Monday, April 16, 2007

Fraudulent NCUA email alert

It's been brought to my attention that there is an email going around that looks like this:

From: NCUA
To: undisclosed-recipients:
Sent: Wednesday, April 11, 2007 8:44 PM
Subject: Official information for all Federal Credit Union


Dear Sir/Madam,

National Credit Union Administration always look forward for the high security of our clients. Some customers have been receiving an email claiming to be from NCUA advising them to follow a link to what appear to be a NCUA web site, where they are prompted to enter their personal Online Banking details. NCUA is in no way involved with this email and the web site does not belong to us.


Actually, we are performing security improvements of our banking community and enforce customers to register their sensitive information for an additionally created free security service to prevent any fraudulent activity against their assets and savings. We, hereby ask you to respond within few hours of current notification and Confirm Your Credit or Debit Card via our SSL protected website to apply for this service absolutely for free, otherwise your account(s) may not process posted transactions correctly and on time.

Please visit us to Confirm Your Credit or Debit Card.
_________________________________________________________________

Hopefully, most people know this is an obvious scam. NCUA would never contact you about accounts you have at your credit union as they have no access to your accounts. In fact, I have never received any kind of email from NCUA as a consumer, only as a credit union employee. As far as I know, unless you've gone to NCUA's website and have proactively signed up with them to receive emails, you shouldn't be getting emails from them.

That being said, I understand how confusing it is when you're getting multiple emails from multiple financial institutions. I'll confess that I was once almost duped by a phishing attempt that appeared to be from Bank of America. I have a credit card with them and I go online about once a month to check my statement since I've opted out of getting paper ones (a brilliant idea, by the way). Almost monthly I'll forget my log-in information and will have to go through the whole process of resetting my password. So when I received an email from BoA telling me there was suspicious activity on my online account and that if I didn't take appropriate action they were going to lock me out of my account for good, I thought it was because I'd recently typed in about 10 incorrect passwords. I quickly remembered that I'd successfully reset my password and that there's no way they'd close my account without trying to contact me via phone at least.

Here's the rule of thumb I follow when it comes to email: never respond to email from a financial institution or strangers; never click links in emails from financial instiutions or strangers; when in doubt, pick up the phone (but don't talk to strangers).

9 Comments:

Anonymous Anonymous said...

Where was this information posted on the Web site? If it was not posted on the Web site. Why not? I am pretty sure the Web site has much larger visibility than this site.

Fri Apr 27, 08:04:00 AM PDT  
Blogger shari storm said...

Dear Anonymous

This has been on the front page of our website as well as on our blog since we first heard from NCUA. We like to post these types of things on our blog because many members have the blog set up on their RSS feed reader and can get this type of information sent to them on the day that we post it.

Fri Apr 27, 12:40:00 PM PDT  
Anonymous Anonymous said...

your info center also includes RSS.

Fri Apr 27, 08:56:00 PM PDT  
Anonymous Anonymous said...

It does? I just searched for ten minutes and couldn't find it.

I'm confused.

Sat Apr 28, 08:18:00 AM PDT  
Blogger Laurel said...

Hi Anonymous,

The NCUA scam article you are looking for has been replaced with an article about a new scam that disguises itself as an online survey from two credit union organizations, CU Swirl and CUSC. You can read about it from a link off our home page.

While we can't possibily feature all the phishing scams littering cyberspace, the message remains the same (and we try to repeat it in every scam we talk about)-- never click on a link you are unsure about and never volunteer your personal account information online or in email. Ever.

Sat Apr 28, 12:36:00 PM PDT  
Anonymous Anonymous said...

I was asking about the RSS feed on the info center. I can't find that.

Sat Apr 28, 02:27:00 PM PDT  
Blogger Laurel said...

Sorry about that, Anonymous.

The Info Center has RSS not for the entire Info Center, but for specific questions within it. For example, select a specific question under a category. When the question and the answer come up in the browser window, you'll see a number of icons just under the tabs (print/email/contact/rate/alerts/related/rss/subscribe/bookmark.

Click on RSS to select that option. (Make sure you have an RSS Reader installed on your computer.) Or, you can click on "subscribe" to get an alert when that particular question's answer is updated.

Hope this helps!

Sat Apr 28, 09:07:00 PM PDT  
Anonymous Anonymous said...

Your info center sounds like a lot of work to sign up for rss. I'll stick with the blog. Keep up the good work on the blog.

Mon Apr 30, 08:26:00 AM PDT  
Blogger shari storm said...

To the anonymous commenter who tried to post a comment on April 30 at 4:12 pm. I have rejected your comment because of its disparaging remark about other people featured on this blog. There is no need to be rude, even in jest.

Further, if you are going to post any more comments promoting our info center, you must identify yourself.

Thank you.

Tue May 01, 08:30:00 AM PDT  

Post a Comment

Links to this post:

Create a Link

<< Home