Risk Alerts

CUNA Mutual Group Risk Alert: Counterfeit Checks

Counterfeit cashier's checks and/or corporate checks that closely resemble credit union authentic checks have been presented for payment at financial institutions in connection with scams. Slight alterations in check color, check stock, logo, or location of key credit union check branding elements have been reported. In many cases, Routing & Transit Number (RTN) and MICR information is accurate.

CUNA Mutual Group Risk Alert: Lack of Security Procedures Can Drive Physical Security Concerns

CUNA Mutual Group reported that two recent risks – armored car attacks and suspicious packages found – have been making their way back into the financial institution workplace. In some instances, the lack of or misunderstanding of written security procedures to follow has exacerbated the concern for staff. CUNA Mutual Group lays out how credit unions can take steps to put security procedures in place to keep from being a victim to physical security attacks.

CUNA Mutual Group Risk Alert: Phishing Scam Targets Payroll Deposits

Phishing scams are targeting credit union human resources or payroll departments using a form of the C-suite business email compromise. The scam uses a phishing email – appearing to be from the CEO or another executive-level employee - sent to staff that manage HR or payroll functions. The email requests changes to an employee’s payroll direct deposit, which reroutes it to the fraudster’s account.

CUNA Mutual Group Risk Alert: PINs Caught On Camera at Drive-Up ATMs

ATM skimmers or shimmers alone don’t capture PINs. For that, fraudsters often rely on tiny hidden camera overlays. Unfortunately, ATM tampering continues to plague credit unions and members. Recent reports show that fraudsters have cleverly focused on drive-up ATMs since people are less likely to cover the keypad as they enter their PIN.

CUNA Mutual Group Risk Alert: Counterfeit Corporate Checks Reported

Counterfeit cashier's checks and/or corporate checks that closely resemble credit union authentic checks have been presented for payment at financial institutions in connection with scams. Slight alterations in check color, check stock, logo, or location of key credit union check branding elements have been reported. In many cases, Routing & Transit Number (RTN) and MICR information is accurate.

CUNA Mutual Group Risk Alert: Remain Vigilant During Tax Season

The Internal Revenue Service (IRS) lists refund fraud on the 2018 Dirty Dozen list of tax scams. Credit unions should not let their guard down – particularly in light of large-scale data breaches which provided fraudsters with the personally identifiable information needed to file fraudulent tax returns.

CUNA Mutual Group Risk Alert: Non-EMV Enabled ATMs Targeted

Fraudsters are increasingly targeting non-EMV enabled ATMs with counterfeit cards. The resulting losses are uninsurable. In addition, credit unions operating non-EMV enabled ATMs are at greater risk to large losses due to MasterCard and Visa’s liability shift.

CUNA Mutual Group Risk Alert: Credit Privacy Numbers Fraudulently Used to Obtain Loans

Credit Privacy Numbers (CPNs) – a nine-digit number, similar to Social Security Numbers (SSN) – are being used fraudulently in an attempt to obtain new credit cards and loans. The CPN is being used to obscure the connection between an applicant’s name and the actual contents of credit reports. Using any number in place of a SSN on a credit application is considered fraud and is a federal crime.

CUNA Mutual Group Risk Alert: Reg CC’s New Liability Provision

The final amendment to Regulation CC (Reg CC), published in September 2018, goes into effect January 1, 2019. The new rule creates a rebuttable presumption of alteration for substitute checks or electronic checks containing alterations or forged drawer signatures. This could impact your credit union’s schedule for retaining original paper checks as well as remote deposit capture service offering.

Wave of Hoax Bomb Threats Made Across County, FIs Among Targeted

KrebsOnSecurity reports that financial institutions are being targeted by an email extortion scam. The emails claim that bombs have been planted inside the recipient's building and will detonate unless a ransom is paid in bitcoin. The email's subject line reads, "I advise you not to call the police." Others have read “Think Twice.”

CUs, Don’t Let Your Members Fall for Fake SSA Scams!

The Federal Trade Commission (FTC) is getting reports about people pretending to be from the Social Security Administration (SSA) who are trying to get your Social Security number and even your money. In one version of the scam, the caller says your Social Security number has been linked to a crime (often, he says it happened in Texas) involving drugs or sending money out of the country illegally. The caller then says your SSN is blocked – but he might ask you for a fee to reactivate it, or to get a new number. And he will ask you to confirm your Social Security number.

Beware of the “Grandparent” Scam this Holiday Season!

In 2018, according to the Consumer Sentinel Network, it has seen a striking increase in the median dollar amount that people 70 and over are saying they lost to fraud. Digging into the data, they found common stories with an unusual twist: people 70 and older report mailing huge amounts of cash to people who pretended to be their grandchildren.

CUNA Mutual Group Risk Alert: Don’t Let Holiday Fun Ruin Your Credit Union Reputation

As the holiday season approaches, credit unions will host company parties. These events can be a great way to reward employees and volunteers for their hard work and boost employee morale. Don’t let the benefits of these celebrations overshadow the legal and safety risks they can create. Plan ahead now to keep these celebrations and preparation both safe and fun. Organizing events introduces uncertainties and uncertainties can quickly result in harm to people, property, and reputation.

Secret Service Warns of Uptick in ATM Skimming Attacks 

The U.S. Secret Service is warning financial institutions about a recent uptick in a form of ATM skimming that involves "cutting cupcake-sized holes in a cash machine and then using a combination of magnets and medical devices to siphon customer account data directly from the card reader inside the ATM," according to a report posted Saturday by KrebsOnSecurity.

CUNA Mutual Group Risk Alert: Fraudulent Wires Requested via Email

Credit unions have recently reported fraud cases involving wires requested via email by fraudsters impersonating members, as well as credit union CEOs. The fraudsters hack members’ personal email accounts and send fraudulent wire requests to credit unions from within the hacked accounts or use look-alike email domains to send the wire requests. The CEO email fraud attempts involve fraudulent emails sent from within CEO’s hacked email accounts requesting wires to pay vendors.

Consumer Alert from FTC: Anatomy of a Fake Check Scam

Fake checks drive many types of scams – like those involving phony prize wins, fake jobs, mystery shoppers, online classified ad sales, and others. In a fake check scam, a person you don’t know asks you to deposit a check – sometimes for several thousand dollars and usually for more than what you are owed – and wire some of the money back to that person. The scammers always have a good story to explain the overpayment – they’re stuck out of the country, they need you to cover taxes or fees, you need to buy supplies, or something else. But by the time your bank discovers you’ve deposited a bad check, the scammer already has the money you sent, and you’re stuck paying the rest of the check back to the bank.

CUNA Mutual Emerging Risk Alert: Lending Oversight

Managing lending risks can be tricky – especially when dealing with the many types of lending: consumer, real estate, indirect, business, etc. Your credit union needs a robust risk management program in place to help you provide proper lending oversight.

CUNA Mutual Group Risk Alert: Vishing Scam Leads to PIN-Based Debit Fraud

Members are being targeted in a vishing (phone-based phishing) scam in which fraudsters spoof phone numbers making the calls appear to originate from the credit union. The members are duped into providing CVV2/CVC2 codes and expiration dates for their debit cards. The fraudsters, already possessing the counterfeit mag stripe debit cards, use the information to change the PINs through voice response units. Then, they use the counterfeit cards to make ATM withdrawals, as well as purchases at Wal-Mart in Florida and Georgia. Credit unions in Indiana, Kentucky, Ohio, and Virginia have been impacted by the scam.

CUNA Mutual Group Risk Alert: New Check Adjustment Process for RDC Indemnity Claims

A new check adjustment process for Regulation CC’s (Reg CC) remote deposit capture (RDC) indemnity will be effective at a later date once changes to Regulation J (Collection of Checks and Other Items by Federal Reserve Banks) has been finalized. A credit union that accepts a paper check for deposit that is returned unpaid due to being previously deposited to another depositary institution via RDC can pursue an indemnity claim to recover the loss by using the new check adjustment process.

CUNA Mutual Group Risk Alert: How Senate Bill 2155 Changes Retaining Images of IDs

The recently passed Senate Bill 2155, Economic Growth, Regulatory Relief and Consumer Protection Act, contains a number of provisions that impact credit union processes - including the copying and scanning of driver’s licenses and personal identification cards. Under the new law, credit unions can copy or scan a person’s driver’s license or personal identification card for the purpose of verifying the person’s identity but must delete the copy or image after use.

CUNA Mutual Group Risk Alert: Credit Unions Face Overdraft Fee Lawsuits

Law firms, alleging overdraft fees are being improperly assessed, have again ramped up class-action lawsuits against credit unions. Plaintiff attorneys allege overdraft fees are being improperly assessed on the available balance in the account rather than the actual balance, and that credit unions failed to accurately describe this in the agreements – member account agreement and/or Regulation E’s (Reg E) opt-in agreement for ATM and one-time debit card transactions. One law firm has sent demand letters threatening a lawsuit unless the credit union is willing to cooperate in resolving the overdraft fee issue.

CUNA Mutual Group Risk Alert: Increase in Account Takeovers via Online Banki

Account takeovers through online banking are increasing at an alarming rate as fraudsters continue to exploit weak authentication methods for enrolling member accounts for online banking via credit union websites. Fraudulently enrolling member accounts for online banking is often the starting point for stealing member funds - not only through online banking but other payment channels as well.

CUNA Mutual Group Risk Alert: VISA’s Lift on Chargeback Limits Expected to Help CUs

On April 15, 2018, VISA lifted limits on U.S. counterfeit fraud chargebacks less than $25. In addition, card issuers are no longer limited to 10 chargebacks per account for fraudulent counterfeit transactions. This change should help credit unions that were previously responsible for losses even though they had implemented EMV on cards and the merchant had not.

Risk Alert: Counterfeit Checks

Counterfeit cashier's checks and/or corporate checks that closely resemble credit union authentic checks have been presented for payment at financial institutions in connection with scams.  Slight alterations in check color, check stock, logo, or location of key credit union check branding elements have been reported.  In many cases, Routing & Transit Number (RTN) and MICR information is accurate.

Risk Alert: Cryptojacking: Top Reported Threat to Computer Systems in 2018

Cryptomining malware, this process of using a computer system or mobile device to mine cryptocurrency without authorization, has been identified as the top cyber threat affecting organizations so far in 2018. Some variants of the malware have been known to tax desktop and mobile device CPU’s to the point of damaging hardware, and in some cases causing the device’s battery to burst. As long as cryptomining remains profitable, continued use and increasingly damaging variants of the malware infections can be expected.

Alert: Class Action Phishing Scheme

The League has recently become aware of a Web site and social media advertisement apparently sponsored by a class action law firm that invites credit union members to contact the law firm if they have been charged an overdraft or NSF fee in connection with use of a debit card.

CUNA Mutual Group Risk Alert: Emerging Risk: Preparing for Disasters of All Types

Natural disasters and catastrophes disrupt credit unions throughout the nation each year; in fact, many were impacted in 2017 due to bad weather, hurricanes, wildfires, and even man-made or infrastructure threats. And while it is impossible to prevent a disaster, you can take measures to ensure both your credit union and employees are prepared.

CUNA Mutual Group Risk Alert: Credit Unions Fall Victim to Cash Advance Scams

Fraudsters are obtaining cash advances at the teller counter using counterfeit cards. Typically, the fraudster is a non-member and uses a card from another financial institution. Although this scam has been around for years, credit unions have witnessed an uptick in losses as fraudsters perfect their methods. In most cases, this is an uninsurable loss.

CUNA Mutual Group Risk Alert: Combat Mobile Phone Port-Out Scams

Fraudsters are impersonating mobile phone users to have phones transferred to a different carrier – effectively stealing the users’ mobile phone number. This is being coined as a port-out scam. Once transferred to a different carrier, the fraudster receives all calls and texts that were intended for the user – including those that can be used to takeover a member’s account via online banking. Fraudsters have successfully intercepted one-time passcodes used to authenticate members logging into their account or to initiate transactions within online banking.

CUNA Mutual Group Risk Alert: Court Decision Impacts TCPA Compliance

On March 16, 2018, the United States Court of Appeals for the D.C. Circuit handed down a much anticipated decision on FCC's 2015 Declaratory Ruling and Order. Key portions of the FCC’s Order in 2015, such as the FCC’s definition of an automatic telephone dialing system (ATDS or autodialer), are now considered unreasonable. The ruling also addressed the issue of reassigned cell phone numbers. These revisions could provide some compliance relief to credit unions.

CUNA Mutual Group Risk Alert: W-2 Phishing Scams Resurface

The Internal Revenue Service (IRS) is warning employers to educate human resources and payroll personnel about phishing scams involving W-2s. The phishing scam attempts to trick employees into sharing W-2 information. Fraudsters can use employees’ sensitive information to file fraudulent tax returns as well as commit other forms of identity theft.

CUNA Mutual Group Risk Alert: Increase in Identity Theft-Related Account Fraud

A credit union in the Northwest recently experienced a rash of fraudulent accounts opened online. The fraudsters opened 30 accounts using personal information belonging to others, including names, Social Security Numbers, dates of birth and addresses – most likely garnered from a recent major data breach of a credit bureau and purchased on the dark web. A unique aspect is the fraudsters used the identity theft victims’ addresses when opening the accounts. These addresses were within the credit union’s normal trade area so no red flags were raised.

CUNA Mutual Group Risk Alert: Patent Protection and Software Licensing Efforts Target CUs

Credit unions from around the country have received letters from the Epicenter Law firm “inviting” them to license the patent rights to remote deposit capture (RDC) technology. The letter states Epicenter represents United Services Automobile Association (USAA), a Texas-based financial services group. And, although these letters are recent, it appears that banks have been receiving similar letters sent on behalf USAA for nearly a year.

Risk Alert: FTC Continues to Crack Down on Student Loan Scams

A lot of us have student loans – and some of us have trouble paying them every month. Some companies claim to resolve that issue by saying they can help you pay them down quicker, cheaper or get them forgiven altogether. Be cautious – some of these companies are running scams.

CUNA Mutual Group Emerging Risk: Active Shooter Incidents

Active shooter incidents are unpredictable and evolve quickly. And, unfortunately, we continue to see them impact our communities. It is critical for your credit union staff to be aware of their surroundings and know how to instinctually respond.

CUNA Mutual Group Risk Alert: Department of Defense Amends Military Lending Act Interpretive Rule

The Department of Defense (DOD) has amended its interpretive rule for the Military Lending Act (MLA) which impacts certain purchase money loans previously exempted from being covered. The most recent DOD interpretation addresses questions relating to the exemption from coverage for credit expressly intended to finance the purchase of a motor vehicle or personal property, as well as whether a credit union can take a security interest in a covered borrower’s shares in the credit union.

CUNA Mutual Group Risk Alert: Wire Transfers Continuously Targeted by Fraudsters

Losses from fraudulent wire transfers from member accounts have increased in frequency and severity. Fraudsters continue to impersonate members to request wire transfers from member accounts, which are often funded with advances against members’ line-of-credit loans (e.g., HELOCs). They easily defeat call-back verifications and security questions by controlling the number used for callbacks and by building member profiles to answer security questions. The evolution of new wire transfer scams including CEO email fraud and updated wire instructions for real estate closings, compounds the problem.

CUNA Mutual Group Risk Alert: ATM Jackpotting Empties Credit Union ATMs

ATM Jackpotting – using malware to cause ATMs to dispense cash until emptied – has caused financial institutions to incur seven-figure losses. Fraudsters can infect ATMs physically at the ATM or remotely via the credit union network. Ensure your credit union has proactive security solutions to minimize the risk and potential financial impact.

CUNA Mutual Emerging Risk Alert: Defend Against Tax Refund Fraud

Tax fraud scams and identity theft is at a higher risk during tax filing season with fraudsters looking to claim bogus refunds. The Internal Revenue Service (IRS) and financial institutions have made substantial progress in the battle against identity theft-related tax refund fraud; however, credit unions and credit union members should remain vigilant in recognizing potential tax refund fraud.

CUNA Mutual Group Risk Alert: Labor Law Changes in 2018 to Impact Your Employee Handbook

With the new year quickly approaching, your credit union’s HR, risk, and compliance departments should carefully review and understand upcoming labor law changes that will take effect in 2018. In addition, you should ensure that your credit union’s policies and employee handbook reflect the latest laws and changes that are occurring at state and local levels. Some of the changes that could impact your handbook include leave, equal pay, reasonable accommodations, and weapons in the workplace.

CUNA Mutual Group RISK Alert: Help Employees & Members Prepare for Holiday Scams

The holiday season should be a time of celebration, so help your members enjoy it by alerting and educating them on holiday scams. This time of year ignites high-spending activities and tons of online and in-store shopping, making your members an easy target for fraudsters. Help your members stay informed on the latest and most common scams during the holiday season.

CUNA Mutual Group Risk Alert: ACH Booster Payment Fraud Impacts More Credit Unions

Originating ACH debits is a significant risk especially when ACH booster payments are introduced on credit union issued credit cards. Booster payments can be made through online banking, services offered by card processors, or other payment service providers (e.g., pay by phone service). Members use booster payments to inflate their credit limit and cause losses greater than the card's credit limit. The member uses the available credit limit created by the ACH booster payment before the payment is returned and will repeat this process multiple times until the fraud is discovered. Booster payments continue to impact credit unions with losses far greater than the established credit limits.

CUNA Mutual Group Risk Alert: WannaCry Ransomware Spreads Quickly & Attacks Worldwide

One of the largest ransomware attacks of all time, WannaCry, has already infected more than 200,000 victims in 150 countries. This unprecedented attack, first identified late last week, is primarily targeting organizations as opposed to individuals. An initial ransom of $300 in bitcoin is demanded for the return of blocked files; however, the ransom goes up every few hours.

Click here for the full risk alert.

CUNA Mutual Group Risk Alert: Counterfeit Checks

Several credit unions recently reported that counterfeit cashier's checks or corporate checks that closely resemble the credit union's authentic checks have been presented for payment at financial institutions in connection with scams.  The counterfeit checks often have slight alterations in check color, check stock, logo, or location of key credit union check branding elements. In many cases, the Routing & Transit Number (RTN) and MICR information is accurate.

Click here for the full alert. 

CUNA Mutual Group Risk Alert: Crime Gangs Target Off-Site ATMs

 A surge of burglaries of off-site automated teller machines (ATMs) - those not connected to a credit union branch - have resulted in large amounts of currency being recently stolen. The ATM burglaries appear to be the result of crime gangs targeting the less secure, off-site machines.

Click here to read the full alert. 

Skimming Devices Evolve Into Shimmers

Recent reports from Canada and Mexico highlight the evolution of skimming devices into what are now being called "shimmers". Shimmers are growing in frequency and have the ability to access some of the data contained within chip-enabled plastic cards. This discovery adds to the challenges already facing EMV in its second year in the United States. However, there remain several reasons why EMV is still the best defense against card-present, counterfeit fraud.

Improper Sales Incentive Programs Can Cause Consumer Harm Alert

The Consumer Protection Financial Bureau issued a bulletin that discussed the risks incentive programs can pose to consumers when the program creates an unrealistic culture of high pressure targets. Some employees have resorted to violating consumer financial laws in order to meet these incentive goals. Credit unions can use data to monitor employee practices relating to incentives. This data can be used to mitigate risks to consumers and determine when corrective action should be taken.

Workout Facilities Can Introduce Work/Life Balance and Risk

With the New Year come New Year's resolutions. Many of those can involve getting more physically fit. Credit unions are increasingly providing exercise facilities and workout areas on premise for use by their employees. Making this commitment brings benefit to the employee and can even increase work productivity and reduce stress. However, on premise exercise facilities can also increase potential liability and other risks to the credit union.

Counterfeit Checks Impact Members with HELOC Accounts

Counterfeit checks drawn on members’ home equity line-of-credit (HELOC) accounts have been recently reported by credit unions across the country. The amounts have been in the tens of thousands and up to $350,000 in some instances. Similarly, large dollar losses have been linked to counterfeit checks posted to member checking accounts funded by unauthorized advances from HELOC accounts or overdraft protection connected to HELOC accounts.

Remain Vigilant of Tax Refund Fraud

The Internal Revenue Service reported a decrease in ID theft-related tax refund fraud through the first nine months of 2016 stopping 787,000 confirmed ID theft tax returns totaling more than $4 billion. Credit unions should remain vigilant as you are in prime position to identify tax refund fraud impacting your organization and your members based on the methods for issuing refunds – via ACH credit or check.

Click here to view the CUNA Mutual Group Risk Alert and mitigations.

New Era Begins with MBL Rule Changes

With implementation only weeks away, the NCUA continues to revise examination guidance in preparation of the final Member Business Lending (MBL) rule. The final rule, which goes into effect January 1, 2017, emphasizes the principles of sound commercial lending reflected in Part 723, along with those addressing the statutory cap on member business loans.

Be Safe and Smart During the Holiday Season

The holiday season brings familiar sights, sounds, feelings, and unfortunately fraud. Fraudsters fill with glee over the time period between Black Friday and New Year’s Eve as unsuspecting members let down their guard limiting traditional fraud prevention methods at a time where member service is most prevalent. And, what’s on every fraudster’s holiday shopping list? Data.

Click here to view the full CUNA Mutual Group Risk Alert and mitigations.