Beware of Account Takeover Fraud
Updated Dec. 29, 2021 — Do not share personal identifiable information with anyone who calls or texts you claiming to be from BECU’s fraud department. Learn to recognize the tactics fraudsters are using to take over accounts and drain funds within minutes.
Criminals spoofing BECU's phone number are claiming to be from our fraud department. Pretending to notify you about possible fraud, they seek to gain access to your accounts. Once they're in, they can transfer funds out of your account in minutes. Unfortunately, these fraudsters are good at convincing people they're from BECU.
Victims often report the person contacting them already has legitimate information like physical address and date of birth that made the contact seem authentic. Sometimes, however, the fraudster has no information and asks questions to obtain details from the victim. Fraudsters use these bits of information about a target to lend credibility to their act.
At least some of your personal information is likely on the internet where fraudsters can find it with a quick search. Most people have been impacted by a security breach, like those announced by Equifax and Marriott.
It can be difficult to tell if a call or text is legitimate. Make sure you understand how the scam operates so you can recognize and avoid it if you're targeted.
How The Scam Works
You receive a call or text message from someone claiming to be from BECU's fraud or security department.
If it's a phone call, caller ID displays BECU's number (because it's been spoofed to match). Text messages may direct you to call BECU at a different number (not 800-233-2328).
They alert you about possible fraud or suspicious transactions on your account. (You don't recognize these because they're made up.)
They ask for multiple pieces of verifying information, like your mother's maiden name, Online Banking user name, or password. (We don't call and ask multiple identifying questions.)
They may tell you there's been unauthorized online access to your account and they need to verbally verify your online password. (We never ask for your online password.)
If they don't get the password, they ask numerous security questions. (They use the answers to gain access to your account.)
When our online fraud prevention system asks for additional verifying information, the fraudster will ask for that, too.
They tell you they're sending a one-time security code so they can “assist in resetting your account information.” (The code is actually sent from our system as a security measure to protect your account from unauthorized access.)
They ask you to read back the one-time security code “they just sent you.” (We never request one-time security codes verbally by phone.)
Don't share the code! If you provide this code, the fraudster has full access to your account. They can set up a transfer and drain the funds within minutes using digital payment services in Online Banking.
What You Can Expect From Us
- We will not ask for your Online Banking User ID.
- We will not ask for your Online Banking Password.
- We will not include a link in a text message. A fraudulent or “spoofed” text message typically includes a link that directs you to enter your Online Banking User ID and Password.
- We will continually monitor your accounts for suspicious activity. If we suspect fraud on your debit or credit card, we'll send you a text message, email or automated phone call.
- If we send a text message, you'll be asked to reply YES or NO, or advised to call the BECU servicing number on the back of your card to verify card usage. If you identify unauthorized transactions, you'll be connected with a live person.
We take your privacy and security very seriously. If you think you've been a victim of fraud, contact us immediately at 800-233-2328.