Identity theft involves stealing a person’s identity and applying for credit or bank accounts in the victim’s name. The victim is left to deal with the collectors and merchants who demand payment on bills the criminal has left behind.

Tips to avoid becoming a victim of identity theft:

  • Carry only those pieces of identification you absolutely need.
  • Make a photocopy of the contents of your wallet and store them in a safe place.
  • Shred any documents containing financial or personal information before throwing them away.
  • Do not give personal or account information to anyone over the phone.
  • Store all checks (new and canceled) in a safe place.
  • Don’t include your Social Security number or driver’s license number on your checks.
  • Review monthly accounts and credit card statements for unauthorized charges.
  • Report any lost or stolen checks or credit cards immediately.

Reporting Fraud

If you suspect that someone has gained access to important personal information such as your social security number or your HCU account number, immediately call (423) 530-7778. Horizon Credit Union will place a security alert on your account.

What should I do if I become a victim of identity theft?

If you suspect you might be a victim of identity theft, the Federal Trade Commission (FTC)  provides a variety of useful information and resources related to identity theft. The FTC recommends you contact the fraud departments of any one of the three major credit bureaus (ExperianTrans Union, or Equifax) to place a fraud alert on your credit file. The fraud alert requests creditors to contact you before opening any new accounts or making changes to your existing accounts. As soon as the credit bureau confirms your fraud alert, the other two credit bureaus will be automatically notified to place fraud alerts, and all three credit reports will be sent to you free of charge.

Review the reports carefully and contact any listing that shows changes or inquiries that you did not make. You may request the Credit Bureaus notify you prior to opening any new accounts or changing existing accounts.

Report your lost or stolen HCU ATM/Debit card, Check Card or Visa® Credit Card immediately.


  • Call (423) 530-7778 during normal business hours
  • Call (888) 263-3370 after normal business hours
  • If you have our HCU Mobile App or Online Banking, you can freeze your card by navigating to your checking account history and select “Freeze Card” at the top of the page.

Card Activation # is (855) 726-4885


  • Call (423) 530-7778 (loan department) during normal business hours
  • Call (800) 325-3678 after normal business hours

Visa balance, transactions, etc. # (800) 808-7230

Mail Theft

If you suspect mail theft, you should report the theft to the nearest postal inspector by visiting the Postal Service’s Website at

Internet Fraud

If you suspect you are a victim of Internet fraud, you may contact the Internet Crime Complaint Center (ICCC) whose mission is to address crime committed over the Internet. For victims of Internet fraud, ICCC provides a convenient and easy-to-use reporting mechanism that alerts authorities of a suspected criminal or civil violation.

Phishing, Pharming, Vishing and Smishing


On the Internet, “phishing” refers to criminal activity that attempts to fraudulently obtain sensitive information. There are several ways a scam artist will try to obtain sensitive information such as your social security number, driver’s license, credit card information, or bank account information.

Here are some questions to ask if you think you have received a phishing attack:

  1. Do you know the sender of the email? If yes, still be cautious before clicking a link. If no, do not.
  2. Are there any attachments in the email? If so, is the attachment an executable (a file with the extension .exe, .bat, .com, .vbs, .reg, .msi, .pif, .pl, .php)? If so, do not click on the attachment. Even if the file does not contain one of the above-mentioned extensions, be cautious about opening it. Contact the sender directly to verify its contents.
  3. Does the email request personal information? If so, do not reply.
  4. Does the email contain grammatical errors? If so, be suspicious.
  5. If you have a relationship with the company, are they addressing you by name?
  6. Have you checked the link? Mouse over the link (hover over but DO NOT CLICK the link) and you will see a URL. Does it look legitimate, or does it look like it will take you to a different Web site?

You can use these same questions if you receive a vishing or smishing attack.


Pharming is another scam where a hacker installs malicious code on a personal computer or server. This code then redirects clicks you make on a Web site to another fraudulent Web site without your consent or knowledge. To avoid pharming, follow the basic computer safety guidelines in Protect Your Computer . Also, be careful when entering financial information on a Web site. Look for the key or lock symbol at the bottom of the browser. If the Web site looks different than when you last visited, be suspicious and don’t click unless you are absolutely certain the site is safe.


Unfortunately, phishing emails are not the only way people can try to fool you into providing personal information in an effort to steal your identity or commit fraud. Criminals also use the phone to solicit your personal information. This telephone version of phishing is sometimes called vishing. Vishing relies on “social engineering” techniques to trick you into providing information that others can use to access and use your important accounts. People can also use this information to pretend to be you and open new lines of credit.

To avoid being fooled by a vishing attempt:

  • If you receive an email or phone call asking you to call and you suspect it might be a fraudulent request, look up the organization’s customer service number and call that number rather than the number provided in the solicitation email or phone call.
  • Forward the solicitation email to the customer service or security email address of the organization, asking whether the email is legitimate.


Just like phishing, smishing uses cell phone text messages (SMS) to lure consumers in. Often the text will contain an URL or phone number. The phone number often has an automated voice response system and just like phishing, the smishing message usually asks for your immediate attention.

In many cases, the smishing message will come from a “5000” number instead of displaying an actual phone number. This usually indicates the SMS message was sent via email to the cell phone, and not sent from another cell phone.

Do not respond to smishing messages.