SECURITY CENTER

RECENT UPDATES

LAPFCU is Keeping Your Information Safe

An update from the latest security breach—1.2 billion user names and passwords stolen in Russian crime ring

LAPFCU takes security threats and the security of your account information and credentials very seriously. You may have heard about the recent theft of 1.2 billion user name and password credentials by a Russian crime ring. According to The New York Times, the criminals, so far, are not using the information to hack into financial accounts, they are using the information to send spam to the victims. For example, they are sending emails, from what appears to be an acquaintance, trying to sell you a product.

Rest assured, LAPFCU has strong security measures in place to help prevent vulnerability to this attack, and PATROL Online Banking has security features in place to help prevent any issues, however there are things can do to further protect yourself.

What can you do?

  • Change your current passwords and make sure they are different for each website
  • Use an alpha-numeric password (a string of letters and digits) and include symbols, if possible
  • Use a variation of upper and lower case letters for a stronger password
  • Make sure your password does not contain personal information such as your birthday, social security number, pin numbers or home address
  • Add additional security questions or a second password, when applicable
  • Use a two-step authentication login process, when applicable

We are closely monitoring the situation to ensure your data remains safe and secure. If you would like to learn more about protecting your identity, LAPFCU offers I.D. Enforcer, a Fraud and Credit Monitoring service powered by Identity Theft 911 which offers unique features tailored toward those in law enforcement families.

Perlroth, Nicole, and David Gelles. “Russian Gang Amasses Over a Billion Internet Passwords.” The New York Times. The New York Times, 5 Aug. 2014. Web. 6 Aug. 2014.

March 2014

Look Out For Tax Scams!
Tax season is a prime time for thieves, hackers and con artists to go after potential victims. Here are "the Dirty Dozen" schemes the IRS is warning about:

1. Identity Theft
The number of identity theft-related criminal investigations surged 66% in 2013. Receiving a notice from the IRS saying that more than one return has been filed under your name is an indication that your identity may have been compromised. In that case, contact the IRS Identity Protection Specialized Unit at 1-800-908-4490.

2. Phone scams
A new scam is gaining popularity, where fraudsters call and pretend to be from the IRS. Some callers demand tax payments and even threaten arrest or other law enforcement action if the person refuses. They may even hang up and call back pretending to be the police. Others tell victims they are owed large refunds and ask for personal information in order to steal their identity. If you believe you’re a victim of this scam, call the Treasury Inspector General 1-800-366-4484.

3. Phishing
If you receive an e-mail that appears to be from the IRS and asks for personal information, it’s most likely a phishing scam that wants your identity and your money. The IRS does not reach out to taxpayers via e-mail, texts or social media, so relay any such messages to [email protected]

4. "Free Money"
Be wary of fliers and ads promising "free money" from the IRS or anyone offering a refund that sounds too good to be true. Some scammers target low-income and elderly people, often through churches, convincing them to claim credits they aren’t entitled to — and even Social Security rebates that don’t exist. These con artists often charge up-front fees and disappear without a trace before the IRS rejects the claims. The victims don’t just lose the scammer’s "fee" — they could also get hit with a $5,000 penalty for making intentional errors on their return.

5. Return preparer fraud
Make sure your tax preparer has an IRS Preparer Tax Identification Number (PTIN). If a preparer doesn’t put this number on your tax return as required, or fails to sign the form, that should raise a red flag. And watch out for preparers who base fees on the size of your refund. Complaints about shady tax preparers can be submitted here, via Form 14157.

6. Hiding income offshore
If you have a legitimate account abroad, you won’t get in trouble if you properly complete the reporting requirements. But by failing to disclose assets held in offshore accounts, you risk huge penalties — including a fine of $100,000 or 50% of the account balance, whichever amount is greater.

7. Fake charities
It’s common for scammers to create fake charities to fraudulently collect money — especially in the wake of disasters. Before giving money to a charity, verify that the organization is legitimate and that your donations will be tax deductible by using the IRS’s Exempt Organizations Select Check. And don’t give cash — use a check or credit card so you have proof of payment.

8. Inflating income and credits
Boosting income or expenses to get bigger credits than you deserve can get you in big trouble with the IRS. If you get caught, you’ll have to return any fraudulent refund and pay interest and penalties on any amount owed.

9. Frivolous arguments
Trying to get out of paying taxes? Here are some arguments that will never work: Filing a tax return is voluntary, only gold-based money is taxable or your state isn’t part of the United States. Anyone who tries to tell you differently can’t be trusted. These are considered frivolous arguments and will be rejected, and you could face a number of penalties.

10. Falsely claiming no income
Taxpayers who fall prey to schemes convincing them to falsely report their taxable income as zero could face a penalty of $5,000.

11. Evading taxes
Some shady investment advisers and tax preparers are creating and promoting complicated tax structures and shelters that clients can use to evade taxes — often involving multiple entities and offshore accounts. If someone has tried to convince you to evade taxes, report the incident using Form 14157.

12. Abuse of trusts
Common schemes recommend you transfer money into trusts to reduce your income and avoid paying taxes. While there are appropriate uses of trusts, the IRS has seen a growing number of people improperly use them. The rules governing trusts can be very complicated, so to avoid getting caught up in an illegal arrangement, the IRS recommends consulting with a tax professional.

February 2014

Smart Security Precautions for Smart Phones and More

The news is full of stories about the lightning-fast methods tech-savvy criminals use to lift key personal data from cell phones, laptops, tablets and other mobile devices. Discovering that your intimate conversations, pictures or texts are now widely available on the Internet for all to see can be damaging to your personal life and livelihood. Avoid being victimized by cell phone hackers by protecting your passwords and being wary of anyone who might want to harm your reputation.

  • Use passwords, and don’t share them with anyone else. Even when you make an exception for someone you trust deeply to help you out with a quick need, change the password after they’ve helped you.
  • Don’t share your phone passwords with anyone at work or in your group of friends, and shield your screen from view when inputting passwords in public spaces.
  • Don’t program passwords into your cell phone; you don’t want a thief clicking your LAPFCU mobile app and having access to your financial data.
  • Don’t keep private data in your phone for a long period of time. The data will be lost to you, possibly permanently, if hackers compromise your email. Even resetting your password and logging back into your account doesn’t let you access the information you stored there earlier.
  • Create a password update schedule and write down in code in your datebook when you plan to update your passwords.
  • If you have Bluetooth enabled, make sure “Discoverable” mode is disabled so that your phone can’t be detected by others scanning for Bluetooth devices in the area.
  • Install mobile security software if your phone supports it; some phones will lock out any entry after the phone has been idle for awhile. If your phone is stolen, this lock out will stop a thief from accessing your private data.
  • Did you know there are no "viruses" for mobile phones? However, there are some known "malware" apps that try to steal information off of your phone. Mobile security apps will check your phone for these and notify you if any are found.

Staying in touch is easy with today’s modern communication devices, but you don’t have to make it easy for hackers to steal your identity and information. Protect yourself!

If you believe your LAPFCU accounts have been breached, please call us immediately at (877) MY-LAPFCU.