Phishing, Email Scams, and Spoofing - Avoid Getting Tricked
"Phishing" or "brand spoofing" is a form of cyber crime that has recently become very popular with technology savvy criminals. It consists of sending an email to a user falsely claiming to be a legitimate organization, individual, or business in an attempt to trick the user into disclosing private personal information such as credit card numbers, account information, passwords, and more. Once acquired, this information can be used for identity theft.

Niagara Credit Union and it's employees will never require you to reveal your personal information through a "direct link" contained in an email. We do not solicit personal information via email unless we are initially contacted by a member.


How to recognize Phishing and Email Scams
Always take extra precautions and be on guard for "strange" emails. If you receive an email warning you about account problems or asking for confirmation, ... do NOT click any of the links within the email.

Phishing almost always attempts to get you to take some kind of action based on fear. Common phrases to check for in suspicious emails are:

• immediate action required ...
• avoid service interuption ...
• may be disabled ...
• temporarily disabled ...
• confirmation of data ...
• obligatory to follow ...
• we require that you confirm ...
• to inform you of a ...

Check also for bad grammer and misspelled words within the email message or the hyperlink(s). If you encounter one or more of these phrases (or similar ones), or if you see spelling mistakes, .... do NOT follow any of the instructions contained in the email.


More on how to recognize Phishing and Email Scams

1. Check the email SUBJECT line - Is the subject unfamiliar to you or based on something that you do not recognize?
2. Check the email FROM line - Is the email address in the FROM field is familiar to you, but the SUBJECT line not familiar or odd looking?
3. Check the email Content - Are any of the phrases listed above are contained in the email, and/or is there is a link to click to take you to another website?

Click on the image to see an example of what a possible phishing email might look like.

Keep it from happening.
Protect your computer and files by taking appropriate precautions.

• Use anti-virus software and keep it updated
• Use spyware and adware filters
• Use email filtering on your email program
• Use a firewall - either software based or a router with a firewall (for high-speed connections)

If the email FROM field or the SUBJECT line seem odd, .... don't open the email. If you do open it and the content seems strange or has any of the phrases mentioned above asking you to verify, confirm, review or send personal information, ... don't respond to it or click the link.


Report It
If you receive a suspicious email that appears to be from Niagara Credit Union, or from an employee of Niagara Credit Union, please contact contactncu@niagaracu.com immediately to report it.

To report scams from other organizations or businesses, send an email with the information to reportphishing@antiphishing.org or visit their website at www.antiphishing.org to get up to date information and view recent threats.

Spoofed Websites - What Can Happen—And How to Avoid It
Hackers and virus writers can mislead you to spoofed websites. From there, you could be tricked into downloading a harmful virus or entering personal information or passwords. Hackers can do this by sending you deceptive e-mail or by prompting you to click a link that will take you to a malicious or spoofed website. These spoofed sites look very similar to an current original site that you may be familiar with using.

Niagara Credit Union and it's employees will never require you to reveal your personal information through a "direct link" contained in an email. We do not solicit personal information via email unless we are initially contacted by a member.



Check the Address and Encryption Lock
You can increase your online safety by checking the security of the website you are using before submitting any personal information or passwords.

For Webster, make sure that the Address bar shows "https://" at the beginning of the address URL and includes the website "domain name" in the address (www4.memberdirect.net).

Make sure there's a yellow lock icon on the Microsoft® Internet Explorer status bar. This means that the website uses encryption to help protect any sensitive personal information or passwords that you enter.

Final General Considerations
Be cautious about clicking links in e-mail messages (mostly used in HTML email messages where the links are less likely to be detected). Stay away from online advertisements or offers that you don't recognize or trust.

If you have any doubt about a link, do not click it.

As an alternative, type the website address into the address bar of your Web browser, or try to confirm that the link is legitimate.

Internet Explorer® (without the security update patch) is susceptible to website address spoofing. Microsoft® is aware of the situation and has provided a patch for Internet Explorer®. You can use Windows Update to get the patch, or visit the Microsoft® website for more information.