Credit Union West - So much more than money

Member Security

Credit Union West will never ask you to provide personal financial information via an unsecured e-mail. Do not reply to emails that ask for personal identification or account information -- even if they look official.

Tips for Consumers

Phishing is a crime that uses social engineering to fool its victims. That means that phishers try to look and act as you would expect your real bank to act. This makes it VERY DIFFICULT to recognize a good phishing attempt just by looking. In fact, a really good phishing web site can fool 9 out of 10 people, including people who are experts with computers. So don’t be afraid to use all the help available to you when it comes to protecting yourself against phishing attacks. Here are a few suggestions for how to protect yourself.

Use a spam filtering service from your ISP or use spam filtering software to keep phishing e-mails out of your inbox. And when you are sorting through your inbox, be wary of e-mails that say they are from your bank (and banks you don’t have accounts with) and that you need to click a link to “Confirm” or “Update” or “Verify” your account.

Pay attention to the lock icon your web browser. It can give you good clues about whether a web site you are visiting is really what you think it is. If you are submitting information, look for the lock icon in the browser border (But not in the site content itself. It means nothing there.). If there is no lock icon do NOT submit any personal information. A lock icon does NOT mean the site is safe. But the absence of a lock icon tells you the site is NOT safe.

Pay attention to the address bar, where the page URL is displayed. If the address doesn’t look right, leave the page. Use a search engine or your bookmarks to get to the real home page for the site you want and navigate from there to what you need. Again, just because the address looks “right” doesn’t mean it is safe, but if it looks suspicious then it probably is not right. If the address bar has been hidden from you without your consent, be suspicious.

Get a web browser toolbar with anti-phishing capability. A good toolbar will warn you if you visit a known phishing web site. Microsoft, Google and GeoTrust’s TrustWatch all offer good browser toolbars.

Protect your computer with anti-virus and anti-spyware software, and a firewall, and keep them up to date. Many phishing sites will try to secretly download a malicious program onto your PC. Anti-virus and anti-spyware software will not only block the download but also alert you that the attempt was made. You know your bank would not try something like that.

Never enter your personal information in a pop-up window. Phishers often will load a pop up window over a window showing the real web site of your bank. But just because both windows are on your screen together does not mean they are related. Pop up windows almost never show the address bar, so you have no idea where you are sending your information. Close the pop up window and go to the real bank site to navigate to your account log in area.

Report phishing, Whether you’re a victim or not, always assume that you are the first to find the site. Report it to the targeted bank or retailer and to the Anti-Phishing Working Group (APWG). The bank needs to know that there is a problem. The APWG is a clearinghouse that distributes your report to many ISPs and others who are trying to block phishing sites. And the APWG shares the sites reported to it with law enforcement agencies. You can also report directly to the FBI.

Act immediately if you’ve been hooked by a phisher. Let your bank know immediately. Close any affected accounts. Put a fraud watch on your credit report.