Profund Credit Union is committed to protecting your accounts from cyberattacks and
identity theft.
The products and services we offer come with tools and resources to help keep you
and your accounts safe.
However, in some cases that may not be enough. We rely on you to take all necessary
steps to ensure your
accounts are protected on your end, as well. Check out the security information
below for tips on how to
stay safe online.
Profund Credit Union is committed to protecting the privacy of our clients’ personal
information.
Please read our Privacy Policy for details regarding how we collect, share, and
protect your personal information.
Fraud Alert
08.24.18
We are aware of the recent notifications from law enforcement regarding the
threat of a cyberattack potentially targeting
ATM devices nationwide. Profund Credit Union follows the FBI’s recommendations
to protect against these potential threats.
In addition, we continuously assess our security protocols and work closely with
our service partners to defend against
such attacks in an everchanging technology landscape.
Customers are never responsible for any losses incurred due to unauthorized ATM
activity that they report to their
financial institution in a timely manner. As a best practice, we encourage all
customers to review account activity
regularly through Profund Credit Union online banking.
Please notify the bank immediately if you identify any unfamiliar activity. You
can also sign up for mobile alerts through
Profund Credit Union Online Banking. If you would like more information on
setting up alerts, please contact us.
Monitor your bank account transactions
-
Check accounts for fraudulent activity at least once or twice a week. Federal
laws and industry practices protect account holders when criminals make
unauthorized purchases using stolen payment card numbers or other information in
certain situations.
Use a designated mobile device or computer for online banking and shopping
-
Some individuals purchase an old PC or designate one device for online banking
and shopping. Devices are less vulnerable to cyberattacks when they are not used
for web surfing, emailing, social media or playing games.
Effectively use anti-virus and security software
-
It is important to install and constantly update anti-virus and security
software. This includes basic anti-virus programs, as well as
program updates. Manufacturers are consistently updating their products and
services so they operate as efficiently as possible and
incorporate the most up-to-date security technology. Next time a program, even
as basic as Word, offers an update download it.
Please note, you shouldn’t accept updates as they pop up on your computer,
because those can be malware or viruses.
Instead, you should go directly to the software website, find the appropriate
update and download directly from the site.
Be cautious when connecting to the Internet
-
A public computer in places like a hotel business center or library may not have
up-to-date security software and could be
infected with malware. In addition, if you are using a laptop or mobile device
for online banking or shopping,
avoid connecting it to a public wireless network. Criminals may intercept your
device's signal and use it to collect
personal information.
Protecting Your Business Against Email Compromises
The FBI calls it Business Email Compromise and defines BEC as “a sophisticated scam
targeting businesses working with
foreign suppliers and/or businesses that regularly perform wire transfer payments.
The scam is carried out by compromising
legitimate business email accounts through social engineering or computer intrusion
techniques to conduct unauthorized
transfers of funds.” If your business conducts any transaction via wire, you and
your company could be at risk.
From January 2015 to June 2016, the FBI reported a 1,300% rise in identified exposed
losses. Most of the losses were reported
in the Profund Credit Union States and fraudulently -transferred funds typically
ended up in China and Hong Kong. Unless fraudulent activity
is discovered and reported within 24 hours, the chances of recovery are low. Only 4%
of funds are ever retrieved.
Per research found by The Verizon 2016 Data Breach Investigations Report, employees
and human error are the weakest link in
any “IT system.” We recommend educating and training employees on all forms of
cyberattacks, as well as asking them to use
caution when sharing personal information on social media sites. We recommend
educating all employees; however, human resources
professionals, IT managers, C-level and senior executives and anyone with finance
approval are more likely to be on the receiving
end of attacks.
Those involved in large wire transfers are especially susceptible. Many companies
have very lax policies when it comes to initiating
a transfer. For some, the process is as simple as the CEO picking up the phone and
requesting the movement of funds.
Cybercriminals fish for information by sending emails to targets to glean
information. Once successful, they pose as a
familiar person and initiate the transfer. If multi-level safeguards are not in
place, you may fall victim.
Human resources professionals are also top targets. Typically, they have access to
the employee database,
which includes sensitive information such as social security numbers and personal
information. In addition, they receive resumes
from potential applicants. Criminals may include spyware inside a resume or its
delivery source, compromising the system.
