News Feed

Don’t Let Your Members Be Victims of a Scam This Holiday Season

Mon, Nov 27, 2017

The holidays are just around the corner. While it is a time of celebration, consumers can fall victim to a number of scams and frauds. To help your members, the NCUA has put together a list of tips they can use to avoid being a victim of a holiday scam.

Stay Protected Online

As consumers increasingly shop online and on mobile devices, their chances of falling victim to some form of cybercrime also increases. This includes the non-delivery of items ordered online and credit and debit card scams, as well as identity theft.

Here are some tips your members can use to avoid becoming a victim of cybercrime:

  • Do not respond to unsolicited spam email.
  • Understand the risks of using unsecured or public wireless networks. If it’s open to the public, it’s possible that your personal information or your computer could be compromised.
  • Be cautious of email claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders. Scan the attachments for viruses if possible.
  • When shopping online look for the padlock. Secured websites will have an icon of a locked padlock that appears, typically in the status bar at the bottom of your web browser, or right next to the URL in the address bar, depending on the internet browser you use. Don’t enter your personal or credit card information into a website if that icon isn’t present.
  • Never put your credit card information in an email.
  • Do not click on links contained within an unsolicited email.
  • Always compare the link in the e-mail to the web address link you are directed to and determine if they match.
  • Log directly onto the official website for the business identified in the e-mail, instead of linking to it from an unsolicited e-mail.
  • Contact the actual business that supposedly sent the email to verify if the email is genuine.
  • If your members are asked to act quickly, or there is an emergency, it may be a scam. Fraudsters create a sense of urgency to get their victims to act quickly.
  • Verify any requests for personal information from any business or financial institution by contacting them directly using their main contact information.
  • If you see something, say something. Report possible cybercrime to the FBI through the Internet Crime Complaint Center. Go to

To obtain more tips for your members on how to shop online smartly during the holidays, visit

Package Delivery Scam

If you receive an email with the subject line reading “USPS Failed Delivery Notification,” or something similar, do not open it. The emails claim to be from the Postal Service and contain fraudulent information about an attempted or intercepted package delivery. The emails instruct customers to click on a link to find out when they can expect delivery.

Clicking on the link activates a virus, which can steal personal information such as user names, passwords or financial account information. These emails look almost identical to official notifications from the real shippers by using legitimate-looking email addresses and even the official logos.

However, this scam is not limited to the USPS. Similar email and text scams are also circulating that appear to be from other shipping companies such as UPS and FedEx.

Using Public Wi-Fi

Using your laptop, tablet or smartphone at Wi-Fi hotspots in coffee shops, libraries, airports, hotels, universities and other public places is convenient, but often they’re not secure. If you connect to a Wi-Fi network, and send information through websites or mobile apps, it might be accessed by someone else. The bad guys are there too, shopping for your information.

One way scammers obtain your information is by putting out a Wi-Fi signal that looks just like a complimentary one. Choose the wrong Wi-Fi and the hacker now sits in the middle and steals your personal or financial information. When you use a Wi-Fi connection in a public place, it is better not to use your credit card.

To protect your information when using wireless hotspots, send information only to sites that are fully encrypted, and avoid using mobile apps that require personal or financial information.

Online Gift Card Scams

Gift cards purchased through online auction sites are often fraudulent or stolen. The safest way to purchase gift cards is directly from the merchant or retail store.

Stripped Gift Card Scams

However, your members have to be careful when purchasing gift cards at retail stores, as well. Thieves can write down the code or use a device to scan the magnetic strip on the back of gift cards that are available on racks. Every few days, the thief will check the balance and redeem the card’s value online without the gift recipient’s knowledge.

When buying a preloaded card, always have the cashier scan the card to verify that the full amount is available.

Also, check to make sure that the packaging hasn’t been tampered with or damaged. This may be a sign that the gift card has been compromised, or replaced with a stripped gift card. If possible, register gift cards with the retailer for additional protection if it’s lost or stolen.

Charity Scams

The holidays are a time of giving. Before giving to a charity, encourage your members to take a look at two websites from the Federal Trade Commission on the warning signs of charity scams:

Also, the Internal Revenue Service has a search feature on its website that allows consumers to find legitimate, qualified charities to donate to. To learn more, visit