Skip to Main Content Skip to Sitemap

Current Scam Warnings

At VyStar Credit Union, we’re focused on keeping you, and your money, safe. Check back here for frequent updates regarding local, national and digital scams and other threats.

Please be aware that VyStar will never call you to request your personal information, such as your Social Security number, your date of birth, your credit/debit card number(s), the three-digit security code on the back of your credit/debit card or your Internet Banking username and password. If you receive a phone call from someone claiming to be a financial institution, insurance company or other organization requesting such information, you are most likely being contacted by an impostor. Do not give away your personal credentials. Instead, hang up and contact the company directly to confirm if the request is valid.

Protect your account when using Zelle^®

Hackers have figured out that Zelle and similar apps can be used to commit fraud on your account. According to recent news reports, bank and credit union customers across the U.S. have received calls and text messages from scammers impersonating their financial institutions. The fraudsters state that your account appears to have been targeted by fraud, and then list several out-of-state transactions and ask you to confirm if they occurred—leaving you with the false impression they are trying to protect you.

You are then asked to verify your identity via a text code, not realizing the scammer is using this code to transfer funds out of your accounts through Zelle or similar apps. According to a recent NBC News article, “Thieves use spoofed calls, phone calls that look like they’re coming from an individual’s bank, and traditional hacking to access people's Zelle accounts…”

At VyStar, we will never contact you to request any of your personal information such as SSN, birthdate, card number, the three-digit code on the back of your card, a verification text code or your Internet Banking username and password. If you receive a call or text like this, hang up the phone or delete the text and contact us to confirm if the request is valid.

In addition, the Better Business Bureau has the following recommendations for reducing your chances of becoming a victim of fraud:

Don't panic. If someone calls, emails, or texts you claiming to be from your credit union or bank, do not respond or provide any information. Instead, contact your credit union or bank directly using the number on your statement or on the website and ask if they tried to contact you about your account.
Never provide or confirm passwords, account numbers or login credentials, and never allow access to your account based on a phone call, text or email. Your credit union or bank will not contact you to ask for this information.
Scammers use call or text spoofing to appear to be calling from your credit union or bank. Your caller ID is not always proof of the caller's location or validity, so don't rely on it.

Text Message Scam

We have received reports from members that have received a text message that looks like the one pictured. This link is FAKE. Delete the text and please note VyStar will also not call or text you to request a one-time passcode. If the call or texts sounds suspicious, please do not respond to the text and hang up the call.

Official Checks Scam

Please be advised that VyStar is aware of counterfeit Official Checks in circulation using the Credit Union’s name. These checks are being presented for payment nationwide in connection with various online employment opportunity scams involving mystery shopping.

Checks presented to date have been made payable in amounts ranging from $1,950 to $4,950 with various remitter names.

Potential victims of the mystery shopping scam have received correspondence accompanying the check, which contains the name of nationally known retail stores within the letterhead. The correspondence instructs the potential victims to confirm receipt of the packet by sending a text message to a phone number listed within the letter. The recipient is further instructed to either cash or deposit the funds at his or her financial institution as soon as possible. The letter informs the recipient to retain $200 - $400 for commission and fees. The remaining amount is to be used to purchase Walmart gift cards or Apple Store Gift Cards. The recipient may even be offered an additional monetary bonus if they complete the task within 24-48 hours because they know the bad check may not be returned within that time period.

Our Contact Center can validate whether or not an Official Check is legitimate, (904) 777-6000.

Equifax Data Security Breach

Equifax Inc., one of the top three U.S. consumer credit reporting agencies, recently announced a data breach with potential impact to 143 million U.S. consumers. In their announcement, Equifax indicated “that criminals exploited a U.S. website application vulnerability to gain access to certain files.” Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017.

According to Equifax, the breached consumer data primarily includes:

Names
Social Security numbers
Birth Dates
Addresses
Driver’s license numbers (in some instances)

Equifax has established the Cybersecurity Incident & Important Consumer Information website, which consumers can access to see if they were impacted by the breach. In addition, Equifax is offering free Identity Theft Protection and Credit File Monitoring to all U.S. consumers that can also be accessed from the Equifax website.

In addition, credit card numbers for approximately 209,000 U.S. consumers and dispute documents with personal identifying information for approximately 182,000 U.S. consumers were part of the Equifax breach.

VyStar recommends that you begin monitoring your accounts and card transactions to ensure fraud has not, or does not, occur. You can conveniently do so by reviewing your VyStar accounts and card transactions online via Internet Banking. VyStar offers several effective fraud prevention services, including our free Alert services and Zero Liability Protection. Please visit our Protection Center or call our Contact Center for more details.

If your VyStar credit or debit card was compromised you will be notified by mail after which a new card will be issued. If you suspect fraudulent activity, please call a VyStar ContactCenter Representative at (904) 777-6000 or 1 (800) 445-6289, option 2. Our Contact Center is open 7 days a week from 7:00 a.m. to 7:00 p.m., excluding holidays.

Video Scam: Using False Routing Numbers to Pay Bills

A video scam claims bills can be paid online using fake routing numbers for a Federal Reserve Bank and other financial institutions, including credit unions. The scam claims electronic payments will be made through secret accounts or Social Security trust accounts in exchange for personal information such as a Social Security number.

These videos are being posted to social media sites, such as YouTube. The video instructs viewers through an online payment system and provided a fake routing number to use to pay bills. These payments are rejected and returned unpaid and can lead to service fees. The personal information entered into the system can be used for identity theft and fraud.

Any video, text, email, phone call, flyer, or website that describes how to pay bills using a Federal Reserve Bank or another financial institution's routing number or secret account is a scam. If you believe you have been a victim of this scam, please contact the VyStar Contact Center, (904) 777-6000, or 1 (800) 445-6289.

Petyawrap Ransomware

A new Ransomware attack being reported in the news called “Petyawrap”, which has very similar characteristics to the WannaCry campaign reported back in May 2017. As we did with WannaCry, we will monitor this event and take action as appropriate.

What is ransomware?

Ransomware is a form of malware (malicious software) that can compromise a computer and encrypt all data on the computer, rendering it unusable. The creators of the malware hold the encryption keys. The computer owner is then asked to pay a “ransom” to remove the encryption and get access to the data.

How does it spread?

The software is normally contained within an attachment to an email that masquerades as something innocent. Once opened it encrypts the hard drive, making it impossible to access or retrieve anything stored on there – such documents, spreadsheets, etc.

What precautions should I take?

Make sure any home computers are updated with the latest Microsoft security patches.
Install anti-virus/anti-malware software on your home computer. Make sure it updates automatically.
Make backups of your data.
Never open email attachments from people you don’t know.

Zeus (aka Zbot) Trojan

Local reports of Zeus have been brought to our attention. Zeus, which was first detected in 2007, is the most widespread and effective banking trojan malware in the world. A banking trojan typically infects a victim’s devices via a malicious email attachment or through an infected website that the victim visits.

Once they take over the device, banking trojans are designed to recognize when the victim is visiting a financial institution’s website. The trojan then captures the victim’s personal information—such as login credentials, PIN number, etc.—using keylogging and other software that allows the criminals to manipulate the website and add seemingly legitimate pop-ups and forms that the victim fills out. Banking trojans can also redirect the victim to a fabricated website that looks deceptively similar to the authentic financial institution website, which dupes the victim into providing their sensitive information and can trigger a second factor authentication code, such as an SMS message. The Zeus trojan, in particular, rose to popularity because it has helped criminals steal hundreds of millions of dollars from its victims’ financial accounts.

Here’s how you can prevent a banking trojan like Zeus from infecting your computer:

Don’t click on links or attachments in emails you did not expect to receive. This also applies to links on social media or texts received on your mobile device/smart phone.
Ensure your computer operating system (Windows 7, 10, etc.) remain patched by setting updates to automatically install.
Turn on Windows Firewall, if available.
Ensure your computer has anti-virus software installed and ensure that it is:
- Set to automatically update with the latest malware definitions
- Set to automatically perform daily scans of your computer

Mobile device users should consider the following tips:

Apple users: Avoid “jailbreaking” your device and install Apple system updates regularly.
Android users: Never immediately install a system update that suddenly appears on your screen. Instead, check the Android blog to see if the update is legitimate. Installation of mobile security software is also essential for Android users.

Holding information hostage

Reports of threatening text messages and phone calls from scammers claiming to have personal information and/or a family member hostage have been reported in the Northeast Florida area. Scammers ask for money or their information will be made public or their family member will be hurt. While some information is of public record, if you receive a call or text of this nature, call the police and report it to the Better Business Bureau using their BBB Scam Tracker. Do not provide the caller money.

'WannaCry' ransomware

In the news today (May 15, 2017) is news of a new cyberattack noted as being the “biggest online extortion attack ever recorded”. Please note that VyStar was not affected by this.

'WannaCry' ransomware attack hit a 'limited number' of US companies representing many different branches of economy over the weekend, Homeland Security officials confirm to Fox News.

Here's what you can do to protect your PC:

Install security patches timely. Set it for automatic downloads and installs.
Keep your anti-virus software up to date.
Always keep a backup of your computer and important files.

Google Docs Scam

A phishing email attack targeting Google users impacted millions across the country. Reports indicate that Google has shut the attack down. The messages can be identified by the recipients section, which show they were sent to “hhhhhhhhhhhhhhh@mailinator.com along with others who were Bcc’d. Delete the message. Do not open it.

If you believe you have been a target of this phishing attack and already opened the email:

Reset your passwords immediately
Refer to these steps on how to revoke Google permissions in Google
Consider notifying your contacts that you were a victim of a phishing attack

Direct Deposit Text Scam

Members have been receiving text messages stating their direct deposits have been suspended. They are being asked to call 805-490-5546 and enter their debit/credit card number. This is not VyStar Credit Union. Do not enter your card number or any other information. Delete the message, do not reply.

Romance Scam

Romance scams involve phony online relationships that deceive the victim into handing over their cash. Here’s how it works: A criminal posts a fake profile and photographs on a dating website or social media platform, posing as someone looking for a relationship. When they find you—their target—on those sites, they engage you in romantic conversations through email, messages or chat sessions. Once they’ve won your trust and you’ve established a long-term online “relationship” with them, the person who claims to be “in love” with you tells you they have a problem and need you to send/receive money or packages on their behalf. Once you agree to push those items from one place to another, you’ve been caught in the money mule web.

Work-From-Home Scheme

Work-from-home schemes are bogus job offers that have been crafted to appear legitimate. You can typically encounter them in spam emails, on job search websites or on social networking sites. In actuality, these “opportunities” are just bait used by fraudsters to excite you and trick you into providing your account details so they can send you a large counterfeit check. (Sometimes no account information is provided; a check is just mailed to you with further instructions.) You’re then asked to transfer that money to a third party, usually located in a foreign country, through a wiring service for a small commission. The criminals may even go as far as inviting you for an interview or asking you to sign an employment contract. You may think you’ve scored the job of a lifetime, but the truth is that you will never get paid. Not only that, but now that your personal information has been stolen, you run the risk of losing money or being arrested.

Card Cracking

“Card cracking,” also known as “card popping,” is a ploy criminals use to target people who are in need of cash and trick them into facilitating fraud. It all starts with what seems to be a harmless post on social media outlets like Instagram, Facebook or Twitter that promises fast cash. After luring you in with the tempting deal, the con artist then fools you into giving them your financial account information, debit card number/PIN or online banking login credentials in exchange for a kickback (i.e., a small portion of illicit profits). They may also direct you to contact your financial institution and advise them that you will be traveling, even if you’re not. The fraudster uses that information to deposit counterfeit checks into your account and allows you to keep a portion of the money. The fraudster then quickly withdraws all the money from your funds before the financial institution catches on to the phony check. You are then forced to call the financial institution and falsely report that your information has been compromised—without mention that you gave the criminal your credentials—and ask that your money be returned, making you an accessory to the crime. Not only that, but you are also now on the hook for the stolen funds and may even be sentenced to time in prison.

Phishing Scheme - Targets W-2s

The Internal Revenue Service (IRS) warns payroll and human resource professionals of an emerging phishing scheme that has already claimed several victims within payroll and human resources departments. This phishing scheme purports to be from company executives (e.g., the chief executive officer) requesting employee payroll data, including W-2 forms and other personally identifiable information. The employees have responded and mistakenly emailed the requested information.

Example fraudulent emails received are as follows:

“Kindly send me the individual 2015 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review.”
“Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary).”
“I want you to send me the list of W-2 copy of employees wage and tax statement for 2015, I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me asap.”

Text Message - Phishing for Debit/Credit Card Information

We have been alerted to a phishing scam. Some of our members have reported receiving a text message from a 410 area code. The text message states this is from the Fraud Department and your credit/debit card information needs to be confirmed due to a possible compromise. Once the call is returned, you're asked to enter your full card number and other card details.

Do not call the phone number or enter your card information. Delete the message, do not reply. VyStar's Fraud Department does not contact members to verify information in this way.

EMV-Chip Email Scam

According to Yahoo! Finance, there are reports of consumers receiving emails offering them an upgrade if their debit or credit cards have not yet had an EMV-chip sent by their credit union or bank. These emails are designed to look like they are from a consumer's financial institution. VyStar Credit Union has not sent an email regarding EMV-chip card upgrades. We will never ask for your card numbers through email. Do not reply with your personal information or click on any links if you receive this type of email.

Text Message Scam

Our members, the Better Business Bureau and news media have reported a text message scam. A text message similar to this is received:

The message asks the person to update information through a link on a website. When clicked, the link appears to be a banking website. Do not enter your internet banking or any other information. Delete the message, do not reply.