Member Alerts

Member Security

This area of our website is dedicated to the education of our members regarding security issues that may impact their lives. Swindlers utilize numerous methods to exploit others, but one thing is certain: “If it sounds too good to be true, it probably is!

Listed below are some links to ways in which you can protect yourself, your family and friends. We will update this section on a regular basis so please, check back for the latest developments! If you can think of any other ideas that may be useful, let us know (teucu@teucu.com). We also discuss the latest scams on our Member Board, so don’t forget to check there as well!

Online Banking Security

We want our members to be confident when accessing your financial institution online. While TEUCU uses multiple layers of protection to increase your security while using TEUCU online banking, here are some additional ways to protect yourself while online.

bullet Install and use an anti-virus program and keep it up to date. Always use up-to-date anti-virus software that is capable of scanning files and email messages for viruses, worms and Trojan horses. This can help prevent your computer system and files from being corrupted or lost. A variety of anti-virus software packages are available on the market today and many of these products install anti-virus updates automatically, as long as you have the update feature enabled.
 
bullet Use a personal firewall. Any computer or device connected to the Internet that is not properly protected may be vulnerable to a variety of malicious Internet intrusions and attacks. A personal firewall can help protect you from intrusion because it creates a barrier between your computer and the rest of the Internet. A number of firewall solutions are available in the marketplace today. They can be a hardware device, a software application or a combination of the two. Most firewalls can be set up to alert you if anyone tries to access your computer system.
 
bullet Use strong encryption. The stronger the encryption your Web browser uses, the more difficult it is for intruders to intercept your online activities. It is recommended that you ensure your browser supports at least 128-bit encryption.
 
bullet Use unique passwords and change them regularly. Always choose unique passwords that are difficult to guess. Use longer passwords that have eight or more characters, mix letters, numbers and special characters. These are much more difficult to figure out than shorter, more straightforward ones. Don't share your passwords, use different passwords for different accounts and remember to change them regularly.
 
bullet Keep security patches up-to-date on your computer. After software has been released, security holes or bugs that may have been missed prior to its release are sometimes identified. Most major software companies today provide software patches or updates to address these issues. It is important that you regularly visit your software vendor's Web sites and stay informed of any security related patches and updates they provide. Evaluate these updates and install them as necessary.
 
bullet Be aware of the risk posed by installing software or files from unknown sources. Avoid downloading programs and software from sources you are not familiar with and don't download or use pirated software. These programs may contain viruses or other malicious code that could cause harm to your computer or be used to steal private or confidential information like account numbers and passwords. These programs may also come bundled with other programs that you may not be aware of. Programs such as spyware and adware may also be simultaneously installed on your computer for the purpose of tracking and reporting on your computing and browsing habits. It is important that you read the terms and conditions that come with any program or software carefully before installing it on your computer.

PIN Protection

With the popularity of ATM transactions it is no surprise that thieves find it popular as well. TEUCU would like you to remember this simple way to protect yourself. The easiest way to protect yourself is to protect your PIN. Never tell anyone your PIN, even if they claim to be from a bank or the police. Don't keep a written record of your PIN. Having a different PIN for each card can provide an extra safeguard. Also, make sure no-one sees your PIN when you use a terminal or cash machine. If someone wants fraudulent access to your account they need two things; a copy of your card and the correct PIN. Any cloned cards are useless without the correct PIN. Shield your hands when entering your PIN. Keep in mind that there are usually people all around you when you are in the checkout line …any one of them could be working alone or in conjunction with a partner to steal your valuable PIN.

Never reveal your PIN to anyone or you could be liable for losses.

This means:

bullet

Don't be tempted to jot your PIN down “just in case you forget it”

bullet

Never tell anyone your PIN or let them enter it for you
bullet

Enter your PIN discreetly, just as you would when using a cash machine. If you are asked to enter your PIN into a handheld Chip and PIN terminal, don't feel awkward about moving to a position where you won't be overlooked
bullet

PINs are only intended for use at a Chip and PIN terminal or a cash machine. Never give out your PIN when ordering by phone, post or online. Do not voluntarily give your PIN to friends or family members.
bullet

Always keep your receipt when you make a Chip and PIN payment. Mistakes are rare but it's wise to check it against your statement later.
bullet

Where money is involved, a criminal won’t stop at anything.
bullet

Always keep possession of your Card.
bullet

Avoid all PIN combinations that may easily be determined by others such as your anniversary, birthday phone number, etc.

You are responsible for the full amount of all activity on your account completed through an Electronic Banking Service resulting from:

bullet

The use of your card and/or PIN by you or any person to whom you have made the card and/or PIN available where you have not been the victim of trickery, force intimidation or theft.
bullet

Your failure to notify us as soon as you become aware that your PIN may have become known to someone else or your card has been lost, stolen or misused.
bullet

An entry error or a fraudulent or worthless deposit made through an Electronic Banking Service.

In those cases you will be liable up to your daily or weekly limits. Your liability may exceed your account’s credit balance or available funds if:

bullet

The account is a line of credit account, has overdraft protection or is linked with an account having some or all of these features; or
bullet

The transaction is completed on the basis of an entry error or a fraudulent or worthless deposit made through an Electronic Banking Service.

Notification of lost or Stolen Card or PIN

You will notify us immediately if:

bullet

Your card is lost or stolen, or you suspect it is lost or stolen, or if someone has used it other than yourself.
bullet

Our PIN has become known to someone else, or you suspect it has become known to someone else.

For more information, please see the following links:

Protect your PIN, Protect your money!
(www.interac.ca/consumers/security_protect.php)

PIN Security Tips and Information (about Interac shared services)
(www.interac.org)

Identity Theft

Identity theft is a catch-all term for crimes involving illegal usage of another individual's identity. While the term is relatively new, the practice of stealing money or getting other benefits by pretending to be a different person is thousands of years old.
Identity theft occurs when someone uses your personal information without your knowledge or consent to commit a crime, such as fraud or theft.

Identity thieves steal key pieces of personal information — either physically or in other ways, without your knowledge — and use it to impersonate you and commit crimes in your name.

In addition to names, addresses and phone numbers, thieves look for:

  1. Social Insurance Numbers
  2. Driver’s License Numbers
  3. Credit Card and Banking Information
  4. Bank Cards
  5. Calling Cards
  6. Birth Certificate
  7. Passports

Identity thieves can manipulate your information and invade your personal and financial life. They can use stolen identities to conduct spending sprees, open new bank accounts, divert mail, rent apartments apply for loans, credit cards and social benefits, and even commit more serious crimes.

For more information please see the following links:

bullet Consumer Identity Theft Checklist
(http://cmcweb.ca/epic/internet/incmc-cmc.nsf/en/fe00084e.html)
bullet If you think someone is using your Social Insurance Number, visit the Government of Canada website at
(http://www.servicecanada.gc.ca/en/sin/lost/lost.shtml)
bullet File a report with your local police department where the identity theft took place.

Contact numbers to report identity theft

Trans Union of Canada

Consumer inquiry number 1-800-663-9980
Fraud inquiry number 1-877-525-3823
Website: www.tuc.ca

Equifax Canada

Consumer/fraud inquiry number 1-800-465-7166
Website: www.equifax.ca

Experian Canada

Consumer inquiry number 1-888-826-1718
Fraud inquiry number 1-800-532-8784
Website: www.experian.ca

Phonebusters (National Call Centre)

Telephone number 1-888-495-8501
Fax 1-888-654-9426
Website: www.phonebusters.com
E-mail for complainants info@phonebusters.com
West African fraud letters/Nigerian letters walf@phonebusters.com

Identify theft statements can be obtained from the Phonebusters websites.

Recommendations:

  • Check your bank account activity on a regular basis.
  • Never respond to e-mails requesting your bank information / pin #.
  • Renew your license plates yearly opposed to two years at a time.
  • Do credit checks yearly with all credit bureaus.
  • Consider title insurance on your home.

Phishing

Phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details from unsuspecting people by masquerading as a trustworthy entity. EBay, PayPal and online banks are common targets. Phishing is typically carried out by email or instant messaging, and often directs users to enter details at a website, although phone contact has also been used. Phishing is an example of social engineering techniques used to trick users. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical measures.

One way of acquiring this sensitive information is by telephone solicitation. By falsely identifying themselves as a real employee of a real financial institution they try to gain your trust. They try to get you to “confirm” information they have on file. They add to the ruse by giving you the first few numbers of your credit card or account. (Keep in mind that the first few numbers are generally the same on everybody’s card or account.) This causes unsuspecting victims to give out the rest of their valuable information. Email phishing works in exactly the same way. You receive an email requesting you to confirm information or possibly it directs you to a “secure” site to confirm more information. These emails have graphics and text that probably come from the true source and to an unwitting victim there is no reason to suspect anything is amiss.

TEUCU members should know that TEUCU will NEVER solicit you for personal or private information via email, phone or online. If someone is requesting that you give out personal information unsolicited by you, you should see this as what it really is, a red flag. If you suspect that you have received a phishing email from an institution, call up the real company with a phone number you trust to find out what is going on. Never reply to it. Delete it from your inbox. Remember – why would anyone want to confirm information that they already have? Something sure smells phishy!

Take action if you've been a victim of Phishing
(www.antiphishing.org).
"The Phisherman and Little Red Riding Hood." ...a fun and informative video.

Money Laundering

Money laundering is the practice of engaging in financial transactions in order to conceal the identity, source, and/or destination of money, and is a main operation of the underground economy.

Money laundering is the process whereby criminals conceal illicit funds by converting them into seemingly legitimate income. While the term refers to the monetary proceeds of all criminal activity it is most often associated with the financial activities of drug traffickers who seek to launder large amounts of cash generated from the sale of narcotics.

TEUCU is in compliance with the Money Laundering Act.

Credit Rating

A credit rating assesses the credit worthiness of an individual, corporation, or even a country. Credit ratings are calculated from financial history and current assets and liabilities. Typically, a credit rating tells a lender or investor the probability of the subject being able to pay back a loan. However, in recent years, credit ratings have also been used to adjust insurance premiums, determine employment eligibility, and establish the amount of a utility or leasing deposit.

A poor credit rating can indicate a high risk of defaulting on a loan, and thus leads to high interest rates or the refusal of a loan by the creditor. Sometimes your credit can be affected by fraudulent activity. Identity thieves can access your personal information, obtain credit in you r name and amass debt and even criminal charges in your name. If you suspect that you are a victim you can help protect yourself by adding a fraud alert to your credit file.

A fraud alert is a notice added to your credit file that alerts creditors that you may be a victim of fraud, including identity theft and requires creditors using the file to take certain steps to verify your identity prior to establishing any new credit accounts in your name, issuing a new card on an existing account, or increasing the credit limit on an existing account, if requests for any of these actions are made. The purpose of this notice is for the creditor to confirm that the request is not the result of identity theft. If the creditor cannot verify this, the request should not be satisfied. There are two types of fraud alerts: an initial fraud alert that lasts for 90 days, and an extended fraud alert that lasts for 7 years.

An initial 90 day fraud alert indicates to anyone requesting your credit file that you suspect you are a victim of fraud. When you or someone else attempts to open a credit account in your name, increase the credit limit on an existing account, or obtain a a new card on an existing account, the lender should take steps to verify that you have authorized the request. If the creditor cannot verify this, the request should not be satisfied. You may also request one additional free credit file disclosure.

An extended fraud alert is similar to an initial 90 day alert, except that it lasts for 7 years, and to verify your request a creditor must contact you on the telephone number(s) you provide to Equifax when you requested the extended fraud alert. A valid police report showing that you have been a victim of identity theft is required to place an extended fraud alert. Also, you may request two additional free credit file disclosures, and your name is removed from prescreened offers of credit or insurance for 5 years.

A good way to make sure that you are on the right track in terms of a good credit rating TEUCU suggest that you view your credit report at least once a year. You can click on the links below for more information about getting a copy of your own credit report.

Check your Credit Rating with Equifax Canada!
(www.equifax.ca)

Check your Credit Rating with TransUnion Canada!
(www.tuc.ca)

E-mail Extortions (Vishing)

Vishing operates like phishing by persuading consumers to divulge their Personally Identifiable Information (PII), claiming their account was suspended, deactivated, or terminated. Recipients are directed to contact their bank via a telephone number provided in the e-mail or by an automated recording. Upon calling the telephone number, the recipient is greeted with "Welcome to XYZ Credit Union ……" and then requested to enter their card number in order to resolve a pending security issue.

For authenticity, some fraudulent e-mails claim the bank would never contact customers to obtain their PII by any means, including e-mail, mail, or instant messenger. These e-mails further warn recipients not to provide sensitive information when requested in an e-mail and not to click on embedded links, claiming they could contain "malicious software aimed at capturing login credentials."

Please beware—spam e-mails may actually contain malicious code (malware) which can harm your computer. Do not open any unsolicited e-mail and do not click on any links provided.

419 Nigerian Scam

This scam usually begins with a letter-form e-mail sent to many target recipients making an offer that will result in a large payoff for the intended victim. The stories behind the offers vary, but the standard plot is that a person or government entity is in possession of a large amount of money or gold. This person, for myriad reasons, either cannot access the wealth directly or is no longer in need of it. Such people, who are fictional or impersonated characters played by the scammer, could include the wife of a deposed African or Indonesian leader or dictator, a terminally ill wealthy person, a wealthy foreigner who had deposited money in the bank just before dying in a plane crash, leaving no will or known next of kin, a U.S. soldier who has stumbled upon a hidden cache of gold, a business being audited by the government, a disgruntled worker or corrupt government official who has embezzled funds, a refugee, and similar characters. The money could be in the form of gold bullion, gold dust, money in a bank account, so-called "blood diamonds", a series of cheques or bank drafts, and so forth. The sums involved are usually in the millions of dollars, and the investor is promised a large share, often forty percent or more, if they will assist the scam character in retrieving the money from holding and/or dispense of it according to the scam character's wishes. The proposed deal is often presented as a "harmless" white-collar crime, in order to dissuade participants from later contacting the authorities.

Many operations are professionally organized in Nigeria, with offices, working fax numbers, and often contacts at government offices. The victim who attempts to research the background of the offer will often find that all pieces fit perfectly together. Such scammers can often lure wealthy investors, investment groups, or other business entities into scams resulting in multi-million dollar losses. However, many scammers are part of less organized gangs or are operating independently; such scammers have reduced access to the above connections and thus have little success with wealthier investors or business entities attempting to research them, but are still convincing to middle-class individuals and small businesses, and can bilk hundreds of thousands of dollars from such victims.

The spam e-mails perpetrating these scams are often sent from Internet cafés equipped with satellite Internet. Recipient addresses and email content are copied and pasted into a web mail interface using a standalone storage medium, such as a memory card. Many areas of Lagos contain many shady cyber cafés that serve scammers; many cyber cafés seal their doors during after-hours, such as from 10:30 PM to 7:00 AM, so that scammers inside may work without fear of discovery.
During the course of many schemes, scammers ask victims to supply bank account information. Usually this is a "test" devised by the scammer to gauge the victim's gullibility.

Scammers often request that payments be made using a wire transfer service like Western Union. The reason given by the scammer will usually relate to the speed at which the payment can be received and processed, allowing quick release of the supposed payoff. The real reason is that wire transfers and similar methods of payment are irreversible, untraceable and, because identification beyond knowledge of the details of the transaction is often not required, completely anonymous.

How does the fraud work? The bait is the fictional millions of dollars described in an unsolicited email or letter. The goal is to get you to come up with money for the "expenses" required to transfer those millions to you. The victim thinks, a few hundred or a few thousand dollars is trivial when $31 million is at stake. Each demand for more money is claimed to be the very last obstacle before the big money is released. Sometimes, the victim is lured to Nigeria, where even worse things happen.

If you receive such an email, do not respond to it! Delete it from your inbox. Always remember, if it sounds too good to be true; it usually is.

Fake Cheques and Cheque Cashing Scams

Fraudulent cheques and money orders are key elements in many advance fee scams, such as auction/classified listing overpayment, lottery scams, inheritance scams, etc, and can be used in almost any scam when a "payment" to the victim is required to gain, regain or further solidify the victims' trust and confidence in the validity of the scheme.

The use of cheques in a scam hinges on a common practice concerning cheques; when an account holder presents a cheque for deposit or to cash, the bank must (or in other countries, usually) make the funds available to the account holder within 1-5 business days, regardless of how long it actually takes for the cheque to clear and funds to be transferred from the issuing bank. The cheque clearing process normally takes 7-10 days and can in fact take up to a month when dealing with foreign banks. The time between the funds appearing as available to the account holder and the cheque clearing is known as the "float", during which time the bank could technically be said to have floated a loan to the account holder to be covered with the funds from the bank clearing the cheque.

The cheque given to the victim is typically counterfeit but drawn on a real account with real funds in it. With a piece of software like QuickBooks or pre-printed blank cheque stock, using the correct banking information, the scammer can easily print a cheque that is absolutely genuine-looking, passes all counterfeit tests, and may even clear the paying account if the account information is accurate and the funds are available; however, whether it clears or not, it will eventually become apparent either to the bank or the account holder that the cheque is a forgery. This can be as little as 3 days after the funds are available if the bank supposedly covering the cheque discovers the cheque information is invalid, or it could take months for a business or individual to notice the fraudulent draft on their account. It has been suggested that in some cases the cheque IS genuine - however the fraudster has a friend (or bribes an official) at the paying bank to CLAIM it is a fake weeks or even months later when the physical cheque arrives back at the paying bank.

Regardless of the amount of time involved, once the cashing bank is alerted that the cheque is fraudulent, the transaction is reversed and the money removed from the victim's account. In many cases, this puts victims in debt to their banks as the victim has usually sent a large portion of the cheque by some non-reversible 'wire transfer' means (typically Western Union) to the scammer. Some victims have even been prosecuted for fraud in the scammer's stead, the argument being that the victim "should have known better" than to participate in such a scheme, and thus was a willing conspirator in the fraud.

Some schemes are based solely on cheque cashing. The scammer will contact the victim to interest them in a "work-at-home" opportunity, or asking them to cash a cheque or money order that for some reason cannot be redeemed locally. A recently-used cover story is that the scammer wishes the mark to work as a "mystery shopper", evaluating the service provided by MoneyGram or Western Union locations within major retailers such as Wal-Mart. The scammer sends the victim a cheque or money order, the victim cashes it, sends the cash to the scammer and the scammer disappears. Schemes based solely on cheque cashing will usually offer only a small part of the cheque's total amount, with the assurance that many more cheques will follow; if the victim buys in to the scam and cashes all the cheques, the scammer can win big in a very short period of time. Other scams such as overpayment usually result in smaller payoffs for the scammer, but have a higher success rate as the scammer's request seems more believable.

Some cheque-cashing scammers involve multiple victims at multiple stages of the scam. A victim in the U.S. or other "safe" country such as the U.K. or Canada (often the country in which the cashing victim resides) is sometimes approached with an offer to fill out cheques sent to them by the scammer and mail them to other victims who will cash the cheque and wire the money to the scammer. The cheque mailer is usually promised a cut of the money from the scammer; this usually never occurs, and in fact the cheque mailer is often conned into paying for the production and shipping costs of the cheques. The cheque information has either been stolen or fictionalized and the cheques forged. The victim mailing the cheque is usually far easier to track (and prosecute) than the scammer, so when the cheques turn up as fraudulent, the one mailing them usually ends up not only facing federal bank fraud and conspiracy charges, but liability for the full amount of the fraudulent cheques. Because the cheque mailer is taking the fall, the scammer is even less likely to be caught, which makes it a popular variation of the scam for scammers in nations with tougher anti-fraud laws and better enforcement than that of Nigeria.

If you would like more information about cheque fraud a great website to visit is www.fakechecks.org. This site is based in the U.S. but there is plenty of useful information to keep you well informed.

Shipping/Receiving Scam (Pet Adoption)

Variant of a money scam using pet adoptions, person will respond to an advertisement for a pet. The buyer will then want to immediately make arrangements to receive/ship the pet (notice how they don't even ask to see pictures of the pet, or ask for health/vet questions about the pet). Buyer will ask seller to use their pet shipping service and even give a number. Buyer will also want to send a money order or cashiers cheque through Western Union (another variant of the Western Union cheque scam). Once the seller receives payment, cashes the cheque and/or money order, the seller then sends the money to the fake shipping service. Once money is received the buyer will claim they changed their mind and want their money back, or buyer will say he doesn't want the pet any longer. Within 5 days the cheque or money order comes back as bad and the seller is responsible for covering the bad cheque.

Rental Scams

Where the victim (e.g., a prospective tenant) is looking to rent accommodation, the scammer will post a classified advertisement offering a high-standard place for low cost, even showing pictures of the said rooms. The victim is required to pay a deposit, but once the scammer has received the deposit he will disappear leaving the victim out-of-pocket.

Where the victim (e.g., landlord) is looking to find a tenant for their accommodation, the scammer poses as an interested party who is looking to move to said location. On inquiry to the prospective tenant, the victim receives a follow up e-mail indicating they will be sent a cheque by the tenant's new employer that will cover the rent, plus the new tenant's living expenses (e.g., to purchase furniture). The victim is asked to forward the additional portion to their new tenant by Western Union (or similar).

Where the victim posts on a communal website (e.g. Craigslist) that he/she is looking for a roommate to share a rental unit (or is a landlord looking to rent a unit), and the scammer poses as an interested party and sends a cheque to hold the room. The cheque will originate from overseas. The victim receives the cheque and deposits it into his/her bank account, and that amount of money will temporarily appear as having been added in. Within a few days the scammer then contacts the victim and advises that he/she cannot move into the rental unit due to an illness. The scammer will even provide what appears to be medical documents’ indicating this state of ill health. The scammer then asks the victim to immediately wire transfer the money from the cheque back to him/her. This takes place, and then a few days later the victim finds out from his/her bank that the original cheque has bounced.

E-mail Viruses

Email is now the most common way that viruses are transmitted between computers. The most common mechanism for this is in the form of an "attachment" to the message while sending documents, images, and so on. However, it is also possible for attachments to contain programs which run when the attachment is opened.
The most basic steps to protect you against email virus attack are:

Install anti-virus software and keep it up-to-date.

Don't open email attachments directly.

Although the latest anti-virus software can detect virus-infected documents "on-the-fly", it's safest to save email attachments to disk first. (This applies even if they come from someone you know — people you trust can unwittingly distribute viruses.) You can then perform an explicit virus scan before opening the document.

Use a document viewer to read received documents.

Enable Virus Protection in Microsoft Office Components.

Microsoft's Office 97 and Office 2000 products include a macro-virus protection option. However, it is possible for this to get turned off. To check the current setting, use the [Tools/Options/General] menu dialog in Office 97 programs and the [Tools/Macro/Security] dialog in Office 2000.

Disable The Microsoft Windows Scripting Host.

Recent versions of Microsoft's Internet Explorer and Outlook email client include the ability to run script programs written in Microsoft's Visual Basic language. This is a facility that has been exploited by viruses such as the "Love Letter" virus. Disabling the scripting host will give protection against this form of attack.

Home Equity Line of Credit & Loans Wire Fraud Scam.

High-dollar losses are being attributed to a scam that targets credit union members that have been granted large Home Equity Line of Credit loans. (HELOC) The perpetrator sends a fax or email to the financial institution requesting that they process a funds/wire transfer. The perpetrator contacts the local telephone company and impersonates the consumer by stating that the home phone lines are in disrepair. The fraudster then provides a cellular phone number and asks that call forwarding be activated immediately to avoid missed calls. Afterwards, all calls made to the consumer’s home telephone are simply re-directed to the criminal including the call made by the financial institution attempting to verify the wire transfer request. Wire transfer amounts are frequently in excess of $100,000 and are sent to accounts with the words “Title” or “Construction” in the account name. Perpetrators seem to have detailed information about the consumers that enable them to answer additional challenge questions. It appears that US based credit union members with a HELOC have been the primary targets of this scam but it is highly possible that other financial institutions have been experiencing similar fraud scenarios.

Telephone Credit Card Scams.

This is an email floating around out there. Whether or not it is entirely true is beside the point. We here at TEUCU think it sends a great message. Protect your personal information!

This one is pretty slick since they provide YOU with all the information, except the one piece they want. Note, the callers do not ask for your card number; they already have it.

This information is worth reading. By understanding how the VISA &
MasterCard telephone Credit Card Scam works, you'll be better prepared to protect yourself. The scam works like this:

Person calling says, "This is (name), and I'm calling from the Security and Fraud Department at VISA. My Badge number is 12460, your card has been flagged for an unusual purchase pattern, and I'm calling to verify. This would be on your VISA card which was issued by (name of bank). Did you purchase an Anti-Telemarketing Device for $497.99 from a marketing company based in Arizona?" When you say "No", the caller continues with, “Then we will be issuing a credit to your account. This is a company we have been watching and the charges range from $297 to $497, just under the $500 purchase pattern that flags most cards. Before your next statement, the credit will be sent to (gives you your address), is that correct?"

You say "yes".

The caller continues - "I will be starting a Fraud Investigation. If you have any questions, you should call the 1- 800 number listed on the back of your card and ask for Security. You will need to refer to this Control Number. The caller then gives you a 6 digit number. "Do you need me to read it again?" Here's the IMPORTANT part on how the scam works:

The caller then says, "I need to verify you are in possession of your card". He'll ask you to "turn your card over and look for some numbers". There are 7 numbers; the first 4 are part of your card number, the last 3 are the Security Numbers that verify you are t he possessor of the card. These are the numbers you sometimes use to make Internet purchases to prove you have the card. The caller will ask you to read the last 3 number to him. After you tell the caller the 3 numbers, he'll say, "That is correct, I just needed to verify that the card has not been lost or stolen, and that you still have your card. Do you have any other questions?"

After you say no, the caller then thanks you and states, "Don't hesitate to call back if you do", and hangs up. You actually say very little, and they never ask for or tell you the card number. We called back within 20 minutes to ask a question. Are we glad we did! The REAL VISA Security Department told us it was a scam and in the last 15 minutes a new purchase of $497.99 was charged to our card. We made a real fraud report and closed the VISA account. VISA is reissuing us a new number. What the scammers want is the 3-digit PIN number on the back of the card. Don't give it to them. Instead, tell them you'll call VISA or Master Card directly for verification of their conversation.

The real VISA told us that they will never ask for anything on the card as they already know the information since they issued the card! If you give the scammers your 3 Digit PIN Number, you think you're receiving a credit. However, by the time you get your statement you'll see charges for purchases you didn't make, and by then it's almost too late and/or more difficult to actually file a fraud report.

What makes this more remarkable is that on Thursday, I got a call from a "Jason Richardson of MasterCard" with a Word-for-word repeat of the VISA Scam. This time I didn't let him finish. I hung up! We filed a police report, as instructed by VISA. The police said they are taking several of these reports daily! They also urged us to tell everybody we know that this scam is happening. I dealt with a similar situation this morning, with the caller telling me that $3,097 had been charged to my account for plane tickets to Spain, and so on through the above routine.

It appears that this is a very active scam, and evidently quite successful.

Pass this on to all your family and friends.

Counterfeit $100 Notes Discovered:
Bank of Canada and the Toronto Police Service remind the public and retailers to be vigilant.

The Bank of Canada and the Toronto Police Service are reminding the public and retailers to pay close attention to the bank notes they receive. A number of counterfeit $100 notes have been passed in the Greater Toronto Area in the last few weeks.
"This incident reminds us that we must always remain vigilant against counterfeiting," said Gerry Gaetz, chief of banking operations at the Bank of Canada. "Counterfeiting rates in Canada have declined by over 75 per cent since their peak in 2004, but counterfeiters look for opportunities to pass notes where they can tell people aren't checking them."

These $100 counterfeits can be easily detected when compared with a note that you know is genuine. All denominations in the latest bank note series (those with the metallic stripe) have the same security features. Once you know how to check the features on one note, you know how to check any denomination. It takes only minutes to learn how and just seconds to check your money. Checking cash is a quick and reliable deterrent to counterfeiting. Please visit the bank of Canada’s website for more information on how to spot a counterfeit bill at www.bankofcanada.ca/en/banknotes. If you come across a bank note you believe to be counterfeit, please contact your local police.