Protect Your Identity - Important Security Notice

Blue Chip Federal Credit Union will never email or telephone you requesting your personal or account information. Protect yourself against fraud; never provide personal or financial information such as Check or credit card numbers, PINs, Social Security numbers or passwords to unsolicited phone, email or pop-up website requests. Be sure to check your account information regularly for possible unauthorized transactions. CU Online, our online banking system, is free and available any time and any where there is Internet access.

Be Identity Smart!

Protect yourself from the increasing threat of identity theft and identity fraud. Criminals and fraud artists are perpetually looking for new ways to scam you out of your hard-earned money and reputation. By using common sense and following a few simple security precautions, you can lower your risk of being a victim of this very personal crime.

Here is an example of one of the latest phishing scams

Realistic phish causes a flood of calls
MADISON, Wis. (6/7/06)--Some phishes swimming the web waters are so realistic that even well-informed recipients have trouble distinguishing whether they are legitimate. The Credit Union National Association (CUNA) is alerting readers to one that is especially convincing.

The phish purports to be from CUNA, Visa, and MasterCard. It claims that because of a recent phishing attack and identity theft, CUNA and the card companies have temporarily deactivated the recipient's debit card tied to a credit union account.

It then asks the recipient to "reactivate" the debit card at the CUNA website and specifies separate links depending on whether the card is from Visa or MasterCard. Of course, the phish asks for the card number, a ploy to gather information that possibly could be used for identity theft or fraudulent transactions.

"It's another 'spin' on phishing, and it's convincing enough that we have had a dozen calls this morning from consumers," said Dorothy Steffens, CUNA's vice president of web services, Tuesday. "At least they are beginning to question the messages before they reply," she said.

The phish, addressed to "Dear Credit Union National Association Member," also says there is "no need to call us in response to a phone message we've left in the last three days unless you see any transactions you don't recognize." It then says that if there are problems to call the customer service number on the back of the debit card.

CUNA warns recipients that it would never send an e-mail about a credit card deactivation and would never ask for personal information such as card numbers in an unsolicited e-mail.

Recipients should not click on the links in the message. Instead, they should delete the message.

Latest Scams and Alerts

Phishing Scam
Phishing attacks use ‘spoof’ emails and fraudulent websites to trick individuals into divulging personal information including, but not limited to, usernames and passwords, account numbers, social security numbers, banking information, credit, ATM, and debit card account or PIN numbers, and any other personal information.

These phony emails usually tell or ask potential victims to update or verify sensitive information, in order to update their records, or to keep their account active. There is usually a “sense of urgency” to these emails.

What should you do?

Be suspicious of any email with an urgent request for personal financial information. Blue Chip FCU does not email our membership asking for verification of credit/debit/ATM card numbers, PIN information, mother’s maiden name, social security numbers, or other sensitive information.

Do not use any links associated with such emails.

If you are unsure about an email you have received, contact the company or financial institution directly via telephone. Always use a phone number or website address known to be associated with the company or financial institution. A recent bill or statement is a good place to look. Do not call the phone number contained in the email.

Make sure you are using a secure website when providing personal information over the Internet. The beginning of the web address should be https:// rather than http://. You can also look for the “lock” icon, which indicates that you are transmitting securely.

Report suspicious activity to the Federal Trade Commission, and forward the actual email to uce@ftc.gov.

Identity Theft

When a criminal uses another individual’s personal information to “become” that person, it is known as Identity Theft. It can involve more than the theft or misuse of a Social Security Number. It may also involve credit card and other types of fraud.

What should you do?

Act immediately to minimize the danger to your personal information, including but not limited to, personal funds and financial accounts.

Close all compromised accounts that have been established fraudulently in your name.

Contact the three major credit bureaus:
Equifax: 800.525.6285
Experian: 888.397.3742
Trans Union: 800.680.7289

If you are a victim, and the US Mail is involved, contact the nearest US Postal Inspector’s office. Contact your local law enforcement agency.

If your Social Security Number was used fraudulently, contact the Social Security Administration at 800.269.0271.

Contact the Department of Motor Vehicles (DMV) to see if another driver’s license was issued in your name.

Contact the Federal Trade Commission (FTC) at 877.ID.THEFT (438.4338) or visit their website. If any Blue Chip Federal Central Credit Union accounts are believed to be compromised, call 1(800)782-2328.

Protect Yourself

It is not always possible to secure your personal information 100% of the time. However, if you ask yourself these questions and incorporate the following helpful tips, you may greatly reduce the risk of becoming a victim.

When is the last time I reviewed my credit report?

You should, at a minimum, review your credit report once a year from each of the three credit bureaus. An alternative is to order one report from one of the credit bureaus every 4th month, thus covering all over a one year period. Below are links to the three major credit bureaus:
Equifax
Experian
Trans Union

What about my mail?

Outgoing mail should be dropped off at the US Post Office, or in the slot of a blue metal USPS mailbox. You should not leave bill payments, accepted credit card applications, or other outgoing personal information in an unlocked mailbox for pick up.

Did you call them or did they call you?

Never give out personal information such as your Social Security, credit or debit card number, or mother’s maiden name to anyone over the phone unless YOU initiated the phone call and they have a business related reason to know.

Be suspicious if a company calls you to verify personal information that is already on file with them.

It is not uncommon for thieves to place these types of calls, posing as employees, claiming you have “won” a prize/sweepstakes or “been approved” for a credit card, but then asks you to divulge personal information such as your Social Security Number, credit/debit card number and PIN, or mother’s maiden name. If you receive such a call, do not release any information. Instead, tell them they have called at an inconvenient time and hang up. Then if you are a patron of the company, locate a monthly statement, which contains the phone number for the company and call them yourself to verify if the previous call was legitimate or not.

Who would be interested in my trash?

You may not be a fan of your trash, but thieves are. It’s called “dumpster diving.” Fraudsters actively search through trash bins looking for credit card and loan applications, and any other documents you carelessly threw away, which may contain your Social Security Number, or any other valuable financial information.

You can combat the theft of your personal information by purchasing a cross-cut shredder, and shred all documents or applications that contain any personal information before you place it in the trash.

How can I protect my PIN and passwords?

First, do not write your PIN on your ATM, debit, or credit card. Memorize all PINs. Do not use anything personally associated with you. This includes, but is not limited to your SSN, date of birth, home address, and telephone number, pet’s name, middle name, consecutive numbers, and spouses/significant others name, children’s names or type of car you drive. If possible, create passwords that contain both letters and numbers. Once again, do not use anything personally associated with you.

Possible passwords may include: colors, animals, places, or a statement in which the first letter of each word is used. For example, "My one favorite credit union is Blue Chip FCU" will create the following password: m1fcuibcfcu.

Do I really need to look at my monthly statement?

Yes. All monthly statements, whether received in the mail or electronically, should be reviewed upon receipt. Compare all receipts and drafts clearing for accuracy. To ensure you are not held liable for any loss, report any suspicious transactions immediately.

Also, if you expect to receive paper statements, but they do not arrive, contact the company or organization immediately. It is always wise to know your billing and statement cycles to determine if items are missing or not received in the mail.

What about the Internet?

Be leery of any emails that urgently request you to provide or verify personal information. These emails may contain verbage such as “your account will be closed/cancelled if you do not respond.” Contact the company by phone or by typing the web address directly into your browser to verify its authenticity. Do not use any links associated with the suspicious email.

Consider installing a firewall and anti-virus software, as well as password protecting any files stored on your computer that may contain sensitive information. Make sure you are using a secure website before sending personal information over the Internet.

What other things do I need to think about?

Remember to write down or photocopy the front and back of all credit cards and keep in a secure location. Do the same for all bank and investment accounts.

Do not carry your Social Security Number in your wallet. Take a look at your insurance card; it may contain that number too. Only carry those cards on days when you need them, and then remove promptly.

Have your Social Security and driver’s license number removed if it is printed on your checks. Have check reorders sent to your financial institution instead of an unlocked mailbox and go pick them up.

Limit the number of credit cards you carry with you on a regular basis. Only carry the ones you may need or may need in case of an emergency.

Keep blank checks, as well as voided or cancelled checks in a secure location. Consider utilizing your financial institution’s bill payment service to eliminate the need for checks.

All personal and financial information, as well as any other sensitive information, should be given out, on a need to know basis, and be strict with who needs to know.