At First Heritage, everything we do is for the benefit of our members! Our friendly, competent staff presents a better way to bank... with personal interactions and unbeatable value. That's why our mission motto reads "Our family helping yours!"

Security Center

Phishing Scams

As concern continues to mount regarding scam artists who use today's internet technology to try to gain access to the personal information of unsuspecting internet users, First Heritage FCU wants you to know we're doing our best to ensure your personal information is secure, and we hope you will too! That's why we want you to know about some recent phishing scams and how you can be vigilant in guarding against them.

What is Phishing?
Phishing is a term coined by Internet hackers who use email lures to "fish" personal information for purposes of identity theft. Fraudulent email messages designed to look like they came from a legitimate merchant or financial institution try to fool recipients into divulging personal financial data such as account numbers, account usernames and passwords, social security numbers, etc. The email directs the recipient to update or provide information back to the company's web site by instructing the user to click on a link located within the email. The embedded link directs the user to a counterfeit website designed to look like the company's legitimate website. Passwords and other personal information are then solicited and collected by the fraudulent website.

Phishing - How to Protect Yourself!

• Do not trust or act upon emails containing an urgent request for personal information such as usernames, passwords, account numbers, social security numbers, etc. Fraudulent emails often present scenarios of negative consequences if you do not act immediately on the e-mail’s instructions. Phisher emails also, are typically not personalized and seem to be sent in a mass distribution.
• Do not use links in an email to be directed to any web page when being asked to provide personal information. Instead, call the company or go to their website directly by typing in the web address in your browser.
• Avoid filling out forms in emails asking for personal financial information. Be sure that if you communicate any sensitive information that it is done via a secure website. To ensure you are on a secure site, check the beginning of the web address in your browsers address bar. Addresses beginning with https:// are secure sites, whereas addresses beginning with http:// are not secure.
• Regularly log into your accounts online and check your financial statements regularly to ensure all transactions are legitimate. If anything looks suspicious contact the financial institution immediately.
• Keep your web browser patches up to date by accessing your browser's website to download security patches. Patching your browser regularly will protect you against a variety of software vulnerabilities.

Here are some guidelines to help you determine the legitimacy of online communications that appear to be from First Heritage FCU:

• When First Heritage FCU sends emails, our educational and informational emails, we will never ask for or link to a site that requires you to provide account or personal information.
• First Heritage FCU's URL is: www.fhfcu.org. To ensure that you are accessing First Heritage FCU official website, you can type this URL in the address line.

Here are some additional precautions you can take to further protect yourself from phishing scams:

• If you are unsure whether a First Heritage FCU communication is legitimate or not, call First Heritage at 1-800-833-3338 for verification. Do not call unfamiliar numbers that may be listed in the e-mail or linked site, as some scams go to great lengths to appear credible.
• Generally, it is best to avoid clicking on links within emails, especially those from unfamiliar or suspect sources. If you receive an email and want to ensure you arrive at an official site, type the web address directly into the address line.
• Keep your computer protected by installing updated virus and personal firewall software that can alert you to fraudulent activities and potential viruses. It's worth the investment, and some personal firewall software is even available on the internet for free.

NCUA & CUNA Phishing Alerts

It has been reported that the National Credit Union Administration (NCUA) and the Credit Union National Association (CUNA) websites have been the subject of multiple illegal phishing email scams. These emails appear to be a fraudulent attempt to gain users' personal account information. The messages contain graphics from the legitimate website and warn of negative consequences if the user disregards the email. Both organizations are warning people who receive the emails not to click on the link to the fake web pages and to instead delete the message.

Additional Resources / Useful Websites

www.idtheft.org
www.ftc.gov/idtheft/
www.cuna.org/initiatives/idtheft.html
ffiec-member-ed_fyi.pdf