WHAT TO DO AND WHAT TO LOOK FOR IN A PHISHING SCAM 

You might receive something in your in-coming email like this in the subject line:

“This notice informs you that your Credit Union bank has joined our Federal Credit Union (FCU) network. For both,, our and your security, we are asking you to activate anonline account on our database. After activiation, you can login on our system with your SSN and your Credit/Debit PIN number.

You must visit the FCU activation page…http://www.ncua.gov/ActivateAccount.html”

Or

“We suspect an authorized transaction on your account. To ensure that your account is not compromised, please click the line below and confirm your identity.”

Or

“During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.”

These are examples of a phishing (pronounced fishing) scam. The perpetrator is ‘phishing’ or ‘fishing’ for your personal account information.

If you notice, these examples were an incoming email to you. They requested to verify your information by clicking on their bogus web-site.

What do you do?

  1. Do not reply to the email. Do not click on it. Do not click on the link they give. Ocean Crest Credit Union will never ask you to verify your information using this method.
  2. Get an anti-virus software. Without endorsing any particular product or company, some popular anti-virus software is made by Symantec, or MacAfee, etc. Do your research on anti-virus to protect your computer from viruses, new and old ones.
  3. Get a firewall. Again, do your homework to make sure you have the most secure firewall against someone shadowing your movement on the internet or on your computer.
  4. Look at the security on the site before you transmit any personal or financial information. Typically, the site will have a link that begins like this:

    5. https://www… where the “s” means secured.

    Also, look at the bottom of the page. A closed lock indicates a secured site.

  5. Be sure to review your statements, especially, after on-line banking or purchases.
  6. Opening an attachment can be a tricky one – don’t open it. Even if you know the source of the email, opening an attachment can open a can of worms on your computer. If you do not know the source of the email, it is advisable not to open an attachment.
  7. Last, and probably the greatest, use your power and report phishing scams to spam@uce.gov. Be sure to contact the good company, such as Ocean Crest Credit Union, to let them know that someone is impersonating them.

And, by the way, did you notice any mis-spelled words or syntax errors in the perpetrator’s email? Those are surely clues that phishing for your account information is at work.

Be sure to let your credit union know if you have received or responded to one of these fraudulent emails.

This message was brought to you by Ocean Crest Credit Union, where we are members helping members.

February 2006