Consumer Alerts


General Education

With the advent of the Internet, electronic fraud is increasing day by day. It is important that you, the consumer, be aware of some of the schemes that are being used to obtain your private information without you realizing it!

In order to keep you better informed and provide a means of protection for your valuable personal information, First Federal has listed some important information about scams and protection services we provide.

First Federal will NEVER ask for personal information via e-mail – such as an account number, social security number or personal identification number (PIN). So you should be suspicious of any e-mail, text message or other electronic communication that does, whether it supposedly comes from First Federal or someone else.

When you visit our website you should check the URL at the top of your browser. It should always begin with http://www.firstfedevansville.com/ unless you have selected an option to leave our home site for Internet Banking, New Accounts, Statement retrieval or other services offered on our site.

FDIC Email Alert

The Federal Deposit Insurance Corporation (FDIC) has received numerous reports from consumers who received an e-mail that has the appearance of being sent from the FDIC. The email informs the recipient that “in cooperation with the Department of Homeland Security, federal, state and local governments…” the FDIC has withdrawn deposit insurance from the recipient’s account “due to account activity that violates the Patriot Act.” It further states deposit insurance will remain suspended until identity and account information can be verified using a system called “IDVerify.” If consumers go to the link provided in the e-mail, it is suspected they will be asked for personal or confidential information, or malicious software may be loaded onto the recipient’s computer.

This e-mail is fraudulent. It was not sent by the FDIC. It is an attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media. The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to alert@fdic.gov.

Phishing Scam

There’s a new type of Internet piracy called ‘phishing’ (pronounced ‘fishing’). That’s exactly what’s happening. Internet thieves are ‘phishing’ for your personal account information – account numbers, Social Security numbers, passwords, etc. – so that they can commit fraud and leave you holding the bag. If you understand how it works and take steps to protect yourself, you can help stop this crime.

Here’s how it works:

In a typical case, you’ll receive an e-mail that appears to come from a reputable company that you recognize and do business with, such as your financial institution. In some cases, the e-mail may appear to come from a government agency, including one of the federal financial institution regulatory agencies.

The e-mail will probably warn you of a serious problem that requires immediate action. It may use phrases, such as “Immediate attention required,” or “Please contact us immediately about your account.” The e-mail will then encourage you to click on a button or a web address link to go to the institution’s website.

In a ‘phishing’ scam, you could be redirected to a phony website that may look exactly like the real thing. Sometimes, in fact, it may be the company’s actual website. In those cases, a pop-up window will quickly appear for the purpose of harvesting your financial information.

In either case you may be asked to update your account information or to provide information for verification purposes: your Social Security number, your account number, your password, or the information you use to verify your identity when speaking to a real financial institution, such as your mother’s maiden name or your place of birth.

If you provide the requested information, you may find yourself the victim of identity theft.

FDIC Phishing Alert

E-mail claiming to be from the FDIC – October 26, 2009

The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of a fraudulent e-mail that has the appearance of being sent from the FDIC.

The subject line of the e-mail states: “check your Bank Deposit Insurance Coverage.” The e-mail tells recipients that, “You have received this message because you are a holder of a FDIC-insured bank account. Recently FDIC has officially named the bank you have opened your account with as a failed bank, thus, taking control of its assets.”

The e-mail then asks recipients to “visit the official FDIC website and perform the following steps to check your Deposit Insurance Coverage” (a fraudulent link is provided). It then instructs recipients to “download and open your personal FDIC Insurance File to check your Deposit Insurance Coverage.”

This e-mail and associated website are fraudulent. Recipients should consider the intent of the e-mail as an attempt to collect personal or confidential information, some of which may be used to gain unauthorized access to online banking services or to conduct identity theft.

The FDIC does not issue unsolicited e-mails to consumers. Financial institutions and consumers should NOT follow the link in the fraudulent e-mail.

SMiShing Scam

‘SMiShing’ is a type of social engineering that uses cell phone text messages to persuade victims to provide personal information such as card number, CVV2, and PINs. The test message may contain either a website address or more commonly, a phone number that connects to an automated voice response system, which then asks for personal information. The following are examples of SMiShing messages sent to cardholders:

Text messages originating from either notice@jpecu or message@cccu:

  • ABC CU- has- deactivated-you-Debit_card. To-reactivate-contact:210957XXXX
  • This is an automated message from ABC Bank. Your ATM card has been suspended. To reactivate call urgent at 1-866-215-XXXX

Text message orginating from sms.alert@visa.com

  • sms.alert@visa.com/VISA. (Card Blocked) Alert. For more information please call 1-877-269-XXXX

Although First Federal or its business partners may ask fro personal information to confirm identification such as the cardholders name, date of birth, and/or last four digits of a social security number, we will NEVER ask for CVV2 or a PIN. You should remain alert to any type of communication not initiated by you that requests personal information.

Debit Card Protection

We may be calling you. To protect your account, we monitor your ATM and debit card transactions for potentially fraudulent activity which may include a sudden change in locale (such as when a U.S. issued card is used unexpectedly overseas), a sudden string of costly purchases, or any patter associated with new fraud trends around the world.

If we suspect fraudulent ATM or debit card use, we’ll be calling you to validate the legitimacy of your transactions. Your participation in responding to our call is critical to prevent potential risk and avoid restrictions we may place on the use of your card.

  • Our automated call will ask you to verify recent transaction activity on your card
  • You’ll be able to respond via your touch tone keypad
  • You’ll also be provided a toll-free number to call should you have additional questions

Our goal, quite simply, is to minimize your exposure to risk and the impact of any fraud. To ensure we can continue to reach you whenever potential fraud is detected, please keep us informed of your correct phone number and address at all times.

Identity Theft

Some 500,000 to 700,000 Americans a year are at risk of having their identities stolen, according to government and private sector estimates. Identity theft occurs when someone steals your personal information and uses it to establish credit, borrow money, charge items or eve commit crimes in your name.

While the incidence of Internet identity theft is growing, fraud experts agree that you are still more likely to become a victim of this federal crime by more traditional means, such as improperly discarding credit cards or other financial data.

How To Protect Your Identity

Be diligent in monitoring transaction activity on your account and contact us immediately if you identify any fraudulent transactions. Here are some additional tips on protecting yourself from debit card fraud.

  1. Unless absolutely required for a legitimate business purpose, avoid giving out your:
    • Address and ZIP code
    • Phone number
    • Date of birth
    • Social Security number
    • Card or account number
    • Card expiration date
    • Your PIN is private; never give it out
  2. In stores and at ATMs, always cover your card and PIN and watch for:
    • Cell phone cameras, mirrors or other tools used to view cards and PINs
    • People watching your transaction
    • Cashiers taking your card out of sight; take it to the register yourself
    • Any unusual activity at ATMs; if you feel uncomfortable, go to another ATM
  3. Online, you should never respond to unsolicited e-mails that:
    • Ask you to verify your card or account number; such as e-mails are not sent by legitimate businesses
    • Link to websites; such sites can look legitimate but may collect data or put spy ware on your computer
    • Use only secure sites when making online purchases. Secure pages begin with “https://”
    • Pay for online purchases by credit card to assure you get wheat you paid for and to limit your liability
  4. Additional tips:
    • Before discarding, shred credit cards, ATM receipts and any pre-approved credit offers you have received, but don’t plan to use
    • Check all credit card and bank statements for accuracy
    • Safeguard your SSN, and check Earnings and Benefit statements annually for fraudulent use
If You Become a Victim

If you find you have become a victim of identity theft, immediately take the following actions:

  • File a police report
  • Contact your banker
  • Notify all of those with whom you have a financial relationship
  • Tag accounts closed due to fraud, “Closed at consumer’s request”
  • Notify credit bureau fraud units
  • Establish a password for telephone inquiries on cred card accounts
  • Place a fraud alert statement on your credit report until your case is resolved (free to fraud victims)
  • Report check theft to check verification companies
  • Check the post office for unauthorized change of address requests
  • Follow up contacts with letter and keep copies of all correspondence
Fraud Contacts

Government Agencies

Federal Trade Commission (FTC) – (877) 438-4338

US Postal Inspection Service – (800) 275-8777

Social Security Administration – (800) 269-0271

Order B&E statement – (800) 772-1213

Check Fraud

Check Rite – (800) 766-2748

Chex Systems – (888) 478-6536

Place fraud alert – (800) 526-5380

NPC – (800) 526-5380

Tele-Check – (800) 710-9898

Credit Reporting Agencies

Equifax Consumer Fraud Division – (888) 766-0008

Experian National Consumer Assistance – (888) 397-3742

TransUnion Fraud Victim Assistance – (800) 680-7289

Consumer Assistance Directory

CSC Credit Services, Inc. (Equifax)
PO Box 674402
Houston, TX 77267-4402
(800) 759-5979
http://www.equifax.com/

Experian (formerly TRW)
PO Box 749029
Dallas, TX 75974
(888) 397-3742
http://www.experian.com/

TransUnion Corporation
PO Box 390
Springfield, PA 19064-0390
(800) 916-8800
http://www.transunion.com/

Contact a branch office nearest you for more information.