MOBILE |   ABOUT US   |  HOME   |  LOCATIONS   |  CONTACT PATRIOT   |  EMAIL SIGN-UP   |  SITE MAP  

  Search





In the Know
News

Fraudulent "www.harlandclarkes.com" Email
If you receive an email from "www.harlandclarkes.com" (with an 's') OR if it is forwarded to you:
  • DELETE IT IMMEDIATELY; and
  • DO NOT CLICK THE LINK PROVIDED; it contains a malicious link. Opening it could risk you downloading a virus.
SITUATION:
On Wednesday, March 7, the Corporate Security Group of Harland Clarke Holdings Corp. became aware that multiple Harland Clarke and Harland Financial Solutions clients had received an email from a sender FRAUDULENTLY claiming to be the iReports Data Warehouse. (To view a copy of the body of the email, click here..)

TO REITERATE:
This fraudulent email is NOT originating from any Harland Clarke Holdings business. It appears to be part of a malicious and isolated phishing spam attack.
>>> Back to Top

Automated Phone Call Scam Resurfaces
A recent notification from credit unions indicated members and nonmembers are being targeted with the automated phone call scam. Victims receive automated calls (robo-calls), which play recorded messages claiming to be from a credit union (or bank), requesting verification of financial information (e.g., account number, card number, or PIN).

Alert Details
A credit union recently reported receiving hundreds of calls from members and nonmembers saying they received a phone call on their landline or cell phone with an automated message indicating their account may be locked or closed, or their card numbers were compromised. The victims are asked to enter their credit or debit card number.

Ongoing education and awareness for your members is critical to prevent their accounts from being compromised through this version of vishing (voice phishing). Members should never respond to these calls by providing the requested personal or financial information – no matter how urgent the message may seem.

  • Advise members to never respond to any telephone call requesting personal or financial information.
  • Consider alert notifications to members on your phone system, web site, newsletters or statement stuffers.
  • Educate members to take caution when visiting social network sites and sharing personal information.
  • Instruct members receiving this type of call to report it to the following:
    • Credit union;
    • Federal Trade Commission (1-877-382-4357);
    • State attorney general;
    • Local law enforcement; and
    • Phone carrier – landline or cell phone provider.
  • If a member responds to such a call by providing account or card information, close or block the accounts to prevent fraudulent transactions.
  • Members who provide the requested information during the call should contact one of the three credit bureaus to place an "initial fraud alert" on their credit report.
>>> Back to Top

Targeted Tax Day Phishing
National Cybersecurity and Communication Integration Center has issued a bulletin providing general guidance to public and private sector organizations and individuals about email attacks—phishing and spear phishing. During the tax filing time of year, DHS, IRS, and law enforcement agencies see increased phishing activity with respect to the income tax filing deadline. The objective of these types of attacks is to lure people to click on links or an attachment within the body of an email, leading that person to execute malicious computer code on their computer. This advisory offers some preventative strategies that minimize the likelihood of an attack becoming successful. We encourage anyone receiving this advisory to widely distribute it. Click here to read more.
>>> Back to Top

Zappos.com Site Hacking Alert
Online shoe and apparel retailer, Zappos.com, announced on Sunday, January 15, 2012, that hackers had broken into their company's system through one of its servers in Kentucky and obtained data on its 24+ million Zappos.com customers. The hackers took names, billing, shipping and email addresses, phone numbers and partial credit card numbers of Zappos customers, as well as their cryptographically scrambled passwords. Based on reports from Zappos, it appears that users' full credit card information is safe, though they could be at risk if these customers use the same email and password combination to access other sites.

Zappos CEO Tony Hsieh stated the secure database that stores customers' critical card and other payment data was neither affected nor accessed. In addition to expiring and resetting customers' passwords, Zappos has created a link that will let each customer securely create a new password. Zappos is also urging customers to change their passwords on any other websites where they use the stolen password or similar ones, and it has warned them to be wary of emails and phone calls that ask for personal information or direct them to websites asking for personal information.

Zappos is working with law enforcement and has sent an email, accessible at http://blogs.zappos.com/securityemail to notify its potentially impacted customers.

At this time we have no reason to believe there is fraudulent activity associated with this breach or that VISA CAMS or MasterCard Alerts have been issued in connection with this event.
>>> Back to Top

Holiday Scams & Tips Alert
As the holiday season approaches, it is important to be aware of potential scams. Con artists are working hard to get their hands on your member's money as well as personal and financial information. To help reduce the risk and protect credit union members, we offer a list of potential scams along with tips for a safer and smarter holiday shopping season.
>>> Back to Top

Carty & Company
A member reported receiving a call from a company called Carty & Company and the caller said they had a relationship with Patriot Federal Credit Union. This company is a brokerage firm that has no affiliation with Patriot. Patriot Financial Services is our financial advisory service and you can learn more about our advisors here.
>>> Back to Top

SMiShing
We have had two members report receiving text messages from their credit union to call the automated service at 240-349-0118. When the call is placed to this number, an electronic verification service recording explains that the callers credit card has been restricted and to enter their 16 digit card number in order to un-restrict their card.

Please get the word out to our members and ensure those calling regarding the text know that it is not Patriot FCU and they should never provide any information to an unknown source.
>>> Back to Top

Secret Shopper
Patriot had a member deposit a check for $2,000.00 drawn on State Street Bank & Trust in Boston, MA from F.T. Management Inc. 17 Federal St. Boston, MA. At the time of the deposit, member did not mention that she had applied online for a Secret Shopper "position". Member visited Patriot branch when she received the "paperwork" instructing her to deposit and cash the check at her bank, go to her local "JC Peenys" outlet and purchase item or items of her choice and to do the same at Sears and then complete a Western Union transaction (for the bulk of the funds). The form was titled "Global Survey & Management Services Inc.". There were numerous type-o's and variations in font, etc. Patriot informed the member that this was a scam and was able to avoid a bad situation on this members account. Please be on the lookout for these types of mailings.
>>> Back to Top

SMiShing
In July, 2011, credit unions from around the country reported their members were receiving bogus text message (smishing) alerts. The text message indicated it was from Credit Union Services and advised the member to call the number provided in the text message to have their card reactivated. This was a scam as we will never ask a member for this type of information using text messaging.

Please do not respond if you receive a text asking you to reactivate or give any account information. Call Patriot directly at our Contact Center Line, 888-777-9982.

Credit unions have reported multiple phone numbers provided in text messages sent to credit union members to call to have their card reactivated. One credit union reported that some of their members responded to the text and provided the requested card information.

The original “phishing” was through email, but there has been an increase in both smishing (text message phishing) and vishing (phone call phishing) attempts directed towards consumers asking for personal or financial information.

Remember that Patriot will never send a text, email or phone call that asks you to provide card or account information.

If you do provide card information to a fraudster and you realize the mistake, please contact Patriot to have the card(s) blocked immediately to help prevent potential card fraud.

Fake Lottery or Sweepstakes
In January, 2011, a scam was reported that involves a fake lottery or sweepstakes called the UK & North America Consumer Promotion Draw. According to CUNA Mutual Group's Resource Protection Center, individuals received cashier checks bearing the name of Patriot Federal Credit Union, Pennsylvania, all in the amount of $3,920.00. The scam was to get the consumer to deposit the fake check and send the $2,785 to the scam artists by Western Union, which he/she essentially lost the consumer that money.
>>> Back to Top

As we become aware of scams that might affect our members, we will post alerts to our website. Please be careful as there are many scams that are occurring both by mail, email, phone and text message. If it sounds too good to be true, it probably is. Be aware and alert about this type of fraud.


Toll Free (888) 777-9982
800 Wayne Avenue • Chambersburg • PA 17201
© 2013 Patriot Federal Credit Union