In today’s digital age, it’s more important than ever to protect personal information online. At Service Credit Union, we are committed to protecting our members’ personal and financial information.
If you suspect that you have been a victim of suspicious activity, please do not hesitate to contact us at 800.936.7730 (U.S.) or 00800.4728.2000 (Int’l). You may also complete the form below to report any suspicious activity.
Security Alerts
Brand Impersonation Scam
Service Federal Credit Union is aware of a large-scale brand impersonation campaign currently underway, targeting multiple credit unions and banks. These institutions are predominantly impersonated via smishing text messages claiming to be from a member’s financial institution and can take on many forms, including reporting a fraudulent charge or asking for a password reset.
Senior Scams
Many scammers prey on senior citizens using psychological tactics and exploitation of emotions. They initiate contact, often through a phone call, and sometimes in person, pretending to be a grandchild or a relative in distress. Being cautious, verifying information and maintaining open communication with family members are crucial in avoiding such scams.
Zelle/Transfer Scam
A growing trend in financial crime is the use of money transfer applications to move money out of victims’ accounts and into those of fraudsters. All money transfer applications are subject to this form of fraud; however, Zelle has been identified as a primary vector used for this form of fraud. Click the button below to view examples of the methods used and steps to avoid falling victim to such scams
Security Resources
Cybersecurity Glossary
Cybersecurity Glossary
Antivirus software: A program that monitors a computer or network to identify all major types of malware and prevent or contain malware incidents.
Authentication: The process of verifying the identity of a user, process or device before granting access to resources in an information system.
Backup: A copy of files and programs made to facilitate recovery if necessary.
Biometrics: Unique physical characteristics that can be used for automated recognition. These include fingerprints and facial recognition.
Blacklist: A list of entities including but not limited to devices, networks, emails and applications, which have been determined to be associated with malicious activity and are therefore restricted or blocked.
Brute-force password attack: A method of accessing a device or account by attempting all possible combinations of passwords in an effort to find a match.
Card skimmer: A device discretely placed on a card reader by bad actors with the intent to intercept card information.
Chip card: A debit or credit card that contains an embedded microchip as well as a traditional magnetic stripe. The chip encrypts information to increase security when making transactions.
Cookie: A small file with pieces of data — like a username and password — placed on your computer by websites that are used to identify your computer as you use a computer network or the internet. Cookies let websites remember you, your website logins, shopping carts and more.
Cybersecurity: The process of protecting information by preventing, detecting and responding to attacks.
Dark Web/Darknet: A separate / secondary internet not indexed by search engines, often used for illegal activity including identity theft. Requires special tools and permissions to access.
Data loss: The exposure of proprietary, sensitive, or classified information through either data theft or accidental disclosure.
Decryption (decrypt): Returning encrypted data back to its plaintext or original format so that it may be known or used. The opposite of Encryption.
Digital wallet: Software, an electronic device or an online service that enables individuals or businesses to make transactions electronically, often in the form of electronic credit and debit cards.
Eavesdropping: The unauthorized real-time interception of a private communication, such as a phone call, instant message, or online transaction.
Encryption (encrypt): The transformation of data into a form that conceals the data’s original meaning to prevent it from being known or used. The opposite of Decryption.
Firewall: A part of a computer system or network that is designed to block unauthorized access while permitting outward communication.
Fraudster: A person or group who acquires money by deceiving people.
Hacker: An unauthorized user who attempts to or gains access to an information system.
HTTPS: Hyper Text Transfer Protocol Secure. A standard and secured method for communication between clients and web servers.
Key/keystroke logger: A program designed to record which keys are pressed on a computer keyboard used to obtain passwords or encryption keys to bypass security measures.
Malware: Software that is intentionally included or inserted in a system for a harmful purpose. Examples of malware are Ransomware, Spyware, Trojan Horses, Viruses and Worms.
Multi-Factor Authentication (MFA): Login authentication requiring two or more factors to achieve authentication. Factors include 1: Something you know (password, PIN, etc), 2: something you have (identification device, security token) or 3: Something you are (fingerprint scan, facial recognition, voice recognition). Two-Factor Authentication (2FA) is a form of MFA.
Phishing: A technique for attempting to acquire sensitive data through a fraudulent solicitation in email or on a website, usually done while masquerading as a legitimate source.
PIN: Personal Identification Number, a secret number a cardholder memorizes and uses to authenticate their identity as part of a transaction.
Plaintext: Intelligible data that has meaning and can be read or acted on without the application of decryption. Also known as cleartext.
Ransomware: Malware designed to encrypt a computer, often requiring a payment to the party responsible to unlock the computer.
Smishing: A form of phishing performed by sending texts (also known as SMS or Short Message Service). These usually are sent with a malicious link or asking for a reply. Advised to not reply to texts from unknown parties.
Social engineering: The act of deceiving an individual into revealing sensitive information, obtaining unauthorized access, or committing fraud by associating with the individual to gain confidence and trust.
Spoofing: Faking the sending address of a transmission to gain illegal entry into a secure system. Often seen as a faked email address or phone number.
Spyware: Malicious software designed to track the use of a computer and send details back to the fraudster. This can track things such as applications used, usernames and passwords entered, and much more.
Trojan horse: A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.
Virus: A computer program that can copy itself and infect a computer without permission or knowledge of the user. A virus might corrupt or delete data on a computer, use email programs to spread itself to other computers, or even erase everything on a hard disk.
Worm: A computer program that can run independently, can propagate a complete working version of itself onto other hosts on a network, and may consume computer resources destructively.
From the Blog
Tips and strategies to stay safe online