CLCU: Six steps how to prevent bank fraud

California Lithuanian Credit Union (CLCU) and has been made aware of an industry-wide SCAM, not specific to our institution but to all consumers no matter their financial institution. CLCU is  providing you with information on what to look for to avoid being a victim.

 How the Scam Works:

• Step 1 – Fraud Alert Message: The member receives a text message labeled “FRAUD ALERT” asking if they conducted a specific transaction (Yes/No).
• Step 2 – Member Responds “No”: This response signals to the scammer that the member is engaged.
• Step 3 – Impersonation Call: The scammer calls the member, pretending to be the credit union’s fraud department, and reviews a list of fake transactions to create urgency and fear.
• Step 4 – Password “Reset” Deception: The scammer instructs the member to “reset their password” and requests the MFA (one[1]time) code that is sent to the member. o In reality, the scammer is using this code to complete the password reset and gain account access.
• Step 5 – Confirmation & Delay: The scammer asks the member to confirm they received a password change notification and then falsely advises them not to log in because a “high-risk flag” has been added to their account.
• Step 6 – Unauthorized Transfers: Once access is obtained, the scammer initiates unauthorized transfers such as Member[1]to-Member or External Transfers and, in some cases, uses Shared Branching to retrieve funds. 

IMPORTANT NOTE from CLCU:
Please see Step 4 and remember: CLCU will never ask you for the MFA (one-time code). If asked this identifies the interaction as a scam, and please stop/end the call immediately for your own protection.
 
If you suspect you are a victim of this or any other scam, please reach out to us immediately.