An important part of a solid financial plan is protecting your personal information. That’s why
Alliance offers tips, tools and services to help prevent identity theft. From phishing attacks to
harmful viruses to stolen debit cards, we’re here to inform you of the latest scams as well as offer
services to help prevent identity theft happening to you. If you ever have questions or concerns, please
don’t hesitate to call us at 800.232.8669.
Protecting Your Information
Info & Alerts
Known Malware Warning - Online Banking
on 04 Jan 2012
The following information was obtained from our Online Banking provider on January 4, 2012. Malware, in the form of a pop-up from CashEdge, is appearing to members after logging into Online Banking.
If you see this pop-up, DO NOT complete the form. Click outside the white box and close your Online Banking session. Your computer may be infected. We strongly advise running an anti-virus/malware/spyware program to clean your computer. We recommend you change your passwords once your computer is clean.
If you entered information into the form, please contact the Federal Trade Commission (FTC) at 877.438.4338 to file an Identity Theft report.
Secure your web browser
on 10 Nov 2011
The following information was provided by the US Computer Emergency Readiness Team (US-CERT)...
On November 9, 2011 US Federal prosecutors announced Operation Ghost Click, an ongoing investigation that resulted in the arrests of a cyber ring of seven people who allegedly ran a massive online advertising fraud scheme that used malicious software to infect at least 4 million computers in more than 100 countries.
The cyber ring allegedly used the malicious software, or malware, to hijack web searches to generate advertising and sales revenue by diverting users from legitimate websites to websites run by the cyber ring. In some cases, the software, known as DNSChanger, would replace advertising on popular websites with other ads when viewed from an infected computer.
The malware also could have prevented users' anti-virus software from functioning properly, thus exposing infected machines to unrelated malicious software.
This is a good reminder to configure your web browser for safer internet surfing. To learn about secruing your web browser, please visit http://www.us-cert.gov/reading_room/securing_browser/
Time to go phishing
on 03 Aug 2011
With the weather getting better and warmer, it is time to go fishing! Well, the fraudsters are gearing up too - to go phishing!
Believe it or not, phishing (and fishing) activity is on the rise this time of the year. Although we wouldn’t like to discourage you from fishing, we’d definitely like you to be cautious falling prey to phishing! Watch out for those friendly (or unfriendly) fake emails from your “faked” financial institution asking you to reset your password or activate your debit card immediately or the sky would fall! Phishing (and fishing) is a very challenging activity/sport (depending on which way you look at it)!
So be alert and watch out!!
Be cautious of Phishing attempts:
· Do not click on links included in emails from people/companies you don’t know.
· Phishers are getting smarter. They now include a phone number to call instead of a link. Do not call and enter your bank/card details without being 100% sure that the number belongs to your financial institution. How would find out? Just visit their web site and call support. Verify with them if the email/number is genuine.
· Do not click on links in emails that report payment of some amount of money to a vendor, and asks you to report suspicious activity. This has been very common with PayPal phishing scams and is now being used for other institutions as well.
· Another newer form of phishing is called “reverse NDR attack” (very dramatic term, huh!). It is an indirect form of phishing where the original email is sent to you in the form of a “Non Deliverable” email (hence the name NDR – Non Delivery Report). Although you never sent the original email, you received the “Undeliverable” email because it was meant to be sent to you in an indirect way. Most of the time curiosity gives way and people click to see the attachment. And voila! They have just opened a phishing email that could have a virus code in it.
Protect yourself from future scams.
· Familiarize yourself with official credit union communications.
o We will never solicit personal or private information via email.
o The only communication regarding your account is sent via US Mail in an official credit union envelope.
· You can also visit the FTC (Federal Trade Commission) Web site, www.onguardonline.gov.
o Take an interactive quiz to fin out what you know about identity theft, phishing, spam, and online-shopping scams.
o Find detailed guidance on how to monitor your credit history, use effective passwords and recover from identity theft.
Protecting Your Information
Alliance Credit Union takes your online security very seriously. The following information explains how
Alliance protects your personal information and what you can do to limit risk.
How does Alliance Credit Union protect your personal information online?
To protect you online, Alliance uses industry-leading best-practices including:
- Strong passwords that are required to be changed periodically
- Limited number of login attempts
- Multifactor authentication and security questions – Our enhanced login security verifies you as the true “owner” of your accounts by not only authenticating your user ID and password, but also by recognizing your computer. You are able to enroll each computer regularly used to conduct online account access by using a one-time registration process. If you are attempting to access your account by using a non-enrolled computer, you will be prompted to answer security questions as an additional line of defense against unauthorized access.
- Privacy encryption
- Online Banking will “timeout” after a period of inactivity
- Sophisticated network security
In addition, Alliance will never:
Electronic Funds Transfers
- Call, email or otherwise contact you and ask for your user name, password or other Online Banking credentials
- Contact you and ask for your credit or debit card number, PIN or 3-digit security code
The Electronic Funds Transfer Act is commonly referred to as “Regulation E”. Electronic Funds Transfers services using debit cards,
Online Banking, Bill Pay and transactions over the phone have certain protections and liabilities under Regulation E, including:
Tips to keep yourself safe online
- You have the right to receive periodic statements and if your statement shows transfers you did not make, you have 60 days after the statement was mailed to you to tell us. You may authorize periodic or recurring automatic payments from, and deposits into, your account. You have the right to stop payment on regular payments witin three business days or more advance notice.
- Never keep your PIN with your debit card as you may be liable for unauthorized use. You are liable for all transfers of purchases made via your card, access code or passwords that you authorize or allow. You have no right to stop payment from terminal transactions, as those transactions are immediately deducted from your account.
An important part of online safety is knowledge. The more you know, the safer you’ll be. Here are some tips to help keep you safe:
- Set good, strong passwords. A good password is a combination of upper and lower case letters and numbers that are not easily guessed. Change your password frequently. Never write it down or share it with others.
- Don’t reveal personal information via email. Emails and text messages can be masked to look like they’re coming from a trusted sender when they are actually someone else. Do not send your personal information via email or texting.
- Don’t download that file! Opening files attached to emails can be dangerous, especially when they’re from someone you don’t know.
- Links aren’t always what they seem. Never login from a link that is embedded in an email message. Criminals can use fake email addresses and make fake web pages that mimic the page you would expect. It’s recommended you type in the URL address directly and then login.
- Logoff from sites when you are done. It’s recommended you logoff rather than just closing the page.
- Monitor your account activity. Monitor your account activity regularly either online or by reviewing your statements and report any unauthorized transactions right away.
- Review your credit report once a year. Your credit report will include identifying information (such as your name, address, Social Security Number and date of birth) as well as details about credit cards and loans in your name and how bills are being paid. Make sure the report is accurate. There are plenty of websites promising free credit reports, but there is only one true free site: www.annualcreditreport.com.
For more information on help protect your self from identity theft, please visit our “Additional Resources” tab.
What to do if you suspect you are a victim of fraud
If you suspect that you are a victim of fraud, notice any suspicious account activity, or experience customer
information security-related events, please contact us immediately at 800.232.8669.
MasterCard® SecureCode™ gives you added security for your online purchases. With Mastercard SecureCode,
at the end of each online purchase you sign a receipt with your private SecureCode™. Only you can sign
the receipt, thus ensuring a safe online shopping experience.
To learn more, register or access your account, please click here
Debit Card Monitoring
Fraud Watch is Alliance Credit Union’s ATM/Debit card monitoring service. Fraud Watch is a third party monitoring
service that reviews transactions for unusual or suspicious activity. This means if there are out-of the-ordinary
transactions your card could be blocked.
If your card is blocked for unusual activity and you miss the monitoring service’s call, use one of these of
numbers to verify recent transactions and unblock your card.
Keep these numbers accessible:
866.842.5208 (in the United States)
701.461.2551 (call COLLECT from outside the United States).
If your card is lost call one of these numbers to cancel your card right away:
800.264.5578 (in the United States)
701.461.0621 (call COLLECT from outside the United States)
As always, you can call our Service Center 24-hours a day with any questions at 800.232.8669.
OnGuardOnline.gov – provides practical tips to help you be on guard against internet fraud, secure your
computer and protect your personal information. This site is also a great resource to teach kids about online risks.
Netsmartz.org – National Center for Missing & Exploited Children® - The NetSmartz Workshop is an interactive,
educational program that provides age-appropriate resources to help teach children how to be safer on- and offline. The
program is designed for children ages 5-17, parents and guardians, educators, and law enforcement.
FTC.gov/idtheft – Federal Trade Commission’s ID Theft site – learn how to deter, defend and detect identity theft as
well as what to do if your identity is stolen
IDtheft.gov – The President’s Identity Theft Task Force – learn what the government is doing about identity theft
IC3.gov – Internet Crime Complaint Center – here you can report internet fraud
OptOutPrescreen.com – Opt-in or opt-out of firm offers of credit or insurance here
DMAchoice.org – Direct Marketing Association’s site to manage your mail
Free Credit Reports
You are entitled to receive one free credit report every 12 months from each of the
three nationwide consumer credit reporting agencies– Equifax, Experian, and TransUnion.
These three consumer reporting agencies have set up a central web site, a toll-free telephone number and a
mailing address through which you can order your free annual report. To order, visit www.annualcreditreport.com
call 877.322.8228, or print and complete the Annual Credit Report Request Form
and mail it to:
Annual Credit Report Request Service
P.O. Box 105281
Atlanta, GA 30348-5281
Do not contact these three consumer reporting agencies individually. Free annual credit reports are available
only through the above methods.
When ordering your free report you will be asked to provide your name, address, date of birth, and social security number.
In addition, you may be asked to provide further identifying information based on information contained in your credit report.
Only one web site, www.annualcreditreport.com
authorized to fulfill orders for the free annual credit report you are entitled to by law. Other web sites that claim to offer free credit reports, free
credit scores or free credit monitoring are not part of the legally-mandated free annual credit report program. In some cases, the “free” product
comes with strings attached.
For more information, refer to the Federal Trade Commission (FTC) brochure, “Your Access to Free Credit Reports,” available on the FTC’s
web site at www.ftc.gov
Report Identity Theft
If someone has fraudulently used your identity to establish credit, contact your credit union immediately and then report the incident as quickly
as possible to each of the consumer reporting agencies: