Here’s
How Phishing Works
In a typical case, you’ll
receive an e-mail that appears to come from a reputable
company that you recognize and do business with, such
as us.
In some cases, the e-mail may appear
to come from a government agency, including one of the
federal financial institution regulatory agencies.
The e-mail will probably warn you
of a serious problem that requires your immediate attention.
It may use phrases such as "Immediate attention
required," or "Please contact us immediately
about your account."
The e-mail will then encourage
you to click on a button to go to the institution’s
Web site. In most phishing scams, you are redirected
to a phony Web site that is set up to look exactly like
the real thing.
You may be asked to update your
account information or provide personal information
for verification purposes. If you provide the requested
information, you may find yourself the victim of identity
theft.
How to Protect Yourself
Avoid becoming a victim of phishing
scams by remembering these helpful tips:
- Be suspicious of any e-mail
with urgent requests for personal financial information
unless the e-mail is digitally signed (you can't be
sure it wasn't forged or 'spoofed').
Phishers typically: (1) include upsetting or exciting
(but false) statements in their e-mail messages to
get you to react immediately; (2) ask for confidential
information such as usernames, passwords, credit card
numbers, social security numbers, account numbers,
etc.; and (3) do not personalize the e-mail message
(while valid messages from your credit union should
be).
- Don't use the links in an e-mail
to get to any web page if you suspect the message
might not be authentic. Instead, call the company
on the telephone, or log onto the website directly
by typing in the Web address in your browser.
- Avoid filling out forms in
e-mail messages that ask for personal financial information.
You should only communicate information such as credit
card numbers or account information via a secure website
or the telephone.
- Always ensure that you're using
a secure website when submitting credit card or other
sensitive information via your Web browser. To make
sure you're on a secure Web server, check the beginning
of the Web address in your browser's address bar -
it should be "https://" rather than just
"http://".
- Consider installing a Web browser
tool bar to help protect you from known phishing fraud
websites.
- Regularly log into your online
accounts and don't wait for as long as a month before
you check each account.
- Regularly check your financial
institution, credit, and debit card statements to
ensure that all transactions are legitimate. If anything
is suspicious, contact your financial institution(s)
and card issuers.
- Ensure that your browser is
up to date and security patches applied.
- Always report "phishing"
or "spoofed" e-mails to the following groups:
- Forward the e-mail
to reportphishing@antiphishing.com;
- Forward the e-mail to the Federal Trade Commission
at spam@uce.gov;
- Forward the e-mail to the "abuse" e-mail
address at the company that is being spoofed;
- When forwarding spoofed messages, always include
the entire original e-mail with its original header
information intact; and
- Notify the Internet Fraud Complaint Center of
the FBI by filing a complaint on their website:
www.ifccfbi.gov/.
|
Air Force Federal Credit Union does not ask for account numbers, passwords or Social Security Numbers through e-mail. If you receive a request for this information, you should delete it immediately. 
