Say No to *72

The scam: A terrible phone call to a Sioux Falls, SD, man tells him of a death in the family, asks him to call another number for details and to begin his cell phone call with the code *72. What this actually does is transfer all calls sent to the cell phone to the number the caller has given — the scammer’s own number. The scammer then gives your number to his buddies anywhere in the world and they can phone him via your cell, with you picking up the charges — and knowing nothing about it — until you get your bill.

The solution: Don’t use the *72 or any other forwarding code to forward calls to a number you don’t know or recognize. You can enter *73 to clear call forwarding. (We’re not sure if *72 and *73 are the forwarding codes for all cell phones. Check your cell phone manual or talk to your carrier.)


We will update this page with new alerts as we become aware of new fraud schemes. Below are some common fraud schemes that we have seen or have been brought to our attention.
Google announced a new vulnerability called POODLE (Padding Oracle on Downgraded Legacy Encryption) which can bypass the secured connection often used when browsing to secured web pages. With POODLE, the vulnerability is related to a “man in the middle” type of attack. To protect your personal information, we suggest that you:

  • Always avoid any public Wi-Fi or connection you do not trust.
  • Disable SSLv3 and enable TLS 1.0, TLS 1.1 and TLS1.2 in Internet Explorer
    o Go to the Internet Explorer Tools menu, click Internet Options.
    o In the Internet Options dialog box, click the Advanced tab.
    o Scroll down to the Security category and uncheck Use SSL 3.0 and check use TLS 1.0, Use TLS 1.1 and Use TLS1.2, if available.
    o Select OK.
    o Exit and restart Internet Explorer.
  •  For Chrome: Google advised adding the following to the end of the browser shortcut after: chrome.exe” –ssl-version-min=tls1
  • For Mozilla Firefox: install the available plug-in.
  • Verify your browser by going to If a “poodle” displays, you are still at risk.


Another new vulnerability, called “Sandworm,” was discovered that allows an attacker to execute software on an unsuspecting victim’s PC. This vulnerability impacts all supported versions of Microsoft Windows. The attack comes in the form of email messages with attachments from trusted sources. The attachments include Microsoft Word documents, Excel spreadsheets, or PowerPoint presentations, etc. If you open the attachment, your computer can become infected without your knowledge. Then the attacker can execute remote commands.

Microsoft has already released an update to patch this security issue (CVE-2014-4114). Please apply this patch immediately. Also, if you are unsure of the legitimacy of email messages, do not open them and always validate attachments with the sender.

Smishing Text Message Scam!

We have received calls from a few of our members reporting two text messages that they received.

The first fraudulent text reads:
From: 1 240 349
There are issues with your credit union account. Call customer service now at 240.349.0118 to remove restrictions.

The second fraudulent text reads:
From: 1 240 349
You have a new credit union banking message. To hear this message call 240.349.0118 immediately.

When the number is called‚ it is answered by a mechanical system. To un-restrict their account‚ members are being asked to run a verification and enter their 16 digit credit card number to ensure that they are in possession of their credit card‚ expiration date, and 3 digit verification number on the back of the card.

Please Note: Money One FCU will never ask you to verify account information via a text message. This is an attempt to collect your account information.

If you responded to this scam and provided any confidential account information‚ please notify us at 301-925-4600 or We will assist you in changing any information to protect your account.

Epsilon Email Breach

Epsilon‚ an online marketing unit of Alliance Data Systems Corp.‚ announced that an outside intrusion had hacked into some of its customer files. Epsilon sends email campaigns and offers to consumers who register for a company’s website or who give their email addresses while shopping. Epsilon sends more than 40 billion emails annually and also runs loyalty programs for credit card users.

Money One does not use Epsilon for its marketing. However‚ we would like to remind you about how to prevent phishing attacks.

Be Educated on “Phishing”

  • Never click on any links provided in an email you believe is fraudulent.
  • Do not open an attachment to an unsolicited e-mail unless you have verified the source.
  • Do not be intimidated by an e-mail or caller who suggest dire consequences if you do not immediately provide or verify information.
  • If you believe the contact is legitimate, go to the company’s website by typing in the site address directly or using a page you have previously book marked‚ instead of a link provided in the e-mail.
  • Use the FTC (Federal Trade Commission) website, Consumers can take interactive quizzes designed to enlighten them about identity theft‚ phishing‚ spam and online-shopping scams. Elsewhere on the site‚ consumers can find detailed guidance on how to monitor their credit histories‚ use effective passwords and recover from identity theft.

Remember, Money One FCU will never ask you to provide account information via email.

New Recruitment Scam Using Craigslist Targets Credit Unions

Advertisements have been posted on Craigslist as part of member recruitment scams nationwide. The ads solicit current credit union members and offer $75.00 or more for their assistance with qualifying a new member. This scam is targeting credit unions and members across the country.

Sample of the posting:

screenshot of the scam email

NCUA Alerts CUs about Fedwire Scam

NCUA issued an alert warning credit unions of an email scam that claims the Federal Reserve Fedwire system has been compromised by a phishing attack, but the emails are really attempts to load malicious software onto users’ computers.

The alert says the email scam falsely tells users that banks and credit unions have been affected by a phishing attack against the Fedwire system, which has resulted in high levels of illegal wire transfers. Consumers are then directed to click on a link for additional information; however, the link opens Web pages with the malicious software.

FDIC also warned financial institutions about this scheme on Jan. 15 and maintained that Fedwire operations are not restricted and are operating as normal.
Regarding this scam, NCUA listed the following precautions:

  • If a link in the fraudulent email is clicked, the computer should be scanned with updated anti-virus software. If malicious code is detected, a computer security specialist should be consulted.
  • Do not follow Web links in unsolicited e-mails that appear to be from banking agencies.
  • Use anti-virus software and ensure the virus signatures are automatically updated.

Be alert to different types of fraudulent emails.

Unauthorized Use of Financial Crimes Enforcement Network's Name

The Financial Crimes Enforcement Network (FinCEN) has issued warnings about financial scams being undertaken through the unauthorized use of FinCEN’s name.

Some of the scams involve persons representing themselves as FinCEN officials seeking confidential information. The requests may be presented in letters bearing the FinCEN seal or an e-mail represented as official correspondence. “These scams often involve the enticement of a phony inheritance of sum of money and claim that FinCEN is holding or blocking the transfer of funds,” the agency said.

FinCEN advises anyone receiving such letters or e-mails to refrain from sending funds or information. Anyone who suspects a request or thinks they have been victimized should report the information to local, state or federal law enforcement, it said.

FinCEN doesn’t send unsolicited requests and doesn’t ask for personal or financial information from members of the public, though it may freeze or block the transfer of assets. The fraudulent messages may seem to come from an overseas office as well, but FinCEN notes it has no offices outside the United States.

NCUA Phishing Scam Alert! Please Beware!

This fraudulent e-mail message is being sent to members purporting to be from the National Credit Union Administration (NCUA). It directs recipients to click on a link to verify their credit union account number, PIN and other personal information. Please Note: Money One or NCUA will never ask you to provide account information via email.

Screencapture of a scam email

Please notify us at 301-925-4600 or if you responded to this scam and provided any confidential account information. Money One will assist you in changing your account, PIN, or any other action necessary to protect your account.

New Twist on "How" the Phishers Continue to Phish Credit Union Members!

Phishers seek every opportunity to find individuals who are willing to provide information for the criminals to tap into a financial gain. Once you provide your personal and/or financial information, the fraudsters are off and running to create financial losses to you and your credit union.

The phishers continue to change their phony e-mails by including false fraud protection techniques as a new twist to convince you the e-mail is from your credit union with the added educational information. Because of everyone’s fraud awareness, the phishers lure you to “take action” and provide the information by using an “online banking” log-in which will re-direct this site to the fraudster.

The “take action” the phishers are asking you to perform is:

  • deactivate your card(s) temporarily to guard against fraud
  • activate your card(s) by having you log on to an “online banking system” where the phishers are able to obtain member’s card information

The phishers convince you there is no need to contact your credit union to validate the email or telephone request involving the deactivation and activation process. It’s critical that you are aware of the new twists in the phishing fraud arena and that you should confirm any changes with your credit union.

Call us (301) 925-4600

Monday-Friday 8:30am-4:30pm

or Contact Us online anytime