RatesApply for a LoanLocationsContact UsHome
Account Security December 3, 2008 - Fake McDonalds and Coca-Cola Emails with Malicious Attachments
Websense® Security Labs(TM) ThreatSeeker(TM) Network has discovered an infectious holiday email making the rounds. Victims are receiving messages promoting a coupon from McDonald's or a holiday promotion from the Coca-Cola company. Both messages include a .zip attachment that contains either coupon.exe or promotion.exe. The malicious files (SHA1 ca973b0e458f0e0cca13636bd88784b80ccae24d) are Trojan Droppers, but have low anti-virus detection at the moment.

The McDonald's email claims to present their latest discount menu, and states that the attached coupon should be printed. The Coca-Cola email states that the attachment has details about their new online game and a chance to win Coca-Cola drinks for life.

Action: If you receive ANY unsolicited email supposedly from the McDonalds or Coca-Cola, DELETE it without opening any attachments.
October 17, 2007 - "You're Under Investigation": A New IRS Email Scam
The Internal Revenue Service is warning taxpayers to avoid falling for another new variant of an IRS email scam in which victims receive a fake email claiming they are the subjects of a criminal probe by "IRS Criminal Investigation."

The email states that the recipient filed a false tax return to the California Franchise Tax Board, and must click on a link in the email -- or download an attachment -- to learn more about the complaint.

Anyone clicking on the link or opening the attachment will unleash a Trojan Horse that can take over the person's hard drive and allow scammers to gain remote access to the computer.
"The IRS [urges] people not to click the link in the email or open the attachment. "Similar email variations suggest a customer has filed a complaint against a company and the IRS can act as an arbitrator. The latest versions appear aimed at business taxpayers as well as individual taxpayers.

"The IRS does not send out unsolicited emails or ask for detailed personal and financial information. Additionally, the IRS never asks people for the PIN numbers, passwords or similar secret access information for their credit card, bank or other financial accounts."

IRS Email Scams

The IRS asks that anyone receiving such emails forward them to phishing@irs.gov

Action: If you receive ANY unsolicited email supposedly from the IRS, DELETE it. It's 100% guaranteed phony!

October 17 - Fake Red Cross Telephone Scam Targets Military Spouses
In a particularly insidious scam, telephone callers pretending to be Red Cross representatives are contacting military families with relatives overseas, claiming that a family member has been hurt, and that personal and financial information must be supplied before treatment can begin.

Although many people are aware that identity thieves request this kind of information over the telephone, military spouses are certainly more vulnerable when they receive this kind of call.

Therefore, scammers have found that this is an effective way to get military spouses to give personal and financial information that they would not usually consider giving out. After all, they want to make sure their spouse is treated as quickly as possible.

The Red Cross has issued a press release about this scam here.

Red Cross Scan Press Release

It reads, in part:
"The American Red Cross has learned about a new scam targeting military families. This scam takes the form of false information to military families as described below:

"The caller (young-sounding, American accent) calls a military spouse and identifies herself as a representative from the Red Cross. The caller states that the spouse's husband (not identified by name) was hurt while on duty in Iraq and was med-evacuated to a hospital in Germany.

"The caller stated they couldn't start treatment until paperwork was accomplished, and that in order to start the paperwork they needed the spouse to verify her husband's Social Security number and date of birth. In this case, the spouse was quick to catch on and she did not provide any information to the caller.

"The American Red Cross representatives typically do not contact military members/dependents directly and almost always go through a commander or first sergeant channels. Military family members are urged not to give out any personal information over the phone if contacted by unknown/unverified individuals, to include confirmation that your spouse is deployed."

Action: Do NOT give out personal information if you receive this type of call. If you have a family member serving overseas, remember that the American Red Cross will NOT contact you directly, unless you first contact them.

This isn't the first time scammers have posed as members of the Red Cross or other charitable organizations -- and sadly we know it will not be the last time.

October 16, 2007 - Protect yourself from check fraud

Don't be a victim. Learn more at FakeChecks.org.

March 1, 2006 - IRS Phishing Emails - Tax Refunds
The Internal Revenue Service and the Internet Crime Complaint Center have issued consumer alerts about an Internet scam in which consumers receive an e-mail informing them of a tax refund. One e-mail, which claims to be from the IRS, tells the recipient that they are eligible to receive a tax refund for a given amount.  It then directs the consumer to a link that requests personal information, such as Social Security number and credit card information.

Another e-mail titled "Refund Notice" claims to provide information to recipients regarding the status of their IRS Tax Refunds. The e-mail contains a link, which mirrors the true IRS web site. This site purportedly allows recipients to check the status of their IRS tax refund after providing the following information:
• First and last name
• Social Security Number or IRS Individual Taxpayer Identification Number
• Credit card information

The IRS has seen numerous attempts over the years to defraud the public and the federal government through a variety of schemes, including abusive tax avoidance transactions, identity theft, claims for slavery reparations, frivolous arguments and more. More information on these schemes may be found on the criminal enforcement page at www.IRS.gov.

Microsoft Informational Video
  - What you should know about phishing identity-theft scams

For more information on online security please, click here.

Community Financial Credit Union and/or the IRS do NOT ask for personal identifying or financial information via unsolicited e-mail.

August 11, 2005 - FBI Fraud Alert Poster
This poster addresses five different scams that have grown at an alarming rate, due in part to the explosive growth and use of the internet. Specifically, this poster addresses the Internet Fraudulent Check Scam, Foreign Lottery Scam, Nigerian Fraud Scam, Re-Shippers Facilitating Illicit Money Transfers, and the Phishing Scam. The poster can also address these scams used in combination or in tandem. Many of these scams are perpetrated by foreign individuals and originate outside the United States. These individuals hide behind the anonymity of the internet and the inherent logistical and cultural barriers facing U.S. law enforcement in coordinating with foreign law enforcement to bring the perpetrators to justice.

NCUA Phishing Scam

Recently, there have been multiple e-mail fraud attempts, known as "Phishing”, that were initiated via e-mail sent to both the general public and to some credit union members that appeared to be from NCUA. This false e-mail asked for the recipient to click on a link to verify their credit union account registration. If the recipient proceeded to do so, the link directed them to a false website and asked for their credit union account number and PIN, along with other personal information.

NCUA does not ask credit unions members for such personal information. Anyone who receives an e-mail that purports to be from NCUA and asks for account information should consider it to be a fraudulent attempt to obtain their personal account data for an illegal purpose and should not follow the instructions in the e-mail.

If you responded to such an e-mail and provided any confidential account information, please notify your credit union immediately of the scheme. You should also change your account’s PIN, and take any additional action recommended by your credit union to protect your account.

If you feel that you have received a fraudulent phishing e-mail purportedly from NCUA please forward the entire e-mail message to Phishing@ncua.gov.

  Kirby Kangaroo CU Succeed Logo CO-OP Network CO-OP Network Annual Credit Report  

Our Privacy Policy | Website Disclaimer | US Patriot Act

Equal Housing Lender NCUA
Copyright © 2017 Community Financial Credit Union. All rights reserved.