Info Desk

Breaking News

On this page:

• Visa USA – TJX Companies, Inc. – Data Security Breach Information
• Internet Phishing Scam
• Internet Explorer Security Risk
• Security Notice
• Protect Yourself From Scams Involving the Internet
• Spear-Phishing - yet another new scam of which to be aware

Internet Phishing Scam

Some credit union members may be victims of an Internet scam used to gain access to credit card accounts. If you have received an e-mail message that appears to have originated from Notre Dame Federal Credit Union telling you that “your access has been limited” or asking you to participate in a survey, please do not click on any links that ask for your personal information. Never type your account number and/or password to any web site that does not display https://www.ndfcu.org/ in the “Address” bar located at the top of your Web browser and do not reply to a survey request that appears to have originated from Notre Dame Federal Credit Union.

If you receive a suspicious-looking e-mail:
Verify that the e-mail is authentic by calling the company that sent it to verify that they actually sent it. Another option is to visit the website of the company the suspicious e-mail appeared to come from by typing the company's known website address in your browser's address bar.

If you clicked on a link in an e-mail that you may now suspect to be a phishing scam, and provided your confidential information:
Follow the instructions provided at http://www.consumer.gov/idtheft/. Review the instructions at least once a year to have an understanding of what is recommended procedure, and keep a printout available in the event you must follow them.
If you entered your credit card information, contact your credit card company immediately to get a new card issued and the current one deactivated. Explain what happened so that you can be sure that no unauthorized charges were made to your credit card.

Visit these sites for more information:

• http://www.antiphishing.org/
• http://www.usdoj.gov/criminal/fraud/Internet.htm
• http://www.consumer.gov/idtheft/

 

Internet Explorer Security Risk

December 21, 2005

A flaw has been discovered in Microsoft’s Internet Explorer browser. The flaw, which could have serious ramifications for all Internet users who use the Internet Explorer browser, allows the owner of a website to create a page that will download and run potentially malicious programs on the user’s computer. The user would not have to do anything other than visit the website and unknowingly view the malicious page, and therefore, the risk for exposing sensitive information is very high.

Microsoft has since issued a patch to correct this flaw. To download this patch, visit Microsoft's website at http://www.microsoft.com/technet/security/bulletin/ms05-054.mspx.

 

Security Notice

Please be aware of credit card and e-mail scam operations that ask you for your credit card account numbers, your credit union account numbers, or your personal identification numbers.

Notre Dame Federal Credit Union will never contact you via e-mail requesting your personal account information.

These requests are usually misleading or fraudulent, and should be reported. Credit union members are recognizing and reporting such spoofing schemes including those that are made to appear as though they originated from various financial institutions, including the National Credit Union Administration (NCUA).

Legitimate financial institutions will never contact you to ask for personal account information, and anyone who may have received such a request should report it immediately.

Notre Dame Federal Credit Union has multiple safeguards in place to protect you from fraud schemes, but new scams are constantly surfacing and you need to be alert to questionable requests for personal account information, particularly over the Internet.

To learn more about protecting your personal and financial information, view our Identity Theft Page at: please read the article below.

If you suspect identity theft or receive a suspicious email requesting your information, contact us immediately at ndfcu@ndfcu.org.

Protect Yourself From Scams Involving the Internet

Fraudsters take advantage of innocent consumers daily through Internet, check, ATM (automated teller machine) scams. Scammers use the latest technology to make it harder and harder to detect if your transactions are legitimate. Knowing the latest trends in the scamming industry can help you protect yourself from being victimized.

Phishing
An Internet scam called phishing is leading to identity theft and personal financial losses for individuals. At Notre Dame Federal Credit Union, we want to help you prevent this type of Internet fraud from happening to you.

Phishing incidents take center stage in Internet scams as they've increased dramatically in popularity in the past year. Phishers use the Internet to steal money and personal identities.

Victims usually receive fraudulent e-mails containing authentic looking company logos and familiar graphics and are asked to divulge financial information. This is called "spoofing." Most heavily "spoofed" are eBay, PayPal, and some major banks. Spoofing is like writing someone else's name and return address on a letter instead of your own. With phishing scams, the company that is being spoofed has nothing to do with the fraudulent activity. Their name is just being used to coax you into the scheme, into believing that the letter is coming from them when it really is not. These phony e-mails will request you fill out your name, social security number, credit card information, or other confidential information. Phishing is an attempt to steal confidential personal and financial information.

A study by the Gartner technology research firm shows 52 million U.S. Internet users received phishing e-mail during the past 12 months, from which 1.8 million consumers divulged information and one million fell victim. While consumers at banks and credit unions are prime targets, AOL and eBay users also are victims of frequent attacks.
DO NOT respond to e-mails with links in them that take you to a website that requests confidential, personal financial information, even if they look like they're from a reputable company. If the e-mail came from a company with whom you do business, call the company and inquire if they sent the e-mail. If it came from a company with whom you don't do business, you can be 99.9% certain it's a phishing scam.

Spear-Phishing - yet another new scam of which to be aware

May 09, 2005, The Dominion Post (New Zealand)

Spear phishers evade usual spam defenses. Internet scammers are turning to a new method of fooling the public, spear-phishing, that evades traditional anti-phishing defenses. Generic phishing spams thousands of addresses with similar e-mails, usually asking the recipients to update their bank or PayPal Internet payment accounts through a realistic, but fake, Website. Spear-phishing is more specific, typically targeting just a handful of people who are employees of an organization. In one method, the phisher harvests specific e-mail addresses, either through a phone call or through a company Website, and then sends four or five employees a message from a spoofed address purporting to be part of their IT or human resources department. This message directs the employees to enter their network password into a fake Website. With this information, the hacker can access the network and steal company funds or even intellectual property, depending on their motives. Traditional defenses against phishing don't block spear-phishing attempts because they are not mass mailed.