Example Scams

General Rules

  • You should report or ignore any message that requests you provide sensitive, private information.  If you think you received a fraudulent request and provided information, please contact us.
  • GTE Financial will never contact you and solicit your account information.
  • Never give personal or account information over the phone, in email or in text unless you initiated the call.

top

Example Text Message Scam

  • If the text message you receive sounds like this, it may be a Scam:
  • “Your account has been suspended for IRS review. Contact us immediately at 866.XXX.XXXX.”
  • “Because of unusual activity on your card, please call 678.255.XXXX. Please provide your card information and enter it correctly or your account could be permanently closed.”
  • “GTE Bank Notification – Your GTE bank account is closed due to unusual activity. Email your 16 digit debit/credit card number, expiration date, and social security number to gtefinancial.bank@xxxx.mi.

An example of a recent text scam (June 6, 2014)

If you get a text that indicates your debit card has been deactivated and please call XXX-XXX-XXXX to reactivate, this is a scam. GTE will not reach out to you and request sensitive information in text. A reported phone number that was used in this scam was 813-707-3749.

If you provided your account or banking information, please contact us immediately at 1.888.871.2690 Monday through Friday from 7:30am - 6pm. Saturday from 9am - 1pm. For after-hours, please call 1.800.449.7728.

top

Example Email Scam

If the email you receive sounds like this, it may be a Scam:

  • “In our terms and conditions you have agreed to state that your account must always be under your control or those you designate at all times. We have noticed some activity related to your account that indicates that order parties may have tried gaining access or control of your information in your account.
  • Therefore, to prevent unauthorized access to your GTE Financial Internet Banking account, you are limited to five failed login attempts in a 24-hour period. You have exceeded this number of attempts. To reactivate your debit card, please call: +1(805-XXX-XXXX)”

An example of a recent email scam (June 12, 2014)

From: beirek@gtefcu.org
Dear Customer,

During our regularly scheduled account maintenance and verification procedures, we have detected a slight error in your billing information.
This might be due to either of the following reasons:

1. A recent change in your personal information ( i.e. change of address).
2. Submitting invalid information during the initial sign up process.
3. An inability to accurately verify your selected option of payment due to an internal error
within our processors.

To regain access, you must logon to your account and to confirm your Account details within 24 hours. Please visit www.cuathome.gtefcu.org and update your account. Your security is important to us. If you are not aware of this situation, please contact us
immediately at 1.813.871.2690.

*Note: If you have not registered with GTE Financial™, please ignore this message and your contact information will be deleted within 7 days.

Thank you.
We apologize for any inconvenience.

This is an example of an unverified email that is coming from a "spoofed" gtefcu.org account. This is an email phishing scam asking members to update their account information on a fake GTE website. "Spoofing" of email addresses can sometimes occur, however in many cases, if you look at the email header, you will see the true sender. Many anti-spam engines and email services check for this and will mark as SPAM. If you are ever concerned about an email being "real", it is best practices to not click on any links, do not login or provide sensitive information. Please contact our Member Care department at 1.888.871.2690 Monday - Friday from 7:30am to 6:00pm and Saturday from 9am - 1pm or email cybercrime@gtefinancial.org to report or confirm that a GTE email is legitimate.

top

Phone Calls or Messages

A good example of a fraudulent call is one claiming you’ve won a gift card and all you have to do is provide them with your account information.

An example of a recent phishing scam (April 21, 2014):

If you receive an automated message that your debit card has been suspended or deactivated, please remember to not supply personal information. The message may prompt you to enter your debit card number to re-activate the card. It may be a generic message or it may indicate that it is a call from GTE Financial. Please remember, GTE will never request this type of information over the phone. If you have provided sensitive information, please call the number on the back of your card to cancel the card immediately. See more information on our Security Center and take action to report fraud!

An example of a recent vishing scam (January 21, 2014):

Credit Union members have been contacted by an automated phone call claiming to be from the National Credit Union Administration (NCUA), notifying consumers their debit cards have been compromised. The call then asks the receiver to follow prompts, which request personal information, including sensitive financial data and personal identification information.

Anyone contacted should immediately reach out to NCUA's Consumer Assistance Center Hotline at 800-755-1030 or by email at phishing@ncua.gov to report the scam. Operators answer calls Monday through Friday between 8am and 5pm EST.

Click to read the entire press release.

top

Fraud Attacks Defined

Know the fraudster language! What is a Phishing, SMShing, and Vishing attack?

  • Phishing is fraudulent attempts initiated via email sent to both the general public and to some credit union members that appear to be from legitimate companies or businesses. These false emails ask for the recipient to click on a link to verify their credit union account information. The link directs them to a false website and asks for their credit union account number, PIN, and password along with other personal information.
  • SMShing is a form of phishing that uses mobile phone text messages to attract users into visiting fraudulent websites, call a phone number or download malicious content via phone or web.
  • Vishing is the criminal practice of using social engineering and Voice over IP (VoIP) to gain access to private personal and financial information from the public for the purpose of financial reward.

top

Example App Scam

Some scams take the form of a mobile application for your smartphone.  A recent example masquerades as an MMS message from a user’s phone contact. The virus delivers a link, clicking on which unpacks the virus via an app.

  • The malicious program then gains admin privileges to Android, sending further messages to contacts and requesting fund transfers from any linked bank accounts via SMS.
  • Victims are greeted with the following message at the start: “Dear user, you have received an SMS photograph. You can view it using the link below.”
  • This threat is directed at Android OS users - bank customers using SMS banking and those who use mobile banking app.

If you receive a similar message, do not click the specified link.  If you feel that you may have installed a malicious application, please contact us

top