While we have many security measures in place, the security of your account and your private information begins with you.
Listed below are tips and suggestions to help keep your information safe.
Please be aware of the inherent security risks involved when using a public or shared computer, particularly in regards to your usage of Online Banking. Given that a public computer can be accessed by anyone, malicious or negligent activities performed on the computer before or after your use could compromise your privacy. Some risks include: Keyloggers that record usernames and passwords, or viruses that send private user data to a third party. Because of this, it is highly recommended to only use a private computer for account access through Online Banking.
Below are a few best practices for secure computing in order to help safeguard your personal information, particularly if should you find yourself in a situation where you must use a shared device.
Using your mobile device to check the balances of your accounts or to process a simple transaction is convenient and can save you time, but how do you make sure it is also secure?
While DCECU has a variety of mechanisms in place to protect members, there are some steps you can take to help protect yourself as well. Some may seem like common sense, but it’s important to keep them in mind.
You should look at your account details regularly to make sure you don’t have any unauthorized transactions. This can be made easier by checking your statements and paying bills online. It’s also a good idea to check your credit report annually for any activity you didn’t initiate. For information on how you can obtain a free annual credit report, visit www.annualcreditreport.com
Phishing is the method of tricking people into providing their social security numbers, credit card numbers, mother’s maiden name and other personal information. It is becoming apparent that the volume of phishing attempts through email is on the rise. “Phishers” often pretend to be someone else, such as a financial institution, retailer, government agency or other organization. This may include altering the “from” address of a message to make it appear to originate from a legitimate source.
There are a variety of methods that hackers may use in order to gain one’s confidence. For example, a member may receive an email claiming that there is a problem with their account or that their account will be closed unless they provide specific information. The most recent fraudulent attempts include emails claiming that a recent bill payment or ACH transaction was rejected. The sender may ask to verify an address, account number or password. A phishing email could also include an attachment containing a virus to steal sensitive information. Additionally, an emailed website link could be embedded that will lead to a fake site designed to look like a legitimate site, in an attempt to obtain sensitive information.
Always know that DCECU will never ask you to provide your account information in this manner. Furthermore, DCECU emails will never:
If an email includes any of the above, then it is most likely a phishing attempt. If you have any concerns that an email may be a phishing attempt, Online Banking (via www.dcecu.org) can always be used to verify account balances, transaction history, and other related information. If you believe that you may have fallen victim to a phishing attack, or still have any questions, please contact the Credit Union.
From: billcenter <email@example.com>
To: firstname.lastname@example.org; email@example.com; firstname.lastname@example.org; email@example.com; firstname.lastname@example.org; email@example.com; firstname.lastname@example.org; email@example.com; firstname.lastname@example.org;
Sent: Tuesday, October 7, 2011 11:43 PM
Subject: Important Notice from DCECU Billing Center
Dear Dow Chemical Employee’s Bank customer,
PLEASE LOGON AND FOLLOW THE STEPS LISTED AT THE FOLLOWING PAGE: http://www.dcecu.fx5q3zb44vpmc6cbt.com
Chemicale Employee’s Bank
From: NACHA <email@example.com>
To: firstname.lastname@example.org; email@example.com; firstname.lastname@example.org; email@example.com; firstname.lastname@example.org; email@example.com; firstname.lastname@example.org; email@example.com; firstname.lastname@example.org; email@example.com; firstname.lastname@example.org; email@example.com; firstname.lastname@example.org; email@example.com; firstname.lastname@example.org; email@example.com; firstname.lastname@example.org;
Sent: Tuesday, September 6, 2011 1:43 AM
Subject: ACH Transfer Review
ACH transfer (ID:620734) is going to be reviewed because of the incorcrectly input data when sending the payment.
Please,i fill ign the application form attached attentively and send it to us.i
After that your transfer will be processed.
If you have any qukestions or comments, contact us at email@example.com.
Thank you for using NACHA
Remember: Not all phishing emails are created equal. Some phishing attempts may raise very few red flags. For example, we are Dow Chemical Employees’ Credit Union, not Dow Chemical Employee’s Credit Union. If you are ever concerned about the legitimacy of a DCECU communication, please contact us.
Vishing Scams Use Phones Instead of Fake Websites In a new twist, identity thieves are sending spam that warns victims that their credit union/bank account or PayPal accounts were supposedly compromised. However, unlike typical phishing emails, there is no website address in these phishing messages. Instead, the victim is urged to call a phone number to verify account details.
The automated voice message says: “Welcome to account verification. Please type your 16-digit card number.” The goal is to get the victim to enter their credit card number. In these reported scams, no mention of the credit union, bank or PayPal is made.
Security experts tracking this scam and other instances of “vishing”, short for “voice phishing”, maintain that these frauds are particularly despicable because they imitate the legitimate ways people interact with financial institutions. In fact, some vishing attacks do not begin with an email. Some come as calls out of the blue, in which the caller already knows the recipient’s credit card number. This increases the perception of legitimacy and the caller only asks for the valuable three-digit security code on the back of the card. Vishing appears to be prospering with the help of Voice over Internet Protocol, or VoIP, the technology that enables cheap and anonymous Internet calling, as well as the ease with which caller ID boxes can be tricked into displaying erroneous information.
If you are a victim of a phishing or vishing attempt, feel free to contact us. You may also wish to take appropriate steps to protect yourself by canceling your compromised credit/debit cards, reporting the incident to the credit bureaus, or by ordering a copy of your credit report from any or all of the following: