Member Login

THE MEMO

DAKOTA CREDIT UNION ASSOCIATION
  • Advocacy
    • Government Affairs
    • Grassroots Action Center >
      • Advancing Communities
      • Bill Tracking
    • Political Fundraising
    • Regulatory Advocacy
    • Preserving Financial Choice for North Dakotans
  • Compliance
    • Compliance Resources
    • Compliance Solutions >
      • AffirmX
      • CECL
      • ComplySight
      • CU CMS
      • CU PolicyPro
      • InfoSight
      • PayLynxs
      • RecoveryPro
      • Training
    • The Memo: Compliance
  • Member Resources
    • Awards >
      • DakCU Awards
      • CUNA Awards
    • CU Awareness (SWAP)
    • DakCU Foundation >
      • Donor Wall
      • Memorials
      • Vacation Sweepstakes
    • DakCU Health Benefits Trust
    • Financial Well-Being for All
    • Professional Development >
      • Chapters
      • Emerging Leader Program
      • Sales CU Training
      • Training
    • Strategic Partners >
      • CAP Program Directory
      • Compliance Solutions
      • Pee Wee and Friends®
  • News & Events
    • The Memo
    • Events Calendar
    • Annual Summit >
      • Crashers
      • Presenters
      • Sponsors
    • New Ideas
    • Sales CU Training
  • About Us
    • Board of Directors
    • Contact Us
    • Our Team

Beware Phishing and Smishing Attacks!

8/24/2022

 
Picture
Following a barrage of reports regarding fraud attempts in the Dakotas, Amy K has some helpful tips for credit unions and consumers. 
Picture
by Amy Kleinschmit, Chief Compliance Officer

Phishing, smishing, and other recent fraud attempts.
Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details, often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. Short for "SMS phishing," smishing often involves text messages claiming to be from a credit union, bank or another company. The message displays a phone number to call or a link to click, giving scammers the chance to trick individuals out of money or personal information.

Education for members is key and fortunately there are a number of resources that are ready to be pushed out to your membership and staff, such as the recent consumer alert from the Federal Trade Commission (FTC) concerning phishing scams. As discussed in the alert, the “FTC has seen a spike in reports from people getting text messages that look like they’re from well-known names like USPS, Costco, or The Home Depot and others.”

No matter what the unexpected text says, the FTC offers the following advice.
  • Don’t click on links or respond to unexpected texts — including ones asking you to fill out surveys to get free items. If you think it could be legit, contact the company using a website or phone number you know is real. Don’t use the information in the text message.
  • Don’t pay to get a package redelivered. The real USPS won’t contact you out of the blue about a delivery (unless you submitted a request first and give a tracking number) — and they’ll never demand payment to redeliver a package.

Additional guidance on how to recognize and report scam text messages can be found here or this video from Homeland Security that discusses protecting against phishing attacks - https://www.dhs.gov/medialibrary/assets/videos/21694.

The FBI also has helpful tips on how consumers can protect themselves from these scams, found here.

Phishing emails have been an issue for years, however, with the uptick in mobile smishing attacks be sure to make phishing and smishing awareness training a priority for staff – and make sure it covers all forms of phishing and smishing. Be sure everyone understands the risks when opening attachments or clicking on links within texts that come from unfamiliar sources.

However, all the education and prevention still might not prevent a scammer from using your credit union’s name in a smishing attack. Both the FTC and NCUA have issued guidance that might be helpful if this happens to your credit union.

The FTC’s article, Has a phishing scam hooked your company’s good name? | Federal Trade Commission (ftc.gov), provides tips on how businesses should respond if it is impersonated in a phishing scam, such as notifying consumers of the scam, contacting law enforcement, providing resources to any victims of the scam, and taking the opportunity to review and update security practices.

NCUA issued this letter to credit unions, 22-RISK-01, concerning the ongoing threat of social engineering and phishing attacks. The letter reminds credit unions that any cyber incidents should be reported to the NCUA, your local FBI field office or the Internet Crime Complaint Center, and the Cybersecurity and Infrastructure Security Agency.

Letter to Credit Unions 05-CU-20 also provides guidance for credit union regarding phishing, which can be found here. The letter directs credit unions that “If you become aware of actual phishing incidents using your credit unions’ name, logo, graphics, etc. attempting to solicit information from your members (also known as “spoofing”), you should consider taking the following actions as appropriate:
  • Post a prominent alert notice on your website’s homepage and login screen.
  • Contact members directly by mail and/or e-mail providing them with the information noted above.
  • Monitor member accounts for unusual activity and trends.
  • Flag and monitor closely the accounts of members who report that they have fallen victim to a phishing or similar e-mail scam.
  • Alert your staff to the incident so that they are sensitive to the situation and report activity such as unusual address change requests, account transactions, or new account activity.
  • Encourage members who believe that they have been a victim of the phishing scam to follow the recommendations published in the brochure, You Can Fight Identity Theft, outlining steps members should take to reduce the risk of identity theft.”
 
As always, DakCU members may contact Amy Kleinschmit with any compliance related concerns.
 
 
 
 
 



Comments are closed.

    The Memo

    The Memo is DakCU's newsletter that keeps
    ​credit union professionals updated on current news and information. ​

    Memo Home

    Want the Memo delivered straight to your inbox?
    Sign Up Now


    Archives

    March 2023
    February 2023
    January 2023
    December 2022
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021


    Categories

    All
    Action Alert
    Advocacy
    Awards
    Awareness Campaign
    Compliance
    CUPAC/CULAC
    Dakota CUs Give Back
    Events
    Facebook Creeping
    Financial Well Being
    Foundation
    Fraud Alert
    Grants
    In The Spotlight
    Marketing Tips
    Member Solutions
    Miscellaneous
    ND Legislative Update
    News And Notes
    President's Perspective
    Press Releases
    SD Legislative Update
    Webinars

Copyright Dakota Credit Union Association.  All Rights Reserved.
2005 N Kavaney Dr - Suite 201 | Bismarck, North Dakota 58501
Phone: 
800-279-6328 | info@dakcu.org | sitemap | privacy policy
Picture
Picture
Picture
  • Advocacy
    • Government Affairs
    • Grassroots Action Center >
      • Advancing Communities
      • Bill Tracking
    • Political Fundraising
    • Regulatory Advocacy
    • Preserving Financial Choice for North Dakotans
  • Compliance
    • Compliance Resources
    • Compliance Solutions >
      • AffirmX
      • CECL
      • ComplySight
      • CU CMS
      • CU PolicyPro
      • InfoSight
      • PayLynxs
      • RecoveryPro
      • Training
    • The Memo: Compliance
  • Member Resources
    • Awards >
      • DakCU Awards
      • CUNA Awards
    • CU Awareness (SWAP)
    • DakCU Foundation >
      • Donor Wall
      • Memorials
      • Vacation Sweepstakes
    • DakCU Health Benefits Trust
    • Financial Well-Being for All
    • Professional Development >
      • Chapters
      • Emerging Leader Program
      • Sales CU Training
      • Training
    • Strategic Partners >
      • CAP Program Directory
      • Compliance Solutions
      • Pee Wee and Friends®
  • News & Events
    • The Memo
    • Events Calendar
    • Annual Summit >
      • Crashers
      • Presenters
      • Sponsors
    • New Ideas
    • Sales CU Training
  • About Us
    • Board of Directors
    • Contact Us
    • Our Team