Changes to VISA Debit Cards

Unfortunately many of our members using VISA Debit Cards are all too familiar with recent merchant data breaches over the past few years that have resulted in unauthorized activity on some member accounts. So far in 2013 the credit union has seen card fraud losses of over $35,000 on fraudulent transactions resulting from data breaches taking place with merchants. Neither the credit union nor the members have done anything wrong with these well publicized data breaches. Zaxby’s and Mapco Express are the most recent well publicized merchants involved with data theft of cards used at their establishments.

Members are not responsible for unauthorized charges on their accounts. That leaves the credit union to cover the losses associated with these data breaches and the counterfeit card activity that comes afterwards. To reduce the losses being realized by North Alabama Educators Credit Union, the following data changes are being made to VISA Debit Card operating rules for members when they utilize their cards. (Please note that all card issuers have similar operating rules in place);

A daily max limit of $3,000 for purchases will be in effect for VISA Debit Cards. If members know that they will have purchases that will exceed this daily amount they can call or visit one of our branch offices to request a temporary purchase limit increase for that day. Members could also write a check for larger purchase amounts if accepted by the merchant.

An hourly number of individual VISA Debit Card purchases will be limited to no more than 7 transactions per hour. Scammers and stolen card thieves hit hard and quickly when using someone else’s card. Our Fraud Monitoring Service constantly monitors VISA Debit Card transactions and scores them according to a risk score created by where and how the card is being used. Purchasing multiple gift cards with stolen cards is becoming more commonplace among card thieves. Once a card is declined, card thieves move on to another card.

The Credit Union is also pursuing more aggressive live fraud monitoring options that could decline a fraudulent transaction BEFORE it occurs. Denying transactions live before they receive an authorization is a balancing act between actual risk and perceived risk. Members these days can wake up in Huntsville, Alabama and be anywhere else in the country later that same day. It is very important that the credit union have accurate cell phone and other contact phone numbers to contact members when a card transaction is deemed to be suspicious. Our Fraud Monitoring Team will never call and ask for your personal information but will instead ask you about specific card activity taking place on your card to verify if they are valid or not.

We regret having to make these operational changes with regards to VISA Debit Cards. Consumers have grown very accustomed to using VISA Debit Cards like cash. Unfortunately the thieves have also grown fond of VISA Debit Cards. Since North Alabama Educators Credit Union is ultimately responsible for all unauthorized card activity, we have no choice but to take appropriate steps to reduce the card losses that affect the entire credit union membership.

$45 Million Cyber Bank Heist

It has been reported throughout many news outlets this week about the big cyber theft ring that was able to steal $45 Million in CASH from ATM's throughout the world across 26 countries. You read a headline like that and wonder "How can that happen?".

Unlike some of the other merchant data breaches that all financial institutions have seen over the years, this theft did not impact any individual consumer accounts. These cyber thieves were able to hack into the databases of prepaid debit cards and eliminate the normal daily cash limits and ATM limits. These cyber thieves produced their own cards and PIN numbers based upon card numbers registered within the databases. 

The first wave of worldwide ATM cash outs netted $5 Million in roughly 4,500 ATM transactions across 20 countries.

The second wave of attacks produced some 36,000 transactions in the span of 10 hours, withdrawing $40 Million from ATM's in 24 countries. 

These ATM's would be totally depleted of money. Once an ATM was empty of cash they would move on to the next ATM. It is amazing to think of the sheer logistics of having that many people hitting individual ATM's within a short period of time and over multiple countries. 

A few arrests were made in the New York area but that group only represented a local cell that had stolen $2.4 million in the New York area. It should be noted that all of the banks involved which suffered losses were foreign banks based in the Middle East. 

This was a huge story in the financial world this week. Additional security measures and monitoring will no doubt be upgraded throughout the world following this theft. I would also anticipate individual ATM owners imposing daily amounts for non-customers to avoid this situation where one person would perform one cash withdrawal after another until the ATM was empty. 

   

Fake Texts, Pop-Ups, and Downloads

Cyber-fraud thieves continue to bombard consumers with fraudulent contacts via text messaging, computer pop-up messages, and software apps that appear to originate from legitimate businesses or government sources. Consumers are being tricked into providing valuable personal information over their computer, phone, or fax that can result in funds being drained from their accounts.

Smart phones in particular are being targeted because scammers know that most users have their phones with them and tend to read and respond more quickly to text messages, calls, and emails. Beware of any contact that focuses on the "urgent" nature of a response. Creating fear and panic is one of the goals of cyber-thieves as they want people to react differently than they normally would under calm circumstances. Fake messages and fake web sites are also harder to detect on the smaller screen of a smartphone. The key is to never provide any personal information or click on any link in response to one of these "urgent" messages. Only communicate with your financial institution using phone numbers or email addresses that you are certain about.

Unexpected pop-up windows on web sites can often be an attempt to either infect your device with spyware or obtain personal information. It is normal for the credit union to request a login ID and password when you sign in to either home banking or mobile banking. It is also normal for challenge questions to be asked if you are signing in from a new computer or location. It is NOT normal however for a financial institution to ever ask you - through a pop-up window - to type your name and information such as account number, date of birth, PIN numbers, and other personal information.

Consumers should be very suspicious of unsolicited offers to download free games, programs, and other apps. These great "deals" could contain malicious software to direct you to fake web sites or install spyware used to steal information that can lead to loss of funds. Anyone surfing the Internet from their phone or computer device should always have an updated anti-virus service to protect against fraud. Consumers should only install programs and apps from legitimate web sites, such as your Internet service provider, financial institution, wireless phone company, or trusted app providers.

Mobile technology is a wonderful resource for consumers but it also provides a growing opportunity for cyber-criminals to generate new methods of committing fraud.

Recent TV News Story on Debit Cards

Earlier this week one of the local television stations ran a story on identity theft involving card fraud with debit cards and credit cards. The implication from the news story was that use of debit cards was not advisable because of the increased fraud liability expense to consumers for fraudulent transactions. It was recommended that credit cards be used for purchases rather than debit cards because of the reduced liability and the fact that card fraud thieves would be using the financial institutions' money rather than the consumer's personal account.

There are a few other considerations here. First off, North Alabama Educators Credit Union does not charge any liability expense to our members for unauthorized debit card transactions due to fraud. Many other credit unions follow this same policy. The law may provide the ability to charge a $50 liability expense for debit card fraud but very few financial institutions actually do this. Another concern in using a credit card for everyday transactions is actually paying off that credit card in the same manner that your would for debit card purchases. Consumer debt remains a big problem, especially credit card debt, so it does require good money management skills to keep credit card balances low or paid off to avoid the debt trap. Steering consumers to use credit cards for all transactions could produce some financial pitfalls if not managed properly by the consumer. Spending what you know you have can prevent unwanted debt.

There was also concern cited in the news story about thieves obtaining PIN numbers when using debit cards. Consumers don't have to enter their PIN number for all transactions when using their debit card. To enhance security of card PIN's consumers can always choose the "CREDIT" option at merchant Point-of-Sale terminals and sign for transactions when using their debit cards. The transaction amount would still be deducted from the checking account.

On a personal note, my own debit card number was compromised and used fraudulently this past fall following a data breach by a major national restaurant chain. A considerable number of consumers in this area had fraudulent transactions because of this breach. None of our members who were affected were responsible for any costs associated with fraud on their accounts. The stolen funds were returned to the affected accounts usually within the same business day.

Consumers are certainly free to choose how they wish to use debit and credit cards. The recent news story however did not paint the full picture of how debit card fraud is actually handled by financial institutions. It also did not address the possible pitfalls of only using credit cards for purchase transactions. The bankruptcy courts are full of consumers who had good intentions of paying back their credit card debt but were unable to for a variety of reasons.

January Blues

January of every year is a tough time for educational employees who are paid monthly. School systems typically pay their employees before the Christmas break. While it is nice to be paid early before the holiday, this also means that it will be 40 days or so until the next monthly payroll will be posted. The additional expenses associated with the holidays also add some financial strain to the family budget.


The credit union can help with some short term lending options that are far superior to stopping in and utilizing one of the many payday lenders out there. Our Holiday Loan will be available through the end of January that can provide qualified borrowers up to $2,000 at a fixed rate as low as 5.99% APR. You may only need $200-$300 until payday which the credit union can provide. Some larger lenders do not want to process smaller loan amounts because they are “not profitable”. A small overdraft line of credit can be established to cover financial holes that may develop from emergencies and unexpected expenses. There is no cost to have an overdraft loan available for use. It is simply a good backup plan should the need arise.

January is a time for reflection for many consumers as they look back over the previous year and prepare for the coming year. Member statements from December will reflect the total dollar amount of overdraft fees paid during the year. Did you pay more in fees that you wanted to? Do you want to pay fewer fees this year? Now is the time to make a plan for the future to keep more of your hard earned money in your own pocket.

Christmas Club accounts are another way to set aside a few dollars every pay period for those holiday expenses next year. The credit union actually has a variety of different sub-accounts available that can be separate from your normal savings account. We have members now who have established their own “vacation fund” or “mad money” fund sub-accounts to build a pool of money for a specific purpose. There is no cost to establish or maintain these sub-accounts under the primary account. Ask any Head Teller or Member Service Representative for assistance in creating one of these accounts.

State Farm Insurance Case

Today we were notified by State Farm Insurance that they would not pay anything on a claim that we had filed regarding a repossessed vehicle that had physical damage prior to our possession of the vehicle. The Credit Union was properly listed as a loss-payee with State Farm Insurance as required by all borrowers who have a collateral loan with the Credit Union. The Credit Union contacted State Farm Insurance as soon as the vehicle was repossessed since the damage was actually causing further water damage from rain. The State Farm Insurance claim agent stated that "we needed to sell the vehicle first" before any claims would be possible. If a loss existed after the sale of the vehicle we then could file for a claim, but not before. Other insurance companies by the way do not require us to sell a damaged vehicle "as is". What is the purpose of insurance if you can't have a vehicle repaired BEFORE you have to sell it? Makes sense right? It also makes sense that the probable pool of interested buyers will be fewer and the value of the vehicle will be less with physical damages that have not been repaired.

Needless to say the vehicle sold for less than what the borrower owed on the vehicle. That was pretty much expected. The borrower is responsible for any deficiency balance that remains after the sale of a repossessed vehicle unless the borrower has filed bankruptcy. To reduce that amount owed to the borrower, the Credit Union filed a claim (as instructed by State Farm Insurance) on the loss that remained following the sale of the vehicle. We expected to have to pay the deductible in force and and would receive the difference from State Farm Insurance. Now State Farm Insurance is saying that they will not be paying anything towards this claim, stating that "a loss does not exist".

This is just bad business. Insurance companies are notorious for taking premiums but then being less than enthusiastic about actually paying a covered claim. This is also a bad situation for the member who had their vehicle repossessed. They will now owe a remaining balance on a vehicle that they do not own. Had State Farm Insurance covered the damage claim prior to sale of the vehicle there is no doubt that the remaining loan balance would be much smaller and possibly paid in full in this case. The Credit Union is reviewing our legal options in this case. We will also be encouraging the credit union member to pursue their own legal options against State Farm Insurance since the actions of the insurance company greatly contributed to the deficiency balance that still remains after the sale of the vehicle.

The Credit Union will have no choice but to review our options for insuring adequate protection of our collateral loans. If the Credit Union determines that this claim incident is the normal standard practice for State Farm Insurance or any other insurance, the Credit Union has a right to restrict which insurance companies will be acceptable for our collateral loans.

0.00% Financing Myth

Is 0.00% auto loan financing always the best deal? Maybe not.

Consider the following example;

Saw a manufacturer’s offer of 0.00% financing or $3,000 off the price of the car. Which is better for the consumer? Consider a $23,000 vehicle;

$23,000 financed at 0.00% interest for 60-months would be $383.33 monthly. (Total of payments = $23,000)

$20,000 financed at 2.75% interest for 60-months would be $357.14 monthly. (Total of payments = $21,428.40)

A credit union member financing that vehicle with the credit union at 2.75% (assuming they qualified for that rate) would save $1,572 over the loan period.

Lending rates are already low now so a 0.00% rate does not offer the savings that most people think it would when compared to a decent rebate or price discount.

Another big advantage here is that the consumer would have equity in the car and be in a much better position if they totaled the vehicle or needed to sell within a few years. The key with any major purchase is to compare all available financing options and review the differences.