Internet Banking Login
We never forget that it's your money
  • Rates
  • Locator
  • News
  • Membership
  • Products and Services

Scam Warnings

Home   >  Scam Warnings

Your VyStar Scam Watch: Be Informed. Be Aware. Protect Yourself

Identity Theft 911 - Protect What Matters Identity Theft can happen to anyone. VyStar’s partnership with identity Theft 911® provides services to members and their families, at no additional charge. If you suspect you have lost your identity through theft or other disaster, contact us as soon as possible.

Member Alert 05/07/09

PIN Reversal Rumor

Recently, false material has been circulated through email, blogs and TV regarding PIN (personal identification number) Reversal at ATMs. The rumor explains that by reversing the numbers of your PIN at an ATM (example: 1234 is keyed in as 4321) you signal an emergency and police will be dispatched to assist. Please be aware that PIN Reversal is not a valid security option at any ATM – this information is simply not true.

Always take the proper safety precautions when using ATMs. Our website provides ATM Safety Tips to help you avoid a problem.

Member Alert 04/06/09

Check Card Fraud Alert

Some VyStar members have reported a SCAM regarding a text message they have received that asks them to verify their Visa Check Card information or to call to find out why their debit/ATM card number xxxxxxxx is blocked. The text message purports to be from Southern Commerce Bankcard Confirmation and instructs the recipient to call either 877-824-6823 or 877-250-8413.

This text message has nothing to do with VyStar Credit Union. Do not respond.

If you have suspicions about anyone that contacts you or you suspect fraud may have occurred on your accounts, report it to your credit union at (904) 777-6000 or 1-800-445-6289.

It is very important that you monitor your account transactions, routinely. In addition, VyStar’s Electronic Security Protection (ESP) provides automatic protection for your debit, ATM and credit card services. Click here for more information.

Member Alert 03/20/09

ATM Fraud - Card Skimming

ATM SkimmingRecently, there has been a new type of fraud being perpetrated in the area.  This type of fraud is called card “skimming”.

What is skimming?  It's the illegal act of placing a skimming device (false face plate) over the card slot of an ATM.  These devices can look legitimate and come in different shapes and sizes – often matching the equipment on the machine. A camera/mirror device may also be affixed to the ATM to observe victims entering their personal identification number (PIN). A false key pad is sometimes used.

How does skimming work? When someone inserts their card to perform an ATM transaction, the card travels through the skimming device and the magnetic information on the card such as the name on the account, account number, and PIN embedded in the magnetic strip is recorded.  A camera/mirror is used to record the victim entering their PIN. 

Once a card is swiped, the information contained in the magnetic strip is stored in the electronic skimming device. At a later time, the criminal will return to the ATM and retrieve the skimming device and camera/mirror to obtain the victim's stolen card information. The magnetic strip is copied onto another card and the stolen PIN is matched to it. 

The ATM card account information as well as the matching PIN can be sold, used to order items online, to make counterfeit ATM/debit/credit cards or to withdraw money from the victim's accounts.

Most ATMs are not safe from this type of crime. Don't be a victim. When using an ATM always check the ATM equipment and the area around it closely for suspicious activity. Look for loose fitting (card slot) face plates. Be sure to hide your PIN whenever entering it into a machine.  If you think a skimming device has been placed on an ATM, notify police immediately.

NOTE: When a skimming device is placed on an ATM, the cardholder/victim can perform their ATM transactions unaware that their information has been recorded. Skimming operations often occur after hours and over weekends so criminals can retrieve the information prior to normal business hours.

Member Alert 02/20/09

Important Notice to Members

We have recently received a very large list of VyStar credit and check cards potentially impacted by the recent Heartland data compromise. This compromise took place during the third and fourth quarter of 2008, and has involved millions of cards throughout the nation. We understand that only credit card numbers and/or names were involved in the compromise. No personal information such as social security numbers, birthdates, addresses, etc. were taken. Because we are committed to ensuring your accounts are safe, we have systems in place to help us detect fraud on your account and will notify you if we detect suspicious activity. We urge all of our members to watch their check card and credit card transactions closely, and contact us if you suspect unauthorized activity on your account. VyStar's Internet Banking is a great resource to proactively view your account to ensure you haven't experienced any unauthorized charges.

FREQUENTLY ASKED QUESTIONS:

What is Heartland and what does it have to do with my VyStar credit card or check card? Heartland is a payment processing service that retailers use to process their credit and debit transactions from customers. It’s a back end process that is on the retailer side, not on the side of the financial institution.

What should I know about security and card fraud? The most important thing to remember is that you should never give out personal or account information to someone who calls you. If you are calling your Card Company or financial institution, always use the phone number on the back of the card. This will help ensure you're really speaking to the right person or company. Also remember that attempts at getting your personal information can come in any form. Do not respond to phone calls, emails, text messages or any other form of communication asking you to provide personal or account information.

How can I proactively protect myself against fraudulent card activity? VyStar Credit Union and Visa® are working closely together to catch any fraudulent behavior and protect your account. And remember, your Visa Check Card and Credit Cards are backed by Visa's Zero Liability policy, so even if your card or its number are ever lost or stolen, you won't be responsible for unauthorized charges. There are also some simple things you can do.

Protect your Personal Identification Number (PIN):

  • Never write down your PIN. Memorize it as soon as you get it.
  • Do not disclose your PIN to anyone. No one from any financial institution, the police or a merchant should ever ask for your PIN.
  • Beware of phishing emails. These are emails that appear to be from your credit union or online merchant asking for account information. Do not reply to them or click on any links. Visa, your credit union or any other legitimate online merchant will never ask for your PIN or other personal financial information via email.
  • At an ATM or PIN pad, enter your PIN discreetly, shielding the key pad with your hand.

What do I do if I spot suspicious activity on my account?

  1. Review your monthly statements to spot any unauthorized purchases. You can also monitor your account activity online at any time within Internet Banking at www.vystarcu.org.
  2. Review your credit scores for accuracy. Call any one of the three credit reporting agencies to receive your free annual credit report.
    Equifax
    800.525.6285    		 Experian
    888.397.3742    		 TransUnion
    800.680.7289
  3. If you spot any charges that you did not do using your credit card or check card, please contact us immediately at (904) 777-6000.
  4. You should also contact the three credit reporting agencies above to notify them of any suspected fraud or identity theft.
  5. Should you become a victim of identity theft, please contact us and our Theft Resolution (Identity Theft 911®) group will help you through the necessary steps to resolve the issues.

Who do I contact with questions or concerns? Our Call Center is available at (904) 777-6000 from 8:30 a.m. to 7 p.m. Monday through Friday and 9 a.m. to 3:00 p.m. on Saturday to answer any questions or concerns you might have.

Who should I contact if I feel that this is suspicious activity with my VyStar check card or credit card? Our Call Center is available at (904) 777-6000 from 8:30 a.m. to 7 p.m. Monday through Friday and 9 a.m. to 3 p.m. on Saturday. Contact Cardholder Services at 1-800-654-7728 after hours. Cardholder Services is available 24 hours a day, 7 days a week.

(This is an update from VyStar.)

Member Alert 1/9/09

New Phishing Activity

There have been several types of fraud attempts reported involving members that appear to be widespread geographically. Fraudsters are utilizing a variety of ways to obtain personal member information and are able to trick victims into divulging personal and financial information with the following schemes

  • Text messages sent to a member indicating they should call a specific number and provide credit card information based on a freeze on their account.
  • Computerized calls indicating possible tampering of their check cards and asked them to enter their 16-digit check card number. The phone number shown on Caller ID appears to be a legitimate number, possibly hijacked by the fraudsters.
  • Phone and text messages stating cards have been suspended and direct members to call a number to reactivate. When members call back, they are instructed to input their card numbers and PIN; counterfeit cards are then created and ATM/Debit card PIN-based transactions take place in foreign countries.
  • Fraudulent e-mail and text messages are sent to appear as if they are from the credit union. The credit union’s web site has been re-created by the scammer, who then asks members to enter their card numbers, expiration date, PIN, etc. Members are also being called in the middle of the night stating their cards are experiencing fraud, and they are then asked to provide personal information. Credit cardholders receive a telephone message from an unknown party who leaves a telephone number for the member to call. The caller ID read ‘economic relief.’ When members returned the call, they were prompted to press 1 to lower rates; a person then came on the line and asked for social security number, credit card number, etc.

VyStar Credit Union will never solicit personal or financial information. Do not respond to requests for information unless you initiate the request - this includes requests via e-mail, phone, text messaging or through the mail, and work with your internet provider or telephone carrier to shut down fraudulent sites or phone numbers.

(This is a public service message from CUNA.)

Member Alert 12/08/08

“Work-From-Home” Scams

Members have reported an increase in individuals losing money due to their participation in “work-from-home” scams. Potential employees are recruited through newspaper, email, and online employment services for jobs that promise the ability to earn money while working from the comfort of home. While these scams are not new, the current economic condition, combined with the upcoming holiday season, have led more customers to fall victim to these scams where they knowingly or unknowingly become mules for fraudsters who use their accounts to launder money or even steal from them.

For example, a customer may apply for a position as a “rebate processor,” “trading partner,” or a “currency trader.” Upon being hired, the new “employee” provides their bank account information to their employer or establishes a new account using information provided by the employer. The employee is instructed to wire money that is deposited into the accounts to drop boxes via Western Union. However, rather than processing rebates or trading currency, the customer is actually participating in a money laundering scheme where the fraudsters use the employee’s (mule’s) legitimate account to transfer stolen money to other accounts out of the country.

Tips for Avoiding Work-from-Home Scams:

  • Know who you’re dealing with.
  • Don’t believe that you can make big profits easily.
  • Be cautious about emails offering work-at-home opportunities.
  • Get all the details before you pay.
  • Find out if there is really a market for your work.
  • Get references for other people who are doing the work.
  • Be aware of legal requirements. Under Federal law, some types of work cannot be done at home.
  • Know the refund policy if you have to buy equipment or supplies.

(Information provided by BITS Financial Services Roundtable.)

Member Alert 10/23/08

Telephone Scam

Cardholders have received computer-generated calls claiming to be from their financial institution. The calls claim their accounts have been frozen and then direct the cardholder to call a toll-free number to leave their debit card information in order to reactivate any cards. The toll-free number includes a recorded message that asks the customer to key their account number, card expiration date and PIN.

Should you receive any questionable calls, please make sure you do not provide personal information. In addition:

  • Make sure you initiate the contact and that the institution verifies your identity with questions only you would know.
  • To verify whether a call is legitimate, call your institution or visit its website using phone numbers or internet addresses from your bank statement or account documentation.
  • Do not call back a number provided over the phone or click on a link in an email.
  • Most communications will include something that will concern or excite the victim.
  • If you have been a victim of a scam, file a complaint with local law enforcement and notify your financial institution.

As with all possible fraudulent situations, you are encouraged to take appropriate measures if a scam is suspected. Note: an excessive number of attempts at preauthorized small dollar amounts may be an indication of the intent to commit fraud.

(This is a public service message from Fiserv.)

Member Alert 10/22/08

FTC CONSUMER ADVISORY ON PHISHING EMAILS TIED TO BANK MERGERS

During October 2008, the Federal Trade Commission (FTC) released an advisory that warns consumers of fraudsters taking advantage of upheavals in the financial marketplace to sending phishing emails to collect personal and banking information. The FTC urges caution regarding e-mails that look as if they come from a financial institution that recently acquired a consumer's bank, savings and loan, or mortgage and provides advice about how to stay on guard against this type of scam. For information, see the advisory at http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt089.pdf or the FTC press release at http://www.ftc.gov/opa/2008/10/bankphishing.shtm

(This is a public service message from the Federal Trade Commission.)

Member Alert 9/11/08

Hurricane Scams Have Already Begun

Phishing Scams When Hurricane Katrina first hit in 2005, scams popped up within hours. Hurricane Gustav is no different, and Hanna, Ike and others will likely be the same in the days and weeks to come.  Chances are that any e-mail asking for donations is a scam, but the e-mail scammers are very tricky; they have created e-mails that sound authentic, tear at your heartstrings, and make you feel compelled to "donate" to disaster relief.  Web sites that claim to be legitimate Hurricane Gustav relief organizations have been created asking people to donate money by giving financial information and making a donation to the American Red Cross by clicking a bogus but legitimate-sounding domain name. If you want to make a donation through the Red Cross or another disaster relief organization, go to an organization's office itself, or the official Web site by typing in the domain name, like RedCross.org.

Viruses and Malware:  These e-mails usually are geared to getting you to open them and click on the attachment, which then infects your computer with a virus or malware.

Investment, Energy, and Security Scams Since 10% of the natural gas and 5% of the crude oil that Americans consume is produced off the U.S. Gulf Coast, it is very likely that a hurricane in the Gulf of Mexico will produce some investment, energy and security scams. After Hurricane Katrina, the SEC reported that e-mails being circulated claimed certain penny stocks would skyrocket in value. Reasons varied. Some were supposed to rise because of "refinery glitches."

Emails Look for emails asking for individual donations to help a victim's family; claims that a hurricane is "the wrath of God.", the victims were "wicked" and got what they deserved and then they ask for to donations to them, either for financial or identity theft purposes; mail claiming to be official government agencies, banks, credit card companies, Etc. that is asking for personal and financial account information; emails offering to locate persons that you know who are in the area affected by the hurricane, but requiring a fee to do so.

Contractor Scams Scammers pose as contractors and ask people for money so they can do immediate, upfront repair work. Of course, since they are not real contractors, they will never show up to do any repair work. Some real contractors also take advantage of the disaster by price gouging since there is a shortage of legitimate contractors.

In summary here are four ways you can keep yourself safe from hurricane scams:

  1. Use common sense.
  2. Never donate from an e-mail request. It's almost certainly a scam. Never click on the links in e-mails.
  3. Make sure any charity you donate to is legitimate. Find out how to tell if charities are legitimate here: http://www.scambusters.org/charities.html
  4. Don't open attachments in unknown e-mails. There is a good chance they contain viruses or malware.

(This is a public service message from CUNA.)

Member Alert 7/18/08

Financial Scam Alert – letters or emails from FinCEN

The Financial Crimes Enforcement Network (FinCEN) is reminding the public to be alert to ongoing financial scams that attempt to solicit funds from unsuspecting victims.

In some of these scams, individuals misrepresent themselves as FinCEN officials and try to trick victims into revealing confidential information. These scams may involve the fraudulent use of FinCEN's seal in a letter or email that claims to be an official correspondence. These scams often involve the enticement of a phony inheritance or sum of money, and claim that FinCEN is holding or blocking the transfer of funds.

Recipients of these letters or emails should not respond to such messages, and should not send money or provide any personal or confidential information. Those who believe that they are or have been a victim of a financial scam, should report this information to local, state, or federal law enforcement authorities.

FinCEN does not send unsolicited requests and does not seek personal or financial information from members of the public. FinCEN does not have authority to freeze assets or block funds transfers. In addition, these fraudulent letters or emails may purport to be from an overseas office of FinCEN. FinCEN does not have any offices outside of the United States.

(This is a public service message from FinCEN.)

Member Alert 06/30/08

Unsolicited text messages may be a Smishing Scam

Credit unions across the country are reporting that their member's are receiving unsolicited text messages. It's an attempt at Smishing, the latest form of phishing. In Smishing, an e-mail tries to lure a recipient into giving personal information via SMS, the communications protocol used to send text messages to a wireless device. The recent scam is targeting credit union and other financial institution members. In smishing, the members receive a text message via cell phone warning that their bank account has been closed due to suspicious activity. It then tells them they need to call a certain phone number to reactivate the account. Unsuspecting callers who dial the number provided in the text message will be taken to an automated voice mail box that prompts them to key in their credit card or debit card number, expiration date, and PIN to verify their information. If you have a question concerning your account or credit/debit card, contact VyStar Credit Union using a telephone number obtained independently, such as the phone number from your statement, a telephone book, or other independent means.

(This is a public service message from CUNA.)

Member Alert 06/25/08

More Smishing Attacks – service messages from credit unions

Smishing attacks have been reported by members of several credit unions.  Members have received Service Messages alleged to be from the credit union telling them that their account is being closed due to fraud.  The service message requests that the individual contact the institution to reactivate an account by calling a phone number with a 909 area code; calling that number results in automated requests to enter personal information, including card numbers.  If you receive one of these messages, do not respond at the number provided, call VyStar Credit Union at the number you normally use; 904- 777- 6000 or 800- 445-6289 and report the attempt so that your information can be protected.

(This is a public service message from CUISPA.)

Member Alert 04/25/08

2008 Economic Stimulus Refund Scams

  • Some people have received phone calls about the economic stimulus payments, in which the caller impersonates an IRS employee. The caller asks the taxpayer for their Social Security and bank account numbers, claiming that the IRS needs the information to complete the processing of the taxpayer's stimulus payment. In reality, the IRS uses the information contained on the taxpayer's tax return to process stimulus payments, rather than contacting taxpayers by phone or e-mail.

       
  • An e-mail claiming to come from the IRS about the "2008 Economic Stimulus Refund" tells recipients to click on a link to fill out a form, apparently for direct deposit of the payment into their bank account. The site, a copy of the IRS Web site, displayed an interactive page similar to a genuine IRS one; however, it had been modified to ask for personal and financial information that the genuine IRS interactive page does not require. This appears to be an identity theft scheme to obtain recipients' personal and financial information so the scammers can clean out their victims' financial accounts. In reality, taxpayers do not have to fill out a separate form to get a stimulus payment or have it directly deposited; all they had to do was file a tax return and include direct deposit information on the return.

It is important to note the IRS does not use e-mail to initiate contact with taxpayers about issues related to their accounts. If a taxpayer has any doubt whether a contact from the IRS is authentic, the taxpayer should call 1-800-829-1040 to confirm it.

Member Alert 02/21/08

FBI identifies recurring fraudulent e-mail scams

The FBI reports that cyber criminals are sending fraudulent e-mails to unsuspecting recipients about a complaint that has been filed with the Department of Justice, the Internal Revenue Service, the Social Security Administration, or the Better Business Bureau. They claim that the complaint names the recipient or their company.

The e-mails appear to be legitimate messages from the above departments. They address the recipients by name, and other personal information may be contained within the e-mail. The scam appears to be an effort to secure Personally Identifiable Information (PII), such as Social Security numbers and birthdates. The nature of these scams is to create a sense of urgency for the recipient to provide a response by clicking on a hyperlink, opening an attachment, or initiating a telephone call.

The FBI suspects this e-mail refers to a complaint that is in the form of an attachment, which actually contains virus software designed to steal passwords from the recipient. The virus is wrapped in a screensaver file, which most anti-virus programs are unable to detect as malicious in intent. Once downloaded, the virus is designed to monitor user name and password logins, and record the activity, as well as other password-type information, entered on the compromised machine.

  • If you have received these, or similar e-mails, file a complaint at www.ic3.gov. The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C).
  • If you have a question concerning your account or credit/debit card, contact your financial institution using a telephone number obtained independently, such as from your statement, a telephone book, or other independent means.

(This is an FBI Alert from CUNA)

Member Alert 02/06/08

IRS Alert – name and logo being used by fraudsters

The Internal Revenue Service has issued an alert, warning that the IRS name and logo is being used by fraudsters attempting to access the taxpayer financial information through e-mail, telephone, and cell phone text messaging.

Note: The IRS does not ask for personal identifying or financial information via unsolicited e-mail, telephone calls, or text messaging. 

The following scams are being used to trick taxpayers into divulging financial account information for fraudulent purposes:

  • Taxpayers receive a phone calls telling them that they are eligible for a sizable rebate for filing their taxes early, and they are told to provide their financial account information for direct deposit.
  • Taxpayers receive e-mails that claim they are eligible for a tax refund of a specific amount, and they are instructed to click on the link in the e-mail to access the refund claim form, which requires them to disclose financial account information.
  • E-mail notifications addressed to individual taxpayers claim that their tax returns will be audited. The individual is instructed to click on the link within the e-mail and complete forms disclosing personal and financial account information.
  • Businesses, accountants, and “Treasury” managers are receiving bogus e-mails regarding tax law changes. To obtain information on publications for businesses, estates taxes, excise taxes, exempt organizations, as well as IRAs and other retirement plans, the recipient is instructed to click on a series of links. The IRS suspects that clicking on these links downloads “malware” onto the recipient’s computer, which can be used to search for financial records and other private information.
  • A person claiming to be an IRS employee telephones taxpayers to say the IRS has mailed them a check that has not been cashed. The caller then asks for verification of financial account information.

If you receive an unsolicited e-mail purporting to be from the IRS, take the following steps:

  • Do not open any attachments to the e-mail; they could contain malicious code that will infect your computer.
  • Forward a questionable e-mail claiming to be from the IRS to phishing@irs.gov.
  • Use instructions contained in an article online at www.irs.gov titled "How to Protect Yourself from Suspicious E-Mails or Phishing Schemes." http://www.irs.gov/individuals/article/0,,id=155344,00.html
  • Contact the IRS at 800-829-1040 to determine whether the IRS is trying to contact you about a tax refund.
  • Remember that taxpayers do not have to complete a special form to obtain a refund.
  • If you have received this, or a similar hoax, please file a complaint at www.ic3.gov
Your savings federally insured to at least $250,000 and backed by the full faith and credit of the United States Government. National Credit Union Administration, a U.S. Government AgencyEqual Housing Lender Verified by VISARSA Fraud ActionDigital Insight, an Intuit company
  • Routing Number 263079276  |  VyStar Credit Union P.O.Box 45085 Jacksonville FL 32232  |  904-777-6000 or 800-445-6289
MESSAGE OF THE DAY

Close