'Spoofing' fraud is on the rise. Don't fall for it
Shortly after the COVID-19 pandemic began, financial Institutions across the country, including American Airlines Federal Credit Union, began to see a rise in a particular type of fraud known as “spoofing.”
It involves phone calls and text messages that appear to be from your financial institution with the purpose of tricking you into providing personal information, such as complete credit/debit card numbers, card PINs and security codes, online access codes and passwords and Social Security numbers.
The Credit Union does have systems that help detect unauthorized activity on credit and debit cards and those systems do make phone calls and send texts. However, they will not ask for any of information listed above.
We’ve had multiple reports of such potential scams from Credit Union members with calls and texts seeming to come from our 800 number which, if saved in your phone, may only come up in your caller ID as “Credit Union.”
It’s important to remember that if you suspect the identity of the caller or text for any reason, a good rule of thumb is to hang up and call us directly. Don’t use the call-back number on the phone because that may go back to the fraudster.
Protect yourself and remember these helpful hints
1. We will not ask for personal information.
We will not call you and ask you for the following information over the phone or by text: Complete credit/debit card numbers; card PINs and security codes; online access codes and passwords; and Social Security numbers.
2. Check the text message five-digit short code.
Fraud text messages for suspicious credit and debit card activity will only be sent from a five-digit short code 23618 for debit cards, and 72488 for credit cards.
3. We'll never take action on your account.
We’ll never take an action (like logging into your account online for you) for the sole purpose to generate a secure-access code and ask you to read that back us to authenticate you.
4. Never verbally provide secure access codes.
Never verbally provide to anyone secure access codes you generate when logging into your account from a new device, or when adding a credit or debit card into a digital wallet like Apple Pay®, Samsung Pay™, or Google Pay™.
5. If you're unsure a call or text is legitimate, hang up and call us directly.
If you receive communications asking you for that type of information, or you’re unsure if a call or text is legitimate, even it appears to be from our 800-number or a familiar number, hang up and call us at (800) 533-0035 to ensure you are speaking with an authorized Credit Union representative.
6. Update security alert preferences.
Make certain your security alert delivery preferences are up to date and that your contact information is accurate. The default is to email only so add a phone number if you prefer text. Log into online banking and select “Settings” in the left-hand menu. Click on “Account Alerts” and then “Edit Delivery Preferences.”
7. Sign up for push notifications if you're a mobile user.
If you are a mobile user, be sure to sign up for push notifications so you don’t miss important security information. Select “Settings” in the left-hand menu, click on “Push Notifications” and then “Enable.”
Apple Pay and Apple Watch are trademarks of Apple Inc. Samsung Pay is a registered trademark of Samsung Electronics Co. Ltd. Google Pay and Google Play are registered trademarks of Google LLC.