Archive for August 2018

Go Fishing, Don’t Get Phished

Safe Banking Tip #2: Go Fishing, Don’t Get Phished

This summer, go fishing, don’t get phished. Phishing is when a scammer uses fraudulent emails or texts, or copycat websites to get you to share valuable personal information, such as account numbers, Social Security numbers or your login IDs and passwords. The information is either then used by the scammer to steal your money, identity or both. Sometimes these scammers also sell this information to another party that then uses the information to the same end.

Scammers also use phishing emails to gain access to your computer or network and then install programs, called ransomware, that can lock you out of important files on your computer.

Scammers create a false sense of security by spoofing familiar, trusted logos of established, legitimate companies or pretending to be or know a family or friend. They utilize scare tactics and make you feel like something bad will happen if you do not provide the information to them. Commonly, they say that your account will be frozen, you will fail to get a tax refund, that a family member will be hurt, or you could be arrested. They tell whatever lies they need to, to get you to give the information.

So what steps can you take to avoid being phished?

  1. Be cautious about opening email attachments or clicking unknown links. Even your friend, colleague or family members’ accounts could be hacked. Files and links can contain malware that can weaken your computer’s security.
  2. Do your own typing. If a company or organization you know sends you a link or phone number, don’t click. Use your favorite search engine to look up the website or phone number yourself. Even though a link or phone number in an email may look like the real deal, scammers can hide the true destination.
  3. Make the call if you’re not sure. Be incredibly suspicious of emails that request personal or financial information. Most of the companies you do business with, will not ask for that kind of information through an email or at all. Phishers use pressure tactics to prey on fear. If you think a company, friend or family members really does need your personal information, pick up the phone and call them yourself using the number on their website or in your address book, not the one in the email.
  4. Utilize two-factor authentication wherever possible. For accounts that support two-factor authentication, the practice that requires your password and an additional piece of information to log into your account make sure you use it! The second piece of information required could be a code sent to your phone, or a random number generated by an app or token. This protects your account even when your password is compromised. As an extra precaution, you may want to choose more than one type of second authentication (a PIN, a secondary phone number or email address, etc.) in case your primary method (such as your cellphone) is not available.
  5. Back up your files to an external hard drive or reputable cloud storage. Back up your files regularly to protect yourself against viruses or a ransomware attack. Be sure to use a reputable device or cloud storage company and ensure that any personal documents are kept private with password encryption or other form of encryption.
  6. Keep your security up to date. Use security software you trust and make sure you set it to update automatically. This will ensure your devices are protected with the latest level of security protection. New malware, ransomware and viruses come out every single day.
  7. Verify a website’s security. Before submitting any information on a website, make sure the URL begins with “https” and there should be a closed lock icon near the address bar. Check that the site’s security certificate is valid as well. You can see this by clicking the lock or information circle in the address bar of the browser window. Always close your browser if you get a message that a site may not be secure or contains malicious files.
  8. Be wary of pop-ups. Pop-up windows often masquerade as legitimate components of a website. However, they are often phishing attempts. Most browsers allow you to block pop-ups and you can allow them on a case-by-case basis where needed. If one manages to slip through the cracks, don’t click on the “cancel” button; such buttons often lead to phishing sites. Instead click on the “x” in the upper corner of the window.
  9. Report phishing emails, websites and texts. It is important to contact the individual or companies that you might experience phishing attempts from to notify them of what is happening. But it is also critical that you report these incidents to the authorities. Forward phishing emails to spam@uce.gov. Your report is most effective when you include the full email header, but most email programs hide this information. To ensure the header is included, search the name of your email service with “full email header” into your preferred search engine. You should also file a report with the Federal Trade Commission at gov/complaint. You can also report phishing emails to reportphishing@apwg.org. The Anti-Phishing Working Group, a group that includes internet service providers, security vendors, financial institutions, and law enforcement agencies, uses these reports to help fight phishing.

To learn more about how you can minimize your risk, visit identitytheft.gov.

Honor a Veteran to Help a Veteran

For AllCom Credit Union, “banking made better” has been about the people. Our team works diligently to serve our members by making their financial lives the credit union’s priority. Over the years we have incorporated various community partnerships into our commitment to serving our members and our community.Stars and Stripes: In Honor/In Memory of

For our team, no partnership has been more important than that with Veterans Inc. This year, we are inviting our members, our AllCom family, to join us in support of this incredible organization.

Over the past 10 years, AllCom has supported Veterans Inc. by collecting gifts for our homeless veterans from our members, our employees and our Board of Directors during the holiday season. During the rest of the year AllCom employees pay to participate in “dress down days” with proceeds going to Veterans Inc.  As the Gala Military Ball (their primary fundraiser) approaches, we hope to increase our support and contributions and are inviting you to join us in this effort.

The “Stars and Stripes: In Honor/In Memory of” is a great way to support the essential work of Veterans Inc., while personally honoring a veteran in your life. A “Stars and Stripes in Honor/Memory” donation of just $150 allows you to recognize and honor veterans who are serving, have served, or who have passed. Your veteran’s name and rank (optional) will be listed in the 2018 Gala program book and on the Veterans Inc. website for six months! This is easy and impactful—$150 goes a long way in feeding a homeless veteran. Click here to participate in the “Stars and Stripes: In Honor/In Memory of” donation.

“Stars for Veterans” – From now until the Gala in November we will be selling stars in our branches for $5. Each donation will help Veterans Inc. in their ongoing efforts to support local veterans and their families.

We hope you will consider joining us in our efforts to improve the lives of our veterans.