Fraud Alerts and Tips Center
Helping you keep your money and information safe.

Beware of Text and call scams (03/10/2023)

New Fraud Alert: Some members have been contacted about potential fraud on their PayPal account from a spoof RRCU number. The caller requested the member hit “pay” on a paypal transaction to them so they can reverse the transaction into the RRCU account. RRCU will not ask you to pay them to dispute a transaction. Never give out your account or debit card details. Hang up and contact RRCU at 903-735-3000 to report the request.

---

Beware of Text and call scams (03/03/2023)

New Fraud Alert: Some members have been contacted about potential fraud on their debit card, which is common. However, the caller requested the member's account balance, expiration date, and/or CCV number for verification and that makes it a fraud attempt. Never give out your account or debit card details. Hang up and contact RRCU at 903-735-3000 to report the request.

---

Beware of Text Message Scam (04/19/2022)

There is a new scam circulating among our members. This is a scam that sends a text message to the member's phone number requesting you to click on a link to confirm details. Please Do Not Click on this or provide any information to these people as they are attempting to gather information. Below is an idea of what the message looks like:

---

Beware of Unknown Third-Party Apps (12/11/2020)

New scam alert warning members to not download mobile apps from third-party vendors and never provide your account information including your ID and password to anyone or in any form. Malicious apps may be downloaded directly from a website, not through the App Store or Google Play. Malicious apps can collect a variety of personal data, including member account access information, or ask for this information to set up the app.

If you think you have been a victim of a malicious app, contact RRCU and file a complaint with one of the following agencies:

FTC-The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint, visit ftc.gov/complaint or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.

IC3-The FBI’s Internet Crime Complaint Center (IC3) 2019 Internet Crime Report includes information from 467,361 complaints of suspected Internet crime, with reported losses in excess of $3.5 billion. The top three crime types reported by victims in 2019 were phishing/vishing/smishing/pharming, non-payment/non-delivery, and extortion. In addition to the 2019 statistics, the report contains information about the IC3, the FBI’s work in combating Internet crime, and the most prevalent scams.

---

Multiple Scams and Fraud Alerts Amid COVID-19 - Members are Advised to Stay Alert (07/24/2020)

COVID-19 has forced rapid change throughout our entire country.  Along with disaster relief, sadly, comes scammers/fraudsters.  It has been brought to our attention that a new scam is quickly affecting many.  Scammers are using the SBA (Small Business Administration) advances, grants and loans as an easy route to bring income in for themselves. Our goal at RRCU is to do what we can to keep you, our member, safe from this kind of act. Here are a few reminders:

• DO NOT ACCEPT ANY DEPOSITS TO YOUR ACCOUNT FROM SOMEONE YOU MET ON SOCIAL MEDIA OR THAT YOU DO NOT PERSONALLY KNOW.
• DO NOT OPEN A NEW ACCOUNT TO ATTEMPT TO RECEIVE FUNDS FROM SOMEONE YOU MET ON SOCIAL MEDIA OR THAT YOU DO NOT PERSONALLY KNOW.
• DO NOT GIVE YOUR ACCOUNT NUMBER OR PERSONAL INFORMATION TO ANYONE.
• DO NOT APPLY FOR AN ADVANCE, GRANT or LOAN IN YOUR NAME FOR ANOTHER INDIVIDUAL.
• NO MATTER HOW GOOD THE DEAL SOUNDS, IF IT'S TOO GOOD TO BE TRUE, YOU ARE PROBABLY DEALING WITH A SCAMMER. 

As always, when in doubt, reach out to a representative.  We are always happy to help.  Do not put yourself at risk!

---

MEMBER ALERT: Coronavirus Stimulus Scams Surface Targeting Members (04/01/2020)

A report from the CUNA Mutual Group
Fraudsters have been quick to deploy scams involving the coronavirus stimulus package that would include direct payments to individuals and married couples filing jointly. Many variations of the scam could impact our members.

Details
Fraudsters haven’t wasted any time with scams related to the coronavirus. In response to the stimulus package, the Better Business Bureau (BBB) reported that fraudsters have deployed a variety of scams involving coronavirus stimulus checks. The BBB Scam Tracker has received several reports of coronavirus scams where individuals are contacted through text messages, social media post /messages, or phone calls.

One version of the scam targets seniors through a Facebook post informing them that they can get a special grant to help pay medical bills. The link within the post takes them to a bogus website claiming to be a government agency called the “U.S. Emergency Grants Federation” where they are asked to provide their Social Security Number under the guise of needing to verify their identity. In other versions, fraudsters claim individuals can get additional money – up to $150,000 in some cases. The victims are asked to pay a "processing fee” to receive a grant.

In North Carolina, there are several reports of a coronavirus scam in which potential victims received phone calls. Fraudsters told the victims they qualified for a $1,000 to $14,000 coronavirus stimulus payment; however, they must first pay a processing fee. 

Coronavirus direct payments will likely be in the form of direct deposits or through U.S. Treasury checks. Fraudsters may look to seize this opportunity to create counterfeit U.S. Treasury checks to use in their scams. Knowing when the stimulus checks will be issued, fraudsters could steal U.S. Treasury checks out of the mail and attempt to cash them at a credit union after opening an account. This was a common occurrence in the aftermath of Hurricane Sandy as fraudsters counterfeited and forged U.S. Treasury checks representing the Disaster Assistance checks.

Fraudsters may also attempt to scam members into providing their account number under the pretense of direct depositing the stimulus payment to their account.
 

Please Remember:

• Government agencies do not communicate through social media outlets, such as Facebook.
• Never pay a fee for a government grant. A government agency will never request an advanced processing fee to receive the grant.
• Beware of fake government agencies promoted by fraudsters. The only official list of all U.S. grant-making agencies can be found at www.grants.gov.
• Red River Credit Union will NOT accept third-party U.S. Treasury Checks where the listed payee endorses the check over to another person.

Source: © CUNA Mutual Group, 2020.

---

Phishing Calls(9/19/19)

Please be aware. We have had reports of members receiving calls from our toll free# (800-822-3317) posing as Red River Credit Union employees stating they have fraud on their cards. They are requesting their PIN#s to be able to reset the card.
The only legit calls that should be received would be from our fraud department (877-253-8964). We would never ask a member for their PIN#. Please make sure to never give out your PIN.

---

Text Messages Sent to Members (Updated 12/28/18; Revised 08/28/19)

We have been receiving calls stating that members are receiving text messages from RRCU. RRCU may send text messages to members unless the member has opted out of the service.
To guard against fraudulent messages, please remember RRCU will NEVER ask for your PIN or SS#. If you receive a text asking for this type of information, please do NOT provide the information and delete the message. When in doubt, contact RRCU during regular business hours at 903-735-3000 or 800-822-3317. If you wish, you may block your debit card after hours/weekends/holidays by calling RO$EY, our 24-Hour Audio Response System, at 903-793-3400 or 800-833-1528. Choose Option 3 after your member sign-on for “Other Activities,” then Option 3 again to block the card.

 

---

Important Information Regarding ATM Security (Updated 12/13/18)

We want to assure members that we take security very seriously. Member information is our top priority. All RRCU ATM’s are serviced and checked daily. No skimming devices have been placed on our ATM’s. Fraudulent ATM debit cards were used at several of our ATM’s. We are working diligently with multiple authorities on these open investigations. If any member feels their card or accounts have suspicious activity, please contact us immediately at 1-800-822-3317 or 903-735-3000.

 

---

Important Information Regarding the EQUIFAX breach (Updated 9/8/17)

The following information was taken from the Equifax Inc. website:

September 7, 2017 — Equifax Inc. (NYSE: EFX) announced a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. Criminals exploited a U.S. website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017. The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases.

Equifax discovered the unauthorized access on July 29 of this year and acted immediately to stop the intrusion. The company promptly engaged a leading, independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed. Equifax also reported the criminal access to law enforcement and continues to work with authorities. While the company’s investigation is substantially complete, it remains ongoing and is expected to be completed in the coming weeks.

Equifax has established a dedicated website, www.equifaxsecurity2017.com, to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection. The offering, called TrustedID Premier, includes 3-Bureau credit monitoring of Equifax, Experian and TransUnion credit reports; copies of Equifax credit reports; the ability to lock and unlock Equifax credit reports; identity theft insurance; and Internet scanning for Social Security numbers – all complimentary to U.S. consumers for one year. Equifax recommends that consumers with additional questions visit www.equifaxsecurity2017.com or contact a dedicated call center at 866-447-7559, which the company set up to assist consumers. The call center is open every day (including weekends) from 7:00 a.m. – 1:00 a.m. Eastern time.

As always, if you detect unauthorized transactions on your account, notify RRCU immediately. To place a block on your debit card, contact RRCU’s Call Center at 903-735-3000 or 800-822-3317; or, dial RO$EY, our audio response system, at 903-793-3400 or 800-833-1528, choose Option 3 after your member sign-on for “Other Activities”, then Option 3 to block the card. 

 

---

Important Information Regarding the Kmart Data Breach (Updated 6/8/17)

On June 1, the Senior Vice President for Sears and Kmart, announced that the company was investigating the second data breach impacting Kmart in three years. The merchant recently became aware of an incident placing payment card data at risk due to a form of malicious code that went undetected by their current anti-virus systems. The company immediately launched an investigation following reports of unauthorized payment card activity at some of their locations. The investigation found it to be limited only to infected store payment systems at Kmart.

Based on their investigation, no personal identifying information, including names, addresses, social security numbers, birth dates or email addresses were obtained in the breach. However, certain payment card numbers have been compromised. All Kmart stores were EMV “Chip and PIN” enabled during the time that the breach occurred. The potential window of compromise from September 6, 2016 through April 30, 2017.

If you detect unauthorized transactions on your account, notify RRCU immediately. To place a block on your debit card, contact RRCU’s Call Center at 903-735-3000 or 800-822-3317; or, dial RO$EY, our audio response system, at 903-793-3400 or 800-833-1528, choose Option 3 after your member sign-on for “Other Activities”, then Option 3 to block the card. 

 

---

NOTICE OF DATA SECURITY INCIDENT (Updated 5/4/17)

It is important to RRCU for our members to be informed about security events that occur. Please review the information below taken from the Chipotle website:

"We want to make our customers aware that we recently detected unauthorized activity on the network that supports payment processing for purchases made in our restaurants. We immediately began an investigation with the help of leading cyber security firms, law enforcement, and our payment processor. We believe actions we have taken have stopped the unauthorized activity, and we have implemented additional security enhancements. Our investigation is focused on card transactions in our restaurants that occurred from March 24, 2017 through April 18, 2017. Because our investigation is continuing, complete findings are not available, and it is too early to provide further details on the investigation. We anticipate providing notification to any affected customers as we get further clarity about the specific timeframes and restaurant locations that may have been affected.

Consistent with good practices, consumers should closely monitor their payment card statements. If anyone sees an unauthorized charge, they should immediately notify the bank that issued the card. Payment card network rules generally state that cardholders are not responsible for such charges."

 

---

Apply for a Loan Scam (Updated 2/9/17)

A new and very creative scam is gaining popularity. More than a few of our members have personally experienced this scam. In most online fraud cases the scammer approaches the victim by email or text. However, in some of these cases, the potential victim approached the scammer! This clever scam is an online loan scam. This scam offers an appealing loan rate with funds directly deposited into the victim’s account. The scammer requires your personal information and your account information to process the requested loan. The objective of this scam is to obtain the victim’s confidential online banking information, not to mention the easy access to the victim’s Social Security number. The victim completes a loan application (this is customary when applying for a loan) which includes the victim’s account number, bank name, and (not customary) online banking User ID and confidential online banking password. Once these crooks get your online banking password they can log into your account and authorize debit transactions as you! Never give anyone your online banking information. A deposit can be issued to an account without this information. There is absolutely no reason anyone or any business needs this information. If you have given out this information, contact the credit union immediately.

 

---

RRCU Teller Checks (Updated 2/12/16)

Beware of counterfeited Red River Credit Union Teller Checks. These checks were not negotiated through Red River Credit Union, nor are they a valid legal instrument. Innocent people are approached on Craig’s List, Facebook or email. Victims receive a counterfeit Red River Credit Union Teller Check for various reasons; sold merchandise, fictitious job offer, or loan. The victim is over-paid and instructed to deposit the counterfeit check into their personal account and to wire the overpayment amount. Once wired, the funds are unrecoverable, and the victim could be held responsible both legally and financially.

 

---

(Updated 3/14/16)

The latest scam is being delivered via text and e-mail. It states, “This is an automated message from credit union. Your card is blocked, to unblock visit us at 'http: //bit.ly/******'.” This message is not from Red River Credit Union. Red River Credit Union will not contact you by text or email regarding your debit or credit card.

A good indication you are receiving a fraudulent email or text is the message will not be specific to you. Your name and the credit union’s name are not included in the email. In most cases, when you are being phished the sender does not know your name. The email or text is a mass email sent to numerous people to get a few to respond. If you responded to the text or email, providing your debit card information, contact Red River Credit Union at 903-735-3000 immediately.

 

---

(Updated 2/12/16)

Beware of counterfeited Red River Credit Union Teller Checks. These checks were not negotiated through Red River Credit Union, nor are they a valid legal instrument. Innocent people are approached on Craig’s List, Facebook or email. Victims receive a counterfeit Red River Credit Union Teller Check for various reasons; sold merchandise, fictitious job offer, or loan. The victim is over-paid and instructed to deposit the counterfeit check into their personal account and to wire the overpayment amount. Once wired, the funds are unrecoverable, and the victim could be held responsible both legally and financially.

 

---

(Updated 8/11/15)

This is a new twist on an old scam. We previously reported on card cracking, where members were conned into handing over their debit card and PIN, allowing the fraudsters to make ATM deposits with bad checks. Now that members can easily make deposits via their mobile devices, the fraudsters are now also shifting gears to take advantage of the new technology.

Credit unions are reporting members are falling for mule scams, beginning with recruitment through Facebook and other social media. The scams appear to be legitimate work-at-home jobs, or other opportunities to function as a money transfer agent. The member is told they will receive deposits into their account, with instructions on withdrawing the funds and forwarding the money to their contact person. The member is told they’ll receive a percentage of the proceeds as commission.

The member is instructed to provide online/mobile banking usernames and passwords to the contact person. This action allows fraudsters to log in to the accounts to access the mobile RDC service to deposit checks. The checks are returned after the holds expire, and the member has already removed the funds. Many members falling for these scams have little in assets to cover their negative balance.

 

---

(Updated 5/5/15)

One new scam in Texarkana is being performed in the form of a text to your phone. The text claims to come from the policed dept. or other legal entity. The text says you have an overdue fine or other legal issue and a warrant will be issued for your arrest if you don’t make immediate payment. The text gives you a link to a phone number which will direct you to pay the fine. It’s my understanding it will direct you to PayPal and other sites for payment.

To place a block on your debit card, contact RRCU’s Call Center at 903-735-3000 or 800-822-3317; or, dial RO$EY, our audio response system, at 903-793-3400 or 800-833-1528, choose Option 3 after your member sign-on for “Other Activities”, then Option 3 to block the card. 

 

---

(Updated 3/30/15)

Debit card users beware of a new phishing attempt by text and email. The scammers claim to be your financial institution and warn you that your debit card has reached its spending limit. The text requests your information to correct the issue. It is a scam and an attempt to gain your personal information. Do not respond! If you already have, block your card immediately.

To place a block on your debit card, contact RRCU’s Call Center at 903-735-3000 or 800-822-3317; or, dial RO$EY, our audio response system, at 903-793-3400 or 800-833-1528, choose Option 3 after your member sign-on for “Other Activities”, then Option 3 to block the card. 

 

---

(Updated 3/11/15)

We have received calls from our members stating that their debit cards have been disabled and that they need to click on a link that is provided to assist with getting it re-enabled. This is a scam and they are attempting to obtain information to fraud our members. Use extreme caution in giving out any of your personal information.