Friday, April 29, 2016
We have received notice about a phone call and text that people have received about their federal credit union, VISA debit/credit cards and specific account information.
DO NOT RESPOND TO THESE REQUESTS FOR INFORMATION.
CCFCU has not initiated an activity like this. If you receive one of these inquiries please remember to never provide information to someone who contacts you in this manner. The safest thing to do is to contact us directly during business hours. If you question the legitimacy of any unsolicited phone call the best practice is to call the financial institution directly using a number published from a known source such as a statement.
Phishing Attacks Underway for CU Members
Members have reported receiving e-mails, calls, and texts requesting specific account information from different parties. These e-mails are examples of "phishing".
DO NOT RESPOND TO THESE REQUESTS FOR INFORMATION.
If you responded to such an e-mail and provided any confidential account information, please notify us or any credit union immediately of the scheme. You should also change your account's PIN, and take any additional action recommended by your credit union to protect your account.
Please read the following for more details about "phishing":
If you have internet access, you may be under attack-a phishing attack, that is. You may receive an e-mail or pop-up from what appears to be a familiar source â€” a company you already do business with â€” and they ask for very personal information to verify your account or payment status. This high-tech scam involves three components:
1) Spoofing: creating a replica of an existing web site.
2) Spamming: sending unsolicited or "junk" e-mail.
3) Phishing: the act of using spoofing and spamming to lure you, hoping to deceive you into disclosing your Social Security number, credit card and checking account numbers, passwords, or other sensitive information.
The Federal Trade Commission recommends the following tips to help you avoid getting hooked:
If you get a pop-up or e-mail message requesting personal or financial information, don't reply or click on the link in the message. Legitimate companies won't ask you to verify information they already have.2)
Be cautious about opening attachments or downloading files from e-mail messages.3)
Never send personal information via e-mail. Look for a closed padlock image at the bottom of your browser window, or a URL that begins with "https" (the "s" stands for secure). However, some phishers forge these security icons.4)
Review statements for accuracy as you receive them. If they're late, call the company to confirm your billing address and balance. 5)
Use your antivirus software and keep it up-to-date. Run a firewall, particularly if you have a broadband connection. Take advantage of free software "patches". 6)
Report suspicious activity to: email@example.com
Here's how: Drag and drop the phishing email from your inbox onto this new email message. (In Netscape drop it on the "attachment" area.) Do not use "forward" if you can help it, as this approach loses information and requires more manual processing. The exception is when you use the Web interface to outlook: in that case forward is the only solution.
If you get a call from a survey firm and the caller asks for any personal information-even simply where you conduct your financial business-you may be a victim of a scam known as pretexting. Pretexting is a con game, and it's illegal. It's designed to get enough information from you so the pretexterscan call the Credit Union or other financial institution and pretend to be you to gain access to your Social Security number, account numbers, or credit report. With that information, the pretexter can commit identity theft and set up accounts in your name. Under the Gramm-Leach-Billey Act, it's illegal for anyone to use false, fictitious, or fraudulent statements or documents to get customer information from a financial institution. The law also prohibits the use of forged, counterfeit, lost, or stolen documents for the purpose of getting customer information using false, fictitious, or fraudulent statements.
PROTECT YOURSELF. The Federal Trade Commission offers this advice:
- Hang up. Unless you initiate the conversation and you know whom you're dealing with, never give personal information over the phone or over the Internet
- Be suspicious. Pretexters may pose as representatives of survey firms, financial institutions, Internet service providers, or the government. Remember that legitimate organizations you already do business with have the required information about you on file.
- Review statements. Be on the lookout for suspicious activity or transactions you didn't initiate. Report discrepancies immediately.
- Shred it. Before you toss unneeded credit receipts, checks, statements, prescreened credit card offers, or other documents that contain personal information, destroy them with a cross-cut shredder.
- Use passwords. Add passwords to your credit to your credit card and other financial accounts. Don't use easily recognizable passwords such as your mother's maiden name, the last four digits of your Social Security number, your house number, your phone number, your birth date, your spouse's birth date or a series of consecutive numbers.
- Secure critical information. Keep important papers in a secure place at home and at work.