Security Center
PHONE CALL SPOOFING SCAM ALERT - **UPDATE** - SCROLL DOWN TO READ MORE
We work hard to keep your account & information safe. Check here for important advice on how you can avoid scams and stay secure.
Report any suspicious activity directly to the Federal Trade Commission.***
How We Keep You Safe
We Watch 24/7 for Suspicious Activity
Using powerful artificial intelligence and human review, we make sure account access and transactions are legitimate and compliant.
Ability to Quickly Report Suspicious Transactions
If you notice something is amiss, you can call us 24/7, 365 days a year. We will investigate and resolve the issue as quickly as possible.
Resources
Pathways Cards
Credit & Debit Lost/Stolen
Credit Customer Service
Debit Customer Service
1-800-908-4490
Credit Bureaus
Experian
Equifax
Transunion
Fraud Resources
We want to alert you to an active phone call spoofing scam affecting Pathways members. Scammers are impersonating our fraud department and calling members using spoofed phone numbers that appear to come from Pathways.
📞 How the Scam Works:
🔐 The caller claims to be from Pathways’ fraud team and warns of suspicious activity on your account.
🧑💻 They ask for your online banking username and then request the verification code (2FA) sent to your phone.
💸 Once they gain access, they transfer money out of your account, often to an account fraudulently opened at Pathways under another name.
🛡️ Protect Yourself:
🚫 Know our policy: Pathways will never call you and ask for:
-
Your full debit card number
-
PIN or CVV
-
Online banking login credentials
-
2FA codes
-
Email passwords
-
More than the last 4 digits of your card
📞 Verify suspicious contact: If something feels off, hang up and call us directly at 614-416-7588.
🔗 Avoid clicking links in unexpected emails or texts. Always go directly to our website or app.
Imagine this: You receive a text message from your bank alerting you to suspicious transactions on your account. You respond "No" to confirm they aren’t yours. Moments later, you get another text—this time asking you to speak with a fraud specialist to resolve the issue. Thinking it’s your bank, you press 1, and before you know it, fraudsters have taken control of your email, phone, and financial accounts.
Unfortunately, this isn’t a hypothetical situation—it happened to a member. In just a few hours, fraudsters attempted to wire $5,000 out of their account and successfully opened fraudulent credit cards in their name.
This article will break down exactly how this scam works and what you can do to protect yourself.
Step 1: Establishing Legitimacy
Fraudsters begin by gathering personal information such as your name, phone number, and card details—often from data breaches or the dark web. They then attempt small fraudulent transactions, which trigger legitimate fraud alerts from your financial institution.
Since you receive a text asking if these transactions are legitimate, you respond “No.” This is exactly what fraudsters want. They follow up immediately with another text, spoofing your bank’s phone number, stating:
“We need to speak with you regarding the recent fraudulent transactions on your account. Press 1 if you can talk now.”
Once you press 1, you’re connected with the scammer, who already knows details of the fraudulent transactions, making them seem trustworthy.
Step 2: Gaining Access to Your Device
Next, the fraudsters claim they can see unauthorized activity on other accounts linked to your digital wallet. To “help” you, they ask you to share your phone screen with them. Once you grant them access, they direct you to:
✅ Change your Apple ID or email password—giving them full control over your accounts.
✅ Enable call forwarding by dialing *72 + a new number—rerouting all your calls and texts to them.
At this point, the fraudsters can receive any text-based authentication codes meant for you, allowing them to reset passwords, take over online banking accounts, and bypass multi-factor authentication (MFA).
Step 3: Taking Over Financial Accounts
While keeping you on the phone, scammers begin making fraudulent transactions. Since they have access to your phone and email, they can:
🔹 Reset passwords to your online banking and email.
🔹 Answer security questions by asking you for the information directly.
🔹 Approve e-signature requests using stolen credentials.
They’ll keep you on hold, claiming they are “working with other banks” to stop the fraud, ensuring you don’t contact your real financial institution.
Step 4: Cashing Out
Once fraudsters have full control, they move quickly to:
💰 Wire money out of your accounts (if possible).
💳 Open fraudulent credit cards and loans using your personal details.
🛍 Charge up those accounts before you even realize what’s happened.
This process happens fast—sometimes in just a few hours.
How We Caught the Scam
Fortunately, in this case, our team noticed some red flags:
🚩 Long pauses during security questions—scammers were relaying answers from the real member in real-time.
🚩 Inconsistent device logins—our system detected access from multiple devices with different operating systems.
🚩 Failed phone verification—when we called the member’s registered phone number, it had been forwarded to the fraudsters.
Because of these red flags, we stopped the fraudulent wire transfer before it went through.
How to Protect Yourself from Account Takeover Scams
✅ Never share your phone screen or grant remote access to someone claiming to be from your bank.
✅ Be cautious of unexpected texts or calls—scammers can spoof numbers to make them appear legitimate.
✅ Check the phone number—official fraud alerts should come from the same number your bank typically uses.
✅ Never forward your calls—if you’re asked to dial *72 or another forwarding code, don’t do it.
✅ Enable two-factor authentication (2FA) on all important accounts—but use an authentication app instead of SMS codes, which can be intercepted.
✅ If in doubt, call your bank directly using the number on your statement or website—never use a number provided in a suspicious text.
What to Do If You Suspect You’re a Victim
If you think you’ve been targeted by a scam like this, take action immediately:
🔹 Contact your bank or credit union to report the fraud.
🔹 Change passwords for your email, banking, and Apple ID.
🔹 Disable call forwarding by dialing *73 (or your carrier’s specific code).
🔹 Monitor your accounts and credit report for unauthorized activity.
Scams like these are becoming more sophisticated, but by staying informed, you can protect yourself from financial fraud. Always be cautious when dealing with unexpected messages, and remember: If something feels off, trust your instincts and verify directly with your financial institution.
The Federal Bureau of Investigation (FBI) has issued a warning about a recent surge in text message scams, known as "smishing," targeting individuals with fraudulent claims of unpaid tolls. These deceptive messages are designed to steal personal and financial information.
How the Scam Works:
- Unsolicited Text Messages: Victims receive unexpected texts claiming they owe money for unpaid tolls.
- Threats of Penalties: The messages often threaten additional fines or legal action if the supposed debt isn't paid promptly.
- Phishing Links: Recipients are directed to click on a link to settle the alleged debt, leading to fraudulent websites that mimic legitimate toll agencies.
Protective Measures:
- Do Not Click Links: Avoid clicking on any links in unsolicited text messages.
- Verify Claims: If you receive such a message, contact your state's tolling agency directly using official contact information to confirm any outstanding balances.
- Report Suspicious Messages: Use your phone's "report junk" feature
- Delete the Message: After reporting, delete the suspicious text to prevent accidental interaction.
Stay Vigilant:
Always be cautious with unsolicited communications requesting personal or financial information. Legitimate agencies typically communicate through official channels and will not ask for sensitive information via text messages.
For more information on recognizing and avoiding text scams, visit the Federal Trade Commission's guidance on text message scams: consumer.ftc.gov
Pig Butchering Scams
The US Secret Service is reporting a type of cryptocurrency scam where scammers gain victims' trust and manipulate them into investing in fake cryptocurrency projects known as "Pig Butchering"
Common Tactics:
Cryptocurrency Investment Scams: Fake "insider" opportunities advertised via fraudulent websites and testimonials.
Fake Identities & Stories: Scammers impersonate others or create fictitious personas to build trust.
Unsolicited Assistance: Offers of help to access accounts or set up applications, often leading to financial exploitation.
Requests for Personal Information: Scammers ask for personal or banking details under false pretenses.
Tips for Avoiding Scams:
Shield Yourself: Ignore unsolicited messages or offers from unknown numbers.
Guard Your Information: Be cautious about sharing personal details online.
Slow Down: Verify unsolicited advice, investment opportunities, or new relationships with trusted people.
Use Caution: Never share personal or financial details with strangers. Cease contact if pressured for such information.
Note on Victims:
Some scammers may be trafficking victims coerced into facilitating scams.
You can learn more about these types of scams by downloading the US Secret Service alert information flyer by clicking here.
We want to make you aware of a recent phone call spoofing scam targeting our members. Scammers are impersonating our staff and fraud department, attempting to obtain sensitive information and gain access to accounts.
How the Scam Works:
The fraudsters use spoofed phone numbers to make their calls appear legitimate. They claim to be from Pathways and may warn of suspicious activity on your account. Their goal is to convince you to share sensitive information, such as account numbers, Card numbers, PINs, or CVV codes, Two-Factor Authentication (2FA) codes.
In some cases, they pressure members to transfer funds or make immediate changes to their accounts.
Steps to Protect Yourself:
Verify Suspicious Messages:
Pathways will never call or email to request your full debit card number, PIN, CVV, or 2FA codes. If you’re unsure, contact us directly at 614-416-7588.
Avoid Clicking Links:
Do not click on links in unsolicited texts or emails. Always navigate to our website or app directly for account access.
Know Our Practices: Pathways will never call you and ask for account numbers, PIN numbers, 2-factor authentication codes, online banking login information, email passwords, or more than the last four digits of your card number. We will only ask you to verify your personal information when YOU call us directly.
Report Suspicious Activity:
If you receive a call, text, or email that seems suspicious, hang up or ignore the message. Contact us directly to confirm its authenticity.
What to Do If You’ve Shared Information:
If you believe you’ve provided sensitive details to a scammer, contact us immediately at 614-416-7588 so we can secure your account.
Monitor your account for unauthorized transactions and report any activity you don’t recognize.
Thank you for being vigilant and helping us protect your accounts. Together, we can combat fraud and keep your finances secure.
Pathways has observed a worrying surge in sophisticated fraud attempts targeting our members. These scams, often cloaked in the guise of legitimate communications, pose a significant threat to the financial health and personal security of individuals. To combat this troubling rise, we have created a guide page devoted to monitoring and sharing these active scams with you, so you are aware and prepared to protect yourself should you encounter them.
Understanding Digital Fraud: An Overview
- A comprehensive introduction to the various forms of digital fraud, including phishing, identity theft, and malware attacks.
- Source: Federal Trade Commission (FTC) - Understanding Digital Fraud
Stay Safe Online - National Cyber Security Alliance
- Offers simple, straightforward advice on how to protect yourself online, with resources tailored for older adults.
- Link: Stay Safe Online
Recognizing Phishing Attempts:
- Tips and tricks on how to spot phishing emails, texts, and calls that may lead to fraud.
- Source: Cybersecurity & Infrastructure Security Agency (CISA) - Phishing Infographic
Digital Literacy Project
- This initiative provides tutorials and articles aimed at helping users of all ages increase their understanding of digital safety and privacy.
- Link: Digital Literacy Project
Latest Scam Alerts and Reports:
- Updates on recent scams as reported by consumers and financial institutions.
- Source: Consumer Financial Protection Bureau (CFPB) - Fraud & Scams
AARP Fraud Watch Network
- Aimed particularly at older adults, AARP's Fraud Watch Network sends out regular alerts about scams and frauds that are targeting seniors, including the latest tricks scammers are using.
- Link: AARP Fraud Watch Network
Better Business Bureau (BBB) - Scam Tracker
- The BBB Scam Tracker is a crowd-sourced tool that allows consumers to report scams and see what scams are happening in their area or across the country.
- Link: BBB Scam Tracker
National Cybersecurity and Communications Integration Center (NCCIC)
- Part of CISA, the NCCIC publishes bulletins and alerts on cybersecurity issues, including ongoing scam campaigns.
- Link: CISA Current Activity Alerts
Best Practices for Online Banking Security:
- Guidelines for maintaining strong passwords, enabling two-factor authentication, and monitoring account activity.
- Source: American Bankers Association (ABA) - Safe Online Banking Tips
Fraud Prevention Center:
- Make sure your financial information is protected.
- Source: National Credit Union Administration (NCUA) - Fraud Prevention Center
Identity Theft: What It Is and How It Happens
- An in-depth look into the nature of identity theft, common tactics used by thieves, and the impact it can have on victims.
- Source: Federal Trade Commission (FTC) - About Identity Theft
Preventing Identity Theft: Best Practices
- Strategies for safeguarding personal information online and offline to prevent identity theft.
- Source: Federal Trade Commission (FTC) - Protecting Your Identity
Fraud Alerts and Credit Freezes
- Explanations on how to place fraud alerts or freeze credit to prevent further damage.
- Source: Federal Trade Commission (FTC) - Credit Freeze FAQs
Identity Theft Recovery Plans:
- Step-by-step advice on what to do if you’re a victim of identity theft.
- Source: Federal Trade Commission (FTC) - Identity Theft Recovery Steps
Important Resources
Cybersecurity Resources for Older Adults
National Council on Aging (NCOA) - Senior Fraud Prevention Toolkit
Cybersecurity Resources for Youth
National Cyber Security Alliance (NCSA) - StaySafeOnline
Federal Communications Commission
1-888-225-5322 | 1-888-835-5322 (TTY)
Consumer & Gov’t Affairs
Federal Trade Commission
1-877-438-4338
1-866-653-4261 (TTY)
IRS
Taxpayer Guide to Identity Theft
1-800-908-4490
Consumer Financial Protection Bureau
The latest federal information on consumer protection - Consumer Financial Protection Bureau (consumerfinance.gov)
Keep Yourself Safe
Fraud Detection Techniques and Tools

Current Scams & Fraud to Avoid

Avoiding Scams

FTC Consumer Protection Notices
- FTC Chairman Ferguson Congratulates Mark Meador on Confirmation as FTC Commissioner
- FTC Highlights Actions to Protect Consumers from Impersonation Scams
- FTC Warns Operators of Websites that Charge for an Employer Identification Number and Claim Affiliation with the IRS
- Federal Trade Commission Chairman Andrew N. Ferguson Issues Letter on 23andMe Bankruptcy Impact to Consumers
- FTC Names Additional Defendants in Student Loan Debt Relief Case
- Cash Advance Company Cleo AI Agrees to Pay $17 Million As Result of FTC Lawsuit Charging It Deceives Consumers
- FTC Chairman Andrew N. Ferguson Appoints Deputy Directors of the Bureaus of Competition and Consumer Protection
- FTC to Hold Workshop on May 28 on The Attention Economy: How Big Tech Firms Exploit Children and Hurt Families
- FTC Suit Against E-Commerce Business Opportunity Scam Leads to Permanent Bans for Operators
- FTC Acts to Stop ‘Click Profit’ Online Business Opportunity that Has Cost Consumers At Least $14 Million
Always remember
Unless you are working with a Member Service Representative on a loan or account-related issue, Pathways will never solicit personal information (including Social Security numbers, online banking passwords/usernames, personal identification numbers, or account numbers) over the phone, by email, or through text messaging. We ask you to please be aware of all types of solicitation inquiring about sensitive information. If you receive a phone call, email, text message, or any other form of solicitation requesting your personal information, please contact us immediately.