Information About Fraud & Identity Theft

Print

Identity theft occurs when your personal information such as Social Security Number or financial information is stolen. Thieves using your information may commit fraud which potentially damages your credit record.

If you suspect you are the victim of fraud or that your identity has been stolen to be used in fraud, you should report it immediately to Provident at (800) 632-4600.

How Fraud & Identity Theft Occurs 

Common examples include fraud resulting in unauthorized use of your credit card or phone, fraud to access your financial accounts to withdraw or transfer funds, loan fraud where someone applies for a loan in your name, and even assumption of your identity by criminals when they get arrested. Identity theft is not limited to online crimes. Other common ways thieves may steal your information include:

  • Listening to you give your credit card number over the phone in public places,
  • Watching over your shoulder as you enter your credit card number, password, or PIN,
  • Stealing your mail or going through your garbage for receipts and financial or credit card statements.

Some broad categories of attacks that are commonly used for ID Theft include:

Malware

Malware, short for "malicious software," is software designed to damage computer systems and may be used to steal personal information. It includes viruses (self replicating computer code that can spread from one computer to another), spyware (software that silently transmits your private information whenever you run it), and trojan programs (software that is useful in some way, but also contains a secret payload of spyware or viruses). Malware can be distributed to your computer from file sharing or social networking sites. Opening attachments or using free software from unknown or untrusted sources may result in the download of malware to your computer. You can help protect your computer from malware by keeping your security software, system software, and browser software up to date.

Phishing

Phishing is a term used to describe ways to trick you into revealing your private information or sign on credentials, in order to use it for identity theft or credit card fraud. For instance, you may receive a phony e-mail that looks like it is from Provident Credit Union. This e-mail may ask you to go to a Web site that also looks like a Provident Credit Union Web site and request you enter your personal account information. Or it may ask you to call a phone number and provide personal information. Because of this, you should always maintain a healthy amount of skepticism when receiving a phone call, text-message, or an unexpected e-mail claiming to be from Provident, and asking for you to reply with private information or account numbers, or to click a link to sign on. The "from" address on an e-mail can be easily faked, and realistic-looking links can lead to sites other than what they say, where fraudsters can set up modified copies of Provident Web content. Also be wary of e-mails and Web sites with typos and other grammatical errors, as poor proofreading and/or poor English skills are often a hallmark of phishing.

To protect against phishing and spoofing:

  • Do not click on links or reply to suspicious e-mail, delete it. If it uses Provident Credit Union's name, please forward it to HelpDesk2@providentcu.org, so that we can be aware of it.
  • Ensure your security image with the correct phrase is displayed before entering your online banking password.
  • Enter or paste in the Provident Web site address yourself (providentcu.org), or use a previously saved bookmark or favorite.

For more details on phishing and how to protect yourself against phishing scams, see our article, About Fake E-Mails & Phishing, and visit the Anti-Phishing Working Group Consumer Advice page and the United States Computer Emergency Readiness Team  (US-CERT), a partnership between the U.S. Department of Homeland Security and the public and private sectors.

Vishing/SMiShing

Vishing (short for "Voice Phishing") uses the phone to call and leave an automated recording saying that they are Provident Credit Union, and requesting a call back so you can update your personal information (or some other excuse). They can even fake the Caller ID to make themselves appear to be Provident. But the telephone number they leave is not Provident's, and if you call it you will be talking to someone trying to get you to reveal credit card numbers or other valuable information. Criminals may follow-up after leaving a message with an e-mail or text message that may also appear to be from Provident. Do not provide any information unless you have contacted Provident Credit Union at one of our published numbers. Provident's main number is (800) 632-4600.

SMiShing (short for "SMS-Phishing") is a phishing attack via an SMS text message. A text message is sent trying to trick you into replying with financial or personal information or may include links that include a virus. To prevent damage from SMiShing, ignore or delete text messages that request personal or financial information, or verify the phone number in the text message is Provident Credit Union's phone number as listed on our Web site.

Fraud & ID Theft Prevention 

The following fraud prevention tips can help prevent you from becoming the next victim of fraud and Identify theft:

  • Social Security number should only be provided if you have initiated the contact and following confirmation of business identity.
  • Passwords or Personal Identification Numbers (PINs) should not include partial or complete Social Security numbers.
  • Ensure any Web site requesting your Social Security number is encrypted and understand how the recipient will protect the information.
  • Unless required by law, do not write or print your Social Security number or Driver's License Number on checks or gift certificates.
  • Be aware and cautious of your surroundings when disclosing your Social Security number or Driver's License Number
  • Limit personal information printed on checks or elsewhere, to reduce chance of theft.
  • Use e-Statements (see our article, Identity Theft: Reduce the Risk by Using Provident's Online Services).
  • View checks online (in online banking, click on the check icon next to the transaction description on the History page).
  • Check receipts against your online monthly billing or account statements to verify all of your transactions.
  • Deposit funds using a direct deposit solution. It reduces the number of pieces of paper that can be stolen or viewed by others.
  • Sign the signature panel on your credit cards and debit cards as soon as you receive them, so that a thief cannot just sign them instead.
  • Keep a list of all your card account numbers and telephone numbers to call if cards are ever lost or stolen
  • Use ATMs with surveillance cameras and be aware of people and your surroundings
  • Secure your card and cash immediately before exiting an ATM area
  • Stay current with operating system security patches and Web browser updates. Free updates can be found here: Firefox, Safari, Chrome, Internet Explorer, Windows Updates, Mac OS Updates
  • Update your computer with anti-virus and anti-spyware protection.
  • Implement a firewall solution to prevent unauthorized access to your computer.

Be sure to also check out our article, Ten Simple Things You Can Do to Fight Fraud.

If You've Been Victimized 

If you suspect your identity has been stolen, you should notify Provident Credit Union immediately at (800) 632-4600, so we can close any accounts that may have been tampered with. Also:

  • Notify the three major credit bureaus listed below and place a fraud alert on your credit file. Monitor your credit report to identify any unauthorized activity
  • File a complaint with the FTC (Federal Trade Commission). They maintain a database of identity theft cases used by law enforcement agencies for investigations.
  • File a police report and keep copies for creditors.

More information about identity theft can be found at the US Department of Justice site, the Identity Theft Resource Center, and the FTC's Identity Theft Site.