Facts, Fraud and Links You Can Trust

Facts, Fraud and Links You Can Trust

Due to an upsurge in fraud and scams, Armco Credit Union recommends that you do not click on ANY links on social media, email, or articles you read online. Never give your personal or banking information to ANYBODY whether it’s in the form of a phone call, text message, email, social media, or direct mail. If you do need to enter your personal or banking information into a trusted site, always verify the website yourself. Do not rely on a link to take you to a website as this could be a spoofed URL.

Similarly, the IRS does NOT initiate contact with taxpayers by email, text messages, or social media to request personal or financial information. Recognize the telltale signs of a scam. See also: How to know it’s really the IRS calling or knocking on your door.

Due to the high volume of fraud, we recommend that you check your TransUnion, Equifax, and Experian free credit reports on a weekly basis. Normally, each report can only be accessed for free once per year but they are now available free every week until April 2021.

To request a free credit report, please visit AnnualCreditReport.com and enter the prompted information. You should take these steps to ensure the accuracy of your report:

  • Verify all business names and payment dates are correct in the report’s transaction history;
  • Verify all addresses, additional lines of credit, and accounts are correct;

So, who can you trust for information? We have created this web page and will continually update it as new information is released from the US Treasury, IRS, and Commonwealth of Pennsylvania. You can trust the links on this page.

Stay vigilant. You can help prevent fraud with these simple steps:

  • Hover over and review any links in an email to confirm they are from legitimate sources before clicking on them or dialing any phone number contained in an email or pop-up alert.
  • When conducting Internet searches, confirm that the addresses and descriptions of the websites you’re directed to are legitimate.
  • When answering calls, be cautious of disclosing any personal information, and always be certain you’re speaking with an appropriate representative of your financial institution. If you’re ever in doubt, hang up and call your financial institution directly.
  • Ensure your computer systems, online browsers, and mobile devices are updated with the latest versions of data protection software. You might also consider adding Security Alerts to notify you of potentially suspicious activity in your accounts.
  • Use two-step verification, which requires a unique security code each time when available.

Trustworthy Links


Scams and Fraudulent Activity

Trustworthy article links

Tips to Avoid Scams

  • Look for imposters: Many times, criminals will pose as a government entity or an official business. If you are targeted by a scam artist through the mail, phone or email, do not provide personal information or money until you are sure you are speaking to a legitimate representative.
  • Approach unusual attachments and links with caution: Links to a website or attachments to an email could be infected with malware that download malicious software. Spyware can track the recipient’s keystrokes to obtain passwords, Social Security numbers, credit card numbers or other sensitive information.
  • Conduct research online: Using information included in a potentially fraudulent notice or communication, such as email address domain name, company name, address or telephone number, conduct a search online to see if a scam has been reported by other people or government agencies.
  • Keep Online Shopping Tips in mind for 2020 – https://www.consumer.ftc.gov/blog/2020/11/holiday-shopping-season-2020?utm_source=govdelivery

Steps to Follow if You Are a Victim of a Scam

The Department of Revenue reminds taxpayers that it has a Fraud Detection and Analysis Unit dedicated to assisting victims of identity theft and combating tax refund fraud.

If you are a victim of identity theft or discover a fraudulent Pennsylvania personal income tax return was filed using your identity, please contact the Fraud Detection and Analysis Unit by emailing RA-RVPITFRAUD@pa.gov.

Find more information on COVID-19-related financial scams. Anyone can contact the Department of Banking and Securities at 1-800-PA-BANKS or 1-800-600-0007 to ask questions or file complaints about financial transactions, companies, or products. If you believe you have fallen victim to a scam, contact local law enforcement through a non-emergency number.

Dispute any unfamiliar or incorrect information—the Office of Attorney General sent a letter to credit reporting agencies reminding them of their obligation to resolve these disputes quickly for Pennsylvania consumers.

Consumers can sign up for text scam alerts, which offer tips for consumers to avoid becoming a victim of a scam, warn about new scams, or update subscribers on consumer protection issues.

Pennsylvanians can sign up for these tips from the AG’s Office here.

Consumers in Pennsylvania can also file a complaint about an active or potential scam here and consumers in New Jersey can file a complaint here.

What is Spoofing?

Spoofing is when a caller deliberately falsifies the information transmitted to your caller ID display to disguise their identity. Scammers often use neighbor spoofing so it appears that an incoming call is coming from a local number, or spoof a number from a company or a government agency that you may already know and trust. If you answer, they use scam scripts to try to steal your money or valuable personal information, which can be used in fraudulent activity.

You may not be able to tell right away if an incoming call is spoofed. Be extremely careful about responding to any request for personal identifying information.

  • Don’t answer calls from unknown numbers. If you answer such a call, hang up immediately.
  • If you answer the phone and the caller – or a recording – asks you to hit a button to stop getting the calls, you should just hang up. Scammers often use this trick to identify potential targets.
  • Do not respond to any questions, especially those that can be answered with “Yes” or “No.”
  • Never give out personal information such as account numbers, Social Security numbers, mother’s maiden names, passwords or other identifying information in response to unexpected calls or if you are at all suspicious.
  • If you get an inquiry from someone who says they represent a company or a government agency, hang up and call the phone number on your account statement, in the phone book, or on the company’s or government agency’s website to verify the authenticity of the request. You will usually get a written statement in the mail before you get a phone call from a legitimate source, particularly if the caller is asking for a payment.
  • Use caution if you are being pressured for information immediately.
  • If you have a voice mail account with your phone service, be sure to set a password for it. Some voicemail services are preset to allow access if you call in from your own phone number. A hacker could spoof your home phone number and gain access to your voice mail if you do not set a password.
  • Talk to your phone company about call blocking tools and check into apps that you can download to your mobile device. The FCC allows phone companies to block robocalls by default based on reasonable analytics. More information about robocall blocking is available at fcc.gov/robocalls.

Beware of new phone scam impacting Members

Another credit union has learned of a new phone scam affecting its members and others around the country. The scam targets debit card information followed by large withdrawals from members’ checking accounts.

The gist is this — members get a phone call with the caller pretending to be with your credit union’s fraud department. The caller is likely using a spoofed phone number so the incoming number looks legitimate. The caller explains that possible fraudulent activity occurred on your card, and they provide you with fake transaction details so you believe your card was compromised. Under the guise of verifying your identity and helping you get a new card, the caller will attempt to gain your personal information and private banking information.

There are three major red flags that should tell members to stop the call and hang up immediately:

1. The caller asks for your card PIN.

Never provide your PIN to anyone – verbally or with your phone keypad. There is no valid reason that a caller will ever request your card PIN.

2. The caller asks you to provide your online banking ID or password.

3. The caller asks you to provide your card or CVV number.

If you have fallen victim to the scam, SHERPA Identity Theft Protection can help. Learn more here.


Beware of Automated calls concerning your debit or bank card –  Fraudsters will try to obtain your debit card information by automated messages saying they are calling from the credit union or your financial institution.  They will want you to enter your card number, expiration date, or security value(the 3 digit value on the back of the card).  This is a phishing attempt.  This is  were the fraudster is trying to get your information to draw funds from your account by creating a counterfeit card.

Armco Credit Union does have a legitimate card security monitoring system in place where you may receive a call from an individual to verify transactions that appear to be fraudulent.  However they will not need the above requested information to determine the validity of the transactions.    If you are ever suspicious about a call, contact us directly to speak with one of our account service representatives.


Numerous firewalls and other sophisticated security measures, developed over the years to protect financial institutions, make old-fashioned “hacking” much less prevalent.  Cyber-thieves prefer the easy rout – your computer.  Here are a couple tips to make sure your computer isn’t the weak link in the security chain.

Wired Access by Home Computer:  Use a current anti-virus/anti-spyware scanning program, a current patched operating system, and a secure browser program.  The Windows firewall should be activated, or another software firewall should be on the computer along with Intrusion Prevention or Intrusion Detection.

Access by Wireless Home Network:  Follow all of the above rules for wired home computers, PLUS your wireless router should have a strong password protection, and it is recommended the wireless network have at least WPA or WPA-2 PSK encryption rather than WEP encryption.


Please visit https://www.irs.gov/newsroom/tax-scams-consumer-alerts