Interra
About InterraLoans & Credit CardsChecking & SavingsPersonal ServicesBusiness ServicesInvestments & Insurance

Security

Bookmark and Share
Online banking
Online banking
Hours & Locations
Hours & Locations
Chat
Chat
Newsletter
Newsletter
Mortgages
Mortgages
Videos
Videos
Podcast
Podcast
Security
Security
Home > Security > Alerts

Current Alerts

Unfortunately, online fraudulent attempts to access personal and account information continue.  When Interra Credit Union receives information about potential threats we pass them along to you, our members.  You may view recent alerts below.  If you have questions or need more information, please contact the credit union.

January

 Zappos.com Breach – 1/15/12

Interra Credit Union takes a proactive approach to keep members notified of potential security threats. If you are or have been a Zappos.com customer, please carefully review the information below and take suggested precautions. 

Online shoe and apparel retailer, Zappos.com, announced on Sunday, January 15, 2012, that hackers had broken into their company’s system through one of its servers in Kentucky and obtained data on its 24+ million Zappos.com customers.  The hackers took names, billing, shipping and email addresses, phone numbers and partial credit card numbers of Zappos customers, as well as their cryptographically scrambled passwords.  Based on reports from Zappos, it appears that users' full credit card information is safe, though they could be at risk if these customers use the same email and password combination to access other sites.
 
Zappos CEO Tony Hsieh stated the secure database that stores customers' critical card and other payment data was neither affected nor accessed.  In addition to expiring and resetting customers' passwords, Zappos has created a link that will let each customer securely create a new password.  Zappos is also urging customers to change their passwords on any other websites where they use the stolen password or similar ones, and it has warned them to be wary of e-mails and phone calls that ask for personal information or direct them to websites asking for personal information.  
 
Zappos is working with law enforcement and has sent an e-mail, accessible at http://blogs.zappos.com/securityemail to notify its potentially impacted customers.

September

Phishing Alert – 9/8/11

Individuals are again receiving e-mails claiming to be from The Electronic Payments Association (NACHA).  Please delete these e-mails immediately and DO NOT click on any attachments within these e-mails.  The following is an example:

From:      ach@nacha.org
Subject:  ACH Transfer Review

Dear Client,

ACH transfer (ID:03847439) is going to be reviewed because of the incorrectly input data when sending the payment.

Important:  Please, fill in the application form attached attentively and send it to us.  After that your transfer will be processed.

If you have any questions or comments, contact us at info@nacha.org.  Thank you for using www.nacha.org

Cathy McNickle
NACHA Risk Management Services

Learn more about other NACHA fraudulent e-mails that have circulated.  If you are concerned that you may have divulged personal or account information after receiving a phishing e-mail, please notify the credit union as soon as possible at 574.534.2506 or 888.432.2848

July

Automated Phone Call Alert – 07/9/11

Interra Credit Union members report that they are receiving automated calls stating their card number has been deactivated, inactive or frozen.  The call asks members to enter their card number in order to reactivate or unfreeze the card.  Although the call does not identify "Interra Credit Union," members may assume the call is referring to the credit union.  Other financial institutions are reporting similar concerns from their members/customers.

Remember, never give your card details or other personal information to someone contacting you.  Interra Credit Union will NEVER call or e-mail you requesting this type of information.  If you have questions or concerns or would like more information, please contact us.  If you fear you may have divulged personal or account information in such a call, please notify the credit union as soon as possible at 574.534.2506 or 888.432.2848.  During non-business hours, you may call the 24-hour lost/stolen card number hotlines at 800.523.4175 (ATM/Debit cards) or 800.449.7728 (Visa credit cards).  

WNDU NewsCenter 16 article

Elkhart Truth article

April

Data breach of customer e-mail addresses prompts new phishing warnings – 4/4/11

Epsilon, a marketing services firm based in Dallas, has warned clients that a massive breach in an e-mail database may have exposed the names and e-mails of thousands of users.  More than 40 companies were exposed in the breach, including:

  • Best Buy
  • Capital One
  • Citi Group
  • Home Shopping Network
  • JPMorgan Chase
  • Kroger
  • Marriott Rewards
  • RitzCarlton Rewards
  • Target
  • and others

Epsilon maintains that no financial information – credit card numbers, for instance – has been revealed, only e-mail addresses. 

Phishing attempts for account numbers and credit card numbers have been reported by customers of the affected companies.  If you receive an e-mail from any of the above companies, or others, asking you for personal and confidential information DO NOT respond.  These companies WILL NOT ask you to confirm any personal information. 

March

Electronic Payments Association Warning – 3/29/11

The Electronic Payments Association (NACHA) has received reports that individuals and/or companies continue to receive fraudulent e-mails that have the appearance of having been sent from NACHA.  These e-mails vary in content and appear to be transmitted from e-mail addresses associated with the NACHA domain (@nacha.org).  Some bear the name of fictitious NACHA employees and/or departments.  NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions.  NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.
 
Be aware that phishing e-mails frequently have attachments and/or links to webpages that host malicious code and software.  Do not open attachments or follow weblinks in unsolicited e-mails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.

Charity Scams – 3/15/11

With tragedy striking Japan, The Federal Trade Commission (FTC) has issued a warning to consumers of potential charity scams

Fraud Alert: Federal Reserve E-mail – 3/02/11

Individuals and/or companies are receiving fraudulent e-mails that have the appearance of being sent from the Federal Reserve.  Specifically, the e-mails claim to be from the Federal Reserve Wire Network and appear to be sent from “fedwire@federalreserve.gov.”  The following is a sample of such e-mail messages:

= = = = = Sample E-mail = = = = = =

From: fedwire@federalreserve.gov[mailto:fedwire@federalreserve.gov]
Sent: Wednesday, March 02, 2011 10:09 AM
To: Doe, John
Subject: Your Wire fund transfer

The Wire transaction , recently sent from your checking account (by you or any other person), was cancelled by the Federal Reserve Wire Network.

Please click here to view details
------------------------------------------------------------------
Adam Diaz ,
Fraud Department

= = = = = = = = = = = = = = = = = = =

This is a fraudulent e-mail.  It was not sent by the Federal Reserve.  Do NOT click on any of the links.

Be aware that phishing e-mails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited e-mails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.

As always, if you have questions or concerns about e-mails that appear to be suspicious, please contact  the credit union immediately.  Interra and other legitimate business and government organizations will NEVER ask you to divulge personal information – by e-mail, over the phone or otherwise.
 

February

FTC Consumer Alert – Spotting an Impostor: Scammers pose as friends, family and government agencies

The Federal Trade Commission issued this alert reminding consumers to be suspicious of scams, and what to do in the event you are ever a victim.

August

 "VISA" Virus & Online Retailers – 8/25/10

VISA – Please be cautious when opening e-mails regarding your Visa card.  It has come to our attention that some Interra Credit Union members are receiving e-mails containing a virus.  The e-mail, which does not associate itself with the credit union, states that their "VISA" has been charged and instructs the reader to open the attachment to view a copy of the invoice.  Upon opening the attachment, their computer is targeted with a virus.  
 
Online Retailers – E-mails are in circulation appearing to be from various online retailers, such as New Egg.  These e-mails state that a payment has been charged for your order.  While there is nothing compromising at first glance, the links in the e-mail direct visitors to a third-party site, not run by newegg.com.  It is likely that the e-mail is hoping that people will realize that they did NOT place an order, click on one of the links within the e-mail to try to correct the situation, and provide personal information assuming it is needed to research the situation.  The following is an example of these types of e-mails:
 
 
If you have questions about either of these types of e-mail messages, or have possibly divulged personal information by mistake, please contact the credit union.  
 

July

Automated Phone Call Alert – 07/19/10

 Some Interra Credit Union members are receiving automated calls stating their card number has been deactivated.  The call asks members to enter their card number in order to reactivate it. Although the call does not identify "Interra Credit Union," members may assume the call is referring to the credit union.

Remember, never give your card details or other personal information to someone contacting you.  Interra Credit Union will NEVER call or e-mail you requesting this type of information.  If you have questions or concerns or would like more information, please contact us at 574.534.2506 or 888.432.2848. 

February 

Mobile Banking Alert – 02/05/10

MShift, Interra’s mobile banking provider, has recently received reports of an increase in fraudulent text messages sent to mobile phones via SMS/Text.  These SMS messages may appear to be legitimate, but are actually attacks from a fraudulent source.

Wikipedia defines “SMiShing” as,

Similar to phishing, smishing uses cell phone text messages to deliver the "bait" to get you to divulge your personal information. The "hook" (the method used to actually "capture" your information) in the text message may be a web site URL. However it has become more common to see a phone number that connects to automated voice response system.

The goal for the attacker is to convince the end user (mobile banking user) to share confidential financial or personal information, with what the end user believes to be a trusted source. 

Be aware that SMS fraud is on the rise.  Currently, most SMS/Phishing attacks tend to be broad based, sent randomly to a prefix or area code of mobile phone numbers for a specified region, rather than directed at the customers/members of a specific institution.  However, a key challenge is that these messages, when received by an individual account holder on his/her mobile phone, may appear legitimate. 

If you receive an unexpected SMS/Text message, appearing to come from Interra, please contact the credit union immediately, to confirm the legitimacy of the message.  In order to protect your data, security, and privacy of your financial information, you should not respond to the message directly.

Your browser based Interra Mobile Banking remains secure.  However, it is important to always access Interra Mobile Banking directly and not through links provided in suspicious e-mail or text message links.

At Interra Credit Union, we take identity theft seriously and continuously monitor security procedures to protect you and your accounts. Please know that a credit union representative will not call you and ask for your account number. A request for any important account numbers or your social security number should be treated suspiciously – online, by phone or in person – as scam artists frequently pose as financial institution representatives.

Computer Virus Alert – 2/4/10

It has come to our attention that some Interra members are experiencing a virus attack on their computers that attempts to mimic typical credit union security pages, demanding financial information.

What is it?

The virus, a newer type, is commonly called “Zeus.”  The Times of London reported on the virus:

“The virus, known as ZeuS or Zbot Trojan, bypasses security safeguards to record online bank account details, passwords and credit card numbers.  It also copies passwords for social networking sites before causing each computer to forward the data to servers under the control of the hackers.  It has emerged in several guises, including a false Facebook page that encouraged users to download a “software update.”
 
What makes this new virus so dangerous is that it can imitate many of the security features legitimate websites typically use to alert visitors that they are viewing a secure page.  If you are affected by this virus, you may be directed to a false webpage that looks similar to the one you intended to visit, including actual images and similar page design.

How it works: 

Once your computer is infected with the “Zeus” virus:

  • It waits for your internet browser to request a secure online banking or login page. >
  • It then redirects your browser to a false site that includes “screen shots” of the legitimate site so you suspect nothing is wrong.
  • The false site may include a secure sign-in block that requests your multi-factor authentication information, much the same way that a legitimate secure site would.
  • At this point, the false site is attempting to get you to enter personal information such as a credit card number, expiration date, PIN number, etc.

What you should do:  

  • If you encounter a similar screen when attempting to log in to Interra Online banking, please do NOT enter any personal information.
  • Close the internet browsing window and make sure your antivirus software is up to date.
  • Once your antivirus software is updated, it is important to run a system scan
  • If you think you inadvertently entered any personal or account information:
    • It is important to report it to the credit card, ATM, or debit card, etc., issuer. Please call the number on the back of your card.
    • To protect your account information, be sure to reset both your primary and secondary Interra Online banking passwords.
  • This situation may create uncertainty or questions. At any time during business hours, please contact Interra Credit Union at 574.534.2506 or 888.432.2848 for assistance.

December

Mobile Banking – Phishing Attack 12/22/09

Interra Credit Union has been notified that in the first and second weeks of December, a developer using the Android platform has deployed shells of mobile banking applications to attempt access to financial information associated with multiple financial institutions. This phishing attack has been launched from the Android Marketplace and is impacting over 50 financial institutions worldwide, including those that currently do not offer mobile banking solutions, much less an Android download.

If you have downloaded an application from the Android Marketplace  -- please be advised that Droid09 is NOT an authorized or legitimate downloadable application of Interra Credit Union nor our mobile banking provider.  If you believe you may have been affected by this phishing attempt, please contact Interra Credit Union and change your log in password via online banking.

In addition, Interra’s mobile provider recommends that, if you are affected, please  immediately remove the Droid09 application from your phone and take it to your mobile provider to have the technical team evaluate the phone to make sure the application is completely removed and has not compromised any other applications or records within your phone.

 

To clarify:   The browser-based Mobile Banking solution provided by Interra remains fully secure.  You still have secure access to your mobile banking via the Android device, using the mobile browser interface.  The downloadable hacking/phishing effort provided by Droid09 represents a transparent attempt to gain access to credit cards and account numbers through the emerging Android platform.

 

If you have an Android device to access your accounts or other e-commerce related activity, please do so ONLY through the web browser interface, instead of a downloadable application, until the Android platform has been proven secure for financial transactions.

 

Please call the call center at 574.534.2506 or 888.432.2848 for questions related to this or any other security concerns.

 

FBI Pop-Up Security Alert – 12/11/09

The FBI (Federal Bureau of Investigation) National press office issued the following press release: Pop-Up Security Warnings Pose Threats on December 11, 2009.  This notice is relevant to anyone who uses the internet.  

Phishing Attempt – 12/9/09

The following e-mail, hitting the e-mail inboxes of  credit union members, is pretending to be from CUNA (Credit Union National Association).  They are attempting to obtain card information.  If you receive this e-mail or one like it, DO NOT OPEN OR REPLY TO IT!

The e-mail contains an attachment that when opened ask for the following data:

 

  

    
To update your profile, please complete the following required fields.
* Full Name 
* Zip Code 
* Full 16 digit Card Number 
* Expiration Date ( MM/YYYY ) 
* Four-digit Card PIN 

 The body of the e-mail is as follows: 

      
In attention of all Credit Union customers,
 
As the internet and information technology enable us to expand our services, we are committed to maintaining the trust customers have placed in us for protecting the privacy and security of information we have about you.  In order to protect your information against unauthorized access, identity theft and account fraud we earnestly ask you to update your profile.
 
Please download the form attached to this email and open it in a web browser.  Once opened, you will be provided with steps to update your profile.  We appreciate your understanding as we work to ensure account safety.
 
Regards,
Maintenance Department
 
Copyright © 2009 - Credit Union National Association, Inc.

As always, if you have questions or concerns about an e-mail that appears suspicious, please contact Interra Credit Union immediately.

Back to Top

News & Info | Forms | Applications
Calculators | Careers | Chat | Contact Us | ABA Routing or Transit Number: 271291017
Privacy/Disclosures | Hyperlink Disclaimer | Site Map
Each account insured up to $250,000 by American Share Insurance. By members' choice, this institution is not federally insured. Learn more about ASI >>