Fraud Protection - Fraudulent Emails

Have you been the recipient of an unwanted email requesting account numbers or asking you to log on to a certain website to verify personal information such as social security and account numbers? Please don't. These emails are part of a scam known as "phishing"--designed to deceive consumers into surrendering personal information.

Throughout 2006, EFCU has been the "victim" of a series of phishing attacks. See below for examples. Again, these are scams, and you should never click on the link or complete the information requested from any emails requesting confidential information. EFCU will NEVER email you requesting personal or financial information.

Please know that confidential and financial information was NOT compromised in any way. We have contracted with our web/internet banking hosts for a Fraud Shutdown Service which works to shut down any fraudulent sites connected with a phishing email.

You may always contact us at 301-670-1300, option 3 or 800-223-2177 to verify the validity of any update requests or offers that appear to be from EFCU. Your best practice before responding to any unsolicited email is to contact the institution by phone or a website independent of the email. You may forward any questionable emails to mrktg@energyfcu.org or fax it to 301-670-1302.

How Phishing Works and What to Do IF you Give Away Information
"Phishing" also involves a fraudulently duplicated website besides just the email. In fact, the website that is linked through the email is more dangerous than the email because that is where you can give away information. Before submitting financial information through a website, look for the "lock" icon on the browsers status bar or for "https" at the beginning of the website address. Some recent "phishing" scams have tricked people by duplicating existing web pages and using them in the email. These sites usually do not show such signs of security. When you are on EFCU's eBranch, you are in a secure site and will see the lock icon in the corner of your screen. This is why we encourage members who want to apply for a loan online to do so in eBranch--where they must log in to a secure site before providing confidential information. You must also be aware of URLs - the address of the website you are on. EFCU's website URL or address is : https://www.energyfcu.org/onlineserv/HB/Signon.cgi. If you ever see any odd letters or words in a URL from an email, shut down your browser and type in our address yourself to access eBranch.

If you ever respond to a phishing e-mail and provide any confidential account information, please notify us immediately of the scheme at mrktg@energyfcu.org or 800-223-2177. You should also change your internet banking account password, cancel any ATM or debit cards involved, and take any additional action recommended by your credit union to protect your account.

For General fraudulent emails and spam:
The Anti-Phishing Working Group (APWG) provides smiliar tips and a means for reporting fraudulent emails at the website: http://www.antiphishing.org/consumer_recs.html. Check out the Phishing Archive on the APWG website to view the various scams out there. You can also report a phishing email at reportphishing@antiphishing.com.

The Federal Trade Commission provides information on spamming and phishing at www.ftc.gov, and you can email a fraudulent email to them at uce@ftc.gov.

July 2007: "eBranch Account Access" Email

Please know that our system will never email you with a message that you can re-register or unlock your account online. It will email you if you have legitimately been locked out because of too many failed attempts at login. This is a security feature designed to inform you that there may have been an attempt at breaching your acccount. However, our system will not inform you that you can unlock or activate your account online by going to a certain website. At EFCU, you must contact our Call Center to be reset if you are locked out of your account. When you call us to be reset, we will verify your identity over the phone before we reset your access.

Phishing Email #1

From: Energy Federal Credit Union [mailto:do-not-reply@energyfcu.org]
Sent: Tuesday, June 27, 2006 9:21 AM
To: undisclosed-recipients:
Subject: Energy Federal Credit Union Notification
Importance: High

Dear Customer,
At Energy Federal Credit Union the greatest responsability to our customer is the safekeeping of confidential information you have entrusted to us and using it in a responsable manner. A fundamental element of safeguarding your confidential information is to provide protection against unauthorized access or use of this information. We maintain physical, electronic and procedural safeguards that comply with federal guidelines to guard your nonpublic personal information against unauthorized access.

At this time we need you to confirm your online account with our existing database. As soon as our database will be updated we need to make a few important anouncements to our customers so please update your contact information with no delay.

Please click the link bellow to continue:
https://www.energyfcu.org/onlineserv/HB/Signon.cgi?update=account589

Our database will be instantly updated.

We are committed to the responsible use and protection of customer information on our website. At Energy Federal Credit Union we are dedicated to providing you with exceptional service and to ensuring your trust. If you have any questions regarding our services, please check the website or call our customer service.

Warmly EFCU's Executive Management Team,

Ronald P. Roy, President/CEO
S. Michael Grimail, Chief Financial Officer
Marilyn J.C. Davis, Vice President Lending and Collections

E CHECK LOGO VISA CARD
Energy Federal Credit Union in Rockville, Maryland

The Site of the Scam

Below is an image of the actual phishing site. The phishers did mimic our Visa Access site well--they matched the coloring and stole the logo and design--but there are several things that one can look for on any site which are triggers of a scam.

image of phishing site

Scam Triggers on this Site

The URL is not secure: it is not "https:", but only "http:". Any site where you are entering financial information should have the secure "s" before you submit any information. This one is not.
The URL does not include our true address: "www.energyfcu.org". The URL for this page is "http://www.davestraw.co.uk/energy/java/index.html", and that indicates it is not part of our website.
Activity Notification: It already has a line indicating "The information you provided was not found. Please try again." - as if you had been active on the site already, when you were not.
The best place to access the links to our other services, such as Visa access - is through your internet banking account (on eBranch), or at least from our home page, which is secure.
In the email: an Urgent Appeal to update your information or your account will be closed - again, a financial institution would not request information in this way.

Phishing Email #2

Phishing Email #3

Phishing Email #4

From: Energy Federal Credit Union
To: xxxxxxxxxxxxxx
Sent: Monday, July 17, 2006 9:35 AM
Subject: Update your online banking account information within 48 hours to avoid suspension.

Dear Energy Federal Credit Union Customer,

At Energy Federal Credit Union the highest interest to our customers is the safekeeping of confidential information you have entrusted to us and using it in a secure manner. A fundamental element of safeguarding your confidential information is to provide protection against unauthorized access or use of this information. We maintain physical, electronic and procedural safeguards that comply with federal guidelines to guard your nonpublic personal information against unauthorized access.

At this time we need you to confirm your e-mail address with our existing database. As soon as our database will be updated we need to make few important announcements to our customers so please update your contact information with no delay.

https://www.energyfcu.org/onlineserv/HB/Signon.cgi

Our database will be instantly updated.

We are committed to the secure use and protection of customer information on our website. If you have any questions regarding our services, please check the website or call our customer service.

Best Regards,
Energy Federal Credit Union Online Department.

Other Fraudulent Emails

From: Suntrust Security Department [mailto:SecurityDepartment@suntrust.com]
Sent: Wednesday, December 08, 2004 12:11 AM
To: rproy@energyfcu.org
Subject: SunTrust Anti-Fraud Verification Procedure

Dear Suntrust.com Customer,

During our regular update and verification of the Internet Banking Accounts, we could not verify your current information. Either your information has been changed or incomplete, as a result your access to use our services has been limited. Please update your information.

To update your account information and start using our services please click on the link below:

http://www.suntrust.com/personal/Checking/OnlineBanking/Internet_Banking/index .asp?bhcp=1

Note: Requests for information will be initiated by Suntrust Business Development; this process cannot be externally requested through Customer Support.

Sincerely,
Suntrust.com
Security Department.

Example 2: Our second example is in PDF format (requires Adobe Acrobat to open).