At Sperry, the security of both your assets and information is a top priority.
We go above and beyond credit union industry best practices to protect your valuable personal information, as well as monitor your Sperry accounts for fraudulent activities. As such, Sperry's online systems are closely monitored and constantly updated to protect against the emerging threats.
That being said, it is important to remember that the security of your personal information cannot be reliant upon on these measures alone. When it comes to fraudulent activity and catching the fraudsters who engage in criminal acts, we all have the responsibility to protect ourselves by keeping up-to-date on the latest scams.
Some simple tips include:
- Protecting your P.I.N. - Always use your hand to shield your P.I.N. as you enter it.
If the fraudsters do not have your P.I.N., they won't be able to use a clone of your debit card for P.I.N. based transactions.
- When In Doubt, Give Sperry a Shout - If something seems fishy or unusual, such as an email you've received asking for your Sperry online banking ID and password, don't hestitate to give us a call.
- Remember - Sperry will never contact you online to ask for your account numbers, social security number, or online banking username or password!
Following these tips are a good start to ensuring that your accounts are kept secure. Unfortunately, there are scammers everywhere - so vigilance, and education, are both key! The information that is provided on this page can help keep your sensitive financial information safe, so check back often. You can find a comprehensive list of resources below the Scam Alerts section.
Sperry Scam Alerts
That Free Avengers: Endgame Download? It's a Scam!
If you’re looking to stream or download blockbuster movies when they’re still in theaters, you probably shouldn’t. Why not? Well, first and foremost, this is called piracy and it is illegal. Secondly, any “free downloads” you do find will likely be a scam.
Recently, a popular search engine result for Avengers: Endgame claims to offer either a download or a full viewing of the blockbuster hit. The movie even begins streaming automatically, but you’re prompted to make an account shortly after. Creating an account is free, but you soon find that you must “validate” your account using your credit card details.
Don’t be fooled! If it seems too good to be true, it probably is. Remember the following to stay safe when browsing online:
• Never download anything from an unfamiliar or questionable website. Especially if the download could be stolen, and therefore illegal, material.
• Never give information to a website you can’t trust. Even if you don’t enter credit card data, simply creating an account makes your email address more vulnerable to future scams–especially phishing attacks.
• Never reuse passwords. If you create an account on a dangerous site, scammers will try to use your email and password combination to break into your other accounts.
You Won't "LIKE" These Instagram Scams
Some of the latest social media phishing scams are making their way through Instagram right now. These attacks trick you into giving up your account’s login credentials so the bad guys can take over your account and further spread their malicious tricks.
Here’s how it works: You’ll receive a message from an Instagram user. The message claims they’ve seen some of your photos ranked on a “Hot List”, or even a so-called “Nasty List”. The message leads you to a fake Instagram account to see your ranking. The scammers include a dangerous, shortened link in their Instagram account profile, and use an enticing message to get you to click. Once you’ve clicked this link, you’re directed to a fake, but identical-looking Instagram login page. Don’t log in! If you enter your information here, it will be instantly sent to the bad guys.
Remember these tips when using social media platforms:
• Never open or respond to social media messages from strangers. Even if the message appears to be from someone you know, be cautious, their account may have been hacked.
• Shortened links are often used on mobile phones and social media profiles. If you can’t see the full address of where a link is taking you, don’t click! Wait until you can view the link on a desktop, and avoid clicking suspicious links altogether.
• Using shocking content to entice you is one of the oldest tricks in the book of phishing scams. If you receive an email or message claiming that your photos were seen somewhere, this is likely a scam. Don’t respond, and delete the message immediately.
A Spike in Malicious PDF File Scams
PDF files are commonly used in most organizations, regardless of what industry you work in. That’s why PDFs are often thought of as a “safe” file type. Do you hesitate to open them?
Over the past few months, there’s been an increase in the bad guys taking advantage of this trusted file type. They’re finding ways to hide malware in PDFs so they make it past the security filters your organization has in place. Most often, the malware is executed once you open the PDF and click on a misleading link in the file. A different PDF attack steals your login details when you open the file.
Always remember, never open an attachment unless you have asked for it. Even if the attachment appears to come from someone you know, pick up the phone to verify it’s legitimate.
Fake Emails from HR
The bad guys know how easy it is to trick you with emails that spoof–or appear to come from–your Human Resources team. These attacks are everywhere right now. The emails are often centered around topics such as “new” or “changed” policies, employee benefits, employee handbooks, payroll, and W-2 information.
Whenever you receive an email from your HR team, you may feel compelled to open the email and address it right away. The sense of authority that comes with HR emails is how the bad guys trick you. They’re counting on you falling victim to this sense of authority so you end up clicking before you think.
If you receive a suspicious email appearing to come from your HR team, or an HR-related service, always remember the following:
• Do not click on any links or download any attachments before picking up the phone and speaking with someone who can confirm the request is valid.
• Log in to the HR-related service account through your browser (not through links in the email) to check the validity of the information in the email.
Watch Out for Robocall Scams Saying Your Social Security Number is Suspended
Be on the lookout for a popular robocall scam that is tricking people into believing their Social Security number (SSN) has been suspended. The robocall tells you to call the number provided to speak with a government agent about the issue. Some of the robocalls even threaten to issue an arrest warrant if the victim doesn’t respond. When you call the number back, you are actually speaking with a fake government agent. This scammer will try to trick you into giving up sensitive personal information like your SSN, birth date, and bank account number.
Always remember the following to stay safe from tricks like this:
• Your Social Security number can never be suspended.
• The Social Security Administration will never threaten to arrest anyone.
• Do not share any type of personal information with anyone you don’t know over the phone.
• If you get this type of call, hang up the phone immediately and report the call to the appropriate agency.
Stop, look, and think - Don't be fooled!
Additional resources, sourced from the NCUA and others:
- Avoiding Social Engineering and Phishing Attacks
- Avoiding Tax Scams
- How to Spot Fake Checks
- Preventing and Responding to Identity Theft
- Phishing Prevention
- Preventing Malware
- The Dangers of Identity Theft
- Computer Security
- Spotting Internet Fraud
- Choosing Secure Passwords and Protecting Your Information
- Keeping Your Personal Information Safe and Secure
- Preventing Tax-Related Identity Theft
Resources to Help Combat Elderly Abuse and Fraud, and Senior Issues: