Fraud Crisis Scenario Playbook
Crisis Scenario
Fraudsters are gaining access to credit union member accounts through spoofing scams.
Background
There has been an alarming rise in spoofing scams resulting in fraudulent activity. Using a spoofed phone number and/or email account, fraudsters are contacting credit union members claiming to be from their credit union’s fraud department. Pretending they need to verify the member’s identity, they obtain the information needed to access member accounts.
Key Talking Points
- [CREDIT UNION] was recently made aware of several incidents in which members became the victims of fraud after receiving calls, texts, or emails from scammers pretending to be our fraud department. We have contacted the authorities and are working with the [insert who – FBI, local authorities, etc.] to determine the exact dynamics of these situations.
- It is important to note that the fraudulent activity resulted from spoofed calls/texts/emails. [CREDIT UNIONS] systems remain safe and secure. This was not an attack on our security systems.
- We understand the frustration and fear caused by identity spoofing. Our priority is to assist affected members promptly and effectively to minimize the impact of fraudulent charges on member finances.
- [CREDIT UNION] takes the security of our members’ personal and financial information seriously. We employ state-of-the-art security measures, including multi-factor authentication, encryption, and real-time transaction monitoring, to protect against fraudulent activity.
- [CREDIT UNION] will never ask for your social security number or account number over the phone, by email, or via text. If you doubt the validity of any interaction or are asked to provide sensitive personal information, we encourage you to hang up and call us directly at (XXX) XXX-XXXX.
Q&A
What should I do if I think I’ve received a spoofed phone call?
The best thing to do is to hang up and contact [CREDIT UNION] directly at (XXX) XXX-XXXX. We will secure your account and identify any potential fraud.
How does [CREDIT UNION] protect me against fraud?
We employ a range of security measures, including multi-factor authentication, encryption, real-time transaction monitoring, and regular security audits, to safeguard our members’ personal and financial information from identity spoofing and fraud. We also offer a series of resources regarding personal fraud protection to help our members identify and avoid being scammed.
We recommend you download and link to the [CREDIT UNION] app on your smartphone and check your account information there and/or at [CREDIT UNION WEBSITE] daily to identify any fraudulent access or account activity quickly. You can also opt in for text messaging that will alert you immediately when a charge or withdrawal has occurred against your account.
What steps should I take to protect myself from these scams in the future?
First and foremost, if you receive a suspicious contact from someone asking for sensitive information, hang up and contact us directly at (XXX) XXX-XXXX. Second, regularly monitor your accounts and report anything suspicious immediately. Finally, stay vigilant by taking proactive measures to safeguard your information, including using strong and unique passwords. Never share personal information online or with an unconfirmed caller.
Sample Member Communication (Email)
Dear [INSERT NAME/MEMBER],
We were recently made aware of several incidents in which [CREDIT UNION] members became the victims of fraud after receiving spoofed calls, texts, or emails from scammers pretending to be our fraud department. By impersonating the credit union, they are attempting to obtain sensitive personal information such as account details and passwords.
We urge you to exercise caution and remain vigilant when receiving unexpected calls or messages, especially if they claim to be from [CREDIT UNION]. If you receive any suspicious communication, reach out to our customer service team immediately at (XXX) XXX-XXXX. Remember, we will never request sensitive information over the phone, by email, or by text.
Please be assured that your security is our utmost priority, and we are committed to supporting our members through any issues caused by these unfortunate events. If you believe you have been targeted by this scam or have inadvertently provided personal information to a fraudulent caller, please contact us immediately. We are here to assist you and will provide the necessary support to help safeguard your finances.
Thank you for your attention to this matter, and please do not hesitate to reach out if you have any questions or require further assistance.
Sincerely,
EXECUTIVE NAME
EXECUTIVE TITLE
CREDIT UNION
Credit Union Best Practices
Once collected, Credit Union examples will be shared here.
On The Go Articles
GoWest Councils Return in June — Don’t Miss Out on Mid-Year Access
The second round of GoWest Councils for 2025 begins in June, and if you haven’t joined us yet, there’s still plenty of time to take advantage of the next 16 sessions, which will be packed with insights and innovation.
Compliance Clarity Starts Here: Join GoWest’s 2025 Compliance Legal Update Seminar on May 6
The 2025 GoWest Compliance Legal Update Seminar is designed for credit union professionals to connect with peers, hear from legal experts on the latest industry trends and breaking updates, and gain insights into ever-changing compliance requirements.
Compliance Just Got Easier – InfoSight360 Is Live!
InfoSight360 is now live and available for all GoWest member credit unions. This FREE resource provides access to 14 major compliance areas containing […]