Online Fraud: How Not to Get Hooked by a Phishing Scam

Phishing is a method Internet scammers use to obtain your personal and financial information so they can steal your identity. Since financial institutions are now the leading target of phishing scams, we want to make sure you don't get caught.

Typically, a phishing scam will be sent through email, sometimes even claiming to be from a business that you normally deal with. They use spam email, or pop-up messages, to lure you into disclosing your credit card numbers, Credit Union account numbers, Social Security number, passwords or other sensitive information. Phishers send out an email or pop-up message that claims to be from a business or organization that you deal with, for example, your Credit Union, online bill payer service, VISA or MasterCard. The message usually says that you need to “update” or “validate” your account information. It might threaten some dire consequences if you don’t respond, such as your account being closed. The message directs you to click on a link that takes you to a website that looks just like the legitimate organization’s site, with a website address that is similar to the legitimate one. The purpose of the fake website is to trick you into entering and submitting your personal and financial information to the scammers so they can steal your identity and run up bills or commit crimes in your name.

Tips to Protect Yourself Against Online Fraud

1. Never share your passwords or PINS with anyone.
2. Memorize your passwords and do not write them down. Create creative passwords, never use obvious passwords such as a postal code or birthday.
3. Change your password often. Change your passwords every 30 to 60 days.
4. Never leave your computer unattended while using any home banking service. Sign off when you are done.
5. Use only secure sites. If you are providing your financial information, be sure the site is secure. One of the ways to determine if a site is secure is to look for the padlock icon usually located at the bottom of the Web page. If you double click on the icon, a pop-up window will appear with information about the site. The information in this window should match the website you're visiting.
6. Never reply to an email requesting personal or financial information (account numbers, passwords, balance information, PIN’s, mother’s maiden name, social security number, date of birth) and never click on the link in the message. Legitimate organizations, including PenFinancial Credit Union, will not ask for this information via email. Contact us by phone if you have any questions or concerns about your account.
7. Always use anti-virus software on your home computers and keep it up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge.
8. Always be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.
   

Please be aware that PenFinancial Credit Union will never solicit you by email, telephone, or mail for a username, password, social security number, credit card number, or any other type of sensitive, personal information. Disregard any such requests and delete any type of suspicious email.

If you receive a questionable email, phone call, or mailing that appears to be from PenFinancial Credit Union, please do not hesitate to contact us at: emailus@penfinancial.com.