http://www.omnicommunitycu.org/xml/alerts.xml The OMNI Community Credit Union Alerts RSS Feed http://www.omnicommunitycu.org/images/bwlogo.gif OMNI Community Credit Union Alerts http://www.omnicommunitycu.org/alerts/alerts_view.php?alertID=10


As there were more than 37 million iPhones and iPod Touches sold in the first quarter of 2009 alone, this could readily put a very small skimmer in someone’s hand. More information can be found on this product at www.squareup.com.

]]> http://www.omnicommunitycu.org/alerts/alerts_view.php?alertID=9


This is a known scam and likely related to the Zeus/Zbot malware.  OMNI would never configure multi-factor authentication questions to capture this information.  If a member calls, and encounters this or a similar screen, it is likely they have this malicious software installed on their personal computer.  At this point, since the issue resides on the member's computer there is no additional action that is required from OMNI, but please let us know if you need assistance in helping out the member(s) in question.

]]> http://www.omnicommunitycu.org/alerts/alerts_view.php?alertID=8 Unauthorized iPhone Locator has been created and is offering CO-OP Network Surcharge Free ATM locations for $.99 per download. The appropriate steps are being taken, including contacting Apple, in an effort to shut the site down.

Please be aware that you are able to locate CO-OP Network Surcharge Free ATM's by sending a text message including the address, intersection or zip code to 692667 (MYCOOP) from any Mobile phone. There is no fee for this service,however, standard text messaging rates apply.

Click Here for Screen Shot

]]> http://www.omnicommunitycu.org/alerts/alerts_view.php?alertID=7
Credit Union Journal | Friday, January 23, 2009



PRINCETON, N.J. – Credit unions around the country were scrambling this week to isolate fraudulent transactions and block debit cards that may have been exposed to hackers by a massive breach at third-party processor Heartland Payment Systems, the latest in a long series of cards scandals.


"For the last three months we’ve been having losses and we couldn’t figure out the source of it,"said Luke Labbe, president of PeoplesChoice FCU, in Biddeford, Me., who determined this week that hundreds of accounts were leaked through Heartland, which processes merchant accounts for the credit union’s processor, Fiserv EFT.


The credit union, which is busily cancelling and reissuing about 500 cards, pays up to $15 apiece to replace cards, according to Labbe. It has accrued at least $40,000 in fraud losses on its Visa debit cards over the last three months. "This is a huge expense for a small credit union or bank," said Labbe, whose credit union recorded at least $20,000 in fraud losses last year from the cards breach at Hanneford Bros. supermarket chain.


Heartland, which processes accounts for as many as 250,000 merchants, notified its customers Wednesday of the breach that may have occurred as long as six months ago and exposed as many as 100 million accounts, making it one of the largest cards breaches ever.


"We’re 99% sure it’s Heartland," said Tom Shields, president of Piedmont CU, in Danville, Va., who said yesterday his members have been hit by about $20,000 in fraudulent transactions on Visa debit cards in recent weeks coming from such far-flung places as Florida, Texas and North Carolina. "There’s been at least 60 or 70 accounts affected, that we know of, so far," he told The Credit Union Journal yesterday.


Piedmont was notified, not by Visa, or Heartland, but by its cards processor, also Fiserv EFT, said Shields.


Across the country, in Salem, Ore., Oregon Territory FCU has been working for several weeks trying to determine the source of a data breach that has caused tens of thousands of fraudulent transactions on member accounts, tracing it to the Heartland, which processes merchant accounts for its processor, also Fiserv EFT. "We knew the breach was not a small one, based on the way it was spreading," said Alycia Howell, vice president for the $60 million credit union, of the nationwide data leak.

"Members were contacting us claiming there were transactions on their accounts that weren’t theirs," said Howell. "Our phones were just flooded with calls. It was just non-stop."


The three credit union executives each recounted how the perpetrators apparently created phony cards on their members’ accounts with information stolen from Heartland, then tested the cards at gas stations, sometimes with small purchases, sometimes with purchases over $100. Then the cards would be used at retailers, mostly Wal-Marts, but also Home Depot, Kmart, Publix, and Heb grocery on the northwest to buy as much $1,000 at a time of merchandise or gift cards. Oregon Territory FCU’s Howell even said her card was used to make a $300 transaction at Marshall’s in Florida.


Fiserv was able to put a block on signature-based debit transactions at the targeted retailers to require PINs, according to Howell.


Credit unions around the country were reporting affected accounts: Notre Dame FCU, South Bend, Ind.; Bangor (Me.) FCU; Atlantic Regional FCU, Brunswick, Me.; Hutchinson (Kan.) CU, among others.

So far, Oregon Territory has recorded 102 affected accounts and as much as $50,000 worth of fraudulent transactions on those cards.


Howell was frustrated because her credit union was never notified about the possible breach by Heartland or by Visa. "Our first (card) alert came Tuesday from Visa," she said. "We got nothing from Visa until Tuesday."


"We didn’t know until Wednesday how massive the breach was," said Howell ]]> http://www.omnicommunitycu.org/alerts/alerts_view.php?alertID=6
A new twist on phishing aims to obtain the three-digit security code printed on the back of VISA and MasterCard credit and debit cards. The phishers are trying to get enough information to perform fraudulent card-not-present transactions (Internet, telephone, and mail-order purchases).

Under this scam, a telephone call is placed to a legitimate cardholder. The caller claims to be a representative from VISA or MasterCard informing the cardholder of suspicious card activity. The caller provides details of an unusual transaction and asks if the cardholder made this purchase, which, of course, the cardholder did not. The cardholder is then asked to verify possession of the card. To do so, the cardholder is asked to read the three-digit security code on the back of the card. The fraudster then provides a control number in the event the cardholder needs to call back with questions, making the call seem legitimate.

The caller does not ask for the credit or debit card number, and that is why some members are fooled into believing the call is legitimate. But the fraudster already has the card number; what they don’t have is the three-digit security code from the back of the card, and that is what they are after with this scam.

The three-digit code on the back of the Visa or MasterCard card is a security tool used for non face-to-face transactions. When conducting transactions that are not face-to-face, many merchants will ask the shopper for the three-digit code to complete a card authorization. If the criminal obtains this three-digit number and already has your member’s card number, card expiration date, and billing address, the criminal may be able to obtain authorization for fraudulent transactions.

Never respond to any e-mail, telephone call, voice message, text message, or letter received through the mail that requests personal and financial information, including the three-digit number on the back of the card. ]]> http://www.omnicommunitycu.org/alerts/alerts_view.php?alertID=5 November 05, 2008
By Claude R. Marx

WASHINGTON – Consumers should be wary of fraudulent solicitations for a loan program for a nonexistent Federal Reserve lending program, the Fed warned yesterday.
Under the phony scheme, individuals are told that that they can work through a broker to access a Federal Reserve program that extends sizable secured loans to consumers. Consumers are encouraged to deposit large sums of money into a bank account, under the guise of a security deposit, in order to receive the purported loan.
The Federal Reserve has no involvement in these solicitations and does not directly sponsor consumer lending programs.
The agency urges consumers to verify the legitimacy of potential service providers before entering into a business transaction. It advised them to do business only with reputable lenders and to shop around for the most favorable loan terms.

Consumers with questions about solicitations that they suspect may be fraudulent are encouraged to contact the Federal Reserve Board ConsumerHelp Center at http://www.federalreserveconsumerhelp.gov or by calling 1-888-851-1920. ]]> http://www.omnicommunitycu.org/alerts/alerts_view.php?alertID=4
Your Credit Union Co-Op service account has been closed due to fraudulent activity, please call 1-813-600-1511.

This is a scam, therefore, you should not call the number. If you are unsure of any phone numbers or text messages, please contact a Credit Union representative, using a publicly listed phone number.

]]>