Unlawful Robocalls February, 2020 Close/ Open


The following contains links to sites not owned or operated by ACU. Please review their terms of use.

District Attorney's Office - 18th Judicial District

Unlawful Robocalls are Going Away

Good news! As of this year, phone companies now have the authority to legally stop fraudulent robocalls from being forwarded on to customers. This follows the creation of SHAKEN/STIR – multi-verification technology recently developed by the phone industry that can now accurately distinguish misleading robocall phone numbers from legitimate numbers associated with school closure notifications, medical appointment reminders, etc. This level of verification was necessary to assure the industry that vitally important calls which might otherwise be mistaken as scams would still go through to customers.

To further aid in the reduction of illegal calls, the federal TRACED Act was signed into law late last year to expand the detection of such perpetrators operating within the U.S. and from around the globe. Since the initiation of auto dialers, i.e., devices that send out thousands of calls simultaneously, Illegal robocalls have been difficult to control, especially those originating overseas, and which comprise the bulk of scam calls coming in to the U.S. Penalties upwards of $10,000 can now be imposed on those who are caught. Another big take-away as a result of these efforts will likely be a reduction in spoofing, i.e., fake numbers that show up on caller ID’s for the purpose of tricking consumers into picking up their phones.

Other important points:

  • SHAKEN/STIR technology only interacts with digital communication devices, e.g., cell and internet-connected phones (VOIP). Unfortunately, older analog landline phones, considered outdated by today’s standards, cannot interface with wireless or digital phone systems. However, land-line users who also have cell phones should explore cell phone apps that can connect with and block unwanted calls left on their landlines at a distance. For more information, go to: www.Mymail.com., or contact your phone company.
  • By law, phone companies cannot charge a fee to customers for this call-blocking service.
  • Consumers are still encouraged to add their cell and landline numbers to the Federal and Colorado Do Not Call registries. Unlike typical scam calls that are deliberately placed to fool consumers into forking over money, legitimate businesses are still allowed to solicit consumers over the phone if the business has had dealings with that consumer within the past 18 months, and/or the consumer has given his/her expressed permission allowing such calls. Pollsters, political organizations and non-profit agencies are also allowed to call. Legitimate agencies who violate this law by not checking consumers’ numbers against the Do Not Call registry should be reported to the Federal Trade Commission at 1-888-382-1222; (TTY):1-866-290-4236. Such agencies can face significant fines if they violate consumers by calling to solicit them. A word of caution: Don’t expect a major reduction in robocalls overnight. It will take time.

Unclaimed Money Scams  October 9th, 2019 Close/ Open


The following contains links to sites not owned or operated by ACU. Please review their terms of use.

District Attorney's Office - 18th Judicial District

Avoid Unclaimed Money Scams

Could you be the recipient of unclaimed money? It’s true that you may have assets sitting in a forgotten or closed business account somewhere in your state, e.g., a financial institution, utility or insurance company, etc., or a safe deposit box at a bank. Businesses holding inactive accounts must notify current and former customers of the existence of these accounts, and by law, must turn over any unclaimed or inactive accounts to their state treasury or revenue departments if not claimed after a period of time. However, businesses often hire third-parties to locate such account holders first. Any consumer can search a state’s unclaimed property website to determine if they have money to be claimed, then request repayment if so.

There are also legitimate businesses that conduct extensive, and/or national unclaimed property searches for a fee, provided the customer has signed a contract. Typical payment for such services are based on a percentage of the assets that are recovered. Not surprisingly, variations of scams are floating out there to trick consumers into providing personal information, and/or, sending money under the lure of receiving assets that don’t actually exist.

Signs of unclaimed money scams:
  • You receive an official-looking letter notifying you of unclaimed property that has been located in your name and are asked to send money in exchange for your “unclaimed” funds. Oftentimes, the information must be kept confidential. But it takes a bit of sleuthing to determine if the notification is in fact, legitimate, or if it’s a scam. For verification, always check with the holding institution first, (their name should be referenced in the letter) to verify that the solicitor is working on behalf of that company. Legitimate companies won’t ask for money because they are already being paid by the holding company to locate you.
  • Letters, emails or phone notifications of a sweepstakes “winnings” that you missed out on or didn’t know about, and are told the money was turned over to the state. In order to claim the alleged winnings, you are asked to send money, personal information, or both in order to receive the “payout”. In legitimate sweepstakes contests, there is a period of time in which to claim the winnings, or the money is returned to the state and often used to finance public amenity projects. Remember: you have to enter a sweepstakes in order to win!

The good news is that it's easy and doesn't cost a thing to conduct your own website search. Click on https://colorado.findyourunclaimedproperty.com to access Colorado's Great Colorado Payback program.

To see if you have unclaimed assets in other states, go to http://www.nupn.com/statedata

To search for unclaimed sources of government funds, i.e., back wages, tax refunds, pensions, etc., click here

18th Judicial Consumer Protection Line: 720-874-8547

Social Engineering Scams (Text Messages)  October, 2019 Close/ Open


Criminals in possession of card details and other forms of personally identifiable information (PII) are spoofing credit union phone numbers in an effort to fool credit union members into thinking that text messages are actually from the fraud department of a particular credit union. Fraudsters are sending text messages under the guise of trying to validate recent card activity and are including hyperlinks within some text messages.

Fraudsters are also using text messaging to deceive credit union members into providing card related data and log in credentials. Instances have been reported of fraudsters impersonating members to request a change in contact information such as mobile numbers. Fraudsters have also contacted credit unions, impersonating members to report upcoming travel as a means of lowering the monitoring of debit and credit card transactions.

Attacks to obtain personal information from credit union members are known as SMishing (SMS text phishing) and Vishing (Voice phishing). A typical SMishing occurrence can begin with a member receiving a text message inquiring about a suspicious transaction on an account. In reality, the fraudster is looking to obtain other information from members such as debit card numbers, CV2 codes, expiration dates, PINs and other web login credentials.

Below is a summary of items included on a valid fraud text message from CO-OP on behalf of a credit union and what items will not appear on a legitimate outbound message.

SMS/Text will include:

  • CU abbreviated name
  • Last 4 of Card #
  • $ Amount in question (with dollar sign)
  • Merchant Name
  • Reply Options: YES, NO, STOP(to opt out)

SMS/Text will not include:

  • Requests for CH data, such as card numbers, PINs, CV2 Codes, Expiration Dates
  • Vague reference of "Merchant" Transaction details should be included
  • Hyperlinks to unknown websites
  • Phone Numbers as Hyperlinks

Capitol One Breach   August, 2019 Close/ Open


July 19, 2019

Capital One Breach Highlights Risks to Millions of Account Holders

Late last month, news broke regarding a massive data breach, possibly the largest ever, at Capital One Financial Corporation. At present time, they have identified over 100 million consumers who have been impacted, including current credit customers, and consumers and businesses who applied for Capital One credit products (more information can be found here). While cooperation with local and national law enforcement has helped stop much of the sensitive information from being distributed, this illustrates a very real threat to consumers.

Am I protected from this type of breach?

At Arapahoe Credit Union, we take the loss of personal information seriously. That’s why we have products and services available that can help protect you against Identity Theft. This means that if you have been impacted by this breach, you have protections to help you recover your identity and related expenses. ACU has Identity Safe available to members. A comprehensive recovery program to help, if you believe you may have experience theft, or your identity may have been comprised. Find out more information here.

Any questions please feel free to contact the credit union and we can help.

One-Ring Scam Calls   July, 2019 Close/ Open


The following contains links to sites not owned or operated by ACU. Please review their terms of use.

District Attorney’s Office - 18th Judicial District

One Ring Scam Calls are Back in Circulation

There has been a sudden spike in the number of complaints from area residents who are receiving one-ring phone calls over their landline and cell phones. The phone rings once then abruptly cuts off before the person has a chance to answer, leaving only a missed call notification on the phone. The call is then followed by repeated phone calls that happen either in short sequence - usually overnight, or over the course of a day. These calls always display the same call-back number.

Victims may be tempted out of sheer curiosity to answer, or they may assume the caller is trying to get through but is being cut off. Those who do call back are put on hold by an operator where they wait, often a minute or longer before realizing that no one is coming on the line. In fact, they have just put forth an international call to a scammer who collects the long distance fees that are billed to the consumer. Fees usually include a connection charge in the range of $35.00 - $40.00, in addition to fee-per-minute charges. The scam is usually not discovered until the victim gets the phone bill but fortunately, these fees can be deducted if it is reported to the phone carrier when the bill comes in. As with other robocalls, scammers are using auto-dialers to send these out to thousands of consumers a minute which accounts for the excessive volume of robocalls that consumers receive every day.

Other signs:

  • The caller ID number will be prefaced by a three digit number resembling an area code that could be construed as any US code. However, such calls often originate in other countries that also use three digit area codes.
  • Other numbers may be spoofed to appear to be local.
  • To remove charges:

  • Look for long-distance calls usually listed on the bill as premium service, international call or toll call.
  • Report the date of this scam to your phone carrier, the details of the scam and the phone number that appeared on caller ID and ask them to deduct the charges. Also, if you don’t anticipate needing international phone call service, request that your phone company remove this feature from your plan.
  • Report the call to the Federal Communications Commission at https://FCC.gov/complaints
  • DA – 18th Consumer Protection Line: 720-874-8547

    Credit Review Reminder  April, 2019 Close/ Open


    The last few years have seen data compromise after data compromise. Equifax was far and away the worst (more on that below, but there have been several others. We absolutely recommend you take a moment or two to review yours.

    Pro-tip: You can pull your report from one bureau now, and another in four months. Then, pull your report from the third bureau in another four months to maintain the most contant, year-round monitoring.

    You will want to use AnnualCreditReport.com to pull your information. Beware, the site may ask you to purchase your actual credit score. You most likely don't need this information as it is available elsewhere for free. Once you have your report, let us know if we can help you read it or if you have any questions.

    Roof Repair Scams   April, 2019 Close/ Open


    The following contains links to sites not owned or operated by ACU. Please review their terms of use.

    District Attorney’s Office - 18th Judicial District

    Roof Repair - Think Ahead as Hail Season Approaches

    Spring and hailstorm damage go hand in hand, making it “high season” for contractor complaints. Given the numerous complaints law enforcement receives this time of year, now is the time to consider steps to take for repairing a roof or property in the event of hail or storm damage. Consider the following: The greatest number of complaints are against door-to-door contractors, especially those who come knocking right after a hailstorm.

    The most common complaint type is contractor nonperformance—the homeowner gives money up front to an untrustworthy contractor who may or may not begin the work and then disappears—closely followed by poor quality of work grievances.

    If the loss to the consumer exceeds the $7,500 amount for small claims court, the consumer may have to risk hiring an attorney to file a lawsuit. Consumers may end up winning judgments that they can never collect.

    Under the Colorado Mechanics Lien Law – C.R.S. 38-22-101, subcontractors and suppliers have the right to place a lien on an owner’s property if they are not paid by the contractor for the work they performed on the home. The law insures that subs/suppliers are fairly paid for the value they provide to a home as a result of their work.

    Before buying a salvage vehicle:

    Door-to-door contractors are not necessarily scam artists, but doing business with one out of sheer convenience is risky.

  • Research all prospective contractors. Ask your insurance company for a recommendation. Review the business on the Better Business Bureau website at www.bbb.org Things to look for include the length of time the company has been in business and the number of complaints the business has received. How the business handles such complaints is often revealing
  • Check with the building department in your city or county to see if the contractor is licensed.
  • Get at least three bids. Many companies will not request any payment before work is completed. A roofing contractor is prohibited by law from waiving your obligation to pay your insurance deductible.
  • Understand the contract before signing. The contract should have a start and end date, and a clause that indicates how disputes will be handled. Understand your obligation if the insurance company does not pay for something. Once the work commences, get all change orders in writing.
  • Get a signed lien waiver from the contractor when you make your payment to insure that all subcontractors and suppliers have been paid to avoid a lien being slapped on your home (see Mechanics Lien Law, above)
  • Understand your rights under the Residential Roofing Services statute, C.R.S. 6-22-101. A roofing contractor must disclose their surety and liability coverage insurer and provide the homeowner with written notification that the roofing contractor shall hold any payment from the residential property owner in trust until the roofing contractor has delivered roofing materials or has performed a majority of the roofing work on the residential property.
  • DA – 18th Consumer Protection Line: 720-874-8547

    Browser Extensions  March, 2019 Close/ Open


    We have recently seen instances of unusual and pretty clever attempts to steal information. To pull this one off, fraudsters rely on members to download specific browser extensions that often come attached to other downloads. They then use this browser extension to load dynamic ads onto a person's computer.

    What makes this clever is that the ad program/ extension knows when you are on a banking site and loads a pop-up that matches that site. This message builds fear by saying your credit union is compromised and you need to provide certain information. Of course, that information does not go to your institution and the message fabricated.

    Please know that this is a very clever scam. If you ever receive a message of account compromise, please contact us by phone where we can take further steps to ensure your account is unaffected. In the rare case something has happened, we may wish to begin your Identity Safe protection. Unfortunately, you will also need to take additional steps to remove the malicious software from your computer. Again, if you see something unusual regarding your account please contact us first before sharing any information.

    Credit Freezes September 26, 2018 Close/ Open


    You can now make credit freezes for free. Last year's data compromise resulted in a bill asking agencies to start offering this resource for consumers. You can set up credit freezes at any of the agencies websites:(Experian, Equifax, TransUnion, ChexSystems.) ACU also has tools and resources available to help and want to keep our members informed about all options available. If you have any questions or concerns about a specific situation please contact us and we can offer guidance and assistance.

    IRS Tax Fraud Phone Scam February 16, 2018 Close/ Open


    Recently members have been receiving automated phone calls claiming they are with the IRS about committing tax fraud and using scare tactics threatening lawsuits, warrants, and family penalties; these calls are scams. If you do receive one please ignore it and don’t provide any information or account numbers in response to these calls. The IRS will contact you by mail not by phone or email. Although, if they do contact you by mail, be sure not to ignore any official letters and reply as soon as possible.

    Additionally, please remember to file your taxes as early as you can to avoid any mishaps or tax scams. Of note, TurboTax offers a $5 discount for credit union members. While we don't endorse TurboTax specifically, you can redeem that discount here.

    Additional Information: District Attorney’s Office - 18th Judicial District

    Fraud Alert Warning: New IRS Refund Scam is Gaining Traction

    There is a new IRS scam that’s spreading and is playing off of the more widely known tax imposter phone scam that claims money is owed to the IRS. This newly hatched, very intricate scam involves criminals who are processing and sending tax refunds directly to consumers and then calling and scaring them into returning the funds. Prior to late January when the IRS began accepting 2017 tax returns, criminals brazenly infected the computers of tax preparers and stole tax information on clients. Now they are using this data to process actual tax refunds. Once the refunds are sent, the crooks will call, text, or leave phone messages claiming to be agents or debt collectors from the IRS, and threatening victims with scare tactics if they don’t send their ‘fraudulent’ refunds back. There are obvious red flags with this scam, the most notable being that crooks are demanding payment using a wire service, or are instructing their victims to load a pre-paid card with money, then calling in a code, instead of instructing them to send the refund directly to the IRS. This tactic of requesting funds through round-about means is the hallmark of a typical phone scam. The second red flag is that the IRS won’t call you, even if you owe them. If your caller ID shows up as “IRS”, or “U.S. Department of Treasury, it’s a scam, and don’t respond. Although the IRS won’t call you, crooks will try to make it look that way by “spoofing” the information that appears on your Caller ID.

    Steps to take if you are concerned, or have already received a refund:

    • Immediately contact your tax preparer if he/she has not notified you of this scam, especially if you’ve already received a refund, or a refund you weren’t expecting. Usual turnaround time on a refund request is ten days, so any quick return of a refund should be questioned.
    • In truth, fraudulent refunds must immediately be sent back to the IRS so they can take measures to correct and restore the client’s account to good standing, then process an appropriate refund. If you received a mailed refund check, void it and send it back to the IRS, along with a copy of the return and explanation as to why the check is being returned. If the check was automatically deposited, call the IRS to explain what happened (800-829-1040 for individuals or 800-829-4933 for businesses), then notify your bank so they can return the money. Finally, if you’ve already spent part or all the refund, you will need to write a check to repay the IRS. Send your check to your local IRS service center, along with a note explaining you were a victim of this scam. Make certain you have the correct IRS return address. Your tax preparer will have this information and should be able to guide you through these steps. For more information on this scam, contact the IRS at: https://www.irs.gov/newsroom/tax-scams-consumer-alerts

      The following contains links to sites not owned or operated by ACU. Please review their terms of use.

      Lastly, if you are unsure about a call, email or letter you receive, don’t hesitate to contact ACU by simply clicking/tapping the button below and we can provide assistance.

    Equifax Breach September 8, 2017 Close/ Open


    The following contains links to sites not owned or operated by ACU. Please review their terms of use.

    The breach has been reported as potentially affecting 143 million US consumers. Personal data, including birth dates, credit card numbers, Social Security numbers and more, were obtained in the breach. This potentiates identity theft opportunities related to the 143 million personal data records that may be appended to other acquired records and leveraged for account takeovers.

    Attached is the link to the Equifax website. On the home page, you will be able to determine if your credit information was exposed by clicking on the “Potential Impact” button, then following the instructions.

    What you can do

  • Monitor credit activity (www.annualcreditreport.com, etc.)
  • Reset account passwords, PIN codes and other log-in credentials on financial accounts that may be vulnerable.
  • Establish multiple-authentication protocols for financial accounts and email, when possible
  • Establish credit monitoring service through Equifax or through other service providers
  • For more information on the Equifax breach and other precautions to take, click on the Federal Trade Commission link

    Shred Event
    Promotional Item

    You are legally permitted to access your credit report, for free, once a year. If it's time, you can begin the process at this link. Please note that ACU does not own or operate this site, however.

    Shred Event
    Promotional Item

    Most members have ACU Identity Safe, an ID recovery tool that is free to use. If you believe that your identity may have been compromised, please use it!

    Colorado Bureau of Investigation Identity Theft & Fraud Unit
    Equifax Data Breach Tips/Recommendations
    Close/ Open


    The following contains links to sites not owned or operated by ACU. Please review their terms of use.

    The recent announcement regarding the data breach at Equifax has many people concerned about how to respond and protect your identity from ID thieves. Equifax is just the most recent of a number of data breaches that have impacted the majority of Americans. Here are some steps we recommend everyone take to protect yourself and your family from ID thieves and data breaches.

    • Assume your information has been breached and act on that assumption. This is one time when assuming the worst will actually protect you.
    • If you already have a credit monitoring/ID theft protection service, contact them immediately to determine what assistance they can offer you.
    • Obtain a copy of your credit report. You may obtain a copy here: https://www.annualcreditreport.com
    • Set up a Fraud Alert or Credit Freeze with the Credit Reporting Agencies. Here is some information on setting up a Fraud Alert: https://www.consumer.ftc.gov/articles/0275-place-fraud-alert
    • Here is information on an Extended Alert and Credit Freezes: https://www.consumer.ftc.gov/articles/0279-extended-fraud-alerts-and-credit-freezes
    • Consider your children’s credit reports as well as your own. Your child may not have a credit report, but it doesn’t hurt to try and check it out. In Colorado, the law says that “all consumers” may place a credit freeze. If your child does have a credit report, as that person’s guardian or parent, you may freeze their credit to protect them.
    • Monitor your accounts for any suspicious or fraudulent activities. If you choose to access accounts online, just remember to use strong passwords and make sure you are not accessing your account on a public Wi-Fi network.
    • Check your mail for anything that may indicate that someone is using your ID to try and obtain credit.
    • Opt Out of pre-approved credit offers. Find out how here: https://www.consumer.ftc.gov/articles/0148-prescreened-credit-and-insurance-offers
    • Request a year end analysis of services provided from your health insurance provider. This will show what doctor visits or other medical services have been billed to your insurance. This will help you determine if someone is using your medical ID.
    • You may want to consider setting up an account with My Social Security. Sometimes ID thieves will try to set up this account using your ID. If you already have an account established, the thief will not be able to get into your account. This site does require two step authentication (2 passwords) for extra protection. Learn more or sign up here: https://www.ssa.gov/myaccount/
    • If you KNOW that your ID has been breached, complete an IRS Form 14039 (IRS ID Theft Affidavit) to alert the IRS that someone else may file fraudulent tax returns in your name. Find this form and instructions here: https://www.irs.gov/pub/irs-pdf/f14039.pdf
    • If you notice anything suspicious in any of your accounts or your mail, don’t ignore it. Check it out!
    • Be very careful about emails or text messages you may receive offering your assistance in fixing the data breach problems. These are most likely scams! DO NOT click on any links or open attachments. Simply delete. If you receive a similar phone call—hang up on the caller. DO NOT give out any personal information!
    • Data Breaches can be scary, but help is available. By taking a few simple steps and working closely with your local law enforcement, financial institutions and specialized victim advocates, you will be able to recover and repair the damage.

      For more information or if you have questions, please contact the Colorado Bureau of Investigation Identity Theft & Fraud Investigations Unit


      24 Hour Identity Theft Hotline:
      1-855-443-3489 (toll free)

      Victim Assistance Program:

      Visit us on Facebook:


    Live Your Lifestyle

    We all want to live our own way.  It's important that we do it the right way.   Arapahoe CU looks to help.