Skip to main content

Fraud Prevention

Protect yourself from fraud. Your safety is our top priority.

🚫 STOP! Think Before You Share 🚫

Never share your account numbers, card numbers, secure access codes, or any sensitive information. Fraudsters are on the lookout. Stay safe!
When in doubt, give us a shout! If they claim to be calling from Century and start asking for personal information, hang up and call us directly at (216) 535-3200.

0:00 / 0:00

Phishing Scams

Do you know what a Compromised Account is? A compromised account occurs when your account information and/or online banking credentials have been obtained by an unauthorized third party. This could be the result of a breach or by willfully providing the account and/or online banking credential information to the fraudster themselves. Anytime someone provides their account information and/or online banking credentials to a third party, the account has been compromised at that point.

When Century Federal Credit Union is made aware that an account has been compromised, an immediate hold is placed on that account and requires the member to close the account to avoid funds being debited from the account fraudulently.

We are seeing instances where unauthorized third party fraudsters are posing as employees of the Geek Squad, Microsoft and other big-name companies. If you receive a call, text or email from someone claiming to be from one of these companies, and they are asking for access to your personal computer or online banking account, hang up and call Member Services immediately! As a reminder:

  • Attackers convey a sense of urgency and often mention negative consequences for failing to respond
  • Attacks are not consistent with other email messages from the business
  • Messages do not contain any personalization: the recipient's name, the last four digits of their account number, or other information that shows that the sender knows something about the recipient's account
  • Attacks often contain spelling errors and bad grammar
  • Messages often claim the user has ordered something that they never ordered

It doesn’t matter who the third party claims to be, whether it's the Geek Squad, Microsoft, or some other known/unknown entity, giving these fraudsters your personal/account information is like giving a stranger the key to your house to have access at any time. This puts your funds and personal information at risk as the fraudster can make changes, transfers and even set-up bill pay and Pop money to raid your account.

Is a scammer getting unemployment benefits in your name?

In a large-scale scam erupting in the midst of the Coronavirus pandemic, imposters are filing claims for unemployment benefits, using the names and personal information of people who have not filed claims. People learn about the fraud when they get a notice from their state unemployment benefits office or their employer about their supposed application for benefits.

Read the blog about scammers getting unemployment benefits in your name.

Beware of Mail Fraud Attempts

Recently, we have been misrepresented in letters being mailed from fraudulent companies stating they have unclaimed funds for members originating from Century Federal Credit Union. This is simply not true, and is a fraudulent attempt to gather personal data for malicious reasons.

If you have been contacted via mail, phone, email, or text, and have been asked to provide confidential data about yourself or your accounts, please call Member Services immediately at 216-535-3200. 

As a reminder, no one from Century Federal will ever ask for your personal information, debit or credit card number on a phone call, email, or text message. If our credit card fraud department ever calls to confirm activity, they will only discuss suspicious transactions with you. They will never ask for PIN number or other non-public information. If you feel uncomfortable giving this information to someone that calls, you can always terminate the call and call us back at the number on your card or by contacting Member Services at 216-535-3200.

Be Aware of Phone Number Spoofing Fraud Attempts

  • If you receive a phone call, email or text claiming to be from CFCU, asking you for personal identification, member number, or account information, DO NOT RESPOND! Fraudsters may attempt to “spoof” legitimate CFCU phone number(s). Legitimate calls, emails or texts from CFCU would never contain a request for account information.
  • No one from Century Federal will ever ask for your debit or credit card number on a phone call, email, or text message. If our credit card fraud department ever calls to confirm activity, they will only discuss suspicious transactions with you. They will never ask for PIN number or other non-public information. If you feel uncomfortable giving this information to someone that calls, you can always terminate the call and call us back at the number on your card or by contacting Member Services at 216-535-3200.
  • If you receive a phone call asking for personal information:
  1. DO NOT give any personal information
  2. Request the name of the person who is calling you
  3. Hang up and please call Member Services at 216-535-3200 immediately

Here are some ways to protect yourself and your identity:

  • Never share account or card information. This includes your online banking login information (username/password), account numbers, social security number, personal identification number(s)/PIN(s).
  • Do not provide personal information via email. Email is not a secure way to communicate.
  • Wait to "share". Avoid posting on social media when you are on vacation and when you will be returning advertising that your home will be empty. Wait until you get back to post those fun photos!
  • Secure your mail. Place outgoing mail in a post office collection box and not in your own mailbox. If you are going to be away from home for more than a couple of days, have the US Post Office hold your mail. CFCU online banking and e-statements are a great option!
  • Set up security and account alerts in online banking to make you’re aware of any account activity you didn’t authorize.
  • Use unique passwords at every website, never use the same password at two different websites. A password vault is the best way to create and track complex passwords.
  • Never answer security questions with publicly discoverable information. If all of your social media followers know the year you graduated from high school, that would not be a good security question/answer pair option.
  • Review your account regularly. If you notice something suspicious, contact the credit union immediately!
  • Safely dispose of personal information. Shred any documents that have personal or financial information.
  • Review your credit report annually. Request a free copy of your credit report at: www.annualcreditreport.com or by calling: 1-877-322-8228
If you believe your identity and/or account information may have been compromised, contact the Federal Trade Commission immediately for guidance and to report identity theft. Read below for more information.

Fraud Prevention FAQ

What is identity theft?

It’s a different world. We can become victims without ever seeing our attackers—and lose something more valuable than money: our identity. Identity theft (ID theft) occurs when someone assumes another person's personal identifying information (e.g., a name, Social Security number, or date of birth) with the intent of committing fraud. It’s been said that ID theft is the largest growing crime in America, with new methods turning up constantly.

Signs of identity theft can take many forms, and your identity can be stolen in a variety of ways:

  • Loss or theft of your wallet, purse, or credit card
  • Mail theft
  • Skimming information from the magnetic strip on credit or debit cards
  • "Dumpster diving"
  • "Shoulder surfing"—spying your PIN or password over your shoulder
  • Eavesdropping
  • Scam phone calls soliciting personal or financial information
  • Phishing emails and spyware
  • Computer hacking
  • Data Breaches

How can I protect myself from identity thieves?

Here’s what you can do to try to prevent identity theft and fraud:
  • Do not carry your Social Security card in your wallet
  • Do not have your Social Security number or driver's license number printed on your checks
  • Avoid giving out your Social Security number unless it is absolutely necessary
  • Beware of giving information to anyone over the telephone or Internet, unless you initiate the call
    • Century Federal Credit Union will NEVER contact you and ask for any personal information including social security number, account number, PIN# or any other sensitive data
  • Shred any documents with account numbers or other personal data you are throwing out and any pre-approved credit offers, ideally with a micro-cut shredder
  • Watch for regular monthly bills that aren't delivered. Stolen mail is one way to obtain sensitive information
  • Do not leave mail for pickup at an unlocked mailbox
  • Check your credit report at least once a year to identify accounts that may have been opened in your name without your knowledge. You can get a copy of your credit report at www.annualcreditreport.com every 12 months. Monitor your online financial accounts frequently and check your credit card statements as soon as they arrive to ensure you made all of the charges listed
  • Never write your full credit card number on a check. Instead, write "ends in" and the last four digits of the credit card number
  • Sign your new debit and credit cards promptly
  • Be vigilant to all suspicious activity
  • Do not keep personal identification numbers (PINs) attached to credit, debit, or ATM cards
  • Keep your Social Security card, passport, birth certificate, and other important cards and documents in a locked location
  • Protect your computer with a firewall and other security related software, and keep this software up-to-date.
  • When disposing of an old computer, be sure to wipe or destroy the hard drive first, using special software designed for this purpose.
  • If you are a member of a military service unit who is on active duty, consider placing an active duty alert on your credit report. The active duty alert can prevent prescreened offers of credit and insurance being sent while you are away on active duty.
  • Consider purchasing an identity theft protection service. Our member discount partner, Benefits Plus, offers a comprehensive identity monitoring service. An identity monitoring service will add another layer of protection for your accounts and your personal information.

How can I resolve identity theft?

React quickly. If you should become a victim of ID theft, it’s important that you act quickly to stop further damage to your name. Here are the steps you can take:

  • Contact the financial institution(s) or the companies where the information about you has been used and let them know you are a victim of identity theft.
  • Contact the credit reporting agencies to report the identity theft and request they place a fraud alert on your account. You only need to contact one. The first agency you contact will contact the other two. The credit reporting agencies are:
  • Contact the police department to report the crime. Be sure to request a copy of the report.
  • Contact the Federal Trade Commission at www.consumer.gov/idtheft to make a report and review their helpful hints for dealing with identity theft.
  • Keep good records including who you talk to, summaries of conversations, and documentary evidence of the crime.

What is Phishing, SMiShing, and Vishing?

Be on guard. Phishing occurs when a fraudster impersonates a legitimate company or organization using email, faxes, and/or websites in an attempt to lure recipients into revealing confidential information. Quite often, the tone of the email is urgent, leading recipients to believe there is something wrong with their account. They are urged to take immediate action, which often includes opening an attachment or clicking on an embedded link to go to the "company's" website to update, verify, or review account information. When the victim logs in or enters confidential information, they are actually giving it directly to the criminals. Vishing (voice phishing using the phone) and SMiShing (phishing via text messages) are newer, but just as dangerous, forms of phishing that consumers and businesses need to be aware of. The scams are the same, but the technology used is different. Some of the signs you should look for:

  • Attackers urge the recipient to click on the link (phishing and SMiShing) or call a telephone number (vishing and SMiShing) to update or verify account information, reactivate an account, or cancel an order.
  • Attackers convey a sense of urgency and often mention negative consequences for failing to respond.
  • Attacks are not consistent with other email, telephone, or text messages from the business.
  • Messages do not contain any personalization that shows the sender knows something about the recipient's account (e.g., the recipient's name, the last four digits of their account number, or other information).
  • Attacks often contain spelling errors and bad grammar.
  • Attacks using SMiShing often indicate the message came from the number "5000" instead of displaying an actual telephone number.
  • Messages often claim the user has ordered something that they never ordered.

What is malware?

Protect your computer. Malware or "malicious software" is designed to infiltrate or damage a computer system without the owner's knowledge or informed consent. The term “malware” covers a host of software including computer viruses, worms, Trojan horses, spyware, and other malicious software. Malware for personal smart phones and other mobile devices has now entered the market as well. As mobile devices continue to grow in popularity, so too will this form of malware. As a result of malware, users may find that their computers have become part of a botnet. A botnet is a collection of software robots, or bots, that run autonomously and automatically. Although the phishing attacks that lead to malware are designed to be nearly impossible to distinguish from legitimate email messages, there are some common signs you can look for:

  • Attackers urge the recipient to click on the link to update or verify account information, reactivate an account, or cancel an order
    • Century Federal Credit Union will NEVER ask you to click a link to enter account or any other personal information
  • Attackers convey a sense of urgency and often mention negative consequences for failing to respond
  • Attacks are not consistent with other email messages from the business
  • Messages do not contain any personalization: the recipient's name, the last four digits of their account number, or other information that shows that the sender knows something about the recipient's account
  • Attacks often contain spelling errors and bad grammar
  • Messages often claim the user has ordered something that they never ordered

What is payment fraud?

Keep your signature safe. Payment fraud occurs when an individual uses one of several payment devices (e.g., checks or credit cards) to conduct fraud and steal your money. They include:

  • Check fraud
  • Wire fraud
  • ACH fraud
  • Debit & Credit Card fraud

Check fraud includes counterfeit checks, altered checks, and forged signatures. To protect yourself:

  • Keep your checks, deposit slips, and bank statements in a secure location
  • Review your statements closely and report any discrepancies to your bank immediately
  • Do not share your account number with anyone who does not need it
  • Destroy old checks, statements, ATM receipts, etc., before discarding
  • If you pay bills using checks that will be put in the mail, put them in a U.S. Postal Service blue box or bring them to the Post Office
  • Never sign a blank check
  • Do not endorse a check until you are ready to cash or deposit it
  • Do not put your Social Security number, driver’s license number, telephone number, or credit card number on your checks
  • Use a gel ink pen when you are signing checks (readily available at office supply stores, discount department stores, and some grocery stores) to write checks. The gel ink gets trapped in the paper and makes it much harder to wash than regular ink

Both wire and ACH (automated clearing house) transactions are forms of electronic fund transfers (EFTs). Wire and/or ACH fraud occur when a fraudster uses one of these transfer methods to obtain money based on false representation or promises. To protect yourself:

  • Monitor your accounts regularly for unauthorized transactions. Report any unauthorized transactions to your bank immediately.
  • Do not share your online banking logon credentials (user ID and password) with anyone
  • Do not share your account number with anyone who does not need it
  • Never access your bank account using a public computer (e.g., at the library or a hotel business office)
  • Install a firewall on your computer to prevent unauthorized access
  • Install and run anti-virus and anti-spyware software on your computer and keep them up-to-date

Card fraud is theft or fraud committed using a credit or debit card. The fraudster may use the card to obtain products or services or to withdraw money from your account. To protect yourself:

  • Sign the back of your card as soon as you get it
  • Get online statements instead of paper statements that come in the mail
  • Check your statements as soon as you get them
  • Be sure any sites you put your card information into (e.g., online shopping sites) are secure. The URL should start with https, not http.
  • Protect your cards like you would cash—try not to let them out of your sight
  • If your card is lost or stolen, notify your bank immediately
  • Shred credit card applications you may receive in the mail
  • Keep a record of account numbers, expiration dates, phone numbers, and addresses for each credit card in a secure place
  • Never give your credit card number over the phone unless you initiated the call and are dealing with a trusted source
  • Do not store your PIN with your credit/debit card

How can I bank securely on my mobile device?

Stay smart on your mobile device. Using your mobile device to check the balances of your accounts or to process a simple transaction is convenient and can save you time, but has its risks as well. To protect yourself you should:

  • Treat your mobile device with the same level of care as you would a credit card
  • Password-protect your mobile device with strong passwords
  • Store your mobile device in a safe place and use your mobile device’s auto-lock feature
  • If your mobile device supports device encryption, use it
  • Consider having a remote wiping system in case you lose your device or it gets stolen
  • Keep all your software current. This includes security, browser, operating system and all other applications.
  • Do not send confidential information in email or text messages (e.g., account numbers)
  • Delete messages that contain account information, including account balances, and any alerts you receive on a regular basis
  • Only download information (photos, ring tones, video clips, etc.) from trusted sources, and only download mobile apps from official app stores
  • Follow the same rules you use on your computer with respect to opening email and attachments. Similar to phishing attacks on your computer, SMiShing attacks involve fraudsters using text messages with links or phone numbers to call on your mobile device.
  • If you are concerned about the sites you are accessing from your mobile device, turn on the "show URL" or "show address bar" option so that you can see the actual site addresses to ensure they start with "https." Check the information that came with your device for specific instructions.
  • Install antivirus software on your mobile device. Contact your carrier for specific information on available antivirus software for your device.