Member Security Center

POWERCO FEDERAL CREDIT UNION
SECURITY & IDENTITY PROTECTION

Last year over 685,000 cases of identity theft and fraud were reported and over $680 million stolen. Experts agree the theft of personal information for fraudulent use is one of the fastest growing crimes in America.

Powerco Federal Credit Union is committed to member protection. This means that we take extraordinary measures to protect you and your information. Part of that includes providing you with information to protect yourself.

SCAM ALERT! SCAM ALERT! SCAM ALERT! SCAM ALERT!

Powerco Federal Credit Union members are warned to be to be vigilant in analyzing suspicious emails. Two recent scams, one targeting the FDIC and the other the NCUA, are making their email rounds.

NCUA Issues Email Fraud Alert – “Recently, there have been multiple email fraud attempts, known as "Phishing”, that were initiated via email sent to both the general public and to some credit union members that appeared to be from NCUA. This false email asked for the recipient to click on a link to verify their credit union account registration. If the recipient proceeded to do so, the link directed them to a false website and asked for their credit union account number and PIN, along with other personal information.

NCUA does not ask credit unions members for such personal information. Anyone who receives an email that purports to be from NCUA and asks for account information should consider it to be a fraudulent attempt to obtain their personal account data for an illegal purpose and should not follow the instructions in the email.

If you responded to such an email and provided any confidential account information, please notify Powerco Federal Credit Union immediately of the scheme. You should also change your account’s PIN, and take any additional action recommended by your credit union to protect your account.

If you feel that you have received fraudulent phishing email purportedly from NCUA please forward the entire email message to admin@powercofcu.org and Phishing@ncua.gov

Additionally, you can file formal complaints concerning any suspected fraudulent email with the Internet Fraud Complaint Center (IFCC) at www.ic3.gov. The IFCC is a partnership between the Federal Bureau of Investigation, and the National White Collar Crime Center.”

FDIC Issues Fraudulent Email Alert –
Emails fraudulently claiming to be from the FDIC are attempting to trick recipients into installing unknown software on personal computers. These emails falsely indicate that recipients should install software that was developed by the FDIC and other agencies. The software may be a form of spyware or malicious code and may collect personal or confidential information.

The subject line of the email includes the phrase, "Urgent Notification - Security Reminder." The email requests that recipients click on a hyperlink that appears to be related to the FDIC, which directs recipients to an unknown executable file to be downloaded. While the FDIC is working with the United States Computer Emergency Readiness Team to determine the exact effects of the executable file, recipients should consider the intent of the software as a malicious attempt to collect personal or confidential information, some of which may be used to gain unauthorized access to on-line banking services or to conduct identity theft.

CONTACT US

If you detect fraud or identity theft on your Powerco Federal Credit Union accounts:

Powerco Customer Service

404-506-3750
800-633-5217

Powerco VISA® Classic
Powerco VISA® Gold
Powerco VISA® ChekCard

Lost/Stolen Hotline
800-556-5678
• 24 hours a day • 7 days a week

What is Phishing?

Phishing (pronounced "fishing") is the latest trend in fraudulent email activity targeting reputable companies, particularly financial institutions. Phishing is a scam in which thieves send out fraudulent emails that appear to come from reputable institutions. They request that you provide personal security information, such as your account numbers, passwords, Social Security number, etc. Usually, recipients of these email scams are asked to verify the information via a link in the email or by responding to the email with the requested information.

If you click the link, you'll likely be redirected to a phony website that looks almost identical to the company's legitimate website. Sometimes, the company's actual website does appear along with a pop-up that quickly appears for the purpose of harvesting your financial information.

According to the National Credit Union Administration (NCUA), in both schemes you may be asked to update your account information or to provide information for verification purposes: your Social Security number, your account number, your password, or the information you use to verify your identity when speaking to a real financial institution, such as your mother's maiden name or your place of birth.

PERSONAL SECURITY

Be suspicious of any email with urgent requests for personal financial information unless the email is digitally signed (you can't be sure it wasn't forged or 'spoofed'). Phishers typically:
1. Include upsetting or exciting (but false) statements in their emails to get people to react immediately;
2. Ask for confidential information such as usernames, passwords, credit card numbers, Social Security numbers, account numbers, etc.; and
3. Do not personalize the email message (while valid messages from your credit union should be).
Don't use the links in an email to get to any web page if you suspect the message might not be authentic. Instead, call the company on the telephone, or log onto the website directly by typing in the Web address in your browser.
Avoid filling out forms in email messages that ask for personal financial information. You should only communicate information such as credit card numbers or account information via a secure website or the telephone.
Always ensure that you're using a secure website when submitting credit card or other sensitive information via your Web browser. To make sure you're on a secure Web server, check the beginning of the Web address in your browsers address bar - it should be "https://" rather than just http://.

Consider installing a Web browser tool bar to help protect you from known phishing fraud websites.
Regularly log into your online accounts and don't wait for as long as a month before you check each account.
Regularly check your financial institution, credit, and debit card statements to ensure that all transactions are legitimate. If anything is suspicious, contact your financial institution(s) and card issuers.
Ensure that your browser is up to date and security patches applied.
Always report "phishing" or "spoofed" emails to the following groups:
- Forward the email to reportphishing@antiphishing.com;
- Forward the email to the Federal Trade Commission at spam@uce.gov;
- Forward the email to Powerco's "abuse" email address at admin@powercofcu.org;
- When forwarding spoofed messages, always include the entire original email with its original header information intact; and
- notify the Internet Fraud Complaint Center of the FBI by filing a complaint on their website at http://www.ic3.gov/.

IDENTITY THEFT

What To Do If You Give Out Your Personal Financial Information

Phishing attacks are growing quite sophisticated and difficult to detect, even for the most technically savvy people. And many people are getting onto the Internet and using email or Web browsers for the first time. As a result, some people are going to continue to be fooled into giving up their personal financial information in response to a phishing email or on a phishing website. If you have been tricked this way, you should assume that you will become a victim of credit card fraud, financial institution fraud, or identity theft. Below is some advice on what to do if you are in this situation:

Report the theft of this information to the card issuer as quickly as possible:
- Many companies have toll-free numbers and 24-hour service to deal with such emergencies.
Cancel your account and open a new one.
Review your billing statements carefully after the loss:
- If they show any unauthorized charges, it's best to send a letter to the card issuer describing each questionable charge.
Credit Card Loss or Fraudulent Charges (FCBA):
- Your maximum liability under federal law for unauthorized use of your credit card is $50.
- If the loss involves your credit card number, but not the card itself, you have no liability for unauthorized use.
ATM or Debit Card Loss or Fraudulent Transfers (EFTA):
- Your liability under federal law for unauthorized use of your ATM or debit card depends on how quickly you report the loss.
- You risk unlimited loss if you fail to report an unauthorized transfer within 60 days after your bank statement containing unauthorized use is mailed to you.
Report the theft of this information to Powerco as quickly as possible.

Protect Your Personal Computer

Some phishing attacks use viruses and/or Trojans to install programs called "key loggers" on your computer. These programs capture and send out any information that you type to the phisher, including credit card numbers, usernames, passwords, Social Security numbers, etc. In this case, you should:

Install and/or update anti-virus and personal firewall software.
Update all virus definitions and run a full scan.
Confirm every connection your firewall allows.
If your system appears to have been compromised, fix it and then change your password again, since you may have transmitted the new one to the hacker.
Check your other accounts! The hackers may have helped themselves to many different accounts: eBay® account, PayPal®, your email ISP, online bank accounts, online trading accounts, e-commerce accounts, and everything else for which you use an online password.

Reporting & Resolving Fraud

Identity theft occurs when someone uses your personal information such as your name, Social Security number, credit card number or other identifying information, without your permission to commit fraud or other crimes. If you have given out this kind of information to a phisher, you should do the following:

Report the theft to the three major credit reporting agencies, Experian, Equifax and TransUnion Corporation, and do the following:

Request that they place a fraud alert and a victim's statement in your file.
Request a FREE copy of your credit report to check whether any accounts were opened without your consent. You can find information about obtaining free credit reports on the Federal Trade Commission's website at: http://www.ftc.gov/bcp/conline/edcams/freereports/index.html.
Request that the agencies remove inquiries and/or fraudulent accounts stemming from the theft.

MAJOR CREDIT BUREAUS
	Equifax	Experian	Trans Union
Website	www.equifax.com	www.experian.com	www.transunion.com
To Order Your Credit Report	Call: 800-685-1111 Write: P.O. Box 740241 Atlanta, GA 30374-0241	Call: 888-EXPERIAN (888-397-3742) Write: P.O. Box 9530 Allen, TX 75013	Call: 800-888-4213 Write: P.O. Box 1000 Chester, PA 19022
To Report Fraud	Call: 800-525-6285 Write: P.O. Box 740241 Atlanta, GA 30374-0241	Call: 888-EXPERIAN (888-397-3742) Write: P.O. Box 9530 Allen, TX 75013	Call: 800-680-7289 Write: Fraud Victim Assistance Division P.O. Box 6790 Fullerton, CA 92634
For the Hearing Impaired	Hearing impaired call 800-255-0056 and ask the operator to call the Auto Disclosure Line at 800-685-1111 to request a copy of your report.	TDD: 800-972-0322	TDD: 877-553-7803

Notify Powerco Federal Credit Union and ask us to flag your account and contact you regarding any unusual activity:
- If bank accounts were set up without your consent, close them.
- If your ATM card was stolen, get a new card, account number, and Personal Identification Number (PIN).
Contact your local police department to file a criminal report.
Contact the Social Security Administration's Fraud Hotline to report the unauthorized use of your personal identification information.
- SSA Hotline at 800-269-0271
- The Social Security Hotline enables a victim of identity theft to report misuse of a Social Security number. You may also visit your local Social Security Office to obtain further information.
Notify the Department of Motor Vehicles of your identity theft:
- Check to see whether an unauthorized license number has been issued in your name.
- To locate your closest DMV office visit http://www.dmv.org.
Notify the passport office to watch out for anyone ordering a passport in your name.
File a complaint with the Federal Trade Commission:
- Ask for a free copy of "ID Theft: When Bad Things Happen in Your Good Name", a guide that will help you guard against and recover from your theft.
File a complaint with the Internet Fraud Complaint Center (IFCC)
- http://www.ic3.gov/.
- The Internet Fraud Complaint Center (IFCC) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C), with a mission to address fraud committed over the Internet.
- For victims of Internet fraud, IFCC provides a convenient and easy-to-use reporting mechanism that alerts authorities of a suspected criminal or civil violation.

Document the names and phone numbers of everyone you speak to regarding the incident. Follow-up your phone calls with letters. Keep copies of all correspondence.

Online Services / Powerco Info / News To Use / Products & Services
Rates / Applications / Financial Calculators / Site Directory / Member Security Center

Powerco Federal Credit Union is federally insured by the National Credit Union Administration.
Your savings federally insured to at least $100,000 and backed by the full faith and credit of the United States Government.

Equal Housing Lender. We do business in accordance with the Federal Fair Housing Law and the Equal Credit Opportunity Act.