Fraudsters sometimes send emails pretending to be from your bank, credit card company, or another company you trust, usually asking you to click on a link or open an attachment. The emails may seem genuine and convincing but are designed to trick you into sharing your personal information, such as your username, full PIN, or credit card number. They will often make urgent threats and try to scare you into providing your details.

How to Stay Safe:

What to look out for:

• Check for misspellings or unfamiliar sender addresses
• Unexpected emails claiming to come from a financial institution
• Urgent requests and threats
• Claims that your account has been compromised
• Requests to “Open an Attachment” or “Click a Link”

Safety Tips:

• Be suspicious of unsolicited emails. Listen to your instincts-if something doesn’t feel right, then stop and question it.
  If you are suspicious:
  • Call the sender, if possible, to verify they sent the email, using a trusted number or visit their website by typing the address directly into your browser. Phone numbers provided in the email could be fake.</li >
  • Do not reply to the email, fill out any forms, or follow any of the instructions specified.
  • Do not click on any links as they may try to direct you to fake websites.
  • Do not open attachments as they may infect your computer with malicious software.
  • Consider setting up different email addresses for different purposes, such as one for your bank/Credit Union, another for family and friends, and another for social media accounts.

You should never:

• Click on or open suspicious links and attachments.
• Respond to unsolicited emails.
• Share your banking details or other personal information if requested via email.

Your Credit Union will never:

• Send you an email with a link directly to the login page of our online channels.
• Send you an email with a direct link to your latest e-Statement.
• Ask you to click a link in an email with an urgent warning about suspicious activity on your account.
• Ask you to transfer money out of your account to protect yourself from fraud.
• Ask you to share your full online banking login details.

Fraudsters may send texts pretending to be from your Credit Union. They target mobile users by sending texts with links to fraudulent websites to trick you into providing your online banking details or card details. Your Credit Union will never send you a text with a link to a site that asks you for your full online login details or one-time passcodes.

What to look out for:

• Text messages claiming to be from your Credit Union, asking you to confirm financial or personal information.
• Often, they claim that urgent action is needed or there will be negative consequences.
• They may ask you to click on a link directing you to a website, or to provide a number to call in order to “verify” or “update” your personal account.
• Fake links lead to fake websites where you may be asked to provide personal information. The fraudster then uses that information to transfer money from your account.

Safety Tips:

• Do not respond unless you are entirely satisfied that the text is genuine. If you are not sure, we can check it for you. So, contact West-Midlands Credit Union directly.
• Do not use a phone number provided in the text which could be fake.
• Do not click on any links.
• Delete the text.
• If you have clicked on a suspicious link, call us as soon as possible.

Be vigilant if you receive a phone call out of the blue from someone claiming to be from your Credit Union, bank, credit card company, or another company you trust. They may claim that your account has been compromised and ask you for your bank card or bank account details. Your Credit Union will never call and ask you for your full Online Login Details or one-time passcodes that they’ve sent to you in a text. They will never ask you to download any software so they can take control of your computer or phone, or to move your money to a “safe” account.

What to look out for:

• Unexpected calls claiming to be from your Credit Union, bank, credit card company, or a well-known company that you trust.
• Being asked to confirm your password, full login PIN, or account number.
• Urgent requests and threats.
• Claims that your account has been compromised or there is something wrong with a payment.
• Requests to transfer money out of your account, for example, using a money transfer service.
• The fraudster might tell you the first four digits of your card number and ask you to confirm the rest.
• Being asked if you made a recent transaction at a well-known store, such as a supermarket. The fraudster is only guessing this information to sound more believable.
• Claims that some payments have already been made from your account to a foreign country and that they can ‘stop’ any more from going through.

Safety Tips:

• Don’t give away personal or banking information. No matter what story you are told, if it seems a bit odd or out of the blue, don’t give away your passwords, personal details, or account details.
• If you receive a suspicious call, hang up and don’t call back any number the caller may have given you. Remember: Your Credit Union will never ask for your full login PIN or full banking details over the phone.
• If you have accidentally shared your account information over the phone and you are worried, call us immediately. Fraudsters can stay on the line after you have finished the call, so either use a different phone to report the incident or wait a few minutes and then call someone you know first to be sure the fraudster has disconnected completely.

By clicking on a fake link in an email, text, your social media account, or on a pop-up ad online, you could be allowing malware to download and infect your device. Make sure that you properly protect your mobiles, tablets, laptops, or computers to help safeguard against fraud.

Safety Tips:

• Use up-to-date anti-virus software on your devices.
• Install the latest operating software updates as soon as possible. You will normally receive a prompt to update it.
• When downloading apps, go directly to a legitimate source, such as the official App Store or Play Store.
• If your device is lost or stolen, most smartphones and tablets have the capability to be remotely wiped. This will prevent sensitive information from falling into the wrong hands.
• Secure access to your device by using a strong PIN, password, passcode, or fingerprint detection.
• Clear all information on your device before selling or disposing of it.
• If you suspect that your device may be infected, do not log on to your online banking until any malicious software has been removed by a reputable IT service professional.

Using a strong password makes it harder for fraudsters to gain access to your online accounts. A weak password can be cracked in less than five minutes. Make sure you know the recipe for creating strong passwords and how to keep them safe.

Safety Tips:

• Create a strong password
• Make it long, usually at least 10-12 characters.
• Choose one that is easy for you to remember but difficult for someone to guess (avoid obvious words like ‘password’, birthdays, pet names etc.).
• Use a sentence or three or four random words (mix in upper and lowercase letters, numbers, and special characters throughout the password if you want to use them, or are required to by the site or system you are logging into).

• Keep passwords secure
• Avoid using the same password across multiple online accounts. If your information was stolen, the fraudster may then try your password on other accounts.
• Never share your usernames or passwords.
• Never allow web browsers (e.g. Google Chrome, Internet Explorer) to remember your passwords as you may be putting your information at risk.
• Use fingerprint detection and an alphanumeric PIN with more than 4 digits where possible for mobile devices.
• Activate two-factor authentication (where available).
• Consider using a ‘password manager’. It frees you from having to remember multiple complex passwords as you only need to remember the master password.

Identity theft occurs when a fraudster steals your personal information and uses it to impersonate you. They can carry out fraudulent activity such as trying to access your Credit Union or bank accounts, opening a credit card account in your name, or getting payment from a supplier.

Safety Tips:

• Be cautious when posting personal information online, such as on social media. The more information you post online about yourself, the easier it may be for a fraudster to steal your identity.
• Never give your full Online Login details to anyone.
• Cancel lost or stolen credit or debit cards immediately.
• Lock all valuable documents away securely.
• Clear all information on your device before selling or disposing of it.
• Shred confidential information such as bank statements before you throw them away.

Fraudsters sometimes make "cold calls", pretending to be from a reputable technical support or IT company. They persuade you to allow them to take control of your computer remotely over the phone so that they can fix, upgrade, or protect your computer. They may ask you to log on to your online banking account or ask for bank, credit card, or other personal details. Your Credit Union will never call and ask you for your full online login details or to confirm details that they’ve sent to you in a text. They will never ask you to download any software so they can take control of your computer or phone, or to move your money to a "safe" account.

Safety Tips:

• Never give control of your computer remotely to someone who calls unexpectedly, no matter how genuine they seem.
• Beware of fraudsters asking you to download legitimate apps which will allow them to get remote access to your device.
• Beware of fraudsters claiming to be from a legitimate company and informing you that you have a suspicious transaction on your account.
• Don’t disclose full personal or account details to an unsolicited caller.
• Don’t disclose your Visa Debit or credit card details.
• Beware that fraudsters can spoof Caller ID numbers to make it look as though they are calling from somewhere legitimate.
• Never log on to your online banking while a third party is connected to your device, even if the caller is very persistent.
• Always fully log off your online banking sessions and never give away your full Login details.
• Never transfer money out of your account based on an instruction from a cold caller, no matter what story you are told.