Fraud Prevention

Identity Theft

Identity Theft is the act of stealing money or gaining benefits by pretending to be a different person. Your Personal Information Includes: name, date of birth, social security number, bank account numbers, and more. Identity theft in its many forms continues to be a concern. Identity theft occurs when someone steals your personal information to establish credit or borrow money in your name. Knowing the threat is the first line of defense. Fraud prevention means keeping abreast of the frauds active in today’s environment…and knowing what you can do to protect yourself.

**This web page will be updated on a regular basis sharing information on new threats and how you can protect yourself.

Do not respond to emails, phone calls or text messages that ask you for any of your account information, including card numbers and personal identification numbers. Messages that ask for this type of information are fraudulent and should be reported immediately. We will never contact you for this information.

Is someone using your personal information to open accounts, file taxes or make purchases? Report this immediately to MCCU and visit to learn about the recovery steps needed to be taken right away.

Access Your Credit Report- Free once a year at

Federal law allows you to get a free copy of your credit report every 12 months from each of the three credit reporting companies.

Why reviewing your credit reports matters:

  • Ensure that the information on all of your credit reports is correct and current.
  • Review your credit reports to spot early signs of identity theft.
Being aware of your credit score by checking your credit report can help prevent fraud.

Example Scams to be aware of:

CYBER-FRAUD …On-Line Fraud is Growing

Email and Internet Fraud take advantage of the Internet’s unique ability to send email messages worldwide in seconds or post website information that is accessible from anywhere. Email and internet fraudsters carry out their scams more invisibly than ever before, making identity theft from online scams one of the fastest growing crimes today.

Members should be especially vigilant to some of the more prevalent frauds at work in cyberspace.


  • Don’t Judge by Initial Appearances. The availability of software that allows anyone to set up a professional-looking website means that criminals can make their websites look as impressive as those of legitimate businesses.
  • Be Careful Giving Personal Data Online. If you receive emails from someone you don’t know asking for personal data-don’t send the data without knowing who’s asking.
  • Be Wary of Emails Concealing Their True Identity. If someone sends you an email using a mail header (the from address) that has no useful identifying data it could mean that the person is hiding something.
  • Fortify Your System. Here are some basic safety tips you can implement immediately:
    • Password – Experts advise a strong combination of letters and numbers.
    • Virus Protection – Your computer’s anti-virus software needs to be up-to-date to guard against new strains.
    • Firewalls – This protective wall between the outside world and your computer helps prevent unauthorized access. Check regularly with your software company to be sure you have the latest updates.
    • Spyware – Anti-spyware programs are readily available. Every computer connected to the internet should have the software installed.. and updated regularly.


Fraudulent emails, appearing to be from a trusted source such as your credit union or government agency, directs you to a website asking you to “verify” personal information. Once scammers have your information, they have the tools to commit account fraud using your name.

What You Can Do:

  • If you receive an email that tells you to confirm certain information, DO NOT click on the email link. Instead, use a phone number or website address you know to be legitimate.
  • Before submitting any financial information through a website, look for the “lock” icon on the browser status bar, or look for “https” in the web address.
  • Report suspicious activity (see resources below)

Remember: Metrum Credit Union will never send you an email asking you to verify personal information!


Similar to phishing, pharming seeks to obtain personal information by secretly directing you to a copycat website where your information is stolen, usually with a legitimate-looking form.

What You Can Do:

  • Be wary of unsolicited or unexpected emails from all sources.
  • If an unsolicited email arrives, treat it as you would a phishing source (see above).


Short for malicious software, and also known as “spyware”, it is often included in spam emails. It then can take control of your computer and forward personal data to fraudsters.

What You Can Do:

Install and update regularly your:

  • Anti-virus software
  • Anti-malware programs
  • Firewalls on your computer
  • Operating system patches and updates

Congratulations! You’ve been hit with Lottery Fraud!

We’ve all heard it before. “If it’s too good to be true, it probably is.” Everyday, fraudulent correspondence is cycled around via email and mail involving Lottery Scams. If you receive any type of message stating that you’ve won the lottery-DO NOT BE FOOLED!. These are scams and have cost consumers millions of dollars. We suggest that you notify the FTC to report any fraudulent activity that you may receive.

Credit and Debit Card Fraud

Credit Card: Stolen card information is the most common transaction fraud. In its simplest form, it involves a criminal stealing your card information and running up charges in your name. Alternatively, fraudsters can steal personal information by phishing, spyware or other means, then open new credit card accounts in your name. Left unchecked, it can spoil your credit record, ruin your credit score, and make it difficult to land a new mortgage or even a job!

What You Can Do:

  • Implement the computer security measures noted above with Cyber-Fraud.
  • Destroy credit card solicitations before throwing them away. “Dumpster-diving” is still one of the ways criminals get cards in your name.
  • Shred financial statements before discarding.
  • Prepare a list of your credit card numbers and company contact information.
  • Report lost or stolen cards immediately.

Debit Card: For those who want the convenience of a credit card, but do not want the interest payments or large bills at month-end, the answer can often be a debit card. Unlike credit cards, which are much like a loan that must be paid back, sometime with interest, debit cards offer the convenience of cash and “pay-as-you-go” purchasing.

Unfortunately, fraudsters have learned that debit cards can be a like a blank check, enabling them to empty an account before the victim even realizes the card is missing. In fact, the card is not even necessary. With simply a name and a card number, thieves can empty an account while the card is still in the victim’s pocket.

One card threat is known as “skimming”. In this fraud, thieves set up a device that captures the debit card magnetic stripe and keypad information from ATM machines and gas pumps.

What You Can Do:

  • Do not keep your PIN with your card.
  • Be careful when using the card that no one is secretly watching (such as the person behind you in line).
  • If an ATM looks suspicious, consider that it might be a skimming device and go to another location.

MCCU Debit and Credit Card Fraud Prevention Service

Every transaction completed using your MCCU Debit or Credit Card is monitored by our card fraud centers. The monitoring systems have the ability to flag specific transactions as potential fraud, and block it from being processed against your account.

When potential fraud is detected, the fraud prevention service will attempt to contact you to confirm the transaction(s). If the service is unable to contact you, your card may get blocked to prevent additional potential fraudulent transactions from occurring.

The phone numbers for the fraud centers are listed below by card type. We suggest that you save these numbers in your mobile phone, with the label “Fraud Center”, so the caller ID will display this should you get a call from the system.

Card Fraud Center: 1-888-241-2440


  • Our messages will never ask you for PIN or account number.
  • It is important to ensure that your contact information is correct on your account. You may review (and update) your contact information through the It’sMe247 Online Banking system or by calling the CU at 303-770-4468.
  • Be proactive and review your account transactions frequently. If you find a fraudulent transaction, contact the credit union immediately by calling 303-770-4468 ext. 113.

Equifax Breach

What you need to know about the Equifax data breach

On September 7, reports were issued by Equifax that a data breach had occurred between mid-May 2017 through July 2017.

Equifax reports that “information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers.  In addition, credit card number for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information”. (

This data breach is exclusively with Equifax and has no connection with your Metrum Community Credit Union account or other financial accounts. HOWEVER, we do want to remind you to be diligent now and especially in the future with monitoring all of your accounts for suspicious activity.  Matt Schulz, senior industry analyst at sums it is up well “Bad guys can be very patient, so it’s important to keep an eye out long after this story fades from the headlines” (CNNMoney, published 9/7/17).

Below are links that may be useful should you have concerns.

Equifax to learn more about the breach, including how all U.S. consumers can enroll in complimentary identity theft protection and credit file monitoring services. to access the three credit reporting agencies to place a freeze on your credit report and learn more about how to report identity theft.

Past Breaches:

Yahoo Breach

Yahoo recently announced a security breach, that occurred in 2014, where the stolen data included over 500 million names, email addresses, phone numbers, birth dates, passwords and in some cases, security questions and answers.

Claims have also been reported that a hacker has been selling data from 200 million Yahoo users online.  As a reminder: Do not open an email if you don’t recognize the sender or purpose, and don’t click on links or open attachments, as they may contain viruses or malicious code. This includes emails that you may receive that appear to be from Yahoo- or any other company-that prompts you to provide a password, username or asks you to click a link.  If you need to change your password, access your account directly- not through a link.

A Word about Passwords:

Research shares, that over 50% of the population uses the same password for every relationship that they have on the internet, many of which have not been changed in five years or more.

MCCU strongly recommends that you use unique and complex passwords to access your accounts online through It’sMe247 Online Banking.  Complex passwords include at least three of the following: uppercase letter, lowercase letter, number or special character (!, @, #, etc.).

For more information about fraud prevention and recommendations on how to keep your account and identity secure, please visit our CU*Secure page: