There's no shortage of plans hackers devise to try to gain access to financial accounts.
Be aware of a sophisticated new attack used to slip through security layers. It starts with a multistage attack launched with a simple email from a popular retail company with a receipt attached. When people open the receipt, they unintentionally download malware on their devices. When they later try to access their accounts, this malware automatically redirects their devices to a similar-looking site set up by the hackers.
They enter their bank log-in information and read a prompt to download an app from the Google Android Store. The app is promoted as an additional layer of security from the financial institution, but it actually grants hackers full access to financial accounts by intercepting the two-factor authentication code sent by the financial institution. Combined with the stolen login credentials, the hackers then have access to the available funds in the account.
So far, banks in Switzerland, Sweden, Austria and Japan have been affected by this new attack.
Please note, Power Financial Credit Union will never request personal information from our members via email. If you receive an email that asks for your member number, password, or other sensitive information, do not reply to the email or click any links. Clicking on a link in a fraudulent email can compromise your device security and your personal information. It’s always best to type www.powerfi.org directly into your online browser to ensure you're going to our trusted website.
Be Proactive About Your Online Shopping Habits
Don't open any emails if you did not shop at a particular retail store or you don't trust the merchant. If you open an email from a merchant or a third party you don't recognize, don't click any links in the email. Instead, promptly delete the email from your mailbox and empty your email trash folder.
Identity theft can happen to anyone. Monitor your account activity or enroll in an identity protection program such as LifeLock™. If you feel that you may have been the victim of identity theft, report the fraud immediately and change your passwords. You should also contact the credit bureaus listed below to place a free 90 day fraud alert on your credit file. If you already have an identity theft protection service, please check with them as the fraud alerts may have already been placed. Also be vigilant in monitoring your monthly financial institution statements, credit card statements, and revolving credit line card statements from merchants where you have a line of credit.