Fraud Prevention

Protect your finances. Stay ahead of fraud.

Report fraud
Phone screen showing a scam text message.

What to do if you suspect fraud

Fraud is evolving—and so are the ways we protect you. Whether you’re spotting suspicious activity or learning how to prevent it, this page is your trusted guide to safer banking.

Shield

Report it to us immediately

If you notice any suspicious activity on your account, contact us right away. Our fraud team can help secure your accounts, block unauthorized transactions, and guide you through the next steps.

Graph

Review Your Credit Report

Monitoring your credit report is a great way to stay informed about what is happening with all accounts relating to your identity. Credit Sense in your online banking can also help alert you to potential fraud.

Speech Bubbles

File a report with the FTC

Reporting to fraud to the Federal Trade Commission at reportfraud.ftc.gov helps law enforcement and other government agencies identify and stop scams.

Common types of scams & how to spot them

Phishing Emails & Texts

Scammers impersonate trusted sources to steal info or spread malware. Look for urgency, odd links, and unexpected requests.

Examples:

  • Alarming emails asking to “verify your account”
  • Generic messages requesting personal data
  • Links that lead to fake websites
  • Forms asking for financial info on unverified sites
  • Sites without HTTPS or a lock icon in the browser
images of fake text messages asking for verifications

Identify Theft

Identity Theft occurs every two seconds in the United States. While Seattle Credit Union can help with banking account needs and transaction disputes, there is often a larger need of recovering when identity theft occurs.  The Federal Trade Commission has resources available to assist with making a recovery plan and utilizing resources available to you. You can also report your identity theft occurrence on their site.

Report identity theft
Thief with someone's ID and social security card.

Impersonation Scams

A scammer might call, claiming to be from the security or fraud department of a credit card company like VISA. To sound more convincing, they’ll give you a fake badge number and say they’re calling about an “unusual purchase pattern” on your card. They’ll even have some of your personal information on hand, such as your address and the name of your financial institution, to build trust.

Red flags to watch out for:

  • Unusual Urgency: Scammers try to rush you into a decision. A legitimate institution won’t pressure you to act immediately.
  • Requests for Information: We will never call you and ask for your full credit card number or security code. We already have that information on file.
  • Suspicious-Sounding Story: The story about a fake purchase and “control number” is a tactic designed to confuse you and make you more compliant.
Scammer calling on a phone.

ATM Skimming

ATM skimming involves criminals illegally installing devices on card readers at ATMs, gas pumps, or point-of-sale terminals to capture credit or debit card data and record PIN entries.

  • The skimming devices can be difficult to detect, as they may be inserted into the card reader slot, or be designed as an overlay that fits over the existing card reader and keypad.
  • The stolen data is then used to create fake cards, which can be used to make unauthorized purchases or withdrawals.
ATM skimming device

Online Banking Hijacking

Online banking hijacking, or account hijacking, occurs when a criminal obtains your personal banking information and uses it to take over your accounts.

  • Attackers often use phishing scams to trick people into giving up their usernames, passwords, and account numbers through deceptive emails or fake websites.
  • Hijacking can also happen through malware, such as keyloggers, which can be installed on an infected device to capture login credentials.
  • Once an account is hijacked, the criminal can make unauthorized purchases, steal money, or transfer funds to their own accounts.
Thief stealing a username and password.

Check Fraud

Check fraud involves the unauthorized use of a person’s checks, or images of a check, to illegally acquire funds.

  • Common methods include stealing checks from mailboxes, forging signatures, or altering legitimate checks using chemicals to erase ink and rewrite the amounts. This is known as “check washing”.
  • Scammers often use fraudulent checks in overpayment scams, where they send a check for more than the agreed-upon amount and ask you to send the difference back to them. The check will eventually bounce, and you’ll be out the money you sent.
close up of a signed check.

Watch Videos on Fraud

Identity Theft
Cyber Security Education
Fraud Prevention

Fraud Prevention Best Practices

Stay one step ahead of scammers by following these simple but powerful habits:

• Never share your Social Security number, user IDs, passwords, PINs, passcodes, or account numbers with anyone you don’t trust.
• Don’t respond to unexpected requests for personal or financial information—even if they seem official.

  • If something feels “off” or too good to be true, it probably is.
  • Take your time. Just because someone says they’re from your bank doesn’t mean it’s true—verify before you act.
  • Use strong, unique passwords with a mix of letters, numbers, and symbols.
  • Consider biometric options like Face ID or fingerprints for added security.
  • Shred sensitive documents before discarding them.
  • Enroll in eStatements to minimize the risk of mail fraud.
  • Enable transaction alerts through Seattle Credit Union Online Banking.
  • Use Credit Sense (available in online banking) to monitor your credit and detect suspicious activity.
  • Don’t open links in texts or emails unless you’re expecting them and they’re from a known sender.
  • Block unwanted calls and texts.
  • Add your number to the Do Not Call Registry (see our Resources section).

4 Signs of a Scam

Number 1

Pretending

Scammers PRETEND to be from an organization you know, like the government, your bank/credit union, your utility company, or other important trusted agencies. They complete their impersonation by using technology to change the phone number you see on the caller ID. So the name and number you see might not be real.

Number 2

Problems or Prizes

Scammers say there’s a PROBLEM or a PRIZE. They might say things like you’re in trouble, you owe money, there’s a virus on your computer, there’s a problem with your account, or someone in your family had an emergency. Whether they state a problem, or a prize like the lottery they will try and get your personal information and data.

Number 3

Pressure

Scammers PRESSURE you to act immediately. Scammers want you to act before you have time to think. If you’re on the phone, they might tell you not to hang up so you can’t check out their story. They might threaten to arrest you, sue you, take away your driver’s or business license, or deport you. There will be a sense of unnecessary urgency.

Number 4

Payment

Scammers will tell you to PAY in a specific way. They often are not flexible and will insist you pay by an uncommon payment method. Examples include cryptocurrency, wiring money via MoneyGram or Western Union, using a payment app, or putting money on a gift card and then giving them the numbers on the back of the card. Some will even send fake checks.

Current Trending Scams

The scam: Occasionally, members of Seattle Credit Union are targeted by scammers who pretend to be employees to trick others into handing over their hard-earned money. In these scenarios, the fraudster makes a convincing argument that they work for the credit union (to be clear: they do not work here) and pressure a member to withdraw or transfer funds from their account to an account the fraudster has control over. Their only goal is to get their hands on your money.

How it works: Fraudsters use various tactics to deceive members. They might spoof our phone number and call or send text messages claiming to be from our fraud team. In some cases, they claim they’re investigating a complex situation and need a member’s help by performing a transaction for which they’ll be reimbursed. The messages often contain urgent alerts regarding suspicious activity on your account, prompting you to take immediate action. This type of scam usually targets members by using fear tactics, pressure, and a strong application of urgency. Please do not fall for this scam. Stop, hang up the phone, and ignore their email or text message. Instead, contact Seattle Credit Union using our official phone number (206) 398-5500 or by calling the number on the back of your debit card. Seattle Credit Union does occasionally send text messages from our transaction monitoring team. To be sure you’re speaking with a real representative of Seattle Credit Union, you are encouraged to call the number on the back of your debit card and speak with us directly.

The scam: You receive a text which seems to be sent by your financial institution, asking if you attempted a large dollar Zelle® transfer. You respond ‘NO’, and they immediately call you and ask you to recover the stolen funds by transferring the funds to yourself using your phone number. You are then instructed to disable your phone number associated with your Zelle® account and provide the 2-factor authentication passcode you receive over the phone.

How it works: The fraudster may have previously opened an account and established Zelle® that links to the member’s phone number. By attaining the 2-factor authentication passcode, they activate the phone number on their Zelle® account. While they instruct you to transfer funds to yourself, the transfer actually goes to the fraudster.

The scam: You meet someone online and start a relationship by emailing and/or texting. This may continue for weeks if not months. You may able unable to meet this individual in person because he/she is in the military, overseas, or he/she indicates some other reason. However, this person has won your trust and you may have provided some personal information about yourself. Maybe you have provided him/her with your login credentials so they can remotely deposit a check into your account. Or, they may have a check sent to you to deposit. Either way, they will ask you to help them and wire funds to him/her.

How it works: The check is a counterfeit. The person you are conversing with is a scammer. They want you to deposit the check into your account so that they can receive cash on the other end of that wire. Once you have deposited the check and wired the money (to the scammer) the check may take several days to be returned as a counterfeit. Unfortunately, if you have already wired the funds, you will suffer the loss.

Skimming is a method of obtaining personal data from ATM, debit, or credit cards while they are used at an ATM or a merchant location. People can alter equipment on legitimate ATMs in an effort to steal both the magnetic stripe data from the cards being used and the PINs that are assigned to those cards.

More recent technology allows the culprit to remain nearby receiving the information wirelessly from equipment they installed on the ATM. The thieves can then copy the cards and use the PINs to withdraw money from many accounts in a very short time directly from an ATM or anything with a card reader, like gas pumps and vending machines.

Equipment is installed on the front of the original ATM card slot. The false slot holds an additional card reader called a “skimmer.” The skimmer captures and copies the card information. Then a camera that reads the card PIN is housed in an innocent looking pamphlet holder. The camera inside pamphlet holder is angled to view monitor and keypad.

What can you do to protect yourself?

  • Be vigilant and inspect the ATM before using it. Skimming devices that are placed on or near the ATM’s actual card reader are often difficult to detect, but if anything about the card reader or PIN pad looks different, unusual or seems loose to the touch, don’t use it. If possible, report this to Seattle Credit Union or the owner of the ATM as soon as possible.
  • If you suspect a skimming device has been place on a Seattle Credit Union ATM, do not use it or try to remove the device. Speak to branch personnel as quickly as possible or call our Contact Center at 206-398-5500.

Ongoing and Seasonal Scams

The scam: Many scam calls spoof official government phone numbers, such as the Social Security Administration’s National 800 Number, the Social Security Fraud Hotline, local Social Security field offices or local police numbers. Imposters may use legitimate names and numbers of SSA employees. Scammers hide behind official names and use their perceived position to threaten you and demand immediate payment o avoid arrest or legal action.

How it works: You can receive a call from someone who claims to be from the IRS. The caller may know your SSN or other personally identifiable information. They say that you owe back taxes or accuse you of involvement in money laundering, drugs, etc. The caller may threaten to sue you, arrest you, deport you if you do not follow their demands. To avoid legal action, they will ask you to send money in the form of gift cards, wire transfers or cash.

The scam: You are contacted and advised you are the beneficiary to an inheritance of a foreign individual. After some correspondence and official-looking documents, you are sent a check along with instructions to wire the funds to a third party so they can open account for the rest of the inheritance. The reason for this, they claim, is to circumvent the Patriot Act, which prevents them from transferring funds from a foreign country. (This is not true.)

How it works: Once you have deposited the check and wired the money (to the scammer) the check may take several days to be returned as a counterfeit. Unfortunately, if you have already wired the funds, you will suffer the loss.

The scam: You respond to an advertisement, or you are solicited to participate in Secret Shopping. You receive a check and are given instructions as to what locations to make your purchases. You are given forms to fill out to rate the particular company or location visited. One of the services you are to rate is a wire service – perhaps Western Union or MoneyGram.

How it works: The checks or money orders that the scammer sends you are counterfeit. They will instruct you to deposit the item(s) and wire a portion of the over-payment to another individual. They will give you a story or reason for this. It may be that the overpayment is to go to the shipper, some other third party, or perhaps they indicate this was a mistake. They may even tell you they will give you a little extra for your efforts. If you do deposit the check and wire the funds, the check may take at least (3) business days to be returned as counterfeit. Unfortunately, if you have already wired the funds, you will suffer the loss.

The scam: Person calling says: “This is (name), and I’m calling from the Security and Fraud Department at VISA. My badge number is 12460. Your card has been flagged for an unusual purchase pattern, and I’m calling to verify. This would be on your VISA card which was issued by (name of financial institution). Did you purchase an Anti-Telemarketing Device for $497.99 from a marketing company based in Arizona?”

When you say “No” the caller continues: “Then we will be issuing a credit to your account. This is a company we have been watching and the charges range from $297 to $497, just under the $500 purchase pattern that flags most cards. Before your next statement, the credit will be sent to (gives you your address), is that correct? You say “yes.”

The caller continues: “I will be starting a Fraud Investigation. If you have any questions, you should call the 1- 800 number listed on the back of your card (1-800-VISA) and ask for Security. You will need to refer to this Control Number.” The caller then gives you a 6 digit number. “Do you need me to read it again?”

How it works: The caller continues with, “I need to verify you are in possession of your card”. He’ll ask you to turn your card over and look for some numbers. There are 7 numbers; the first 4 are part of your card number, the last 3 are the Security Numbers that verify you are the possessor of the card. These are the numbers you sometimes use to make Internet purchases to prove you have the card. The caller will ask you to read the last 3 numbers to him. After you tell the caller the 3 numbers, he’ll say, “That is correct, I just needed to verify that the card has not been lost or stolen, and that you still have your card. Do you have any other questions?”

After you say no, the caller then thanks you and states, “Don’t hesitate to call back if you do,” and hangs up. You actually say very little, and they never ask for or tell you the card number. The scammers want the 3-digit number on the back of the card located next to the signature block.

As a reminder, we will not ask you for any numbers associated with your account since we already have that information on file. If you give the scammers the three digit number on the back of your credit card, you open yourself up to fraud. Do not provide your credit card number or any security code numbers to anyone unless you initiated the call.

The scam: You advertise an item for sale on Craigslist or other similar classified advertisement system. You are contacted by a potential buyer who sends you a check or money order(s) totaling more than what you were asking.

How it works: The checks or money orders that the scammer sends you are counterfeit. They will instruct you to deposit the item(s) and wire a portion of the over-payment to another individual. They will give you a story or reason for this. It may be that the overpayment is to go to the shipper, some other third party, or perhaps they indicate this was a mistake. They may even tell you they will give you a little extra for your efforts. If you do deposit the check and wire the funds, the check may take at least (3) business days to be returned as counterfeit. Unfortunately, if you have already wired the funds, you will suffer the loss.

Phishing

In 2024, there were over 194,000 individuals who reported encountering a phishing attack in the United States.

Phishing is a technique that uses fake emails or fraudulent websites to gain personal information for purposes of identity theft. The fraudulent email messages and/or websites are designed to trick recipients into divulging personal financial data such as credit card numbers, online banking login credentials, social security numbers, etc.

Sometimes, phishers will create a fake website that looks legitimate and attach a link to the fake website in an email. Unsuspecting recipients that click on this link will find that the website that opens up will resemble the correct website. However, the computer user does not know that they have been redirected to a fake website which can be designed to collect personal information (such as account numbers and social security numbers.)

  • Be suspicious of any email that requires an urgent response from you and that seems alarming or exciting. Phishers will send emails that require your immediate attention or to “verify their records.” They usually ask for information such as usernames, passwords, account numbers, social security numbers, etc. Emails from phishers are generally not personalized and may appear to be sent in mass distribution.
  • Do not click on links sent in an email that is asking for information. Emails suggesting to “click here” in order to enter personal information may end up redirecting you to a fake site that could be collecting your data for malicious use.
  • If you are unsure of the legitimacy of a Seattle Credit Union email, contact us at 206.398.5500.
  • Avoid filling out forms asking for confidential or financial information unless you are dealing with a reputable site that you can verify as authentic.
  • Check your website for the browser address before entering any information. Make sure it is a secure link (SSL). This can be verified by checking the “lock” icon in your browser window or it will show HTTPS:// in the address bar if secure instead of HTTP://. The “S” represents secure in the HTTPS://www on web addresses.
  • Suspicious emails, requesting personal information.
  • Imposter websites or forms, requesting private information.
  • Malicious links in emails and texts.

Where do I go for more resources?

Learn more about scams, recover from scams, and protect your personal information.

  • FTC: If you are interested in more information on scams, the most up-to-date resource is the Federal Trade Commission website.
  • FTC Report Fraud: If you want to make a report to the FTC to assist with their crime solving efforts
  • IdentityTheft.gov: Identity Theft occurs every two seconds in the United States. While Seattle Credit Union can help with banking account needs and transaction disputes, there is often a larger need of recovering when identity theft occurs. The Federal Trade Commission has resources available to assist with making a recovery plan and utilizing resources available to you. You can also report your identity theft occurrence on their site.
  • IC3.gov
  • Do Not Call Registry
  • Credit Freeze
  • Credit Sense (Seattle Credit Union member benefit)
  • Financial Wellness by BALANCE (Seattle Credit Union member benefit)
  • Annual Credit Report: Monitoring your credit report is a great way to stay informed about what is happening with all accounts relating to your identity. The earlier you notice that something is off, the better chance you have of correcting the issue. Order your free annual credit report.

The USA PATRIOT Act was enacted in 2001 in response to the 9/11 terrorist acts. The intent is for banks, credit unions and other financial institutions to verify the identity of all people who do business with them. It has become clear that terrorist groups have used our financial institutions to funnel money to commit crimes.

What information does Seattle Credit Union obtain and why?

  • To comply with the USA PATRIOT Act, we are required to verify the identity of individuals applying for and opening new accounts or services with our Credit Union.
  • Information we are required to obtain includes your name, mailing and residence address, tax identification number, date of birth and a copy of a government issued photo ID. Additional information may also be gathered depending on the type of account applied for or opened.
  • Identification and information on existing members will be gathered as they open or use additional services offered by our Credit Union. The Act requires us to maintain records of the identification verification and to periodically update this information. Confidentiality of the information gathered and used by our Credit Union will be maintained as required under the Privacy Act.

How does this affect me?

  • The USA PATRIOT Act was passed as an effort to improve public safety and should not directly affect most people. We will, of course, ask to verify your identification occasionally. Additionally, this is a good safety precaution because of the increase in identify theft over the past several years.
  • What will Seattle Credit Union do with my identification?
  • We are required to keep proof that we have verified who you are. We will keep a record to show we are complying with the USA PATRIOT Act. Our member base is periodically checked against a list of known or suspected terrorists. The USA PATRIOT Act should have little to no affect on law-abiding citizens.
  • The need for us to comply with the USA PATRIOT Act helps create a more secure country, making certain our financial institutions are not inadvertently aiding people or groups who wish us harm. Your cooperation and understanding is appreciated.

The Fair and Accurate Credit Transactions Act (often referred to as the FACT Act, or FACTA) was signed into law in December 2003. The FACT Act, a revision of the Fair Credit Reporting Act (FCRA), requires each of the nationwide consumer reporting companies to provide you with a free copy of your credit report, at your request, once every 12 months through a central source.

In addition to free credit reports, the following are also in effect:

  • Uniform credit standards – These set clear rules on what credit agencies can include in consumer credit reports.
  • Safeguarding receipts – Retailers must hide credit and debit card information on customer receipts. Only the last five digits of a card number appear on receipts. All cash registers and point-of-sale terminals must print safeguarded receipts.
  • Opt-out rules – Consumers have the right to “opt-out” and block solicitations from affiliates of companies that they do business with.
  • Disclosing bad credit news – Financial institutions now have to tell you if they report any negative information about you to the credit bureaus. By law, we may report information about your account to the credit bureaus including late or missed payments or other defaults that affect any of your savings, checking or loan accounts. This information could appear on your credit reports. A financial institution must tell you if it grants you credit at less favorable terms than those received by most other consumers.
  • Reporting of false credit news – Any debt collector that learns that information on a consumer’s credit report is fraudulent must inform the creditor that the information is false. No retailer or creditor may report false credit information to credit bureaus.
  • More power for identity theft victims – Identity theft victims that file police reports may block fraudulent information from appearing on their credit reports. Identity theft victims are able to obtain copies of business records that list fraudulent transactions carried out by an identity thief.
  • Enhanced fraud alerts – Once a credit bureau receives a fraud alert, it must take steps to ensure that the consumer, not the thief, will be granted credit in the future.
  • Special alerts for the military – American military personnel may place special alerts in their credit files while they are serving overseas to help minimize their chances of becoming victims of identity theft.
Back to top

Disclosures

*Zelle and the Zelle related marks are wholly owned by Early Warning Services, LLC and are used herein under license.