Fraud Prevention - Quaker Oats Credit Union

Using P2P Payment Apps (Cash App, Venmo, Zelle)

There’s usually no fraud protection with payment apps. Per the terms and conditions P2P is a money transfer service. As a result, transactions may result in the loss of funds with no recourse.

This means you can’t cancel the transfer in a payment app if you accidently transfer your money to the wrong person (or to a scammer).

If you find unauthorized payments, here’s how to report it to the mobile payment app.

Cash App. Cash App recommends chatting through their app for the fastest service. To do so, open the app, go to your profile, and choose Support. You can also get help through cash.app/help or by calling 1 (800) 969-1940.
Venmo. Venmo recommends chatting through their app for the fastest service. To do so, open the app, go to your profile, and choose Get Help. You can also email Venmo through their contact form or call them at 1 (855) 812-4430.
PayPal. Report it online through PayPal’s Resolution Center or call PayPal at 1 (888) 221-1161.
Zelle. If you are enrolled with the Zelle® app and found an unauthorized transaction, please call us directly at 1(844) 428-8542.

Report It to the FTC

If you paid a scammer with a mobile payment app, report it to the Federal Trade Commission at ReportFraud.ftc.gov. When you report a scam, you help the FTC and other law enforcement agencies stop scams.

Tips When Using P2P Payment Apps

Use P2P payment apps only with people you know and trust. Per the terms and conditions – P2P payments should not be used for purchases of goods and services. Ex: buying tickets
Always double-check the recipient’s information to make sure you’re sending money to the right person. A good practice is to have the intended recipient send you a request before you send the money.
You should never have to transfer money to receive money from an app. If you are asked to do this, it’s a scam.

Fraud Prevention Best Practices

Create unique passwords for accounts consisting of at least 10 characters, including: upper and lower case letters, numbers, and special characters.
- Use password manager programs to help you remember and maintain your unique passwords. (Last Pass, Keeper, 1Password)
- Protect your payment app and log in with the strongest authentication available, like Face ID or Touch ID, two-factor authentication, or a PIN.
Disable automatic logins and set up notifications for all payment transactions.
Never provide sensitive account information to someone on the phone, text, or to links in an email. Legitimate customer service representatives will not ask for this information.
Share your travel plans with your financial institution.
Utilize transaction and activity alerts within online banking and Brella for your accounts. If you receive an alert for a transaction you don’t recognize, contact your financial immediately.

Best Practices – Don’t Be a Victim

Get your mail on time. If you are on vacation, ask for a friend or neighbor to pick it up for you. You can also have it held at your local post office.
Read refund and return policies prior to making an online purchase.
Continually monitor your credit /debit card transactions to increase the chance of spotting unauthorized purchases or withdrawals.
If you receive a text or email that looks suspicious, do not click on links or respond to it in any way. If you are concerned your account is compromised, check with your credit union using the contact information found on your financial institution’s website.
Watch what you share on your social media profiles to avoid potential romance scams.
Secure your personal information. Before providing any personal information, such as your date of birth, Social Security number, account numbers, and passwords, be sure the website is secure.
Do not open emails from people you don’t know. If you are unsure whether an email you received is legitimate, try contacting the sender directly via other means.
Resist pressure. Legitimate companies and charities will be happy to give you time to make a decision. It’s probably a scam if they demand that you act immediately or won’t take “no” for an answer.

Typical Vishing, Phishing & Smishing Scam Scenarios

Typical Vishing Scenario:

The scammer poses as a credit union representative and contacts the member using a spoofed phone number. The caller says there is a need to discuss an important matter and must first confirm the member’s identity. The scammer is already on the credit union’s online banking website and informs the member he/she needs to provide the PIN sent to the member’s phone or answer security questions. Since the caller says they’re from the credit union and the number on the Caller ID appears to confirm it, the member doesn’t hesitate to provide the requested information.

Vishing allows the scammer to use the information provided by the member to complete the login. They proceed to lock the member out of their account by changing the online banking password. The fraudster then transfers funds from the member’s account to his/her own temporary account before vanishing without a trace. The caller might even encourage the member to transfer funds to an external account claiming that the payment will be applied to a specific credit union loan.

Typical Phishing & SMishing Scenario:

The scammer may pose as an employee of the credit union’s fraud department and will send a spoofed email or text message to a member alerting him/her of suspicious debit card activity. Instructions urge the member to reply to the original message with account details, such as card numbers, CVV codes, PINs or other online account credentials. Phishing and SMishing give scammers valuable data they can use to make unauthorized charges or access the member’s account.

Credit unions will never ask for your:

· Social Security Number

· Credit or Debit Card Numbers

· Security Code or CVV

· PIN – Personal Identification Number

· Address

· Date of Birth

· Online Banking Login Information

· Verification Codes

· Passwords