CLOSED Friday, April 3rd (Easter Holiday)
Closing or delay due to weather? Check WFMZ:
'Tis the Season for...Phishing???????
You get an email that looks like it comes from a bank or credit card company. Even the "from" address looks real. The message says something like "we have detected fraudulent activity on your account" and asks you to click a link to fix the problem.
You click the link and it looks like the real bank or credit card site login page. But look closely: there's no lock symbol in your web browser, so the site is not secure. The website address starts with http: and not https: That's a really bad sign, because all legitimate banking and e-commerce sites have security certificates that allow the site to encrypt sensitive information (like your login and password) on web pages that ask for such information before it is transmitted by you over the Internet.
What's going on here?
Criminals now have the ability to copy the exact look of any website. They then host the copy on any available webserver. Those criminals often purchase domain names that are close to, but not exactly, the address of legitimate organizations.
Once the victim goes to the fake site, enters his or her login, and presses a "login" button, they are presented with a second page that asks users for sensitive data like:
Wallah! If the victim falls for this scam and fills in some or all of the information requested and presses the "GO" button, they have just provided a criminal with everything he/she needs to use a debit or credit card for anything they want to purchase without the cardholder's knowledge or consent.
How Did They Get My Email Address?
Criminals obtain email addresses through a variety of means, including hacking into the address books of infected computers. The owners of the infected computers usually don't even know their computers have been broken into. The hacker plants a program on the infected computer that opens its address book and sends all of the addresses stored there to a computer that could be located anywhere in the world. Often that computer is located in Russia or China.
Another source: If you have ever posted your email address on a website, there are programs that harvest email addresses from public websites.
Since email costs nothing to send, the criminals send messages to thousands of stolen email addresses. That's why you can receive messages pretending to be from companies that you don't even do business with. The current Internet email standard allows senders to "fake" the "from" address of an e-mail. It's called a "Phishing Expedition" because the criminals cast their "nets" of email torrents and haul in account information of people who get caught.
Suppose I Get a Message That Says There's a Problem With My Account?
Remember: If in doubt, contact the financial institution or store directly. Don't use telephone numbers or email addresses in an email message. Check your monthly statements for contact information.
According to the Credit Union Journal, Internet security firms are warning that phishers are using a new technique to keep spoofed websites up and running even after authorities "pull the plug." Using so-called smart site redirection, attackers are creating identical copies of a spoofed site, each with a different URL (uniform resource locator--addresses like www.something.com), often hosted by different Internet Service Providers. When phishing e-mails go out, all include links to a separate "central redirector". When the potential victim logs onto the e-mailed link, the redirector checks all of the phishing sites, identifies which ones have not been shut down, and redirects the victim to that site. This allows cyber-crooks to lengthen phishing attacks even after they have been discovered by authorities.
E-mail fraud attempts, known as "Phishing", ask for the recipients to click on a link to verify their credit union account registration. If the recipient does so, the link directs them to a false website. On that website, the intended victim is asked for his/her bank or credit union account number and PIN, along with other personal information.
Please note: Neither Bethlehem Teachers FCU nor the NCUA asks credit unions members for personal information such as account numbers or PINs via e-mail. Anyone who receives an e-mail that purports to be from BTFCU or the NCUA and asks for account information should consider it to be a fraudulent attempt to obtain their personal account data for an illegal purpose and should not follow the instructions in the e-mail.
What Do I Do If I Already Responded to such an E-Mail?
If you responded to such an e-mail and provided any confidential account information, please notify BTFCU (610-691-0041) immediately of the scheme. You should also change your account's PIN, and take any additional action recommended by BTFCU to protect your account.
What Does A Phishing Scam Look Like?
The screenshot, shown here, is typical of "phishing" e-mails you might receive:
The NCUA logo and most of the links on the page are real. However, the "Click here to update your account." link points to an IP address instead of the ncua.gov website. If you click the link, this page appears:
The NCUA and the company that "hosts" the website have both been notified of this scam. The site should have been shut down by the time you read this. Since this is a potentially lucrative scam, expect other, similar sites to take the place of this one, so you need to be wary of all e-mail requesting personal information.
How Do I Know It's A Scam?
Here are the clues that this is a site that attempts to steal from you:
Copyright © 1999-2015 Bethlehem 1st Federal Credit Union.