Skip Navigation

Types of Fraud

Types of Fraud

Email and Fraudulent Websites
Sometimes criminals may send you email that looks like it has come from someone else. These phony emails may ask you to go to a website and provide your personal account information. Some of these phony emails even caution that if you don't do this, your account may be suspended. But the Website is also a fake, and this is a fraud attempt.

This is the most common type of online fraud, and is called phishing and spoofing. Criminals send these phony email messages or direct someone to a fraudulent website for one goal, to steal personal and financial information.

If you should ever receive an email that appears to be suspicious, do not reply to it or click on the link it provides. Simply delete it. To report a suspicious email that uses BCU’s name, you can forward it to abuse@bcu.org. (If you have general questions about the credit union or your accounts, please go to Contact Us.)

Spyware and Viruses
Spyware and viruses are both malicious programs that are loaded onto your computer without your knowledge. Whether the goal of these programs is to capture or destroy information, to ruin the performance of your computer, or to bombard you with advertising, you don't want them. Viruses spread by infecting computers and then replicating. Spyware disguises itself as a legitimate application and embeds itself into your computer, to monitor your activity and collect information. Spyware and viruses are both serious threats to the security of your computer.

Pop-up Advertisements
Pop-ups are the advertisements that "pop up" in a separate browser window. When you click on some of these pop-ups, it's possible that you're also downloading spyware or adware. Sometimes, criminals create pop-up ads that look like they come from a respected financial institution and ask you to enter personal financial information, but BCU will never ask you to verify personal financial information in pop-ups.

Fraudulent Phone Calls and Numbers
Vishing is the criminal practice of using social engineering and Voice over IP (VoIP) to gain access to private personal and financial information from the public for the purpose of financial reward. The term is a combination of "voice" and phishing.

When the victim answers the call, an automated recording, often generated with a text to speech synthesizer, is played to alert the consumer that their credit card has had fraudulent activity or that their credit union account has had unusual activity. The message instructs the consumer to call the following phone number immediately. The same phone number is often shown in the spoofed caller ID and given the same name as the financial company they are pretending to represent.

Consumers are advised to be highly suspicious when receiving messages directing them to call and provide credit card or bank numbers. Rather than provide any information, the consumer is advised to contact their bank or credit card company directly to verify the validity of the message.

Mobile Phone Security
Smishing is a form of criminal activity using social engineering techniques similar to phishing. Smishing victims receive SMS messages. These text messages might ask a recipient to register for an online service -- then try to sneak a virus onto the users' device. Some messages warn that the consumer will be charged unless he cancels his supposed order by going to a website that then extracts such credit card numbers and other private data.