Protect yourself from predators
Heartbleed bug - What you need to know
If you're not familiar with this, OpenSSL is one form of an encryption library used in HTTPS communication – online stores and banking websites that give you that lock icon in your browser bar when you visit them. OpenSSL uses a “heartbeat” to echo back data which a hacker can use to trick the server to return anything from Usernames, account passwords to sensitive data.
U.S. Employees Credit Union does not run OpenSSL on any of the systems we host. Only systems that run OpenSSL are vulnerable to the “Heartbleed” bug. USECU has substantial security measures in place to protect against the loss, misuse, or alteration of information that is under our control. Your credit union also uses the latest firewall and encryption technologies to protect individual identifying information transmitted over the Internet. The multi-factor authentication in place for online banking users is specifically designed to prevent unauthorized access to your account information. We have also been assured by our service providers that neither online banking nor any of the associated tools use OpenSSL.
USECU certainly understands member concerns about the security of online banking, and we encourage members to take precautions to keep their personal information secure. It is a good security practice to periodically change your passwords.
Phishing/ Vishing Scams
Phishing attacks continue to target the financial industry, and the number of attacks is on the rise. Phishing is a type of fraud using email that appears to be from legitimate companies in an attempt to obtain your personal information. Some phishing attacks reported have been emails posing to be from NCUA and CUNA.The emails contain links to fraudulent sites where you are prompted to key in personal and financial information. This information is then captured by the sender of the email in an attempt to steal your identity. Phishing emails can be very deceiving and often contain logos or have a look similar to the actual website.
Vishing is similar to phishing however the information is collected and facilitated over the telephone to gain access to private personal financial information. It is the telephone equivalent of phishing. The scammer or caller pretends to be a legitimate business and fools the victim into surrendering private information.
U.S. Employees Credit Union will never send an email or initiate a telephone call requesting personal account information. If you receive an email or telephone call supposedly initiated by USECU requesting personal account information, it is a scam. USECU has no desire to obtain information about you that was previously obtained when you originally established your account. Furthermore, the mere act of one seeking you out for this information should be a an immediate red flag.
Sould you receive one of these emails or phone calls:
- Do not reply to it.
- Do not click the link in the email.
- Do not enter any requested information.
- Contact USECU at (312) 922-5310 or (800) 922-5313 if you are calling from outside Chicagoland.
- Forward the email to firstname.lastname@example.org
If you received a suspicious email and entered your information:
- Notify USECU so that we can take appropriate action.
- Forward all suspected emails to email@example.com
- Be suspicious of emails asking for personal information. Legitimate companies will not ask for this information via email.
- Never reply to a suspicious email or follow any links.
- Review all credit card and financial statements regularly for fraudulent activity.
Utilize the following links for information on types of fraud currently targeting consumers: