Forgot Password [?] Not Registered [?]

 

Security Alerts

The Security Alerts page will contain and examples of recent threats. These may include fraudulent e-mail soliciting personal information, as well as letters or hone calls attempting to dupe members.

Check these pages regularly, as we will add updated information as it becomes available.

Last Updated: 11/23/2011

Beware of Frauds on Facebook - 11/23/2011

Fraudsters may be hiding in the background and watching your Facebook, Twitter, Linked-in and eHarmony accounts, waiting to steal your personal information and initiate a fraud against you, your friends or business associates.

Crooks have moved to "affinity" frauds, which target members of a set group that include members of a particular church, a health club association or some group with a similar bond. Victims tend to let down their guard when they're introduced to someone through a friend, even if that introduction is second-hand. Because we assume that our friends won't betray us, that bond increases the likelihood that even a reasonable, thoughtful individual will become a victim.

Con artists take advantage of how easily people share background and personal information online by using this information to make a highly targeted pitch to friends within a particular social group. Just because someone has friended you online doesn't mean that person is your friend when it comes to sharing personal information.

General Tips to helping stay safe on Facebook:

• Friend people you know and make sure you are communicating with that person;
• Create a secure password and don’t share it with anyone;
• Change passwords on a regular basis;
• Share personal information only with people you know or companies that need it;
• If it looks like Facebook is asking you to log in a second time, skip the links and directly type www.facebook.com into your browser address bar;
• Use a one-time password when using someone else's computer;
• Log out of Facebook after using someone else's computer;
• Use secure browsing whenever possible;
• Only download apps from sites you trust;
• Keep your anti-virus software updated;
• Keep your browser and other applications up to date;
• Beware of unusual posts from anyone, including close friends - if it looks like something your friend wouldn't post, don't click on it; and
• Beware of enticing links coming from your friend - scammers might hack your friends' accounts and send you a link that appears to come from them.

Fraudulent Debit Card Calls - 08/04/2011

Members have reported receiving recorded calls claiming to be from Wells Fargo and explaining that your debit card is no longer active. Do not respond to these calls! UFCU has no affiliation with Wells Fargo and this is surely an attempt to fraudulently obtain your personal information. If you believe you have been a victim of this or any other scam, please contact us immediately.

Malicious Software Features Osama Bin Laden Links- 05/05/2011

According to consumer protection officials, that email you receive purporting to have photos and videos showing Osama Bin Laden’s death could cost you dearly. This email could contain a virus that targets personal information and addresses stored on your computer and opening that information could set in motion malicious software that will attack your computer.

The FBI’s Internet Crime Complaint Center (IC3) urges computer users to not open unsolicited (spam) e-mails, including clicking links contained within those messages. Even if the sender is familiar, the public should exercise due diligence. Computer owners must ensure they have up-to-date firewall and anti-virus software running on their machines to detect and deflect malicious software.

The IC3 recommends the public do the following:

• Adjust the privacy settings on social networking sites you frequent to make it more difficult for people you know and do not know to post content to your page. Even a "friend" can unknowingly pass on multimedia that’s actually malicious software.
• Do not agree to download software to view videos. These applications can infect your computer.
• Read e-mails you receive carefully. Fraudulent messages often feature misspellings, poor grammar, and nonstandard English.
• Report e-mails you receive that purport to be from the FBI. Criminals often use the FBI’s name and seal to add legitimacy to their fraudulent schemes. In fact, the FBI does not send unsolicited e-mails to the public. Should you receive unsolicited messages that feature the FBI’s name, seal, or that reference a division or unit within the FBI or an individual employee, report it to the Internet Crime Complaint Center at www.ic3.gov.

Fraudulent Check Scam - 02/01/2011

Utah Federal Credit Union has been notified that counterfeit cashier's checks bearing our name are being mailed to individuals. A letter accompanying the check explain that the recipient has been "chosen as one of the winners in the NORTH AMERICA CONSUMER PROMOTION DRAW organized for customers of Wal-Mart, Sears and Home Depot, Safeway, etc."

This is a scam to rip you off. Do not cash the check! It will be returned to your financial institution unpaid, marked as counterfeit/forgery.

Click here for an example of the letter & check

IF YOU RECEIVE AN UNSOLICITED CASHIER'S CHECK FROM UTAH FEDERAL CREDIT UNION, PLEASE CALL US IMMEDIATELY TOLL FREE AT 1-866-358-8548 TO VERIFY IT'S AUTHENTICITY. YOU MAY ALSO E-MAIL THE CREDIT UNION AT INFO@UTAHFEDERALCU.COM TO VERIFY IT'S AUTHENTICITY.

Utah Federal Credit Union has reported these crimes to the proper authorities. If you are a victim of this counterfeit check scheme, please contact your local law enforcement agency.

Credit Card Skimming Alert - 10/22/2010

A skimming device is a small and inexpensive item that is inserted into an ATM. If not scrutinized closely, it looks like it is part of the machine and it is configured to steal ATM numbers and PINs from unsuspecting customers/members. In addition to the skimming device, a camera is mounted nearby to capture the keystrokes used to enter the password.

Often, the scam artists will sit in a nearby car receiving the information wirelessly transmitted from the skimmer. The fraudsters are then able to duplicate the information stored on the magnetic strip of the ATM card and use the PIN number to withdraw funds from an account at the Credit Union.

From a technology standpoint, new ATM's are being built with the reader embedded deep within the machine. And the slots on the machine are being designed to make it difficult to attach a skimmer. Also, new technology on some machines forces the card to move back and forth at different speeds while it is reading the information. This new process makes the skimmer ineffective as it requires a smooth card reader.

These improvements will help, but with the number of older machines in use, thieves will have an easy time finding susceptible targets for years to come.

What can you watch for to help avoid this scam?

• Always protect your PIN: Don't write it down anywhere and don't provide the number to anyone.
• Use ATM's in safe places: Make sure the ATM is in a well lit area with public visibility. These machines normally have 24/7 video surveillance and are often located within a financial institution or in a high-traffic area. Thieves like to avoid areas under surveillance and these machines are less likely to be used for fraudulent activity. Where are the cameras - Be conscious of cameras monitoring the ATM - While many ATM have surveillance cameras, they won't be positioned to record the keypad.
• Cover the keypad: As a precaution, put your hand over the keypad when you enter the PIN to avoid a camera recording the number. Be conscious of your surroundings and be suspicious of an ATM that has signage indicating you should use a specific machine. Also, avoid using a machine that appears to have been altered. If anything on the front of the machine looks loose, crooked or damaged, move on and use another machine.
• Be especially conscious of gas pumps: These high traffic areas offer a fraudster a multitude of different users and recent reports have involved fraud occurring in these areas.
• Report any suspicious activity: If the machine looks suspicious or if it retains your card, report the incident immediately.
• Be cautious of anyone offering help near an ATM: These people could be part of the scam and you should report this incident to the financial institution immediately.
• Monitor your monthly statement: Check your statements immediately upon receipt for any fraudulent withdrawals or other questionable transactions.
• Conduct ATM transactions during the daylight hours: Most ATM crime occurs in the evening.

NACHA Phishing Alert - 8/26/2010

NACHA - The Electronic Payments Association has received reports that individuals and/or companies have received a fraudulent email that has the appearance of having been sent from NACHA and signed by a non-existent NACHA employee. See a sample of the email below.

Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.

NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to individuals or organizations about individual ACH transactions that they originate or receive.

If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system. Always use anti-virus software and ensure that the virus signatures are automatically updated. Ensure that the computer operating systems and common software applications security patches are installed and current.

Be alert for different variations of fraudulent emails.

= = = = = Sample Email = = = = = =

Dear bank account holder,

The ACH transaction, recently initiated from your bank account (by you or any other person), was rejected by the Electronic Payments Association.

Please Find Attached Transaction Report

= = = = = End Sample Email = = = = = =

FDIC Fraudulent Email Notice - 07/07/2010

Recently, the Federal Deposit Insurance Corporation (FDIC) has received reports of a fraudulent e-mail which has the appearance of being sent from the FDIC.

The e-mail’s subject line reads: "you need to check your Bank Deposit Insurance Coverage." The body of the email states, "You have received this message because you are a holder of a FDIC-insured bank account. Recently FDIC has officially named the bank you have opened your account with as a failed bank, thus, taking control of its assets." The email instructs the recipient to click a link that reads, "You need to visit the official FDIC website and perform the following steps to check your Deposit Insurance Coverage."

The e-mail and the website it is associated with are fraudulent. Recipients should consider this e-mail as an attempt to obtain personal or confidential information, or to load malicious software onto end users' computers. The FDIC does not issue unsolicited e-mails to consumers. Recipients of this e-mail should NOT click on the link.

For further information, please visit www.fdic.gov.

© 2012 Utah Federal Credit Union  •  564 E 300 South, Salt Lake City, Utah 84102  •  801-328-1521  •  All Rights Reserved.  •  Your savings federally insured to at least $250,000 and backed by the full faith and credit of the United States Government. National Credit Union Administration, a U.S. Government Agency.
Web Development by Wallin Web Solutions