Missoula Federal Credit Union

Security



This page contains security alerts you should be aware of to protect your identity and financial information!

Phishing scams
Phishing is the attempt to obtain information via email by pretending to already have some of the information. For example, a con artist might send out an email purportedly from a large bank to thousands of people, not knowing who among them might be customers of that bank. Even if only a small percentage of people who receive the email are actual customers, they may feel that if the sender “knows” they are customers that it must be legitimate. Usually the email states that unusual activity has been noted on the account and asks the victim to complete a form that asks for debit card number and pin. Obviously, then, the crooks use that information to access the victim’s account. Never provide your debit or credit card number or pin to anyone unless you initiated the transaction.

Ebay / Craigslist / Paypal scams
In these scams, a fraudster buys an item for sale online. When s/he pays, they send extra money and ask that the seller wire back a portion of the additional funds in exchange for the funds balance. There is no legitimate reason for doing this, don’t ever wire back additional funds. In every case, the original form of payment is worthless. If the person contacts you prior to the sale, do not continue the transaction.

Work at home / Secret shopper scams
These fraudsters advertise for people to either work at home or be secret shoppers. They mail a check to be used to “test” a business such as MoneyGram by wiring out a portion of the funds and tell the victim the remainder of the funds will be their pay. The check turns out to be fraudulent and the victim is out the funds they wired. If you receive anything by mail for work at home or secret shopper “opportunities” simply throw it away.

Foreign lotteries
In a foreign lottery scam, you may receive an email notifying you that you have won a lottery, often Irish, Canadian, or from some other foreign country. They state that you must wire in a deposit on taxes, fees or some other reason. In the end, you simply lose the money you’ve wired. If you haven’t specifically entered a lottery, you are not a winner of that lottery. These emails should be deleted.

Fraudsters Using Text Messaging
After banks and credit unions secured their online banking, fraudsters increased their focus on texting consumers to steal their account information in what are being called SMiShing attacks. "[SMiShing] is like if I walked up to your door, introduced myself as being from a bank and asked you for your personal credentials. If you're foolish enough to give that information to me, there's nothing the bank can do about it," says Joram Borenstein, senior manager of RSA. "The only difference is SMiShing is happening through cells phones and PDAs." Fraudsters begin a SMiShing attack by sending fraudulent text message alerts to consumers asking the consumers to call a phony phone number. When consumers call they think they are talking to their financial institution, but it is actually a crook who is asking the consumer for their bank account information. Financial institutions can take steps to protect their consumers from SMiShing by educating them on how to secure their account information.

What is DDoS?
You may have heard or read that companies are sometimes the target of a DDoS, but what is that? A Distributed Denial of Service attack is a tool used by individuals or groups to disrupt the service of a company. In today's world of internet connectivity, these impact the ability of customers to get to a website. While Missoula Federal Credit Union has not been the subject of these in the past, we know that may not always be the case. For most of us, if we cannot get to Miss Web right this minute, we can always try again later. If MFCU were the target of one of these incidents, you might see a page not found message - or a server busy error. This would apply to both Miss Web and MFCU2GO. If this were to happen, your accounts would still be safe, and once the incident subsided, access to Miss Web would be restored. In the event of a DDoS, Miss Fed, our telephone banking service would still be available at 406-523-3311.

| | |