Vishing Scam Leads to PIN-Based Debit Fraud

8/21/2018

Security Alert: Vishing Scam Leads to PIN-Based Debit Fraud

August 21, 2018

Credit Union Members are being targeted in a vishing (phone-based phishing) scam in which fraudsters spoof phone numbers making the calls appear to originate from the credit union. The members are asked to provide the CVV2/CVC2 codes (on back of card) and expiration date for the debit card. The fraudsters, already possessing the counterfeit mag stripe debit cards, use the information to change the PINs through voice response units. Then, they use the counterfeit cards to make ATM withdrawals, as well as purchases at Wal-Mart in Florida and Georgia. Credit unions in Indiana, Kentucky, Ohio, and Virginia have been impacted by the scam.

Please note: We will never ask you for sensitive information including the CVV2/CVC2 or Expiration Date of your Debit or Credit card by phone, text or email. It is good practice to never give this information to anyone over the phone, by text or email, reputable companies that you do business with will never request this information since they already have it.