2019
GLCU is always eager to protect your information and we would like to share some basic fraud intelligence about scams currently happening in the financial industry.
Criminals are spoofing credit union phone numbers to fool members into thinking the calls and text messages are from the credit union’s fraud department. They are also calling members and/or sending text messages pretending to validate recent card activity, and deceiving credit union members into providing card related data and log in credentials.
It is important to remember that GLCU employees will NEVER request your personal information over text and/or voice messages.
Instances have been reported of fraudsters impersonating members to request a change in contact information such as mobile numbers. They have also contacted credit unions, impersonating members to report upcoming travel as a means of lowering the monitoring of debit and credit card transactions.
These attacks to obtain personal information from credit union members are known as SMishing (SMS text phishing) and Vishing (Voice phishing). A typical SMishing occurrence can begin with a member receiving a text message inquiring about a suspicious transaction on an account. In reality, the fraudster is looking to obtain other information from members such as debit card numbers, CV2 codes, expiration dates, PINs and other web login credentials.
Below is a summary of items included in valid text messages from GLCU and items that will not appear in a legitimate messages.
A valid text message may include:
- Our credit union name, GLCU or Great Lakes Credit Union
- Last 4 digits of a card number
- Dollar ($) amount in question (with dollar sign)
- Merchant name and hyperlink to their customer service phone number if necessary
- Short reply options: YES, NO, STOP, or ONE LETTER only
A valid text message will NOT include:
- Requests for your personal information such as card numbers, PINs, CV2 Codes, or Expiration Dates
- Hyperlinks to unknown websites
Here are some tips to prevent scammers from getting your information:
- Never provide personal information in response to text messages or phone calls.
- Do not click on links included in text messages from unknown sources. Legitimate requests to validate card activity will require a simple YES or NO. They will not include hyperlinks to other websites or ask for personal information.
- Call GLCU to question suspicious text messages or calls from the credit union.
As a general rule of thumb, if your conversation suddenly starts looking fishy, hang up or log out of whatever medium you’re engaged in and call us immediately at (800) 982-7850.