Scam Resource Center

A gift card scam is a type of fraud where scammers trick people into buying gift cards and then persuade or coerce them into sharing the card numbers and PINs.

Once the scammers have these details, they quickly drain the funds, leaving the victim with a worthless gift card that they spent their real money on. Common tactics include impersonating authority figures (often government agencies and utility companies), claiming urgent situations, or selling fake or already-used cards online.

Gift cards are favored by scammers because they are nearly untraceable and funds are hard to recover once spent. Credit Union ONE will never ask you to purchase a gift card under any circumstance.

For additional information regarding gift card scams, please visit the Federal Trade Commission (FTC) consumer advocacy website.

Smishing, short for "SMS phishing," is a cyber scam where criminals send fraudulent text messages to trick recipients into revealing personal or financial information, clicking malicious links, or downloading harmful software.

These messages often impersonate trusted organizations, such as banks, delivery services, or government agencies, and use urgent or enticing language to manipulate victims into acting quickly. The ultimate goal is to steal sensitive data, commit identity theft, or defraud individuals and businesses.

In this example, we see scammers are attempting to impersonate the State of Michigan: 


Note a few things: 

1. The sender is a garbled string of letters and numbers from an incoherent website. 
2. The State of Michigan doesn't have a DMV. 
3. The State of Michigan doesn't have any toll roads.

Always slow down and ask yourself questions upon receipt of a notice like this. Take the time to really inspect everything, including the sender, the ask, and the content. When in doubt don't click on anything. Instead, reach out directly to the organization or company the message is claiming to be representing, by using contact information on their official websites. 

For more information, please visit the Federal Communications Commission (FCC) website.

Phishing is a cybercrime technique where attackers impersonate legitimate organizations or individuals—often via email, websites, or messaging platforms—to deceive people into revealing sensitive information such as passwords, credit card numbers, or Social Security numbers.

These messages typically use urgent or alarming language to prompt quick action, like clicking malicious links or downloading infected attachments. The stolen information is then used for identity theft, financial fraud, or further cyberattacks.

Both the Federal Trade Commission (FTC) and Microsoft have resources available to learn more about phishing attacks. 

Do you feel like you've been receiving an increasing amount of spam voice calls these days? You're not alone.

Vishing, short for "voice phishing," is a scam where fraudsters use phone calls or voice messages to impersonate legitimate organizations, such as banks, government agencies, or tech support. Then, they trick their victims into revealing sensitive information like account numbers, passwords, or Social Security numbers.

Vishing calls often use urgent or alarming language, spoofed caller IDs, and convincing scripts to pressure people into acting quickly and divulging confidential details.

If you receive a call from someone claiming to be from Credit Union ONE, do not provide them with any information. Instead, hang up, navigate directly to cuone.org, and call the official number listed there.   

To learn more about vishing and spoofing, please see the resources provided by both the Federal Trade Commission (FTC) and the Federal Communications Commission (FCC). 

Skimming is a type of scam where criminals use a small device called a skimmer to illegally capture data from the magnetic stripe of credit or debit cards during legitimate transactions.

These devices are often secretly installed on ATMs, gas pumps, or point-of-sale terminals.

Once the card data is stolen, scammers can clone the card or use the information for unauthorized purchases and identity theft. Skimming is especially dangerous because it’s often undetectable by the cardholder at the time of the transaction.

For more information regarding Skimming please visit the Better Business Bureau (BBB) website.

Government impersonator scams involve fraudsters pretending to be officials from government agencies, such as the IRS, Social Security Administration, or law enforcement agencies. The scammer’s goal is to trick victims into providing personal information, making payments, or sharing financial details. Once they have this information, they can use it to steal money or sensitive data for identity theft and other crimes.

These scammers often use threats of arrest, fines, or legal action, and may spoof caller IDs or send official-looking documents to appear legitimate.

For more information regarding these scams, please visit the Internal Revenue Service (IRS) website. To report a scam please visit the Federal Trade Commission (FTC) fraud website.

Website spoofing is a scam where criminals create fake websites that closely mimic legitimate ones, often posing as banks, retailers, or government agencies. They try to trick users into entering sensitive information like usernames, passwords, or credit card numbers.

These counterfeit websites often use similar logos, layouts, and web addresses (URLs) that are just slightly altered from the real site. The stolen information is then used for identity theft, financial fraud, or other cyber crimes.

For more information on website spoofing, please visit the State of Michigan's Consumer Protection website.