Minimize

Fraudulent Activity Reports

October 13, 2016

Three New Fraud Alerts:

SPC Credit Union in the Hartsville, SC area reports:

 

 

I am attaching a copy of a fraudulent check that was returned to SPC Credit Union.  I thought you would want to share with other Credit Unions in case they are presented with a similar check.  The number at the bottom of the check to call for inquiries is routed to the fraudulent maker of the check who was happy to confirm its’ authenticity.

 

Please direct any questions about a fraudulent item to Tiffany Mixon / Financial Services Manager Office: 843-857-3432 / tmixon@spccu.org

 

Shared Branching Matter Reported:

Image result for CO-OP Shared Branching

 

CO-OP Shared Branching alerting Credit Unions of a recent fraud trend.

 

To sum it up, fraudsters appear to be obtaining member information, such as name, DOB, address, and SSN, primarily through social engineering and using it to obtain account numbers from credit union call centers and shared branching locations. Once the member account information is obtained, fake IDs are created and used to complete large check withdrawals. In some cases, the fraudsters appear to be targeting board members or large dollar accounts.

 

This trend has impacted several credit unions throughout the US.

 

Be careful with individuals requesting a member number if you do not know them.  Make sure you are looking at the picture on the ID we have scanned in.  Also verify that the signature on the withdrawal slip matches the scanned in ID.  If there is no ID present, dig a little deeper.  Ask them the password if a password is present on the account.  Also ask questions that pertain to the specific member account.   For example – if there are loans on the account – ask specific questions like “do you have any loans with us?”,  “what is the payment amount?”, “what is the approximate balance?”.   If it is a fraudster, they aren’t going to have the answers to these questions.   

Non-Client Matter Reported:

September 29, 2016

The Southern Credit Union in the Atlanta, GA area reports:

 

The Southern Credit Union received 2 counterfeit official checks today.  These checks have our routing number and account number on them however do not resemble our official checks. 

 

Both checks were written for an amount close to $1,000. 

 

The counterfeit items do not state “Official Check” on them.  TSCU genuine checks have “Official Check” written on them just above the numeric amount.  These checks also do not contain the language “VOID AFTER 60 DAYS”, which is present on genuine checks.  Genuine TSCU checks also display a column logo in the upper left hand corner of the check.     

 

Please inspect all TSCU checks closely before accepting. 

 

To verify the authenticity of a presented item, please call 770-719-1111 or toll free 800-338-5882 option 0.

 

Please direct any questions about a fraudulent item to Barry Griffin bgriffin@southernonline.org

 at 770-460-3203

or Karen Nix knix@southernonline.org

at 770-460-3231.

September 26, 2016

Veritas Federal Credit Union in the Nashville, TN area reports:

 

I wanted to notify the group of a series of checks labeled “Travelers Check” using the old RTN for 1st Select FCU which merged with Veritas FCU in February of this year.  These fraudulent items are being passed in the northern Kentucky area (what appears to be the outskirts of Cincinnati).  All the items cashed so far have been passed at Publix stores.

The checks are using RTN# 283978616

Credit Union Contact:

Karen Woodall, CFO, CCUE, CUCE

Chief Financial Officer

karen.woodall@veritasfcu.org

One Nissan Way, Franklin, TN. 37067

tf: 855.663.8328     p: 615.786.0452    

f: 615.786.0457       

September 23, 2016

Credit Union of Atlanta Reports:

 

We have received a call this morning from a local (Atlanta) bank which was presented a cashier’s check for deposit. The check was purportedly issued by Atlanta Employees’ Credit Union, with R/T #261071548. Atlanta City Employees’ Credit Union was our former name, and our correct R/T # is 261071140. If you see any checks issued by Atlanta Employee’s Credit Union with the 1548 R/T number, they are counterfeit. Please call us at 404-658-6465 if you have any questions. Thank you very much.

Credit Union Contact:

 

Provided Please call us at 404-658-6465 if you have any questions. Thank you very much.

June 23, 2016

Texans Credit Union Reports:

 

We have seen an old Credit Union Check being used that is fraudulent.

 

It was made out to Ida M Moore for $18,500.00

The account number is 10000020590

Routing number is 311987786

Check number 8976645

 

This is the first one that we have seen but anticipate that there could be more.

 

Please share with other Credit Unions as you feel is appropriate.

 

Credit Union Contact:

 

None Provided

March 14, 2016

Fraudulent Alert 2016 - VII – Wires Transfers and Real Estate Closings

 

A Credit Union in Georgia recently was informed of a serious issue going on with wire fraud. This is a known Scam – ongoing since 2015, but since it is rearing its ugly head – this reminder. The Credit Union asked that I share this so you can spread the word to the proper people as applicable.

 

What / Example: (From an Article via American Land Title Association Website.

 

Title and settlement agents should always be aware of fraudulent email schemes that attempt to divert escrow funds to unauthorized accounts. Now, there’s a new wrinkle in cyber attacks hitting the title and settlement industry. An independent escrow company in Southern California received a “legit-looking” email from a lender confirming two wire instructions for a total of $650,000. Instead of verifying the wire confirmations through the lender’s website, the escrow company took the word of the email.

 

The escrow company then disbursed off the confirmation sending $650,000 to a fraudulent account to a party that didn’t exist. Unfortunately, the email was a fake and the money was never there. One of the wires was recalled. Unfortunately, the second wire was not and the consumer lost $133,000.

 

Title and settlement agents need to know that this can happen to them. When the agent gets a wire confirmation from a lender, they should not disburse until they verify the instructions on their website. Companies need a formalized policy of confirming disbursements online. Agents should call their lender if confirming wires online is not an option.

 

You should revisit your procedures and ensure your disbursal agents are aware of the risk and your procedures – be sure you confirm this in writing from a liability – risk positions.

 

The Recent attempt to Perpetrate this Scam in Georgia:

 

1.   It appears to originate from an email that states “Download your document from Google Drive” or something of that nature. I believe we have had some of these come over.

2.   The next step includes a hack into the email, preferably a mortgage person, lender, or attorney which gives access to people sending out Wire instructions or even simply Closing Disclosures identifying emails of people in the transaction.

3.   The hacker will then send or change wire instructions to the account of their choice from the email they hacked. The agent never really knows the issue until the money has been sent and taken by the hacker. Generally the fail point happens when the funds for close are not there.

4.   There have also been reports of hackers calling in, referencing the borrower and stating they are from BBT or whomever and sending in new wire instructions.

 

The sharing Credit Union on this one asked to remain anonymous, but if you feel a need to talk I will inquire into whether they might wish to consider private discussion.

March 11, 2016

Chaco Credit Union Reports:

 

We have had a rash of fraudulent cashier checks being issued around the country in Chaco’s name.  The checks do use our log, they have our CEO’s signature.   The dollar amounts were ranging between $2,000-$4,000 until two days ago when we saw one for $87,000.00 that attempted to clear.

 

Why are they receiving the checks:

 

Some for vehicle purchases, some for work (people contacted via email work scam), we had one made payable to a municipality for a bill of some sort.  The most common answer has been that they are either selling something on craigslist or applying for a position on the web and when they receive the check they are being told they accidently sent to much for them to send this amount back them but all of them have to do with craigslist that I have received.

 

Credit Union Contact:

 

Bridget Pate

Operations Manager

Phone: (513) 785-3549

Pate@chacocu.org

Or General Number: 513.785.3500

March 11, 2016

SAFE Hit By Phishing Scam

 

SAFE FCU Reports:

 

SAFE was targeted with several phishing emails this morning.  (Contact Greg if you wish to receive a safe screenshot of the emails).  The attachment is safe and you may open it to view the screenshot of the emails.  Look at the times that we received the messages (4AM EST).  That is a HUGE clue that these are suspicious! It appears these emails originated from Islamabad, Pakistan and not AMAZON!

 

Credit Union Contact: If anyone else is seeing something similar I would love to talk to them as well:

Robert “Greg” Harris, NCCO, CUERME

Enterprise Risk Director

SAFE Federal Credit Union

GHarris@safefed.org

Mobile: (803) 305-5303

Phone: (803) 469-8600 Ext. 2296

Toll Free: 1-800-763-8600 Ext. 2296

January 27, 2016

Georgetown Kraft Credit Union

 

Georgetown Kraft Credit Union reports that it’s Cashier’s Checks have been counterfeited.

 

We have been receiving calls from across the country trying to verify funds on checks involved with a “Secret Shopper” program.  Below you will see a copy the check and letter being mailed as part of a “Secret Shopper” program. So far, all checks verified have been for $2,455.00 and are signed by “Terrance W. Leis”. Terrance W. Leis is not the official signer of our cashier’s checks. Under the check number there should be a duplicate. The wording on the top of the check “THIS DOCUMENT HAS A COLORED BACKGROUND AND HIGH RESOLUTION BORDER. THE REVERSE SIDE OF THIS DOCUMENT HAS ARTIFICIAL WATERMARK.”

Our checks do not have this wording.  If you receive a check and would like to verify it please contact Elizabeth or Alexa at 1-843-546-8494. Elizabeth extension 6919 Alexa extension 6310.

Also, feel free to scan and email one of us a copy of the check along with any additional information you may have to eowens@gkcu.org or ajenkins@gkcu.org.

 

January 26, 2016

River Valley Federal Credit Union

 

River Valley Reports that its Cashier Checks have been counterfeited.  

 

We have received calls from Texas and Michigan so far. We have only seen one check that was scanned to us and then one picture of a check taken with a cell phone. One person received secret shopper instructions with the check. The two checks we have seen have the name Marc Kaufman in the memo line. The only difference we can see in the counterfeit checks compared to our actual checks is at the top they say WARNING: THIS DOCUMENT HAS SECURITY FEATURES IN THE PAPER. Our checks do not have this wording. It also appears the checks are blue. We do have one branch that issues blue checks but not all of our checks are blue.

 

So far, both checks we are aware of were for $1909.98 but obviously the amount could vary. Check numbers used so far are 93830 and 93834. These are actual check numbers that have already cleared so the crooks know about where we are with check numbers. Needless to say we do have good checks out there in this series of numbers. If you receive a check and would like to verify it please contact Carrie or René at 800-798-0217 Carrie x2274 René x2236.

 

Also, feel free to scan and email one of us a copy of the check along with any additional information you may have to cpoynter@rivervalleycu.org or rgindelberger@rivervalleycu.org.

January 1, 2016

Associated Credit Union

 

Associated in Georgia  Reports that has become aware that there are some counterfeit Official Checks being presented.  We have not seen and original so we cannot say much about how the look.  However,  the manner in which the amount appears is different.  Our legitimate checks use all CAPS and have a dark box with the written amount in white text with the word EXACTLY. 

 

*** ONE HUNDRED DOLLARS AND 00 CENTS ***

 

EXACTLY 100 dols 00 cts

 

The counterfeit checks do not have this dark box.  The just have

 

***** One Hundred Dollars and 00/100*****

 

The other difference is the wording of the security features across the top.

 

Our check say

 

THIS CHECK IS PROTECTED BY A VOID PANTOGRAPH WITH A HEAT SENSITIVE PADLOCK ICON AND PRINTED ON WATERMARK PAPER CONTAINING FLUORESCENT FIBERS

 

Counterfeit Checks say

 

THIS DOCUMENT HAS A COLORED BACKGROUND AND MICROPRINTING. THE REVERSE SIDE INCLUDES AN ARTIFICIAL WATERMARK

 

Additionally, the counterfeit checks so far have shown either April Forster or  Baffy Solima as the Remitter.

 

Credit Union Contact:  Please feel free to contact the Credit Union to verify checks.  If you have any questions, please feel free to contact Harold J. Carney, Compliance Officer at : 770.326.7311 or via email at hcarney@acuonline.org

 

 

 

     
Terms Of Use |  Privacy Statement
Copyright 2016 by Sherpy & Jones, P.A.