A recent data breach estimates that 1.2 billion user names and passwords have been compromised from more than 420,000 websites. In addition, it is estimated that more than 500 million email addresses were also compromised. At this time, these compromised websites have not been identified.
Pacific Service CU has no reason to believe that our online or mobile banking systems were part of the breach. However, many of our members may have been exposed through other website relationships. As a precaution, we advise you to change your password for all of the websites that you visit, especially your financial and banking sites.
Hold Security, the firm that discovered the theft, says the thieves aren’t in the business of stealing bank account information. That said, it’s a good time to remember to be cautious and aware about potential scams.
Here’s how a potential scam might work:
Phishing and vishing are types of deception to obtain sensitive personal information. An email is sent mimicking the appearance and identity of a company where you shop or have a relationship. The email may request that you update your account information, a credit card number or a password. Do not click any links and delete the email.
Another scam possibility is that your email or social media accounts will be hacked and used to send emails to your contact list advertising bogus products. If you receive a suspicious email from someone you know, it is likely that they have been hacked. Do not click any of the links and delete the email.
Fraudulent emails could avoid spam filters because they are targeted to known customers or contacts, which could result in a greater likelihood that their attempts will be successful in convincing consumers to respond.
Here’s what you can do:
- Remember that the credit union will never contact you via phone, email or text message requesting passwords, log in information, account number, social security number or any other personal information.
- Don’t respond to unknown solicitations and don’t give your personal information to unknown people or companies. If you’re suspicious about an email you’ve received, you should visit the company’s website directly by inputing the URL or using a bookmark.
- Use a different password for each site that you visit. If hackers can access one account, they can access all the accounts with the same credentials.
- Try a password manager. We recommend using a secure password manager that stores all of your passwords. Apps include Password Box, LastPass, MSecure and eWallet.
- Change your password every quarter.
- Use a complex password with a combination of upper case, lower case, numbers and symbols.
- Watch your account statements for any signs of suspicious activity.
- Set up account alerts for your financial relationships to alert you when there is activity on your account. You can do this for your credit union account by logging into BranchLine and clicking on the Manage Profile>Manage Alerts tab.
- Keep your computer’s firewall turned on and keep your operating system, anti-spyware and anti-virus software up to date.
- Report suspicious activity and suspected phishing attempts to the company being impersonated.