Security

AlertsProtection & Prevention
Bookmark and Share
Interact Via Chat
Interact Via Chat
Home » Security » Alerts

Current Alerts

Unfortunately, online fraudulent attempts to access personal and account information continue.  When Interra Credit Union receives information about potential threats we pass them along to you, our members.  You may view recent alerts below.  If you have questions or need more information, please contact the credit union.

February 

Mobile Banking Alert – 02/05/10

MShift, Interra’s mobile banking provider, has recently received reports of an increase in fraudulent text messages sent to mobile phones via SMS/Text.  These SMS messages may appear to be legitimate, but are actually attacks from a fraudulent source.

Wikipedia defines “SMiShing” as,

Similar to phishing, smishing uses cell phone text messages to deliver the "bait" to get you to divulge your personal information. The "hook" (the method used to actually "capture" your information) in the text message may be a web site URL. However it has become more common to see a phone number that connects to automated voice response system.

The goal for the attacker is to convince the end user (mobile banking user) to share confidential financial or personal information, with what the end user believes to be a trusted source. 

Be aware that SMS fraud is on the rise.  Currently, most SMS/Phishing attacks tend to be broad based, sent randomly to a prefix or area code of mobile phone numbers for a specified region, rather than directed at the customers/members of a specific institution.  However, a key challenge is that these messages, when received by an individual account holder on his/her mobile phone, may appear legitimate. 

If you receive an unexpected SMS/Text message, appearing to come from Interra, please contact the credit union immediately, to confirm the legitimacy of the message.  In order to protect your data, security, and privacy of your financial information, you should not respond to the message directly.

Your browser based Interra Mobile Banking remains secure.  However, it is important to always access Interra Mobile Banking directly and not through links provided in suspicious e-mail or text message links.

At Interra Credit Union, we take identity theft seriously and continuously monitor security procedures to protect you and your accounts. Please know that a credit union representative will not call you and ask for your account number. A request for any important account numbers or your social security number should be treated suspiciously – online, by phone or in person – as scam artists frequently pose as financial institution representatives.

Computer Virus Alert – 2/4/10

It has come to our attention that some Interra members are experiencing a virus attack on their computers that attempts to mimic typical credit union security pages, demanding financial information.

What is it?

The virus, a newer type, is commonly called “Zeus.”  The Times of London reported on the virus:

“The virus, known as ZeuS or Zbot Trojan, bypasses security safeguards to record online bank account details, passwords and credit card numbers.  It also copies passwords for social networking sites before causing each computer to forward the data to servers under the control of the hackers.  It has emerged in several guises, including a false Facebook page that encouraged users to download a “software update.”
 
What makes this new virus so dangerous is that it can imitate many of the security features legitimate websites typically use to alert visitors that they are viewing a secure page.  If you are affected by this virus, you may be directed to a false webpage that looks similar to the one you intended to visit, including actual images and similar page design.

How it works: 

Once your computer is infected with the “Zeus” virus:

  • It waits for your internet browser to request a secure online banking or login page.
  • It then redirects your browser to a false site that includes “screen shots” of the legitimate site so you suspect nothing is wrong.
  • The false site may include a secure sign-in block that requests your multi-factor authentication information, much the same way that a legitimate secure site would.
  • At this point, the false site is attempting to get you to enter personal information such as a credit card number, expiration date, PIN number, etc.

What you should do:  

  • If you encounter a similar screen when attempting to log in to Interra Online banking, please do NOT enter any personal information.
  • Close the internet browsing window and make sure your antivirus software is up to date.
  • Once your antivirus software is updated, it is important to run a system scan
  • If you think you inadvertently entered any personal or account information:
    • It is important to report it to the credit card, ATM, or debit card, etc., issuer. Please call the number on the back of your card.
    • To protect your account information, be sure to reset both your primary and secondary Interra Online banking passwords.
  • This situation may create uncertainty or questions. At any time during business hours, please contact Interra Credit Union at 574.534.2506 or 888.432.2848 for assistance.

December

Mobile Banking – Phishing Attack 12/22/09

Interra Credit Union has been notified that in the first and second weeks of December, a developer using the Android platform has deployed shells of mobile banking applications to attempt access to financial information associated with multiple financial institutions. This phishing attack has been launched from the Android Marketplace and is impacting over 50 financial institutions worldwide, including those that currently do not offer mobile banking solutions, much less an Android download.

If you have downloaded an application from the Android Marketplace  -- please be advised that Droid09 is NOT an authorized or legitimate downloadable application of Interra Credit Union nor our mobile banking provider.  If you believe you may have been affected by this phishing attempt, please contact Interra Credit Union and change your log in password via online banking.

In addition, Interra’s mobile provider recommends that, if you are affected, please  immediately remove the Droid09 application from your phone and take it to your mobile provider to have the technical team evaluate the phone to make sure the application is completely removed and has not compromised any other applications or records within your phone.

To clarify:   The browser-based Mobile Banking solution provided by Interra remains fully secure.  You still have secure access to your mobile banking via the Android device, using the mobile browser interface.  The downloadable hacking/phishing effort provided by Droid09 represents a transparent attempt to gain access to credit cards and account numbers through the emerging Android platform.

 

If you have an Android device to access your accounts or other e-commerce related activity, please do so ONLY through the web browser interface, instead of a downloadable application, until the Android platform has been proven secure for financial transactions.

 

Please call the call center at 574.534.2506 or 888.432.2848 for questions related to this or any other security concerns.

 

FBI Pop-Up Security Alert – 12/11/09

The FBI (Federal Bureau of Investigation) National press office issued the following press release: Pop-Up Security Warnings Pose Threats on December 11, 2009.  This notice is relevant to anyone who uses the internet.  

Phishing Attempt – 12/9/09

The following e-mail, hitting the e-mail inboxes of  credit union members, is pretending to be from CUNA (Credit Union National Association).  They are attempting to obtain card information.  If you receive this e-mail or one like it, DO NOT OPEN OR REPLY TO IT!

The e-mail contains an attachment that when opened ask for the following data:

 

  

    
To update your profile, please complete the following required fields.
* Full Name 
* Zip Code 
* Full 16 digit Card Number 
* Expiration Date ( MM/YYYY ) 
* Four-digit Card PIN 

 The body of the e-mail is as follows: 

      
In attention of all Credit Union customers,
 
As the internet and information technology enable us to expand our services, we are committed to maintaining the trust customers have placed in us for protecting the privacy and security of information we have about you.  In order to protect your information against unauthorized access, identity theft and account fraud we earnestly ask you to update your profile.
 
Please download the form attached to this email and open it in a web browser.  Once opened, you will be provided with steps to update your profile.  We appreciate your understanding as we work to ensure account safety.
 
Regards,
Maintenance Department
 
Copyright © 2009 - Credit Union National Association, Inc.

As always, if you have questions or concerns about an e-mail that appears suspicious, please contact Interra Credit Union immediately.

Back to Top

 

Get Informed
|
Get Involved
|
Forms
ABA Routing or Transit Number: 271291017
|
Careers
|
Contact Us
|
Calculators
Site Map
|
Privacy & Disclosures
|
Hyperlink Disclaimer
Verisign SSL CertificateEqual Housing LenderHome & Family Finance CenterFind a surcharge-free ATMFind a Shared BranchBecome a Fan!Visit our Channel
American Share InsuranceEach account insured up to $250,000 by American Share Insurance. By members' choice, this institution is not federally insured. Learn more about American Share Insurance.