Security Alerts

Last Updated: 01/22/2014

NCUA Warns about Telephone Fraud - 01/22/2014

The National Credit Union Administration today warned consumers to beware of a new telephone fraud, known as a "vishing" scheme, that is using the agency's name in an attempt to obtain personal financial information.

Several credit union members have been contacted by an automated phone call claiming to be from NCUA and notifying consumers their debit cards have been compromised. The call then asks the receiver to follow prompts, which request personal information, including sensitive financial data and personal identification information.

Anyone contacted by this so-called "vishing" scheme should immediately contact NCUA's Consumer Assistance Center Hotline at 800-755-1030 or by email at to report the scam. Operators answer calls Monday through Friday between 8 a.m. and 5 p.m. Eastern.

View the entire Press Release here

Target Confirms Massive Credit & Debit Card Data Breach - 12/16/2013

Retail giant Target has confirmed that a security breach may have exposed approximately 40 million debit and credit card accounts. Point-of-sale transactions conducted between November 27th and December 15th were likely affected.

The credit union will be contacting members who were affected by this, but in the mean time, members should be taking precautions outlined in this article:

Hackers Steal 2 Million Passwords From Social Media Sites - 12/06/2013

On December 5, 2013, Data Breach Today reported that "Hackers have pilfered some 2 million user passwords and credentials for Facebook and other social media and Internet sites, according to IT security provider Trustwave."

A Dec. 4 blog from Trustwave's SpiderLabs says the attack emanated from a single IP address in the Netherlands that functions as a gateway or reverse proxy between the infected machines and the Dutch-based command-and-control server. "This technique of using a reverse proxy is commonly used by attackers in order to prevent the command-and-control server from being discovered and shut down - outgoing traffic from an infected machine only shows a connection to the proxy server, which is easily replaceable in case it is taken down," Trustwave security researchers Daniel Chechik and Anat Davidi write in the blog. "While this behavior is interesting in-and-of itself, it does prevent us from learning more about the targeted countries in this attack, if there were any."

The hacking campaign, which started Oct. 21 and was discovered Nov. 24, might be continuing, Trustwave Security Research Manager John Miller tells CNN.Trustwave notified the affected companies of the breaches. "We don't have evidence they [hackers] logged into the accounts, but they probably did," Miller says.

Scope of Attack - The researchers say the hackers stole 1.58 million web login credentials, 320,000 e-mail credentials, 41,000 FTP account credentials, 3,000 remote desktop credentials and 3,000 secure shell account. The majority of the stolen passwords - 59 percent - were associated with Facebook followed by Google (13 percent); Yahoo (11 percent); Twitter (4 percent); Odnoklassniki, a Russian social media site (2 percent); LinkedIn (2 percent); ADP, a payroll services company (1 percent); and VK, a European social media site (1 percent)

According to CNN, Facebook, LinkedIn and Twitter have notified customers and reset passwords for compromised users. Google declined to comment and Yahoo did not provide immediate responses, CNN says. Miller tells CNN that he is most concerned about the ADP hack because its log-ins are used to manage workers' paychecks. "They might be able to cut checks, modify people's payments," Miller says. ADP, in a statement, told the news outlet that "to (its) knowledge, none of ADP's clients has been adversely affected by the compromised credentials."

Please remember that AFEFCU will never ask you for personal information, or information about your credit union accounts via e-mail, a web page, or over the phone.