Routing Number: 307070050
Search Our Site
Type a word or phrase in the search field below. If you are unable to find the information you are looking for, please contact us.
Kirtland Federal Credit Union logo

Welcome To The Insighter!

Explore the latest happenings at Kirtland FCU and learn about important topics from around the financial world. Here’s your insight!

All Posts > Fraud

Security Fraud

When it comes to the risk of identity theft, death isn’t the end—it can often be the beginning.

It’s called ghosting, according to the AARP, and every year, the estates of 2.5 million deceased individuals are victimized by this form of identity theft.

Ghosting is a form of digital grave robbing. Using the personal information of a deceased individual, a thief can do a lot of damage before the deceased’s family even notices something is amiss. This is because it can take six months for financial institutions and credit-reporting bureaus to receive, share, or register death records. And since the dead don’t monitor their own credit, and it’s likely their family isn’t monitoring it either, a thief often has an extended period of time to commit further fraud.

Most often, a thief will randomly choose a Social Security number (not a targeted attack), but often ghosting is a crime of opportunity. Nearly 800,000 of those 2.5 million victims each year represent targeted attacks.

Thieves can glean personal information from obituaries, hospitals and funeral homes—information like birth date, home address, and full name. And with those pieces of information, a thief may be able to purchase the deceased’s Social Security number illicitly online.

In many instances, thieves will use the information they’ve gained to file tax returns under the identity of the dead and collect refunds. In fact, in 2011, the IRS paid out $5.2 billion in fraudulent returns.

While surviving family members are not responsible for fraudulent charges and tax filings, a thief can leave quite a mess to untangle in a loved one’s estate.

  • Don’t list specific birth dates, maiden name, or other personal identifiers in the obituary.
  • Don’t publish home addresses within the obituary. Thieves have even been known to plan home burglaries for the time of the funeral.
  • Use certified mail with “return receipt” to send copies of the death certificate to each credit reporting agency (Equifax, Experian, and TransUnion) and ask them to place a “deceased alert” on the credit report. Certificates should also be sent to banks, insurers, brokerages, credit card companies, and mortgage companies where the deceased held an account. For join accounts, request the deceased’s name be removed.
  • Report the death to Social Security by calling 1-800-772-1213
  • Contact the state department of motor vehicles to cancel their driver license (to prevent duplicates from being issues to a thief)
  • Monitor the deceased’s credit with AnnualCreditReport.com.  It’s free!
  • Let your loved one’s credit union or bank know as soon as possible! Kirtland FCU can help prevent a fraudster from calling in and doing business as a deceased individual if we’re aware of the passing.
In the midst of grief, protecting a loved one’s identity may be the last thing on a family’s mind. But adding these simple steps to the handling of an estate can help you avoid a lot of headaches and frustration.

Security Fraud

What do you picture when you think of a “money mule”?
Literal interpretations aside, a money mule is a person who is used to transfer and launder illegally acquired money or merchandise (i.e. stolen!) on behalf of or at the direction of another. If you’re a fan of the popular Orange Is The New Black series, you seen an up-close dramatization of a money mule scheme when the main character unwittingly carries drug money onto an international flight.
But unlike in the hit series, you don’t have to be in a foreign country to play a money mule role—in fact, you don’t ever have to meet the criminal in person. In this high-tech world, a cyber actor can enter through your computer and, with the right leverage, persuade you to act illegally on their behalf.
The FBI recently issued a warning about this particular brand of confidence/romance fraud. Through online dating sites, a criminal finds a mark and begins to build a relationship, to create trust. And leaning on that trust, the cyber actor convinces the mark to open accounts under the guise of sending or receiving funds. If the account is flagged by the financial institution, the cyber actor will either direct the victim to open a new account or choose a new mark and begin again.

In other situations, the fraudster claims to be a European citizen or an American living abroad. After a few months of developing trust, the actor will tell the victim about a lucrative business opportunity.
“There are investors willing to fund the project!” says the criminal. “But they need a U.S. bank account to receive funds, and you can help!”
The victim is asked to open a bank account or register a limited liability company in the victim’s name and then to receive and send money from that account to other accounts controlled by the fraudster.

Dating sites are popular fishing spots for victims due to the inherent emotional risks that a victim is willing to take. And this isn’t a small scam: in fact, in 2018, the IC3 (Internet Crime Complaint Center) received reports from 18,000 people who claimed to have become victims of confidence/romance fraud. The aggregate losses reached $362 million – an increase of more than 70 percent from 2017.


The following are warning signs that you’re being targeted in a money mule scam:
  •  A false profile picture. Online dating sites require a profile picture, and most criminals do not use their own faces. You can check where else the image is being used online by running a reverse image check. A photo that appears on several other sites or is tied to older fraud scams is a big red flag. To run a search:  
    • Right click on the image and select “Search for image.”
    • Right click again and select “Save image as” to save the photo to your device.
    • Using a search engine, choose the small camera icon to upload the saved image into the search engine.
  • Inconsistent facts. Most dating sites, while monitoring account activity and investigating complaints, do not conduct background checks for registered accounts. Anyone using a dating site can misrepresent themselves. Grandiose stories, vague answers, and inconsistencies should not be ignored.
  • Immediate attempts to talk or chat outside of the dating site.
  • Claims that your meeting was “destiny” or “fate”. This kind of language could be classic grooming behavior.
  • Contact who claims to be currently living, working, or traveling abroad. This includes stories of military service.
  • A request is made for assistance with personal financial or shipping transactions. Criminals may also report a sudden personal crisis in an attempt to justify the request.
No matter the red flags you see, the FBI advises that you NEVER:
  • Send money to someone you meet online, especially by wire transfer.
  • Provide credit card numbers or bank account information without verifying the recipient’s identity.
  • Share your Social Security number or other personally identifiable information that can be used to access your accounts with someone who does not need to know this information.

Do you suspect you’ve been targeted by a criminal for assistance with illegal activities?
If you think you’ve been scammed, there’s no reason to be embarrassed— this scam takes advantage of your trust and willingness to help. But it’s important to take steps to limit damage and make sure the scam is reported
  • Discontinue contact with the criminal and cease any requested activities.
  • Report the activity to the Internet Crime Complaint Center, your local FBI field office, or both. Contact IC3. Local FBI field offices can be found online.
  • Contact your financial institution immediately upon discovering any fraudulent or suspicious activity and direct them to stop or reverse the transactions.
  • Ask your financial institution to contact the corresponding financial institution where the fraudulent or suspicious transfer was sent.
  • Report the activity to the website where the contact was first initiated.
It can be difficult to say no to someone you trust. But knowing the signs of this scam and how to react can save you a lot of heartbreak

Security Fraud

How much of your life is on your phone? If you’re like many Americans nowadays, the answer is, “Most of it!”.

It’s more than texts and games; our phones give us access to our financial accounts, social media pages, personal and work e-mails, photos, music, credit and debit card information, and more. And it’s all locked away by nothing more than a few digits you type to unlock your phone.

Thanks to the ease of password storage and “Remember Me” boxes, access to the most important aspects of our lives is easy and convenient. But what if your phone was no longer in your control? What if, one day, your service dropped without explanation and your social media, e-mail and even financial accounts were suddenly out of your control. This isn’t a doomsday scenario—it’s called the SIM-Swap Attack, and it’s ruining lives.


The SIM-Swap Attack is named for the small chip inside your phone that is tied to your phone number—your SIM card. SIM cards make it easy to transport phone numbers (as you would do when you upgrade your device). But this transportability is being exploited.

This cell phone hack delivers gold for a thief who is able to pull it off. He approaches your carrier (T-Mobile, Sprint, etc.) with a few pieces of your personal information and convinces an employee to transfer your phone number to his own device (a port). Once the transfer happens, he uses his newly activated device to break into your connected accounts—social media, e-mail, banking, and more. He changes the logins for the accounts to lock you out and then goes through his newly-won treasure trove in search of things of value (like your Paypal or financial accounts).

The features you use to make logging into these connected accounts a breeze form a paper-thin barrier between a thief and your information. And regaining access to your e-mail and social media accounts may prove impossible. At the very least, the paperwork and hoops may seem unending.

Practice fraud prevention
Keeping your personal information secure is essential. Without those pieces of personal information—such as your birth date, social security number, and address—a thief has little ability to initiate a port of your phone number. 

PIN it
Every cell carrier offers the option to put a PIN on your account: a secret passphrase the carrier will request anytime a request is made to make changes to your account or activate a new phone. Ask your carrier how to set a PIN on your account – and be sure not to use the same PIN that unlocks your phone.

Don’t save passwords
It’s tempting to have your phone save your login information so you don’t have to enter it each time you open an app. But doing so removes the strongest lock you have against an intruder. And once inside an app, a thief can change your passwords and then the one who is locked out is YOU. Using a quality PAID password manager makes this simple. Why is paid important? Because if you’re not paying for a service, it’s because YOUR INFORMATION is their product. Keepass or Dashlane are reputable options that can really simplify managing passwords.

Don’t rely on normal two-factor authentication
Most two-factor authentication is performed via SMS (texting). But this isn’t a barrier for a thief who already has full control of your phone number. DO use two-factor authentication (it does help!), but make sure that the authentications come to an e-mail account or phone number that is not associated with your phone. Or, use an authentication app instead. Google Authenticator (available in your app store) and Authy offer an extra layer of security by tying the two-factor authentication to your physical device rather than to your phone number. There are also physical authentication methods like Yubikey—literally a key that you plug into the USB port or touch to your phone to verify your identity.

Monitor your accounts frequently
If you notice unusual activity on your phone or your accounts, follow up. Catching the theft early may not prevent damage, but the longer a thief is in control, the more damage he can do.

Remember that convenient for you equals convenient to the people who want your assets, too. Don’t be an easy target!

Security Fraud

You’re searching for a new job when you come across a posting on social media that seems perfect! All you have to do is front the money for training and supplies. Is it legit? Probably not!

Jobs that seem too good to be true usually are. But how can you tell the difference between a legitimate job posting and a bait posting? Location of the posting may not matter since scammers advertise jobs where legitimate employers do — online, in newspapers, and even on TV and radio. Here are three ways to tell whether a job lead may be a scam:
  1. You need to pay to get the job - They may say they’ve got a job waiting or guarantee to place you in a position. You just need to pay a fee for certification, training materials, or their expenses placing you with a company. But after you pay, the job doesn’t materialize. Employers and employment firms shouldn’t ask you to pay for the promise of a job.
  2. You need to supply your credit card or bank account information - Don't give out your credit card or bank account information over the phone to ANY company unless you're familiar with them and have agreed to pay for something. Anyone who has your account information can use it. And legitimate companies won’t ask for this information from a job prospect.
  3. The ad is for "previously undisclosed" federal government jobs - Information about available federal jobs is free. And all federal positions are announced to the public on usajobs.gov. Don’t believe anyone who promises you a federal or postal job.
Still not sure if you’re looking at a legitimate job offer? Check for complaints!

Your local consumer protection agencystate Attorney General's Office, and the Better Business Bureau can tell you whether any complaints have been filed about a company. Just keep in mind that a lack of complaints doesn’t mean the business is on the up-and-up. You may want to do an internet search with the name of the company and words like review, scam, or complaint. Look through several pages of search results. And check out articles about the company in newspapers, magazines, or online, as well.


You’ve read the many resume and interview tips from respected sources available for free online and scoured online job boards and newspaper classifieds. Some other places to look for leads in your job search include:
  • CareerOneStop - Sponsored by the U.S. Department of Labor, CareerOneStop lists hundreds of thousands of jobs. It also links to employment and training programs in each state, including programs for people with disabilities, minorities, older workers, veterans, welfare recipients, and young people. For federal jobs, all open federal positions are announced to the public on usajobs.gov.
  • State and county offices - Your state’s Department of Labor may have job listings or be able to point you to local job offices that offer counseling and referrals. Local and county human resources offices provide some placement assistance, too. They can give you the names of other groups that may be helpful, such as labor unions or federally-funded vocational programs.
  • College career service offices - Whether it’s a four-year university or community college, see what help yours can offer. If you’re not a current or former student, some still may let you look at their job listings.
If you’ve been targeted by a job scam, file a complaint with the FTC.

For problems with an employment-service firm, contact the appropriate state licensing board (if these firms must be licensed in your state), your state Attorney General, and your local consumer protection agency.

To learn about credit and background checks when you’re looking for a job, read What to Know When You Look For a Job.

And remember: if it sounds too good to be true? It probably is. Happy (job) hunting!

Security Fraud

Have you received a phishing e-mail? Odds are, you have!
Phishing e-mails are e-mails built to look like an official e-mail from an official company. Are you sure that e-mail from UPS is actually from UPS? (Or Costco, BestBuy, or another of the myriad unsolicited emails you receive every day?) Companies and individuals are often targeted by cyber criminals via e-mails designed to look like they came from a legitimate bank, government agency, social networking site, or organization.

Like this one, designed to look like an alert from Netflix:

These fake e-mails often tell a story to trick you into clicking on a link or opening an attachment. These stories are designed to create a sense of urgency or may dangle some other type of bait.

These fake e-mails often tell a story to trick you into clicking on a link or opening an attachment. These stories are designed to create a sense of urgency or may dangle some other type of bait.

Once you’ve clicked—taken the “bait”—the scammer may continue the attack by asking you to enter personal or account information, providing a login screen that captures your login information, or by launching/downloading a virus or malware to your device or computer.

So, how can you tell if an e-mail is legitimate? It can be difficult to tell; a good phishing e-mail will use a name and logo you already trust. But phishing e-mails also:
  • Use generic greetings. Examples include “Dear Netflix Customer” or “Hi” with no personalization. In the Netflix example, the generic greeting is simply “Dear”. If you do business with Netflix, odds are that any e-mail regarding your account will have your name on it.
  • Impart a sense of urgency. They may tell you that your account is on hold or suspended until you update account information.
  • Offers links or asks you to click in the e-mail to proceed.
  • Have improper grammar, punctuation, and spelling. Not all phishing e-mails have formatting and grammar issues, but many do. If you spot an issue, you should be very suspicious.
  • May be from a company with whom you have no business. This may be the biggest red flag of all. If you don’t have an account with Netflix, you should never receive e-mail from them.
  • May have a domain that doesn’t match the official company address. Instead of @Netflix.com, the domain may look like @NetflixCustomers.net or some similar play on the company name.
Already clicked on an e-mail like this? It happens! The goal now is to mitigate your risk. If you have clicked on a suspected phishing e-mail and think the scammer has your personal information, visit IdentityTheft.gov to see the specific steps to take based on the information you lost. If you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer’s security software and then run a security scan.

Remember, a legitimate business will never request sensitive information via e-mail. If you’re suspicious, follow up with the company yourself, outside of the suspicious e-mail. 


Security Fraud

It’s an exciting time. You’re getting ready to close the mortgage on a new home! Don’t let a scammer take it all away.

Anyone who has bought a house knows the vast amount of communication that is required between multiple parties. And if you’re a first-time homebuyer, you’re discovering this first-hand. Documents must be signed, wire payments arranged, and e-mail is a common channel for these types of quick communications with the multiple companies that can be involved in a single closing. Between 2015 and 2017, reports of a sophisticated scam involving these companies and homebuyers, primarily through e-mail, have increased 1,100 percent.

How it works:
The scam begins when a thief gains access to an e-mail account of one of these legitimate real estate, title, or lending companies through hacking. Once inside the e-mail account, they have access to all communication between buyers, sellers, agents, title companies, and lenders. The thief can see scheduled closing dates, and they now have access to private financial information regarding the sales.

Using this information, the thief chooses a sale that is approaching its closing date. The thief creates an e-mail that appears identical to one from the legitimate company. That e-mail is then sent to the buyer at the last minute, changing the payment information for the closing funds to the thief’s wire destination. If this information is followed and the money sent to the scammer’s new destination, the buyer will often have no idea anything has gone wrong until they are contacted by one of the companies asking about the missing payment. Meanwhile, the thief will move the funds and move on, before anyone is the wiser.

In some cases, victims have sent their intended closing costs or even the full payment for their new house to these fraudulent wire accounts. In 2017 alone, there was an estimated loss of nearly $1 billion in real estate transaction costs resulting from this scam. And the buyer is on the line for the lost funds—there is often little to no recourse for victims of this scam. Therefore, avoiding it is paramount.
  • Identify two trusted individuals to confirm the closing process and payment instructions. Ahead of your mortgage closing, discuss in person, or by phone, the closing process and money transfer protocols with these trusted individuals (realtor, settlement agent, etc.). Be cautious about exchanging any details about your closing over e-mail. You may want to use this opportunity to also create a code phrase, known only by these trusted parties, if you need a secure way to confirm their identities in the future. 
  • Write down their names and contact information. 
  • Before wiring money, always confirm instructions with your trusted representatives. Never follow instructions contained in an e-mail. Verify the closing instructions, including the account name and number, with your trusted representatives either in person or by using the phone number you previously agreed to.
  • Avoid using phone numbers or links in an e-mail. Again, scammers can closely replicate the email address, phone number and format of an exchange from your agents. Avoid clicking on any links or downloading attachments without first confirming with your trusted representatives.
  • Do NOT e-mail financial information. E-mail is never a secure way to send financial information. 
  • Be mindful of phone conversations. It may be difficult to identify whether a phone call is fraudulent or legitimate. Scammers may call and ask you to verify your personal or financial information. When in doubt, always initiate a call back to your trusted professionals to confirm whether it’s legitimate. 

What if you become a victim?

  • Contact your bank or wire-transfer company immediately. Ask for a wire recall. Reporting the error as soon as possible can increase the likelihood that you’ll be able to recover your money.
  • File a complaint with the FBI. Contact the FBI’s Internet Crime Complaint Center at www.ic3.gov .
When it comes to this scam, the low-tech option may be the best option. Hand-delivered cashier’s checks are often a more secure way to physically make a payment during the closing process.

At the Kirtland FCU Home Loan Center, the mortgage team maintains close relationships with their members and other companies in the mortgage process, which reduces the likelihood of this scam striking their members.

“This is one of the best parts of our dedication to relationships with our clients, and our local presence,” said Kris Jones, Vice-President, Mortgage. “Our members know us and know we’re right here, right now, for any questions like this. There are no long waits in a phone tree, no faceless representatives when they have concerns.”

And when a member already has their savings and/or checking accounts at Kirtland FCU, payment transfers are handled directly by the mortgage professionals without members needing to lift a finger (except to sign the final papers).
Remember, when you’re getting ready to close on a home, make sure you’re talking to the right people. Come see the mortgage experts at Kirtland FCU’s Home Loan Center.

Learn more about Kirtland FCU’s mortgage and home loan programs now!


Security Fraud

Paper. Paper everywhere.
No one wants to keep all the random bits of paper they gather during the day in the form of receipts, forms, and other evidence of daily life. Add that to the barrage of daily mail, including banking statements and junk mail, and you would have quite a mess on your hands.
Many of us savers DO save everything for simple lack of knowledge about our other options. The savvy financial mind that you are, you know some of those documents would be damaging in the wrong hands. But what about the papers you think are safe to throw away? Should you shred all your documents? How long should you hold onto other documents?

Turns out, the Federal Trade Commission has a few opinions on the matter, and their advice can help you make sense of all that paper—its importance and (even better!) what do with each piece to keep you and your family safe from fraud and identity theft.
Did you know that up to 88% of all identity theft begins with information recovered from the trash or a recycle bin? Following a few simple rules-of-thumb, you can reduce the likelihood you’ll become a victim of identity theft and fraud.

Get yourself a shredder (or keep an eye out for a free shred event from a local business). Shredders are fairly inexpensive and allow you to quickly destroy important documents.

STEP 2: 
Switch to e-Statements and opt into as many digital bills, payments, and receipts as you can. Contact your individual utility companies and financial institutions to ask about paperless options and autopay. Many stores also offer the option to have your receipt e-mailed to you instead of printed, so take advantage! A thief can’t steal out of your mailbox or trash what is never there to begin with. Leave the pizza coupons for the thieves—your account and financial information can be safely hidden behind a password, out of reach. It’s easy and FREE to sign up for Kirtland FCU e-Statements! 

So, you’ve reduced the amount of paper coming in your mail or collecting in your house. But what of the junk mail, the receipts, the bills, and other documents with personal information on it? Should you keep it, shred it, or toss? Turns out, it could be a combination of these options depending on the specific document, according to the Federal Trade Commission.

And remember, even pieces of unsolicited (junk) mail may have identifying information—particularly pre-screened credit offers. Just to be safe, you should consider shredding these pieces. Practice basic account security—read more here—and sign up for account alerts with Kirtland FCU and any other financial institution with which you have a relationship. Catching unusual activity early is key to limiting losses should your identity be stolen. 

Source: Federal Trade Commission (Consumer.ftc.gov)

Security Fraud

Identity fraud. It’s the intangible crime that strikes at the heart of your financial well-being, and it’s happening at record levels.

Javelin Strategy & Research began tracking identity fraud in 2003, and the results of their 2016 study found that despite the efforts of the industry, fraudsters successfully adapted to net two million more victims in 2016 with the amount fraudsters took rising by nearly one billion dollars to $16 billion.

What can you do to protect yourself?

Following these smart tips can reduce your likelihood of falling prey to an identity thief. 

Being able to follow your account activity in nearly real-time speed allows you to detect an issue early so you can take action to limit losses. Check your accounts often for cleared transactions, pending transactions, scheduled transfers, and any unusual account activity. 

Text and e-mail alerts are available through the Kirtland FCU Online and Mobile banking systems. Be sure to turn them on to receive alerts in response to a variety of triggers including unusual account activity and low balances. 

You use a password to access your account online; set one for your phone interactions with Kirtland FCU, too! A code word adds an extra layer of security for your accounts. Should your personal information fall into the wrong hands and a thief attempt to use it to gain access to your Kirtland FCU account, they’ll be unable to without your personal code word. Anyone calling to do business on your account OR as a signer on your account will be asked for the code word before any information is discussed over the phone. So, the only people with access to your money are you and your cosigners!

Enroll in e-Statements through Online Banking to reduce the amount of paper you receive—and the amount of information that could potentially fall into the wrong hands. Thieves still find your information the old-fashioned way: by stealing statements and other sensitive documents right out of your trash or mailbox. With e-Statements, your account summaries arrive securely in your Online and Mobile Banking account, safely away from dumpster-diving thieves.

Kirtland FCU is committed to safeguarding your personal and financial information through advanced security techniques and monitoring, in addition to offering the account services mentioned earlier. 
What else can you do? What if a thief strikes anyway? 

Purchase ID Theft Protection

Kirtland FCU partners with Identity Fraud, Inc. to offer a comprehensive suite of protection products that help minimize your risk of becoming a victim of identity theft. Services can include:
  • SSN Monitoring – to catch thieves using your social security number
  • Credit Monitoring – to identify unusual activity so you can take action
  • Credit Card Monitoring – scours chat rooms and online activity for your credit card information to identify potential fraud
  • DataSweep Monitoring – to identify your personal information online and alert you
  • Identity Insurance – should the worst happen, you’ll be covered
  • Lost Wallet Services - a 24/7 support team that helps you act quickly to limit your losses, maintain your good credit, and replace your lost or stolen cards
  • Keystroke Encryption Software - helps protect your identity by encrypting your keystrokes and hiding them from hackers, malware and key loggers intent on stealing your sensitive credentials while using the internet.
  • 24/7 Unlimited Resolution & Prevention Assistance - VRS Elite staff ready to assist you with fraud resolution, no matter what type or how you experience identity theft.
Cover yourself with these protective services, and more, for less than $3 a month.

Explore and sign up for Identity Fraud, Inc. coverage!
Identity Theft Protection insurance and programs are made available through the Identity Fraud, Inc. Contracts for insurance are agreements between you and Identity Fraud, Inc. The insurance offered is not a deposit, and is not federally insured, sold or guaranteed by Kirtland FCU. Kirtland FCU enables this insurance program to be offered to its members.

Security Fraud

Identity theft is a BIG problem. In fact, identity theft hit a record high in 2016, striking more than 15.4 million people.

Thieves and scammers are constantly developing new techniques for gaining access to your money and personal information. Here are a few of the most common types of fraud.


  • The attack: Telemarketing Fraud
    • What it is: Telemarketing fraud happens when you are basically asked to act now or send money straight away in order to be able to access some sort of special offer. This information will be given to you over the telephone and the telemarketers can be very convincing. If you have been cheated over the telephone, it is very difficult to get your money back. Every year, approximately $40 billion is lost to telemarketing fraud, according to a 2001 AARP study. More than 55% of these people are over the age of 50.
    • What you can do: Make sure you check who is calling you, ask for written copies of their terms and conditions, and look the company up before you send money and receive business information.
  • The attack: The One-Ring Scam
    • What it is: The Federal Communications Commission is alerting consumers to reported waves of “One Ring” or “Wangiri” scam. In this scam, robocalls target specific area codes in bursts, often calling multiple times in the middle of the night. These calls are likely trying to prompt consumers to call the number back, often resulting in per minute toll charges similar to a 900 number. Recent reports indicate these calls are using the “222” country code of the West African nation of Mauritania.
    • What you can do: Do not call back numbers you do not recognize, especially those appearing to originate overseas, and file a complaint with the FCC if you received these calls at www.fcc.gov/complaints.

If you never make international calls, consider talking to your phone company about blocking outbound international calls to prevent accidental toll calls.

Check your phone bill often for charges you don’t recognize.


Similar to phone techniques, thieves will send fakes e-mails that appear to be from legitimate businesses or agencies. Some concentrate their efforts on hacking or spreading malware, using technology to accomplish their theft.
Beware any communication that requests money or personal information. Legitimate businesses will not contact you online for issues unless you’ve pre-arranged it, and they will never ask for login information.

Types of Fraud
  • The attack: Phishing
    • What it is: The use of fake e-mails or text messages that appear to come from legitimate sources.
    • What you can do: Don’t respond. A legitimate company will never ask for personal information or financial information over e-mail. If you haven’t initiated the communication, contact the company or institution yourself to verify, especially if the communication asks for data or money. Kirtland FCU will NEVER contact you via e-mail asking for personal information.
  • The attack: Pharming
    • What it is: Directs users to a spoofed website where personal information is captured (such as log-in information).
    • What you can do: Check the URL of any website before entering any information. Better yet, type the URL of the site yourself and navigate to what you need, rather than clicking a link.
  • The attack: Malware
    • What it is: This is a computer attack that installs software on your computer when you click an infected link. The software, called malware or spyware, is designed to steal and transmit personal information.
    • What you can do: Don’t click any link if you’re not 100% sure of the destination. Also, make sure your computer security programs and firewalls are up to date and operational.
  • The attack: Data Breach
    • What it is: More and more common, data breaches are security incidents in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen, or used by an unauthorized party.
    • What you can do: Monitor your credit cards and checking accounts frequently for any unauthorized transactions or unusual activity. If you find any, alert your card company or Kirtland FCU so we may take steps to protect your accounts. We may reissue cards in the event of a data breach to stop any theft before it occurs.
  • The attack: Crowdfunding Scams
    • What it is: Crowdfunding is an online effort to raise money for a cause or project. But the project you’re backing is only as good as the people behind it. Some dishonest people can take your money but produce nothing–no product, no project, and no reward. People called “creators” ask for small amounts of money from lots of people to fund projects through websites like Kickstarter or Indiegogo, or the creator will create a charity story for use on GoFundMe.com or similar sites. In exchange, creators offer rewards to contributors like a product that the creators are trying to make. Or the creator will claim to pass the profits on to the beneficiary. Sounds great—unless the creators don’t create anything but profit for themselves.
    • What you can do: If you’re thinking about contributing to a crowdfunding campaign, take a minute to research the creator’s background and reviews before you pay. For example, has the creator engaged in previous campaigns? How did those campaigns turn out?


Types of Fraud
  • The attack: Skimming
    • What it is: The theft of credit or debit card information typically completed using a device that reads the magnetic strip.
    • What you can do: This point-of-sale version of identity theft is common at gas stations, ATMs, and other business with card readers that are not physically monitored. If you feel unusual movement or your card is difficult to swipe, abort your transaction and notify the vendor and your credit card company.
  • The attack: Mail Fraud
    • What it is: The definition of mail fraud is simple: it’s any fraudulent activity that involves the use of postage mail. This could mean sending a letter to try and scam money or personal information from someone, stealing and opening someone else’s mail, or using chain letters to collect money or items. If mail is used at any point in the fraud process, it’s considered mail fraud.
    • What you can do: The best way to guard against mail fraud is to make sure a letter is legitimate before responding to it. If there’s a phone number printed on what looks like a piece of official communication, verify it’s actually the phone number of the company involved and not a fake one.
      • A good rule of thumb when mailing a letter that includes personal information such as your bank account number or Social Security number is to take it directly to the post office so it can’t be stolen out of your mailbox.
      • Make sure you don’t leave mail out in your mailbox for too long! If you know you’ll be away for a while, consider temporarily stopping your mail service or asking a neighbor to get it for you until you’re back in town.
  • The attack: Dumpster Diving
    • What it is: Obtaining personal information by digging through trash for statements, receipts, or other personal or financial information.
    • What you can do: Shred! Make sure all documents containing your personal information or financial data are shredded prior to disposal. You can also sign up for e-Statement through Online Banking and eliminate the possibility of this form of identity theft.
  • The attack: Address Change/Mail Forwarded
    • What it is: Unauthorized forwarding of your mail to an identity thief.
    • What you can do: If you don’t receive a monthly statement that you normally would, contact the company immediately to inform them. You can also go paperless with many vendors, eliminating the opportunity for thieves to redirect your mail.
  • The attack: Tax Fraud
    • What it is: Also known as stolen refund fraud, it occurs when someone else receives your refund by stealing your Social Security number and filing your taxes themselves. By the time you send in your real return, it’s rejected by the IRS because you’ve “already filed.” It sounds crazy, but this kind of identity theft happens more often than you’d think—actually, it’s one of the top scams the IRS encounters each year.
    • What you can do: Be vigilant about who and where you give your personal information. Play it safe by using security software on your computer. And don’t ever carry around your Social Security card or anything with your Social Security number on it—including your W-2! Keep it all in a safe place.

Though the overall number of victims hit an all-time high in 2016, the amount of loss per victim actually decreased, thanks to higher awareness and faster action on the part of the victim and their financial institution.

No matter the method, early detection is key. Three credit bureaus monitor your activity, and you have access to credit reports from each of them at annualcreditreport.com.