The US Treasury Warns of Phishing and Redirects to Malicious Sites
The United States Treasury has reported a phishing attempt designed to acquire personal member information using the subject line of “Important Information – U.S. Treasury Department **”.
The phishing emails claim to be from The United States Federal Reserve Bank and appear to warn various users of a “large-scale phishing attack” from some banks and credit unions. The email gives details of supposed phishing attacks and adds that the U.S. Treasury Department has also monitored a high level of illegal wire transfers. The email message informs them of restrictions imposed on federal wire transfers as part of security measures being taken by concerned government agencies. The message "helpfully" includes some links where users can get more detailed information, but instead of going to a legitimate website those who click are led to a website with names completely different from the websites of the Federal Reserve Bank, the Treasury Department, or the Federal Deposit Insurance Corporation. The website contains malicious code and software which opens a hidden Internet Explorer window and connects to a certain website to send and receive information. Do not click on the link. Both the email and the related website are fraudulent.
Be aware that phishing emails which contain links to Web pages that host malicious code and software. Do not follow links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual. Keeping your computer system up-to-date with the latest security patches will ensure your system will be in a good position to help fight current viruses and phishing attempts.
If you receive this or any similar email, DO NOT respond or provide any private information.
While detecting a fraudulent email can be difficult there are a few things you can do to help avoid being a victim of email fraud and phishing attacks.
- As a general policy, SAFE Credit Union will never send an email that solicits you for personal information.
- Never send your personal financial information via email. Email is not a secure medium and should not be trusted to protect your personal information.
- Question suspicious and "official-looking" emails. Never enter your credit union account information or password in response to an email you receive. SAFE Credit Union will never send an email requesting your personal information or account numbers and passwords.
- Be cautious when clicking links inside email messages.
- Never open unsolicited email attachments even if they appear to be from someone you trust.
- Protect your computer by installing up-to-date antivirus software.
If you are unsure about any emails, feel you have been affected by this scam or your personal data has been compromised, please contact SAFE's call center immediately at (916) 979-7233 or (800) 733-7233.
Click here for more information about phishing and how you can avoid the bait!