When it comes to protecting your money, what you think you know about fraud might actually make you more vulnerable. Scammers are constantly changing tactics—and the myths that once offered peace of mind can now create false confidence. Here are five common fraud myths worth rethinking.
1. “If there’s a padlock in the URL, the site is safe.”
That little padlock icon in your browser means the site uses encryption—but that doesn’t mean the site is trustworthy. Encryption protects the information sent between your browser and the website from being intercepted, but it doesn’t verify who’s on the other end. Unfortunately, a site can be encrypted and still be built to steal your information. Anyone can purchase an SSL certificate to enable HTTPS, and fraudsters know that people look for that padlock. To make their phishing site look legitimate, they often set up real encryption and mimic a company’s design, logo, and wording so the fake site looks nearly identical to the real one.
How to Stay Safe: Look beyond the padlock. Check for spelling errors in the web address and use only official links from trusted sources. Never enter your login or payment info on a site after clicking a link from an email or text.
2. “Public Wi-Fi is fine for quick banking.”
Free Wi-Fi can be convenient, but it’s rarely secure. When you connect to public networks—like those in coffee shops, airports, or hotels—your data often travels unprotected. That means cybercriminals can intercept your connection and capture your data and login credentials. They may even create fake Wi-Fi networks with names like “Free Airport Wi-Fi” or “Guest Café” to trick you into connecting. Once you’re on their network, they can monitor your activity or redirect you to fraudulent websites that look authentic. Even worse, if you log in to your bank account or enter payment details on public Wi-Fi, you risk giving fraudsters direct access to your money.
How to Stay Safe: Wait until you’re on a private, password-protected network—or use your phone’s cellular data or personal hotspot—to log in to financial sites or apps.
3. “It’s okay to share my texted verification codes with my bank or credit union.”
We do our best to spot fraud and notify members of suspicious activity—but we’ll never ask for your PIN, login credentials, or one-time verification codes. (The only exception is your Maps code word, but we’ll only ask for it when you call our Contact Center directly—not the other way around.) Scammers often spoof a bank or credit union’s number so it looks legitimate on your caller ID. Once they have your trust, they pressure you to “verify” information or move your money to a “safe” account.
How to Stay Safe: Never give out your texted passcodes or PINs. If someone calls and asks, hang up and call the number listed on your financial institution’s website (our number is 503.588.0181). And, don’t give in to intimidation—a real Maps employee will never be upset that you double-checked.
4. “Fraudsters only target people with lots of money.”
It stinks, but this is simply not true. Scammers go after opportunities, not big balances. So, anyone can be a target, especially if they have a phone number, email address, or social-media account. Statistics show that seniors, teens, and people who are busy or distracted are often targeted, not because of their wealth, but because scammers think they’ll be easier to fool. In fact, many fraudsters prefer smaller amounts because they’re less likely to trigger fraud alerts or be noticed right away. Before the victim even realizes what’s happening, small $20 or $40 charges add up to a meaningful profit for the scammer.
How to Stay Safe: Keep tabs on your accounts with mobile or online banking alerts. Report even small unauthorized charges right away, as they can be a sign of a compromised account or a test run for bigger fraud later.
5. “If the caller ID says it’s my bank, it must be real.”
Caller ID can be easily faked. Scammers use technology called spoofing to display the name and number of legitimate institutions, including banks, credit unions, and government agencies. When you pick up, they may sound professional and even know basic information about you—details they’ve gathered from social media or public data breaches. Once they have your attention, they use urgency or fear (“Your account has been compromised!”) to pressure you into giving personal information or moving money.
How to Stay Safe: Don’t trust what appears on your screen. If you get a call, text, or voicemail claiming to be from your financial institution, hang up and call the number on your debit/credit card or the institution’s official website. A real representative will never mind that you verified first.
6. “I don’t use social media, so I’m not at risk.”
Even if you’re careful online, scammers can find information about you from public records, data breaches, or the accounts of friends and family. Fraudsters often use this information to craft convincing phishing emails, texts, or calls that appear personal.
How to Stay Safe: Limit the personal information you share online and use strong, unique passwords for all accounts.
7. “Only older adults fall for scams.”
Fraud targets all ages. Yes, older adults are vulnerable, but recent FTC data show that younger adults are now losing money to fraud at higher rates than older adults. Teens and young adults are often more tech-savvy, but that doesn’t mean they are immune to scams. Their more consistent presence online means they can be more easily tricked by scams involving social media, fake job offers, or cryptocurrency schemes. Studies have also shown people between the ages of 16 and 29 are particularly susceptible to phishing attacks on social media platforms like Instagram, especially when the messages originate from followers or individuals with whom they have familiarity.
How to Stay Safe: Scammers rely on speed, emotion, or trust to catch you off guard. So, stay skeptical of unsolicited offers or urgent requests (no matter your age).
8. “Charity scams are easy to spot.”
‘Tis the season for charitable giving, but also charity scams. Fake charities tend to surge right after natural disasters or during the holidays, often using names and websites that look identical to real nonprofits. They rely on emotion and urgency—“Donate now to help!”—to rush you into donating before you can second-guess the choice.
How to Stay Safe: Before donating, research the charity on charitynavigator.org, give.org, or the Oregon Department of Justice’s Charitable Activities section to make sure it is legitimate. Remember: reputable charities accept secure online donations or checks—not gift cards or wire transfers. When you donate, do so securely: use a credit card for added protection, and make checks payable directly to the charity, not an individual.
Fraud prevention starts with skepticism. So, if something feels off—a call, a website, an offer—it’s okay to slow down and verify before acting. Remember that Maps Credit Union will never call, text, or email you asking for your PIN or online-banking credentials.
When concerned or in doubt, contact us directly at 503.588.0181 or visit your favorite branch, and we’ll be glad to help. When you share your concerns with us, you not only help us take immediate action to protect you, but also help protect other members from future attacks.
Want more fraud prevention tips?
- Learn some practical tips for protecting your financial data.
- Find out how to secure your smart speaker.
- Get some tips on how to recover from identity theft.