What is phishing?
All Internet users should be aware of the online scam known as "phishing" (pronounced "fishing"). Phishing involves the use of e-mail messages that appear to come from your bank or another trusted business, but are actually from imposters.
Northwest Community Credit Union will never contact you by email to request your personal and confidential information. Phishing e-mails typically ask you to click a link to visit a Website, where you're asked to enter or confirm personal financial information such as your account numbers, passwords, Social Security number or other data. Although these Websites may appear legitimate, they are not. Thieves can collect whatever data you enter and use it to access your personal accounts.
How can I spot a phishing scam?
Look for these warning signs:
- Language and tone. The message you receive may urge you to act quickly by suggesting that your account is threatened. It may say that if you fail to update, verify or confirm your personal or account information, access to your accounts will be suspended. The wording may also be sloppy and contain misspellings.
- Requests for personal information. Scam e-mails typically ask for personal or account information such as:
- Account numbers
- Credit and check card numbers
- Social Security numbers
- Online banking user IDs and passwords
- Mother's maiden name
- Date of birth
- Other confidential information
- E-mailed instructions to download software. All your online banking should be done through our secure Website, and we will not send you e-mail instructions to download any banking software to your computer. Do not install software downloads directly from e-mail messages, or from companies or Websites you do not recognize. When in doubt, contact the company directly or call the credit union at 847-647-1030.
- Non-secure Web pages. Clever thieves can build a fake Website that looks nearly identical to an authentic one. They can even alter the URL (the Web address) that appears in your browser window. Watch out for non-secure Web pages that ask for sensitive information (secure sites will typically display a lock in the status bar at the bottom of your browser window).
How can I decrease my risk of being a phishing victim?
Here are some safety tips:
- Be suspicious of demanding messages. Messages threatening to terminate or suspend your account without your quick response should be treated as suspicious. A legitimate bank or business should not request personal information from you over an unsecured Website. When in doubt, call the business' customer service number (available on your account statement) to confirm the status of your account. Do not use telephone numbers found on the suspected Website.
- Be cautious of downloads. Installing unknown software on your computer can put your personal information at risk and potentially harm your computer's hard drive. Make sure the software comes from a legitimate Website, not an e-mail message. If you're not sure whether you should download a program, contact a customer service representative for more information.
- Always type in the URL of the Web page you need. Phishing scams rely on embedded links that take you to fake Websites. It's safer to type your credit union's Web address directly into your browser so you know you're visiting the legitimate site.
- Protect your password. Don't write down sensitive personal information such as your password or Social Security number. Change your password frequently.
- Keep your computer up to date. Northwest Community Credit Union recommends that you install anti-virus and firewall programs to help keep your computer safe.
Report an online scam
- If you receive suspicious e-mail that appears to come from Northwest Community Credit Union, please notify us immediately by forwarding the e-mail to firstname.lastname@example.org (do not open any attachments or click any links found in the suspicious e-mail).
- You may also want to forward it to the Federal Trade Commission at email@example.com, or contact them at www.consumer.gov/idtheft* or 877.IDTHEFT (877.438.4338).
- If you believe you have provided personal or account information in response to a fraudulent e-mail or Website, please contact Northwest Community Credit Union at 847-647-1030 and contact the other financial institutions with which you have accounts.
Learn more about phishing
To learn more about phishing, read articles presented by FTC at www.consumer.ftc.gov
Pharming: similar to phishing, pharming seeks to obtain personal information by directing you to a copycat website where your information is stolen, usually from a legitimate-looking form.
E-mail viruses and worms are fairly common. Here are steps you can use to help you decide what to do with every e-mail message attachment you receive. You should only open and read a message that passes all of these tests:
- The know test – is the e-mail from someone you know?
- The received test – have you received e-mail from this person before?
- The expect test – were you expecting e-mail with an attachment from this sender?
- The sense test – does the e-mail subject make sense based on who is sending the e-mail? Would you expect this type of attachment from this person?
- The virus test – does this e-mail contain a virus? To determine this, you need to install and use an anti-virus program.
Purchasing and Installing Programs
Apply these practices when you select software for your home computer.
- Learn as much as you can about the product and what it does before you purchase it.
- Understand the refund/return policy before you make your purchase.
- Buy from a local store that you already know or a national chain with an established reputation.
Keep Your System Up to Date
Most software vendors provide free patches to fix problems in their products. You can usually download these patches from the vendor's Website. When you purchase a program, it's a good idea to find out how the vendor provides customer support.
Backups: How Important?
It is a good practice to back up important files and folders on your computer. To back up files, you can make copies onto media that you can safely store elsewhere, such as CDs or floppy discs.
For more information on home computer security, visit www.cert.org*.