Security Center

Our Security Center is full of helpful information about protecting the security of your accounts, personal information, home computer, and your identity.

Headline News

Protect Yourself from Ransomware Scams

Individuals and businesses have become targets to a growing online fraud scheme known as ransomware.

Ransomware is a form of malware used by cyber criminals to freeze your computer or mobile device, steal your data and demand that a “ransom” — typically anywhere from a couple of hundreds to thousands of dollars — be paid.

According to the FBI, ransomware victims lost more than $18 million between April 2014 and June 2015. Here are some tips to help you combat these malicious threats.

  • Don’t click. Visiting unsafe, suspicious or fake websites can lead to the intrusion of malware. Be cautious when opening e-mails or attachments you don’t recognize even if the message comes from someone in your contact list.
  • Always back up your files. By maintaining offline copies of your personal information, ransomware scams will have a limited impact on you. If targeted, you will be less inclined to take heed to threats posed by cyber criminals.
  • Keep your computers and mobile devices up to date. Having the latest security software, web browser and operating system are the best defenses against viruses, malware, and other online threats. Turn on automatic updates so you receive the newest fixes as they become available.
  • Enable popup blockers. To prevent popups, turn on popup blockers to avert unwanted ads, popups or browser malware from constantly appearing on your computer screen.

Source: American Bankers Association

 

Phishing Email Scam Uses EECU Name

An email directed at consumers (not necessarily EECU members) is using the EECU name but is actually a phishing email – an attempt to get you to click a link and then enter your personal information. The email reads:

EECU Credit Union Service

Your Contact Information Has Been Updated

You have 1 new Security message from EECU Credit Union to view the update kindly click below.

{LINK}

As this e-mail is an automated message, we can’t reply to any e-mails sent by return.

———————- ———

Copyright (C) 2017

EECU Credit Union. EECU Credit Union Administrator Services

If you receive this email, DO NOT click the link or reply to the email. If you received this email and you clicked the link and provided your personal information, please call our Member Service Center immediately at 1-800-538-3328 or visit a branch and we will assist you.

Remember – EECU will never send you an email asking you to click a link to provide your personal information. For more information about how to spot and protect against a phishing email, read our Don’t Get Phished guide. If you receive a suspicious email, you may forward it to security@myeecu.org.

Phishing Text Requests Card Info

If you receive a text message requesting your debit/credit card PIN, card number, expiration date, etc. – DO NOT reply! This is a scam and an attempt to obtain your card information. Be very cautious of texts and emails requesting your personal information, and be sure to contact us if you fall victim to one of these types of scams.

CoreBot is a new InfoStealer malware

You may be hearing about the CoreBot malware in the news. As with any security issue, your security is our top priority. In order to minimize risk to CoreBot and other forms of malware, we recommend standard security best practices for all devices you use to access digital banking. These best practices include: Up-to-date malware (endpoint) protection software in addition to anti-virus software. Use a firewall when entering personal information. Use different passwords for each system/website accessed. Disabling AutoPlay to prevent the automatic launching of executable files. Do not open attachments unless you expect them.

Samsung Swiftkey Vulnerability

If you use a Samsung Galaxy phone, as a security best practice, we recommend that your device is configured to automatically receive the security update from Samsung once it is available. If you have questions about the security update, you should contact your carrier. We also recommend that you minimize the use of unsecure wireless networks for private information such as mobile banking until the security update is available.

Logjam Vulnerability

Your security is our top priority. Our online banking vendor has confirmed that they are not impacted by Logjam. However, we recommend you follow best practices for safe web surfing including keeping up-to-date on security patches and current versions of your browser on your personal computer.

Carbanak Vulnerability

Carbanak is a spear phishing campaign that downloads malicious code onto a computer when a fraudulent email, infected with Carbanak, is opened by an unwary recipient.  The code allows hackers to gain access to a network with the end goal of extracting money from the financial institution.
 
Your security is our top priority. We have system and network monitoring practices and procedures in place to help protect against these types of vulnerabilities. We encourage you to follow cyber-safe practices on your own computers.
 
  • Do not respond to emails (or open attachments) that suggest that you must act immediately or that the situation is so urgent that you must take action today or risk legal action. Some examples are notices from a government agency (courts, IRS, etc.) and shipment notices or invoices for things you haven't purchased. These types of emails are often the source of virus and worm infections.
  • Keep virus software current on every computer, especially those you use to conduct financial transactions over the Internet.
  • Keep computers patched with current Microsoft fixes, especially those you use to conduct financial transactions over the Internet.

 

Keep Your Information Safe

 

What to Look For

EECU Cashier's Checks Used In Secret Shopper Scam

Recently a group of fraudsters have created counterfeit EECU checks and are sending them to unsuspecting consumers.

These checks are fake. If you receive one of these checks, DO NOT CASH or DEPOSIT. 

A sample of a fake check is shown below.

 

Report Online Fraud

Fraudulent emails and websites:

security@myeecu.org

Suspicious online transactions:

(559) 437-7700 or 1-800-538-3328

Report a lost or stolen EECU ATM/Check Card/Visa Credit Card:

Within the United States: 1-800-538-3328; Call collect from outside the US: 1-410-581-9994