Increase in Phishing

We would like to make you aware that following the recent data breach at Atlanta-based Global Payments Inc., phishing attacks targeting credit union and other financial institution members may increase. The upsurge in phishing may impact all members regardless of whose cards were compromised as well as any other non-affected members.

Global Payments reported in an April 1st, 2012 press release that the breach involved less than 1.5 million debit and credit cards for which Track 2 data may have been stolen. Track 2 data includes cardholder names, card numbers and validation codes; however, it is important to note that cardholder addresses and social security account numbers were not stolen in the breach.

Because the addresses and social security numbers were not accessed in the breach, criminals may be seeking this information in particular through the use of phishing. You should to be wary of any suspicious e-mails, text messages or phone calls seeking such personal and financial information. Sensitive information that may be requested in a phishing attempt could include the cardholder’s billing address, the three digit CVV2/CVC2 code found on the back of the card, or enrollment criteria/passwords for Verified by Visa or MasterCard SecureCode.

Once this other information is added to the stolen Track 2 data, an individual would be able to perform “card present” or “card not-present” transactions on an account.

Phishing is the term used to describe internet scammers who imitate legitimate websites to entice people to share user names, passwords, account information or credit card numbers. The term “phishing” comes from the fact that Internet scammers are using sophisticated lures as they fish for users’ private information. The most common ploy is to copy the look and feel of a web page from a major site and use that design to set up a nearly identical page that appears to be a part of the company’s site. Recently scammers have started using phone technology to manipulate caller IDs and to make customers believe that the call originated from the company’s phone system. Scammers also use text messaging, instant messaging, and Web logs (blogs) to send unsolicited emails.

Fire Police City County Federal Credit Union will NEVER contact you to ask for any account or personal information.

There are several steps you can take to make sure you never fall for one of these scams:
  • Always be suspicious of any email or phone message that asks for your personal account information. Remember that emails, phone calls, text messages, instant messages, or Web logs (blogs) that appear to come from a reliable source may not be authentic.
  • Always use caution when giving your personal information over the telephone. Never provide your personal information when you are unsure of the source.
  • Never respond to phishing emails. Do not click the links. Do not open the attachments.
  • Always ensure that you are using a secure server when submitting credit card information. To make sure that you’re using a secure server, check the beginning of the web address in your browser’s address bar – it should be https:// rather than just http://
  • Not Secure - not secure web address
    Secure - secure web address
  • Do your research before you cash checks from unexpected givers.
Anyone who receives an e-mail or phone call that claims to be from Fire Police City County FCU and asks for account information should consider it to be a fraudulent attempt to obtain their personal account data for an illegal purpose and should not follow the instructions in the e-mail or solicitation.

If you think you have experienced a fraud attempt or phishing scam and provided the scammer with your credit union information, contact us immediately. Contact Us

Back to Fraud Attempt Alerts