Protect Yourself From Fraud: Tips to Avoid 3 Common Types of Fraud


In a previous blog post, “3 Types of Fraud to Avoid,” we discussed some of the most common types of fraud taking place today. Now that you are more familiar with those types of fraud, we want to provide you with more detailed tips on how to avoid becoming a victim of these three common ways fraudsters steal financial information:

  • Hacking is an attack directly on computer systems or websites that contain financial information.
    • Merchant account takeovers is a type of fraud that have been trending upwards over the last few years but exploded in 2020 and 2021. This is when a fraudster logs into a person’s merchant account (Amazon, Uber, Venmo) and uses saved payment information to make purchases for themselves.
    • Merchant account takeovers can happen when a person uses the same password across multiple online accounts. If that log in information is leaked from any one website, scammers can do something called “credential stuffing”, where they use programs to test that log in information across hundreds or thousands of popular websites, hoping to get a hit.
    • The best way to combat this type of fraud is to use strong, unique passwords for online accounts. Use a password manager can create and store unique passwords with ease. Learn more about password managers here.
  • Skimming is the act of stealing information directly from the card itself. Skimmers can be placed on card readers in public locations like a gas pump or ATM.
    • Card skimmers have only gotten more sophisticated over the years. With new technology, criminals have shifted to using card shimmers. Shimmers are paper-thin devices that are jammed into a card reader, usually at an ATM or gas pump, to steal the data from a chip card.
    • A shimmer is hard to see with the naked eye, but a telltale sign of a shimmer is a feeling of tightness when sliding the card in-and-out of the reader. If there is unusual friction, even slightly, there may be a shimmer in the ATM or gas pump.
    • If you suspect shimming is happening at an ATM or gas pump, report the incident to the establishment and replace your debit or credit card. It’s also a good idea to cup one hand over the other when typing in your PIN at an ATM or gas pump.
  • Phishing is an attempt to get financial information directly from the consumer by posing as a legitimate company or financial institution. Most people know not to trust the Nigerian prince who wants wire them money, but phishing emails have evolved beyond these far-fetched plots. This type of fraudulent email typically comes in two parts:
    • You are threatened with losing money. Examples of this include your PayPal account being suspended or fake unauthorized purchases made on your Amazon account.
    • You are promised something for free. Flashy emails that ask you take a survey for a free gift card, enter to win a free iPad/iPhone, or participate in a free trial of a new diet pill could actually be the first steps in stealing your money.
    • Never click on a link or sign up for offers in an unsolicited email. If you get an email from a vendor saying your account is suspended, visit that site directly to confirm. An example would be, if you are made to believe your PayPal account is suspended, go to and log in to see if it’s true, don’t click any provided links.

Always be wary of providing any personal information to unsolicited callers. WESTconsin representatives will never need your full card number, expiration date, and CVV number, and they will never need your online banking login information.

Text Message Fraud Alerts from WESTconsin

Amid the increasing threat of fraud, WESTconsin Credit Union is pleased to provide our members another level of protection against fraudulent activity on your debit or credit card transactions. If there is suspected fraud on your account and a mobile phone number is on file, WESTconsin will alert you via text message. Enrollment in fraud alerts is automatic for all debit and credit cards. Learn more!

WESTconsin Credit Union will never call, text, or email you requesting your personal information, including card numbers, passwords, or PIN. If you receive a suspicious phone call or email asking for your personal or confidential information, do not respond. Immediately contact WESTconsin at (800) 924-0022.


Send this blog post to someone: