Protect Yourself From Fraud
Phishing and Vishing are types of deception designed to steal your personal data such as credit card numbers, passwords, PINs, or account data. Con artists might send millions of fraudulent email messages, text messages, or even phone solicitation that appear to come from companies you trust, like your bank or credit card company, and request that you provide personal information.
What does a phishing/vishing scam look like?
As scam artists become more sophisticated, so do their attacks. They often include official-looking logos from real organizations and other identifying information taken directly from legitimate websites. To make these phishing email messages look even more legitimate, the scam artists may place a link in them that appears to go to the legitimate website. But it actually takes you to a phony scam site or possibly a pop-up window that looks exactly like the official site.
These copycat sites are also called "spoofed" websites. Once you're at one of these spoofed sites, you might unwittingly send personal information to the con artists.
How to tell if an email/text/phone message is fraudulent
Here are a few phrases to look for:
- Verify your account - Businesses and TEFCU will not ask you to send passwords, log-in names, social insurance number or other personal information through email or text.
- If you don't respond within 48 hours, your account will be closed - These messages convey a sense of urgency so that you'll respond immediately without thinking. Phishing email might even claim that your response is required because your account might have been compromised.
- Dear valued customer - Phishing email messages are usually sent out in bulk and often do not contain your first or last name.
- Click the link below to gain access to your account - Specially formatted messages can contain links or forms that you can fill out just as you'd fill out a form on a website.
The links that you are urged to click may contain all or part of a real company's name and are usually "masked," meaning that the link you see does not take you to that address but somewhere different, usually a phony website.
Con artists also use Uniform Resource Locators (URLs) that resemble the name of a well-known company but are slightly altered by adding, omitting or transposing letters. For example, our URL "www.TEFCU.org" could appear instead as:
- www.TTEFCU.org
- www.transittefcu.org
- www.tranzitefcu.org
How to avoid phishing/vishing scams
Nothing is more important to us than the security of your personal information. But you have to take some simple precautions to protect yourself:
- Never respond to an unsolicited e-mail/text that asks for detailed financial information.
- Report anything suspicious to the proper authorities. Alert TEFCU through our web address, email or telephone number that you know is legitimate - not one listed in the email or text!
- Stop, look and call - resist the urge to immediately respond to a suspicious email, text or phone call. Ask yourself why the information requested would really be needed. Call us if you suspect any type of scam!
What to do if you've responded to a phishing/vishing scam
If you suspect that you've responded to a scam with personal or financial information or entered this information into a fake website, take these steps to minimize any damage:
- Report the incident to the following authorities - TEFCU, credit reporting agencies and reportphishing@antiphishing.org.
- Change the passwords on all your online accounts - Start with passwords that are related to your financial institutions or information.
- Routinely review your credit card and bank statements - Review your bank and credit card statements monthly for unexplained charges or inquiries that you didn't initiate.
For more information or if you feel you have been a victim of a scam, please call our Call Center immediately at (202) 832-5100 ext 290.
Securing Your Online Visit
Recommended Browsers
Our website and Online Banking has been optimized for viewing within certified browsers. Browsers that are certified have passed our security testing. By using an unsupported browser, you may not be able to view the take full advantage of all the features within Internet Banking and our website. See below for a list of recommended browsers.
- Microsoft Internet Explorer 7.0 (includes AOL 8.0 & 9.0)
- Mozilla Firefox 3.0
- Safari 3.0
Encryption
We use software that incorporates full RSA data encryption to ensure security and privacy of transactions. We require the use of a secure browser to access your account online. Your browser must be equipped with SSL (Secure Socket Layer) with 128-bit encryption to communicate with our servers.
Privacy
Protecting the confidentiality of your information en route over the Internet is of the utmost importance to your Credit Union. Anyone surfing our Web site will be in a secure environment. The use of a secure browser provides Secure Socket Layer (SSL) protocol protection. SSL utilizes public key cryptography.
Username & Password
The safety of your e-Connect session begins with you. Your password is critical to the security of your e-Connect session, so never share your username or password with anyone. For added security, if a password is entered incorrectly three times, we automatically lock the your account from both e-Connect and Tele-Connect. For your password, it is best to select a random combination of letters and numbers and to not choose something obvious or identifiable like your mother's maiden name, the name of your children, the name of your pet, your house number, or your birthday. We also recommend that you do not Auto Save your password in your browser. TEFCU employees do not have access to your password. Should your account become locked out, you will need to contact our Call Center to be reset. We recommend that you always sign off (log out) when done banking online.
Timeout Feature
For additional security, TEFCU uses a Timeout Feature within e-Connect. This setting will automatically log you out after a pre-set period of inactivity.
