Identity Theft & Fraud
Explore best practices to protect yourself.
- Spotting suspicious activity and avoid common scams
- Helpful resources to stay secure
Vigilance and quick action pay off
When it comes to identity theft protection and fraud prevention, everyone needs to be on alert. We're committed to implementing the most sophisticated technology to ensure your information is safeguarded when you use our digital services. We also want you to know more about the threats and what best practices to take so you can protect yourself.
Identity theft is a growing concern and costs consumers and their creditors hundreds of millions of dollars each year. Someone can use your name for years before you find out, and once you find out you face the lengthy and expensive task of reclaiming your good name. According to the FTC, the average consumer spends more than $1,000 to clean up the damage done by identity thieves.
What should you do?
- If you have 7 17's Benefits Plus Checking, you can take advantage of their free ID Theft & Security Center.
- Contact the three major credit bureaus. Explain your situation and ask that they put a fraud alert in your file. This notice, which informs the credit reporting agencies of identity theft or suspicious activity on your accounts, instructs prospective lenders to take extra measures to confirm the identity of any person claiming to be you when opening or changing an account. Order copies of your credit report, which credit bureaus must give you free if your report is inaccurate because of fraud. The bureaus worked with the FTC to design an "ID Theft Affidavit" that they will send you, or you can get by calling the FTC at 877-IDTHEFT or going to the FTC website.
Once you get the reports, look carefully at three sections, says Jay Foley, director, Identity Theft Resource Center in San Diego. "First, check the information listed in the header. If it shows you working for a company you've never worked for, or lists other addresses or P.O. boxes, that's a red flag."
Next, check the primary section of the report, which contains information about open accounts or accounts opened in the past seven years. Make note of any unfamiliar accounts. Then check the inquiries section, which lists companies that are checking your report because they've received applications, says Foley. Request that these inquiries be removed from your file and that any misinformation in the header be corrected.
Sadly, you might find a familiar address listed on your credit report. Foley says that in 12 to 17 percent of identity theft cases, the victim knows the suspect, and of this group, 65 percent are estimated to be family members. Victims then face the hard choice of turning a family member over to the police, or trying to work things out without outside intervention.
- Contact creditors about fraudulent accounts. If you find you are the victim of identity theft, contact the fraud department of your creditors. The FTC advises consumers to follow up with a letter—the procedure required by law—to resolve errors on credit card billing statements. Close any suspicious accounts and open new ones using new passwords and PINs (personal identification numbers). Don't use easily available information like your mother's maiden name, your birth date, the last four digits of your Social Security number, your phone number, or a series of consecutive numbers.
Ask your creditors if they’ll accept the FTC affidavit and if they need a copy of your police report. Expect to put in a lot of effort to get things straightened out. Some consumers run up huge bills, and then create an identity thief to take the rap—so creditors’ caution is not always misplaced.
- File a police report. Call your local police or sheriff's department to file a report. Ask them to give you the report number and a copy of the report, which you'll need in order to get help from creditors.
Report identity theft and get a recovery plan by visiting the FTC’s website at www.identitytheft.gov.
NetWorth24 Online Banking
7 17 will never call you, or send an email or text message requesting your online banking credentials, such as your Username or Password. If you get such a request, be sure to check your computer for malware or other viruses. Change your Username and Password, and notify 7 17 Credit Union that you may be the victim of fraud on your PC. You can send us a secure email through Online Banking or call us during regular business hours to report this. The only circumstance under which we would ask for this information is if you call us with an issue and your credentials are needed to troubleshoot the problem.
We also suggest the following:
- Regularly run anti-virus and anti-spyware programs on your PC.
- Do not share your Username and Password. If you allow others to use your Username and Password, you are responsible for any transactions that occur.
- If you click the option to “Register” your computer or click the “Private” setting on your computer, this could disable the one-time pass code (via voice call, text, or email) at login but this action also reduces the level of access security. We do not recommend clicking this option.
- If you have clicked the “Public” setting on your computer or chose the option, ”Do not register," this will remove the security cookie and cause you to get a one-time pass code by voice call, text, or email each time you log into your account (which enhances your account security). We recommend that you click this option.
- You may be required to get a one-time pass code via voice call, text, or email each time at login if you clear cookies on your PC.
- Close out of Online Banking when you are finished with your session. For added security, Online Banking will automatically log you out after 10 minutes of inactivity.
- You should lock your mobile phone with a password so that it is not easily accessed.
- Do not leave your mobile phone unattended where others can use it.
- Do not save your Username, Password or other account information on your phone.
- If you should lose your mobile phone, contact your cell carrier immediately and have your phone disabled. Also, log in to NetWorth 24 Online Banking using a PC and change your password.
- 7 17 will never send an email or text message requesting your Username or Password. If you get such a request, be sure to check your mobile phone for malware or other viruses.
- If you purchased a used or refurbished mobile phone, check it for preloaded malware or viruses that can be used to steal your data.
- Confirm that your Bluetooth technology is set to a high security mode so that you must approve any connections or downloads before they are made.
- Always disable your phone’s Bluetooth function when it is not in use.
- Make sure you are using a secure internet browser and connection while connected to Mobile Banking.
- Regularly run anti-virus and anti-spyware programs on your smartphone, just as you would on your PC.
- Do not share your Username and Password. If you allow others to use your Username and Password, you are responsible for any transactions that occur.
- If you click the option to “Remember this phone," this could disable the one-time pass code (via voice call, text, or email) at login but this action also reduces the level of access security. We do not recommend clicking this option.
- If you have clicked “Remember this phone” and would like to reverse this option, click on the “Remove extra security from this phone” link on the Accounts tab. This will remove the security cookie and cause you to get a one-time pass code by voice call, text, or email each time you log into your account (which enhances your account security). We recommend that you click this option.
- If you have enabled Touch ID for Mobile Banking, every person with an enrolled fingerprint on your device will have access to your account. Review the enrolled fingerprints to make sure that each person is authorized to access the personal and financial information available in this app.
- You may be required to get a one-time pass code via voice call, text, or email each time at login if you clear cookies or remove the battery from your phone.
- Log out of Mobile Banking when you are finished with your session. For added security, Mobile Banking will automatically log you out after five minutes.
Learn more about our Mobile Banking service.
Mobile Device Management
Mobile devices have the potential to store large amounts of private user information as well as sensitive data, including personal account information, website login IDs and passwords, email, and location information. Consequently, mobile device malware is on the rise.
The Federal Communications Commission (FCC) recommended the following steps to reduce your exposure to mobile threats:
- Set PINs and Passwords—The first line of defense is setting a password or PIN to access your device, then configure it to lock after being idle for two minutes or less. Also, devices that support SIM cards should use the SIM password capability. The following are links to sites with instructions on setting a password or PIN for popular mobile devices:
- Do Not Modify Built-In Security Features—Jailbreaking, rooting or tampering with your device’s factory settings increases the risk of compromise.
- Back up and Secure Data—Frequently back up your device’s stored data to enable its recovery if your device were lost, stolen or erased.
- Only Install Apps from Trusted Sources—Research apps prior to installing them to ensure they are legitimate. You can do this by checking reviews and the app store, and comparing the app developer’s official website to confirm they are consistent.
- Understand App Permissions Before Accepting—Think twice before granting an app access to data or functions on your device. Also, always check the privacy settings for each app prior to installation.
- Install Security Apps that Enable Remote Location and Wiping—Most devices, either as an app or system function, have the ability to remotely locate and erase all settings and data. The “Find My iPhone” app for iOS and “Locate My Droid” app for Android are popular options.
- Install System Updates when Released—Doing so when prompted will reduce the risk of exposure to known malware and cyber threats.
- Beware of Open Wi-Fi Networks—Data transmitted on unencrypted Wi-Fi networks can be viewed by anyone connected to the same network. If you are not asked to enter a key when attempting to connect to the network, it is not secure, so use your company’s VPN or such apps as HotSpot Shield (available for both iOS and Android).
- Wipe Data Prior to Donating, Selling or Recycling Old Devices—In order to keep sensitive information private, data should be completely erased, and the device reset to its initial factory settings, prior to disposal.
- Report Stolen Devices—The major wireless service providers established a stolen phone database, in coordination with the FCC. You should report your phone as stolen to your local law enforcement and inform your wireless provider. This will prevent your stolen phone from being activated on any wireless network.
Following these best practices can reduce your exposure to mobile threats and will protect private and sensitive data.
Learn how to choose and protect your passwords.
- Don't open email or attachments from people you don't know or are not expecting email from, especially if the email contains an attachment. If you are not sure of the sender, delete the message.
- Do NOT unsubscribe to spam email. While this seems like a way to stop a spammer from sending more mail to you, it only serves to validate that the spammer has a legitimate email address for you. This is not to say that 'unsubscribe' links on legitimate vendor emails are not valid ways to stop their emails.
- If your email system offers anti-spam and anti-virus services, consider using them.
- Use extreme caution if you are asked to provide or confirm any account or personal information through email. Most legitimate organizations, like 7 17, will never ask for sensitive information through email.
- If you are even the slightest bit hesitant about the sender of the email you received, you may not want to click on any links included within the email and you may want to call the sender to confirm the message.
- Fraudsters are experts in deceit. Use caution if something doesn’t appear legitimate. Remember, even legitimate looking emails you receive from family, friends, and organizations could be fraudulent.
Online Fraud Prevention Tips
Email and online schemes are being perpetrated with increasing frequency, creativity and intensity. The best line of defense is to be vigilant and to protect yourself. To learn how to stay safe online, visit https://www.usa.gov/scams-and-fraud.
Gift Card Scams
Buying a gift card to pay someone? STOP! It's a scam.
- Do not use a gift card to pay: the IRS, tech support, family member in trouble, ransom or to avoid arrest
- Only purchase gift cards as a gift
- Be aware that no business or government official will ask to be paid in gift cards
- Don’t act in haste; stop and think
- Confide in family and friends if someone you don’t know is telling you to buy gift cards
Family Emergency Scams
Fraudster posing as a family member, stating they are in trouble and needing help immediately, usually involving a fake lawyer, police officer or doctor.
- Does not name the person in “trouble”
- Asks you to keep it a secret
- Tells you to act fast
Steps to take:
- Hang up
- Call the family member supposedly in trouble
- Call other family/friends to try and locate the person supposedly in trouble
- Resist the pressure to send funds immediately
Romance scams occur when a criminal adopts a fake online identity to gain a victim’s affection and trust. The scammer then uses the illusion of a romantic or close relationship to manipulate and/or steal from the victim.
- Confesses feelings of love quickly
- Lures you off the dating site as fast as possible
- Needs money immediately for emergencies, is in danger or is stuck traveling
- Asks you to conduct wire transfers, purchase gift cards or deposit funds in a Bitcoin ATM machine
- Only communicates through texting apps or other online platforms
Phishing is when attackers send malicious emails designed to trick people into falling for a scam. The intent is often to get users to reveal financial information, system credentials, or other sensitive data.
- Never click on unknown links or files
- Treat any email you didn’t expect to receive with suspicion
- Never reveal passwords to anyone
- Beware of emails asking you for your login information or payment information
- Look for spelling errors
- Hover over links to see if a web address is legitimate and relates to the email content
- Don’t provide personal information in response to an email request
FTC.gov (report scams & learn)
Tineye.com (reverse image look-up)
Ic3.gov (to report online scams)
scamspotter.org (videos & quiz)
annualcreditreport.com (free yearly report)
consumerfinance.gov (learn about scams)
Order your free annual credit report online or through this address:
Annual Credit Report Request Service
PO Box 105281
Atlanta, GA 30348–5281
If you need to dispute inaccuracies on your credit report, visit the Federal Trade Commission's website.
If you accounts have been compromised, contact the three major credit bureaus:
P.O. Box 740241
Atlanta, GA 30374-0241
P.O. Box 2104
Allen, TX 75013
P.O. Box 1000
Chester, PA 19022