Welcome To Entrust FCU  
 
ABOUT US
ELIGIBILITY
LOCATIONS
HOW DO I GET INVOLVED
ON-LINE SERVICES
PRODUCTS & SERVICES>
Additional Services
 Deposit Accounts
 Lending Products
 Visa Cards
 Wealth Management
TIPS & TOOLS>
Calculators
 Podcasts
 Resources
 Security Alerts
CONTACT US
SITE MAP
 
SEARCH

            
HOME > TIPS & TOOLS > SECURITY ALERTS   
Security Alerts

  • SECURITY ALERT: Fraudsters Distribute Fake FDIC/NCUA Emails
  • SECURITY ALERT: Protect Yourself from Plastic Card Fraud
  • SECURITY ALERT: Vishing scam targets Entrust FCU
  • SECURITY ALERT: Phishing scam targets NCUA
  • SECURITY ALERT: NCUA talks about phishing scams
  • SECURITY ALERT: Stolen Cards
  • SECURITY ALERT: Skimming
  • SECURITY ALERT: Don't get hooked on phishing scams
  • SECURITY ALERT: Counterfeit Check Scams
  • Financial Fraud 101: Phishing, Pharming, Vishing & Spoofing
  • Traveling? Contact FCU first.
  • Credit, Debit & ATM Cards: Security Alert
  • Phishing Alert: Phone Scheme Targeting CVV2 (Vishing)
  • Protect Your Identity
  • ATM Security Tips
  • Update Your Information
  • Click here for our Privacy Policy

    SECURITY ALERT: Fraudsters Distribute Fake FDIC/NCUA Emails
    The risk alert below has been reported by the American Bankers Association and this scam could certainly occur in a Credit Union if a member receives a similar email from the NCUA. Caution should be taken when such emails are received.

    The FDIC has recently reported incidences of fraudulent emails being sent to individuals (bank customers) requesting / suggesting they check on the deposit insurance coverage of their local bank. The subject line on the email might be titled something like: "Check your bank deposit insurance coverage".

    The reported scenario has customers of banks receiving an email instructing them to download and open a "personal FDIC insurance file" to check their deposit insurance coverage. When they perform this task, the downloaded file collects personal and confidential information from that individual. The email warns the bank customer that their bank has failed and the FDIC has taken control of its assets. The bank customer is then directed to visit the official FDIC website by clicking on a provided hyperlink. Although the link appears related to the FDIC, it is believed that clicking on the hyperlink will cause malicious software to be downloaded and then used by the fraudster to steal ones identity.

    The often stated rule of thumb is to never click on any links or download any files unless you have initiated the contact and are sure you know who you are dealing with.


    SECURITY ALERT: Protect Yourself from Plastic Card Fraud
    With so many ways to use your credit or debit cards to make purchases these days, it is very important to be aware of what you can do to keep your information and accounts safe so you will not be susceptible to fraud. Entrust FCU has provided the following safety tips that may help ensure you will not become a victim.

    Never write down your Personal Identification Number (PIN) on your card or keep it in your wallet.
  • Do not give your PIN to anyone.
  • Do not use obvious numbers for your PIN. For example, avoid using digits from your telephone number, social security number, date of birth or any other number someone could easily figure out.
  • Never use the same PIN for all of your cards.
  • Sign your card as soon as you receive it.
  • Always report lost or stolen cards immediately upon discovery to your credit or debit card issuer.
  • Never let your card out of your sight.
  • Make a list of all of your card numbers and store it in a safe place.
  • Do not lend your card to anyone.
  • Never write down your card number or PIN where anyone can see them.
  • Never throw your account statement or pre-approved card offers in the trash. Shred them or destroy them beyond repair.
  • Always verify that the transactions on your statement are correct.
  • Immediately report any discrepancies to your credit or debit card issuer.
  • Never leave a carbon receipt on a restaurant table and make sure your waiter or waitress takes your credit card receipt to the register before you leave.
  • Never give your account numbers over the telephone.
  • Never put your account information in an email.
  • Avoid carrying all of your plastic card(s), social security card, birth certificate or passport together. Carry only what is necessary.
  • When making purchases on the Internet, make sure you are in a secure environment. This is usually stated by a pop-up message as well as with a key or lock icon on the bottom of the page. Only shop with companies you know online.
  • When you go on vacation, have the post office hold your mail.
  • If you know a statement is late in the mail, contact the card issuer immediately.

    Credit and debit card fraud cannot always be prevented, but you can protect yourself in many ways by following some of the safety tips we have provided above. We appreciate your membership at Entrust Federal Credit Union and want to ensure that you have the information you need to help us fight plastic card fraud. By doing so, you are helping your credit union and fellow members.


    SECURITY ALERT: Vishing Scam Targets Entrust FCU
    We have been notified by some members that they have been solicited for an Entrust Federal Credit Union loan. For example, George calls Member and says, "I'll extend you a $10,000 line of credit for a $2,500 down payment, if you provide your personal information such as name and Social Security Number." THIS IS NOT ENTRUST FEDERAL CREDIT UNION. THIS IS CALLED VISHING. Please know that Entrust will NEVER ask for your sensitive personal information via phone or email. Click here for more information about Vishing.

    If you feel you are a victim of this or similar scams, please contact the Internet Crime Complaint Center at www.ic3.gov.


    SECURITY ALERT: Phishing scam targets NCUA
    A fraudulent e-mail seeking credit card information (known as a "phishing fraud") has been circulating nationwide since 2 p.m. EST today. This fraudulent phishing email appears to be from NCUA and contains a link purportedly to obtain a subscription for the NCUA Express Subscription service. When that link is used, the recipient is directed to a "clone" of the NCUA Express Service site that seeks credit card information from those to whom the phish was sent. If you receive such an email, please ignore it, as it is fraudulent. The NCUA does NOT charge for the Express Subscription service and does NOT solicit credit card information over the Internet. If you have questions or comments, please contact the NCUA Fraud Hotline at 800-827-9650 or, during off duty hours, at 703-728-0700.

    NCUA talks about phishing scams...
    According to NCUA Federal Criminal Investigator David Eno, scammers clone financial web pages and use them for phishing. NCUA's Internet homepage and individual credit union and bank homepages are repeatedly cloned. Scammers send credit union members a fraudulent email leading them to believe it's from NCUA or a particular credit union.

    The misleading e-mail informs a member their account has been fraudulently accessed and prompts them to call an 800 or 866 number or follow the link provided to a cloned agency or credit union website. At the cloned webpage, the member is prompted to submit private financial information such as their account number and PIN. With receipt of account information, the scammer proceeds to empty the member's account from foreign ATMs.

    According to the article, an increasingly common scam involves text messaging. Credit union members receive a fraudulent NCUA text message announcing that unauthorized activity has occurred in their account. As with phishing emails, an 800 telephone number is provided. When the member calls, they are prompted to provide their account number and PIN to resolve an alleged account problem. Again, the scammer then transfers the member's funds into a foreign ATM accessible account.

    Another way to add credibility to their messages is to geographically target the members. Scammers send emails and text messages to individuals within a 30-40 mile radius of a targeted credit union making the scam seem quite credible.

    Credit union members should be reminded that NCUA and credit unions do NOT ask for personal account information and PINs via the Internet or telephone. Consumers should be leery if placed in this situation.

    The NCUA recommends deleting fraudulent emails or text messages to prevent spyware or malware from compromising computers or cell phones.

    SECURITY ALERT: Stolen Cards
    We need your help! Entrust FCU has been experiencing an increase in the number of its members, Visa REWARDS ChekCards and Visa Credit Cards being stolen over the last few months. In order for us to continue to provide the same high level of access to your money, we need your help protecting your card information. It all starts with treating your Visa REWARDS ChekCard and Visa Credit Card like cash. Please do not leave them in places where others may gain access to them, such as in your car, gym locker, etc. With your help, we are confident that we can curb these card thefts and continue to offer you the access to the funds you need, when you need them.

    SECURITY ALERT: Skimming
    Important information regarding your next ATM visit
    Over the past few weeks, many Entrust FCU members have been hit with one of the newest forms of credit and debit card fraud: SKIMMING.

    Skimming is the theft of credit or debit card information used in an otherwise legitimate transaction.

    Instances of skimming have been reported where the perpetrator has put a device over the card slot of an ATM, which reads the magnetic strip as the user unknowingly passes their card through it. These devices are often used in conjunction with a pinhole camera to read the user's PIN at the same time.

    It can also be an "inside job" by a dishonest employee of a legitimate merchant, and can be as simple as photocopying of receipts. Common scenarios for skimming are restaurants where the skimmer has possession of the victim's credit card out of their immediate view. The skimmer will typically use a small keypad to unobtrusively transcribe the 3 or 4 digit Card Security Code which is not present on the magnetic strip.

    If you think something is suspicious, the best thing you can do is avoid it. We ask that all members diligently monitor their accounts and report any fraudulent transactions immediately by calling the credit union at (804) 353-8012.


    SECURITY ALERT: Don't get hooked on phishing scams

    Please keep in mind that Entrust FCU will never solicit confidential or sensitive information via email. Some examples of a phishing scam email message include the following:

    "We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity."

    "During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information."

    The Federal Trade Commission recommends these tips to help you avoid getting hooked by a phishing scam:

  • If you get an email or pop-up message that asks for personal or financial information, do not reply. And don't click on the link in the message, either.
  • Area codes can mislead. Some scammers send an email that appears to be from a legitimate business and ask you to call a phone number to update your account or access a "refund."
  • Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly.
  • Don't email personal or financial information.
  • Review credit card and bank account statements as soon as you receive them to check for unauthorized charges.
  • Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization impersonated in the phishing email.
  • If you believe you've been scammed, file your complaint at ftc.gov, and then visit the FTC's Identity Theft website at www.consumer.gov/idtheft.
  • You can learn other ways to avoid email scams and deal with deceptive spam at ftc.gov/spam.


    SECURITY ALERT: Counterfeit Check Scams

    You notice an e-mail or Help Wanted ad that offers you a job to cash checks, money orders or travelers checks. You keep a portion (around 10%) and then you wire the rest back to the "company." Sound safe?

    The answer: absolutely not. More than likely, the checks, money orders, or travelers checks are counterfeit. This scenario is similar to the "Nigerian Scam" (click here for details), where a stranger hopes to share in big profits with YOU. If you're tempted to respond to an offer, the FTC suggests you stop and ask yourself two important questions: Why would a perfect stranger pick you - also a perfect stranger - to share a fortune with, and why would you share your personal or business information, including your bank account numbers or your company letterhead, with someone you don't know?

    If you receive an offer via email from someone claiming to need your help getting money out of Nigeria - or any other country, for that matter - forward it to the FTC at spam@uce.gov.

    If you have lost money to one of these schemes, call your local Secret Service field office. Local field offices are listed in the Blue Pages of your telephone directory. Also, don't forget to notify your credit union immediately.

    For more information on scams similar to these:
  • Giving the Bounce on Counterfeit Check Scams
  • The "Nigerian" Scam: Costly Compassion
  • Check Overpayment Scams: Seller Beware

    Financial Fraud 101: Phishing, Pharming, Vishing, & Spoofing

    Phishing
    This is an internet-based activity in which attempts are made to fraudulently extract sensitive financial and personal information from unsuspecting victims. The most common method for perpetrating this criminal activity is generating fake emails that direct readers to counterfeit websites designed to look like authentic ones. The thieves pursue pieces of information like: credit card numbers, CVV or CVC codes (those three digit numbers at the back of your card), ATM card numbers and passwords, and login ids and passwords to transaction sites like eBay, Paypal, bank accounts, etc.

    Spoofing
    Spoofing is the creation of fake financial websites designed to imitate authentic ones ... again for the purpose of stealing financial information. Spoofing goes hand in hand with phishing - a phishing email, with all its fake links, is designed to lure the recipients to a spoof website.

    Pharming
    Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent websites without their knowledge or consent. Pharming has been called phishing without a lure.

    Vishing
    Vishing takes two forms. Instead of directing targets to a phony website, as is the case with phishing, a recorded phone call may tell the user to call a toll-free telephone number that reports to be that of a well-known financial institution or other entity. The caller is then asked to punch in his credit card number or other personal information. Another type of vishing takes the form of an email, which asks the user to make a telephone call to a toll-free number and provide his personal information.


    Traveling? Contact EFCU first.

    When you are traveling outside your local area, particularly overseas, it is important to contact Entrust FCU so your Visa Credit Cards and Visa ChekCards will not be blocked. Our system is set up to keep your debit and credit cards safe and secure from theft. Contacting us before you leave will allow us to put a note on your account.


    Credit, Debit & ATM Cards

    Many of you have called and asked why your Visa Credit Card, Visa Chekcard or ATM card has not worked in particular areas or why you were limited in some locations. It's all about security!

    Due to the amount of fraud that we continue to experience, our processor and insurer have placed more restrictive guidelines in certain parts of the world. Over the past several years, fraudsters have gotten smarter and more aggressive and the losses suffered by all institutions/issuers have escalated out of sight. For our credit union alone, our insurance deductible increased 367%, which means that fraudulent claims on our accounts were even greater. In many cases, the cardholder, our member, still have the card in their wallet and yet the information has been stolen, a counterfeit card produced and transactions made. This is called skimming and it happens at ATMs, merchants or other places that you may use your card. There are even some crooks who have placed cameras or other recording devices to watch you enter your PIN when you use your card at an ATM!

    You are not responsible for fraudulent transactions that affect your account, but the credit union does suffer the expense, so ultimately all members pay in the long run. What is most important for the credit union is to be convenient and accessible to you whenever you need your funds. While keeping that in the forefront of our decisions, we must also balance that with sound and prudent security features that will help us detect when fraudulent activity occurs.

    There are some countries in which we have restricted credit and debit (Chekcard) activity. Travel and entertainment transactions have been excluded from these restrictions, as well as any account where the transaction is considered local (same area as address on account). Even though these restrictions are in place, the credit union can override the account for specific purposes. All you need to do is contact us during regular business hours so we can make the arrangements to release the security tags so you may use the card(s).

    We apologize for this inconvenience, but otherwise we would be required to block some countries altogether. Many institutions/issuers are beginning to do that, but we realize how much you rely on your cards for financial transactions and have negotiated these compromises.

    Regarding the ATM cash withdrawals, we have restricted them to no more than four (4) per day and a maximum of $500 each time. With that said, there are some ATM machine owners who have placed lower limits than that, but we have no control over what they decide. Due to this change, we have increased the number of POS transactions/ATM withdrawals per month from four (4) to ten (10) before you are charged a withdrawal fee by the credit union.

    Again, we apologize for any inconvenience these changes may cause and trust you will understand that we must balance convenience with safety and security. We realize that some of these changes may make it more challenging at times but please know that we are only doing this for your safety and to protect the credit union for all its members. Thank you for your continued support and patronage!

    For more information, contact us at 804-353-8012, 800-944-3622, or efcu@entrustfcu.com.

    Phishing Alert: Phone Scheme Targeting CVV2 (Vishing)

    In a new twist on the traditional form of phishing, criminals have developed new schemes targeting CVV2 information. Unlike e-mail in traditional phishing, the communication vehicle for this scheme is a phone or a VoIP ("Voice over IP") device. These schemes are sometimes referred to as "vishing" ("voice phishing"). Vishing is used to supplement information already known to the criminals with pieces of information they may be missing. While many data elements are targeted, CVV2 information is of main concern. The scheme usually relies on using known information to achieve a level of comfort in the initial stages of the conversation. Additionally, VoIP technology allows for spoofing of the Caller ID which makes the phone call appear more legitimate (i.e. coming from the cardholders issuing institution). Once this is achieved, an element of fear is introduced to the conversation to facilitate the extraction of sensitive data. This is commonly done by presenting a fraud scenario which the caller immediately offers to remedy. As part of the remediation effort, cardholders are duped into revealing sensitive information the criminals are missing (e.g. CVV2).

    What is phishing?
    Phishing is a method of identity theft that is carried out through the creation of a website that seems to represent a legitimate company. The visitors to the site, thinking they are responding to a real business, submit their personal information to the site. Criminals then use the personal information for their own purposes, or sell the information to other criminal parties. Please keep in mind that Entrust FCU will never solicit confidential or sensitive information via email.

    Other Phishing Resources:
  • Federal Trade Commission
  • Anti-Phishing Working Group
  • Money Central MSN article

    Protect Your Identity

    Identity theft is one of the fastest growing crimes in the U.S. There are things you can do to protect your identity like:

  • Limit the number of identification cards you carry in your wallet.
  • Review charges on your credit card statements and report erroneous charges immediately.
  • Review your credit report at least annually.
  • Use Visa's and MasterCard's online security programs (Verified by Visa, MasterCard SecureCode) when shopping on the internet.
  • Shop online only on secure websites.
  • Shred all financial documents including receipts and offers for pre-approved credit.

    These are just a few of the things you can do to protect your identity. Identity theft is more than just an inconvenience, in some cases it can take years to recover. Want more information? Call your credit union and we can point you in the right direction.

    Other Identity Theft Resources:
  • Federal Trade Commission
  • Social Security Administration
  • Identity Theft Prevention and Survival

    ATM Security Tips

  • Conduct transactions during the date.
  • Beware of shoulder surfing.
  • Always protect your PIN#.
  • Don't re-enter your PIN if the ATM eats your card.
  • Call the Credit Union right away if your card is help by the machine.
  • Use well-lighted locations.
  • Know where the security cameras are located.
  • Never count cash until you are at a safe location.
  • Be wary to any offers to "help" with your ATM transactions.
  • Be suspicious if signage states to use a specific machine or if the ATM looks unusual.
  • Pay close attention to the ATM and your surroundings.
  • If you feel uncomfortable, use another machine.
  • Alert your Credit Union immediately to any suspicious activity around the machine.
  • Be on the lookout for fraudulent withdrawals on your statement.

    Update Your Information

    Moving? Getting a new cell number? Don't forget to update your contact information with Entrust! Maintaining up-to-date contact info helps us keep a closer eye on your accounts.

    Entrust Federal Credit Union's Privacy Policy
    Click here to download our Privacy Policy.
















    •  
    This credit union is federally insured by the National Credit Union Administration.
       
    Click here for BBB Business Review
    Entrust Federal Credit Union
    1801 Dabney Road, PO Box 6882,
    Richmond, VA 23230
    (804) 353-8012 | (800) 944-3622
    fax (804) 359-4991
    Contact Us