Associated Federal Employees Federal Credit Union

Security Alerts

Last Updated: 05/06/2013

"Wire Transfer Canceled" Malware Attack - 05/06/2013

If you've received an email in your inbox telling you that your wire transfer has been cancelled, take care - as it's the latest attempt by online criminals to infect the general public's Windows computers.

The e-mail text reads as follows:

				The Wire transfer , recently sent from your bank account , was not processed by the FedWire. Transfer details attached to the letter. This service is provided to you by the Federal Reserve Board. Visit us on the web at website To report this message as spam, offensive, or if you feel you have received this in error, please send e-mail to email address including the entire contents and subject of the message. It will be reviewed by staff and acted upon appropriately.
				

Attached to the emails is a file called PAYMENT RECEIPT 30-04-2013-GBK-75.zip which Sophos products detect as containing the Troj/Zbot-EVX Trojan horse, designed to hijack your computer and - potentially - plunder your finances and steal private information.

Of course, the danger is that unsuspecting computer users will open the malicious email attachment even if they haven't recently tried to wire some cash.

The social engineering trap used in this attack takes advantage of people's natural curiousity, which - in many cases - will drive them to investigate the file even if alarm bells should be ringing.

Up-to-date anti-virus software and software patches can help protect your computer, but the real lesson that internet users need to learn is to not be so trusting of unsolicited emails that arrive out of the blue in their inbox.

(See http://nakedsecurity.sophos.com/2013/04/30/wire-transfer-canceled-malware-attack/)

Text Phishing Scam - 04/26/2013

Fraudsters are texting credit union members with a message that their payment card has been frozen. A BIN number followed by "XXXX" is being used to portray the message as an official looking communication containing a truncated payment card number.

Members are being directed to call the number listed in the text if they wish to unfreeze their payment card. The authorities have been notified of this scam but the number could still be live and represents considerable risk to consumers.

If you receive a similar text message DO NOT RESPOND! And remember, we will never ask for your personal information via text message.

If you believe you have been victimized by this or another scam, please contact us immediately.

New "FBI Cybersecurity" Virus - 02/21/2013

There is a relatively new virus that is being referred to as the "FBI Cybersecurity" virus, which manifests in any one of about a dozen forms but the net effect is this:

You get a popup window that will most likely dominate the screen and not allow navigation to other areas of the computer.
The screen claims to be from several Federal Institutions--primarily the FBI--but also including the U.S. Department of Defense and so on claiming a laundry list of offenses, such as; you have violated a copyright law or are using counterfeit software and informing you that you must pay $300-$500 within a certain timeframe through "Moneypak" (It’s also being referred to as the Moneypak virus).
It goes on to claim that if you don’t pay within a certain timeframe that the fine will increase and include jail time etc...

A legitimate government organization will NEVER solicit financial "penalties" directly from you in this fashion!!!

It’s a very scary looking window and tends to get people pretty worked up. It pulls information based on your IP address and your location and can even include info on which ISP you are using. (Comcast etc....)

This is a scam which is attempting to get your personal information and credit card info. It is propagated through unsecure rolling ad banners that have been hacked, even on legitimate websites.

If this windows pops up, do NOT respond to it, do not click on it. Kill the process if you know how. Then contact a reputable resource to clean the virus. If you know someone that is somewhat computer savvy, a System Restore to a point in time before the infection followed by a scan with an antivirus program seems to be effective.

These types of virus infections propagated in this manner are difficult to avoid because they approach YOU and you interact with the window, thus installing the software. However, using a good updated web browser such as Firefox or Google Chrome that integrates an "Ad-Block" add-on can be very effective in stopping these windows from popping up.

Please remember that AFEFCU will never ask you for personal information, or information about your credit union accounts via e-mail, a web page, or over the phone.