Affinity Federal Credit Union
Ask a Question:
800-325-0808
Access Your Accounts
Login
Security Center
Quick Links
  • Personal
  • Business
  • Loans
  • Advice and Planning
  • About Us
Home  >  Security Center  >  Fraud Alerts

Security Center

Contact Us
800.325.0808 Contact a Representative
More Products & Resources

Fraud Alerts

Check this page regularly for information on the latest scams and be sure watch our home page for the most significant alerts. Remember, if you feel that you are a victim of any type of fraud contact our Member Service Center immediately at 800.325.0808.

November, 2011: CashEdge/Funds Transfer Malware

It has come to our attention that members may be affected by a malware/phishing scheme in relation to the Funds Transfer system available within Online Banking. The scheme causes a "risk monitoring" message to appear that asks members to enter personal information for verification purposes.

CashEdge

If you should see this message, do not continue and do not enter your personal information. The message and the accompanying request is not from either Affinity or CashEdge, our partner in offering Funds Transfer. Rather, it is likely that malware was installed on your computer when you downloaded something from the internet. Please run an anti-virus program, as well as a malware remover program, to remove this and other malware that may have infected your computer.

If you have any questions or concerns, or believe that you may be the victim of such an attack, please contact our Member Service Center at 800.325.0808.


Previous Alerts

  • October, 2011: NACHA "ACH Transaction" Virus Scam

    A new scam email that claims to be from NACHA has been discovered. The message states that an ACH transaction initiated from your checking account was rejected by another financial institution, and provides a link to a "transaction report." The link does not lead to a report, and instead downloads a file that likely contains a virus or other malware.

    The message appears as follows:

    Phish email

    Be aware that such emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.

    NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to individuals or organizations about individual ACH transactions that they originate or receive.

    If you have any questions or concerns, or believe that you may be the victim of such an attack, please contact our Member Service Center at 800.325.0808.

  • "Account Confirmation" Phishing Scam

    A new phishing scam that targets Affinity members has surfaced, one that directs members to update their information in order to avoid an "account suspension." The message claims that such an update is required due to new security measures, and that online access will be suspended if the information is not provided. The message appears as follows:

    Phish email

    This email represents an attempt to obtain personal account information for an illegal purpose; Affinity will never request personal or account information via email. If you should receive this message, delete the message immediately. Do not follow the instructions, as it may put your accounts at risk.

    If you have already submitted your information, please contact our Member Service Center at 800.325.0808.

    Following the instructions will lead you to a fake Affinity web page requesting you to enter your personal information such as member ID, password, and date of birth.

    Phish form

  • Phishing Scam Targets Online Banking Users

    We have been informed that some members, when logging out of Online Banking, are being redirected to a bogus website that describes a "security breach" and asks them to click a button to access a credit report. This is a bogus website - Affinity has not experienced a "security breach." The fake website appears as follows:

    This redirect is likely due to malware present on the member's PC. Any member who receives this message should immediately close their browser and conduct a scan of their PC with anti-spyware and anti-malware software.

    If you have any questions or concerns, or believe that you may be the victim of such an attack, please contact our Member Service Center at 800.325.0808.

  • Potential Phone Scam Targeting Cardholders

    Please be advised that several Affinity members have reported receiving calls from a computer recording indicating that their debit or credit card has been compromised and blocked. The recording instructs the member to remain on the line so they can speak to a live representative.

    These calls are not from Affinity and are not related to your debit or credit cards. We encourage members who receive these calls to hang up and verify if their card(s) have been compromised and blocked by calling our Member Service Center at 800.325.0808.

  • Phishing Alert: Email Claiming to be from NACHA

    NACHA – The Electronic Payments Association has received reports that individuals and/or companies have received a fraudulent email that has the appearance of having been sent from NACHA and signed by a non-existent NACHA employee. Specifically, this email claims to be from the “Electronic Payments Association” and appears to be coming from the email address "payments@nacha.org.” See a sample of the email below.

    Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.

    NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to individuals or organizations about individual ACH transactions that they originate or receive.

    Sample Fraudulent Email

    From: payments@nacha.org [mailto:payments@nacha.org]
    Sent: Tuesday, February 22, 2011 7:32 AM
    To: Doe, John
    Subject: ACH transaction rejected

    The ACH transaction, recently sent from your checking account (by you or any other person), was cancelled by the Electronic Payments Association.

    Please click here to view report
    ------------------------------------------------------------------

    Otto Tobin, (varies)
    Risk Manager
    • If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system.
    • Always use anti-virus software and ensure that the virus signatures are automatically updated.
    • Ensure that the computer operating systems and common software applications security patches are installed and current.
    • Be alert for different variations of fraudulent emails.

    If you have any questions or concerns, or believe that you may be the victim of such an attack, please contact our Member Service Center at 800.325.0808.

  • February, 2011: New Trojan Compromises Online Banking Credentials

    The Internet Crime Complaint Center is advising computer users of a new Trojan called "Bredolab." The virus compromises users online banking login credentials, which are then used by the cyber thieves to initiate wire transfers.

    "Bredolab" has been used in a number of scams involving email containing infected attachments as the method of delivery:
    • Western Union unclaimed money: The victim receives an email allegedly from Western Union notifying them that their money transfer was not received by the recipient. To claim the money, the victim must print the attached invoice and take it to the nearest Western Union office.
    • United Parcel Service (UPS) delivery failure: The victim receives an email allegedly from UPS notifying them that a package they sent was not deliverable due to an incorrect address. To claim the package, the victim must print the attached invoice and take it to the UPS office.
    • Shop.corsair.com shipping instructions: The victim receives an email allegedly from Shop.corsair.com notifying them that their purchase of an Apple iMac has been shipped. The victim is instructed to print the tracking number in an attachment contained in the email.
    • Facebook password changes: The victim receives an email allegedly from Facebook notifying them that their Facebook password has been changed as a measure to protect users. The victim is told that their new password is contained in an attached document.

    "Bredolab" is also distributed by drive-by downloads. In a drive-by download, the victim's computer is infected simply by visiting an infected website. The malware is downloaded to the victim's computer without their knowledge.

    If you receive an email at work or home that appears to contain the elements described above, you are encouraged to delete it permanently without opening it.

    If you have any questions or concerns, or believe that you may be the victim of such an attack, please contact our Member Service Center at 800.325.0808.

  • December 2010: "Affinity FCU Suspension Notice" Email Phishing Scam

    There is a new phishing scam specifically targeting Affinity members. The scam comes in the form of an email designed to look like a notification message from Affinity, with a subject line of "Affinity FCU Suspension Notice ! 24 hours to act" and coming from a fake address, OnlineEnrollment@support.com. The message goes on to claim that an account has been suspended for violating "site policies," and requests that the member complete an attached form to appeal the decision.

    An example of the phony email message can be found here.

    This email represents an attempt to obtain personal account information for an illegal purpose. If you should receive this message, do not under any circumstances open the attachment or complete the form, as it may put your accounts at risk. Delete the message immediately and contact our Member Service Center at 800.325.0808.

  • October 2010: ATM Card Skimmers

    Our industry is beginning to see an increase in the use of ATM card skimmers in the Northeast. ATM skimmers are devices thieves install on ATM machines to capture unsuspecting cardholders’ card and bank information as the card is being swiped. Once captured, the card information is used to create counterfeit debit or credit cards. The counterfeit cards are then used, resulting in unsuspected charges or debits to or from a victim’s account.

    Given the vast number of ATMs currently operating, it is impossible for the credit union to inspect machines that are not under our direct control. As such, credit unions look to members to help in the fight to reduce card losses that were the result of ATM Skimmers.

    What You Can Do to Protect Yourself from ATM Skimmers

    1. Learn to Spot an ATM Skimmer: Sometimes skimmers are more detailed than the actual machine so that the extra bits of plastic and metal can disguise more pieces of the skimmer. You might notice gaps or flaws in the ATM appearance – which is a good indicator that the machine has been tampered with. Here are photos of ATM Skimmers.
    2. Avoid Using ATMs that Look Physically Altered: Skimmers often alter the ATM appearance, so if something looks different at an ATM you frequent, find another ATM.
    3. Use Secure ATM Machines: ATMs maintained by financial institutions that are under video surveillance are less likely to be targeted for ATM skimmers.
    4. Cover the Pin Pad When Entering Your Pin: Although some skimmers incorporate devices that capture pin pad key strokes, covering the pin pad when entering your pin will prevent your PIN from being detected by pin-hole cameras that are frequently found on skimming devices.
    5. Don't Accept Help from Anyone During an ATM Transaction: While the assistance may seem innocent, it may be intended to enable the unit to steal your card information.
    6. Monitor Your Account Activity: Watch your statements regularly and report any unauthorized transactions to the credit union promptly.

    If you suspect an apparatus has been added to an ATM, please alert Affinity's Fraud Department at 800.325.0808, ext. 3731.

  • July 2010: NACHA Email Phishing Scam

    NACHA has alerted the financial services industry of a recent phishing attack where the email is purportedly sent by NACHA. The subject line of the email states, "Unauthorized ACH Transaction." The email contains a link to a fake web page infected with malware. Do not click on the link! The email and the related website are fraudulent.

    The scam consists of an email with the following subject line and text:

    Subject: Unauthorized ACH Transaction

    Message Text:
    Dear credit union/bank account holder,
    The ACH transaction, recently initiated from your credit union/bank account, was rejected by the Electronic Payments Association. Please review the transaction report by clicking the link below: [hyperlink]

    Phishing emails frequently contain links to fake websites infected with malware (malicious software), such as Trojan keyloggers. Do not click on links contained in unsolicited emails from unknown parties, or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.

    NACHA itself does not process ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to individuals or organizations about individual ACH transactions that credit unions originate or receive.

    If you have any questions or concerns, or believe that you may be the victim of such an attack, please contact our Member Service Center at 800.325.0808.

  • July 2010: Verified by Visa® & MasterCard SecureCard Phishing Scam Targeting Online Banking Users

    We have recently learned of a new phishing scam targeting Verified by Visa and MasterCard SecureCard users. While Affinity has not been a target of this scam, we wanted you to be aware that cyber criminals are utilizing the ZeuS botnet to target online banking customers. Here's how it works:

    • The criminals are setting up spoofs of the Verified by Visa and MasterCard SecureCard enrollment pages.
    • The phony enrollment form asks for personal and card account details by claiming new FDIC rules require consumers to enroll in one of the programs.
    • The information collected from the phish is then used to attempt card-not-present fraud.

    See a sample of the phony enrollment form

    As with any phishing scam, it is important to know that Visa takes this issue seriously and has a system in place to identify and shut down fraudulent sites. Visa works with client financial institutions and thirdparties to remove fraudulent sites, usually within 24 hours of being detected or reported. Visa is working to identify sites related to this scam as quickly as possible and disable them. Visa-related phishing scams can be reported to phishing@visa.com.

    There is no inherent vulnerability in Verified by Visa related to this particular attack. The scam relies on malware being installed on the online banking member's computer. Members who use updated antivirus software and employ internet browser security controls that prevent suspect scripts or limit injection are generally not vulnerable.

    If you have any questions or concerns, or believe that you may be the victim of such an attack, please contact our Member Service Center at 800.325.0808.

  • February 2010: Phishing Schemes Target Mobile Banking Customers

    A number of financial institutions, including two credit unions, have reported the distribution of bogus mobile banking applications for mobile phone platforms. The apps, which appeared on the Android Marketplace, did not contain malware but were instead aimed at the collection of customers' personal information, including passwords, account numbers, and more.

    Additional information about these fraudulent apps can be found here.

    Though these applications have been removed from the Marketplace and Affinity was not targeted, members are advised to be cautious about downloading mobile apps of this type. Affinity has not authorized the creation of any such applications - the only mobile banking platform currently available is our new mobile banking website, available on most web-enabled phones without the need to download a separate app.

    If you have any questions or concerns, or believe that you may be the victim of such an attack, please contact our Member Service Center at 800.325.0808.

  • March 2010: "Mailing Service" Phishing Scheme/Virus Attack

    The scam consists of an email sent to Affinity members with the following subject line and text:

    Subject: A new settings file for the [email address] has just be released

    Message Text:
    Dear use of the affinityfcu.com mailing service!We are informing you that because of the security upgrade of the mailing service your mailbox [email address] settings were changed. In order to apply the new set of settings open this file: [hyperlink] Best regards, affinityfcu.com Technical Support.

    This message is not from Affinity Federal Credit Union, and represents an attempt to infect the user's computer with a virus and/or obtain personal account information for an illegal purpose. If you should receive this message, DO NOT click on the link or download any files.

    If you have any questions or concerns, or believe that you may be the victim of such an attack, please contact our Member Service Center at 800.325.0808.

  • February 2010: Phishing Schemes Target Mobile Banking Customers

    A number of financial institutions, including two credit unions, have reported the distribution of bogus mobile banking applications for mobile phone platforms. The apps, which appeared on the Android Marketplace, did not contain malware but were instead aimed at the collection of customers' personal information, including passwords, account numbers, and more.

    Additional information about these fraudulent apps can be found here.

    Though these applications have been removed from the Marketplace and Affinity was not targeted, members are advised to be cautious about downloading mobile apps of this type. Affinity has not authorized the creation of any such applications - the only mobile banking platform currently available is our new mobile banking website, available on most web-enabled phones without the need to download a separate app.

    If you have any questions or concerns, or believe that you may be the victim of such an attack, please contact our Member Service Center at 800.325.0808.

Get information on other threats and much more about keeping your identity safe, courtesy of Identity Theft 911TM!


Back to Top

NCUAEqual Housing Lender
Careers  |  Join  |  Privacy & Disclosures  |  Site Map  |  Affinity Labs
© Affinity Federal Credit Union  ·  800.325.0808