8 Ways to Protect Members From CARES Act Stimulus Scams

As proceeds from the U.S. CARES Act begin to hit the nation’s pocketbooks and bank accounts, credit unions are strategizing how to help members manage their newfound cash. Fraudsters, on the other hand, are strategizing how best to steal it.

Millions of Americans are slated to receive $1,200 checks, while U.S. business owners are expected to obtain forgivable loans ranging anywhere from a few thousand to $10 million. With amounts like that, it’s no wonder scammers are seeing green. Add COVID-19 fears and economic uncertainty to the unprecedented volume of stimulus money, and you have an ideal environment for con artists who thrive on chaos.

In addition to providing members with guidance on how best to save, spend or allocate their stimulus money, credit unions should also educate both consumer and business members on best practices for sidestepping scams. Here are just a few of the traps we expect cyber crooks and other scammers to lay over the coming weeks and months, as well as steps you can take to help members avoid them.

1. Share examples of phishing attempts: Fraudsters will use a variety of channels to phish for the personally identifiable information (PII) of potential victims. Primarily via email, phone and text, the crooks will pose as financial institutions, IRS agents, law enforcement and other authority figures. They will make threats, request payments and ask for PII to resolve legal claims against a victim’s money. One of the best ways to warn members about these crimes is to show, rather than tell. Display screen captures of scams so they can have a visual of what the trap looks like.

2. Discourage engaging with criminals: Advise members not to reply to any communication about their stimulus funds directly (i.e., don’t open any attachments, return any voicemails or communicate with strangers on social media). If they are concerned the outreach is legitimate, and therefore feel they should respond, members should first contact the agency in question using a phone number listed on a trusted source. If that source is online, the member should navigate to the agency’s website on their own, not by clicking a link in a potentially suspicious communication.

3. Communicate CARES Act procedures and expectations: Use your social media and other digital channels to communicate often with members about what they can expect in terms of stimulus checks. Share the when, where and how of deposits, along with contact information for any questions they may have. A good offense can be the best defense against crooks who prey on confusion and uncertainty.

4. Encourage reporting to law enforcement: Con artists and other criminals bank on victims being too embarrassed to report their crimes. If your members are contacted by a fraudster, encourage them to report the incident to local authorities, as well as to the party the crook was posing as. The FBI, FTC and area Better Business Bureau chapters are also good places to keep informed of the types of scams floating around various communities.

5. Advise members never to spend money to get money: A sure trick fraudsters will play on victims is to claim they need money in order to process the person’s stimulus check. Warn members to put their guards up against anyone claiming they need to receive cash, gift cards, wire transfers or P2P payments before they can “release” the members’ funds.

6. Promote card controls and alerts: Not all fraudsters will be so bold as to reach out to a member. In fact, most prefer to stay behind the scenes, lying in wait for stimulus cash to begin hitting vulnerable accounts. Remind credit and debit cardholders to check their balances often. If you offer it, encourage members to set up card controls and alerts so they can take a further step in their own self-defense against fraud.

7. Check on travel status: Members who were planning to travel this spring and summer may have set travel alerts on their credit or debit accounts. Doing so typically loosens fraud prevention rules so the member is not stopped from transacting while away from home. Check for any upcoming travel statuses within your portfolio and reach out to the member to see if their plans have changed and if those statuses should be removed.

8. Update your dispute process: Because we can anticipate an increase in financial theft over the next several months, it will be important for members to have a simple, transparent and seamless way to report suspected fraud. There will also be an uptick in online purchasing as members follow shelter-in-place and self-quarantining guidelines throughout the country. Because of the often odd naming conventions used by e-commerce merchants, members with greater numbers of card-not-present transactions generally initiate a greater number of payment disputes. Anything you can do to make it easier, not only for the member, but also for your staff, to manage this process will be greatly worth the effort.

As you work to deploy some or all of the above strategies, remember to talk with other credit unions, too. Share what you and your members are experiencing; bring those bad actors out of the shadows and expose their crimes for everyone to see so that we can fight them in larger numbers.

We are facing incredibly unique circumstances as the world battles the coronavirus. These are circumstances that bring out the good just as often, if not more so, than the bad. Credit union people are strongest when they work together.

Ashley Town is Director, Fraud Management for CO-OP Financial Services, a provider of payments and financial technology to credit unions, based in Rancho Cucamonga, Calif.