Our Security Center is full of helpful information about protecting the security of your accounts, personal information, home computer, and your identity.
Many people have recently reported receiving a text message alert referencing card numbers and requesting a call. DO NOT reply! This is a scam and an attempt to obtain your account information. EECU will never call or text asking for your information. Be sure to contact us if you fall victim to one of these types of scams.
Gift Card Payment Scam
If you are asked to purchase a gift card to pay for something, it’s a scam. Anyone who demands payment by gift card is always a scammer. Read this Federal Trade Commission article about gift card scams for more information.
Protect Yourself from Card Cracking Scams
Card cracking is a type of account fraud. Scammers promise money or some other form of payment in exchange for access to your account. You may be asked for your bank account information, debit card PIN, or online banking credentials. Once the scammer has access to your account they deposit fraudulent checks and then quickly withdraw the money at ATMs before the fake check(s) is discovered; they may give some of the cash to you. When the check bounces and causes your account to go into the negative because you gave the scammer your debit card, PIN, or online banking login, you are responsible for paying that money back.
Remember, if something sounds too good to be true it probably is. Never give your account credentials, debit card PIN or other personal information to someone else. Read this Federal Trade Commission article about card cracking for more information.
Protect Yourself from Ransomware Scams
Individuals and businesses have become targets to a growing online fraud scheme known as ransomware.
Ransomware is a form of malware used by cyber criminals to freeze your computer or mobile device, steal your data and demand that a “ransom” — typically anywhere from a couple of hundreds to thousands of dollars — be paid.
According to the FBI, ransomware victims lost more than $18 million between April 2014 and June 2015. Here are some tips to help you combat these malicious threats.
- Don’t click. Visiting unsafe, suspicious or fake websites can lead to the intrusion of malware. Be cautious when opening e-mails or attachments you don’t recognize even if the message comes from someone in your contact list.
- Always back up your files. By maintaining offline copies of your personal information, ransomware scams will have a limited impact on you. If targeted, you will be less inclined to take heed to threats posed by cyber criminals.
- Keep your computers and mobile devices up to date. Having the latest security software, web browser and operating system are the best defenses against viruses, malware, and other online threats. Turn on automatic updates so you receive the newest fixes as they become available.
- Enable popup blockers. To prevent popups, turn on popup blockers to avert unwanted ads, popups or browser malware from constantly appearing on your computer screen. Source: American Bankers Association
Phishing Email Scam Uses EECU Name
An email directed at consumers (not necessarily EECU members) is using the EECU name but is actually a phishing email – an attempt to get you to click a link and then enter your personal information. The email reads:
EECU Credit Union Service
Your Contact Information Has Been Updated
You have 1 new Security message from EECU Credit Union to view the update kindly click below.
As this e-mail is an automated message, we can’t reply to any e-mails sent by return.
Copyright (C) 2017
EECU Credit Union. EECU Credit Union Administrator Services
If you receive this email, DO NOT click the link or reply to the email. If you received this email and you clicked the link and provided your personal information, please call our Member Service Center immediately at 1-800-538-3328 or visit a branch and we will assist you.
Remember – EECU will never send you an email asking you to click a link to provide your personal information. For more information about how to spot and protect against a phishing email, read our Don’t Get Phished guide. If you receive a suspicious email, you may forward it to firstname.lastname@example.org.
Phishing Text Requests Card Info
If you receive a text message requesting your debit/credit card PIN, card number, expiration date, etc. – DO NOT reply! This is a scam and an attempt to obtain your card information. Be very cautious of texts and emails requesting your personal information, and be sure to contact us if you fall victim to one of these types of scams.
CoreBot is a new InfoStealer malware
You may be hearing about the CoreBot malware in the news. As with any security issue, your security is our top priority. In order to minimize risk to CoreBot and other forms of malware, we recommend standard security best practices for all devices you use to access digital banking. These best practices include: Up-to-date malware (endpoint) protection software in addition to anti-virus software. Use a firewall when entering personal information. Use different passwords for each system/website accessed. Disabling AutoPlay to prevent the automatic launching of executable files. Do not open attachments unless you expect them.
Samsung Swiftkey Vulnerability
If you use a Samsung Galaxy phone, as a security best practice, we recommend that your device is configured to automatically receive the security update from Samsung once it is available. If you have questions about the security update, you should contact your carrier.> >We also recommend that you minimize the use of unsecure wireless networks for private information such as mobile banking until the security update is available.
Your security is our top priority. Our online banking vendor has confirmed that they are not impacted by Logjam. However, we recommend you follow best practices for safe web surfing including keeping up-to-date on security patches and current versions of your browser on your personal computer.
- Do not respond to emails (or open attachments) that suggest that you must act immediately or that the situation is so urgent that you must take action today or risk legal action. Some examples are notices from a government agency (courts, IRS, etc.) and shipment notices or invoices for things you haven't purchased. These types of emails are often the source of virus and worm infections.
- Keep virus software current on every computer, especially those you use to conduct financial transactions over the Internet.
- Keep computers patched with current Microsoft fixes, especially those you use to conduct financial transactions over the Internet.
Keep Your Information Safe
What to Look For
EECU Cashier's Checks Used In Secret Shopper Scam
Recently a group of fraudsters have created counterfeit EECU checks and are sending them to unsuspecting consumers.
These checks are fake. If you receive one of these checks, DO NOT CASH or DEPOSIT.
A sample of a fake check is shown below.
Report Online Fraud
Fraudulent emails and websites:
Suspicious online transactions:
(559) 437-7700 or 1-800-538-3328
Report a lost or stolen EECU ATM/Debit Card:
Within the U.S.
- 1-800-234-5354-After hours
Outside of the U.S.
Report a lost or stolen EECU Visa Credit Card:
Within the U.S.
- 1-800-234-5354-After hours
Outside of the U.S.
- Call collect +1-303-967-1096