Home   |  About Us   |  Join   |  Savings   |  Checking   |  Loans   |  eServices   |  Gift Shop   |  UTrade
  SEARCH
Fraud Alerts

Keeping up-to-date on scams and schemes is one way to protect yourself from identity theft and fraud. Get the latest news on scams and schemes here!

Please call our Security Manager, Cesar R. Fazz at (928) 373-5464 if you have provided any personal information to anyone you do not personally know.

Nov 10, 2009 Security Advisory for Holiday Season 2009
Please read the following article, it contains information about a holiday scam.



Sunrise, FL November 9, 2009 - Easy Solutions Inc, a leading security vendor specialized in fraud prevention, has released a security advisory alerting online users on an increased number of phishing (scam) emails that appear to be from shipping companies like, UPS and FedEx.



These messages typically include a malicious file or link that claims to be the invoice of a misguided package, but in reality, attempts to infect the user's system with malicious software that is able to steal login credentials which can be used to run up bills or commit crimes.



“More important than the rise in the number of phishing emails is the high complexity of the malware included as payload, which includes code encryption to avoid antivirus detection”, explains Easy Solutions Regional Director for the Americas, Ricardo Villadiego.



“Although the first wave of this attack was related with shipping companies, like UPS and FedEx, we also started detecting phishing emails that pose as Facebook and Western Union messages. We anticipate this malicious activity will get worse as we approach the holiday season”, added Villadiego.



► To protect against phishing / pharming attacks Easy Solutions recommends:

▪ Keep your antivirus up-to-date.



▪ Avoid opening attachments or links contained in unsolicited email messages.



▪ Be cautious of all emails or pop-ups that ask for personal or financial information.



▪ Never click on links in email, even if they appear to be normal emails from your bank, instead type in the web address of the trusted site.



▪ Don’t reply to the malicious email, delete it immediately.
Oct 1, 2009 Text Message Fraud
AEA Federal Credit Union has been informed of a text message fraud where members of financial institutions are receiving text messages from fraud rings. This activity is currently happening in New York.



Please recognize that this could happen in any area; never provide your card information to someone who contacts you directly. If you are asked to provide protected information, please call the organization directly, using numbers you obtain yourself.
Jul 17, 2009 Cisco: SMS, Smartphone Attacks on the Rise
New research from Cisco says criminals are finding new techniques, new targets with fraudulent text messages and "smishing" campaigns



by Joan Goodchild, Senior Editor, CSO

July 14, 2009



New research released today by Cisco warns criminals are rapidly adapting to a more modern economy and continue to find new ways to exploit people with mobile phones and through social networks and text messages. The Cisco 2009 Midyear Security Report finds that much like a successful business, the criminal underground works together to understand and take advantage of the evolving behaviors of the demographic they are trying to fleece. As part of this strategy, cyber criminals quickly seize upon current events, such as swine flu and the recent death of Michael Jackson, in order to fool people into phishing scams or to spam advertising for preventive drugs and links to fake pharmacies.



"The bad guys were pumping out more than 2 billion spam messages the day after Michael Jackson died with all kinds of trickery," said Patrick Peterson, Cisco fellow and chief security researcher.



The report also notes an increase in the use of SMS text messages as an attack vector. Since the start of 2009, at least two or three new campaigns have surfaced every week targeting handheld mobile devices, according to Cisco, which describes the rapidly growing mobile device audience as a "new frontier for fraud irresistible to criminals."



The report also references a new technique called "smishing," which Cisco predicts will increase in the coming months. A smishing attack involves sending a phishing link to a smartphone that is sophisticated enough to actually click on a link contained in a text message. However, the more common SMS attack these days involves a fraudulent text message that appears to be from a trusted source, such as a bank, and prompts the user to call a phone number and reveal private information. The tactic makes use of an older, yet more trusted mode of communication, said Peterson.



"One of the most interesting innovations we have seen is the use of audio channel to phish the victim," he said. "What we see in a majority of these types of phishing attacks is the SMS will tell the cell phone owner to call a phone number. Some lovely recorded voice answers and asks you to enter or speak your account number, your social security number. It will keep asking as long as someone is gullible enough to give out that information. And all of that gets captured on voice over IP (VOIP) on standard open source audio file."



The technique is proving successful in many instances, said Peterson, because users have not yet learned to be wary of audio scams.



"A lot of people don't have the defenses against the audio channel. We've heard "Check the URL!" and "Don't click the link!" But I don't think a lot of people have heard "Don't enter your name into a touch-tone handset.""



Peterson said while SMS attacks are still new in the United States, they are more common in other countries, such as Japan, where SMS technology is more pervasive and has been popular for much longer.



The report also points to an increase in vulnerabilities that are being uncovered in smartphone operating systems since the market for victims has increased with widespread smartphone adoption (See also: 3 Simple Steps to Hack a Smartphone).



"The market size dictates the investment. Five years ago in the U.S., the handset market was not very big. Now with that growing, it becomes a primary device and absolutely the amount of criminal focus around those exploits will increase."

© CXO Media Inc.
Apr 3, 2009 Infragard's Free Security Awareness Training
New Awareness Program will Provide FREE Online Awareness Training for Individuals and Small Businesses Nationwide at

InfraGard Awareness



Fairfax, VA (PRWEB) April 2, 2009 -- The InfraGard National Members Alliance (INMA) and the Center for Information Security Awareness are pleased to announce the launch of a FREE online information security awareness training program that focuses on the workplace as the foundation for better security education and training.



A growing number of studies have identified employees and other insiders as the cause of the majority of data and security breaches and better security awareness and training is central to reducing these incidents.



The web-based course, created by The Center for Information Security Awareness, is professionally narrated throughout and consists of 14 separate lessons covering key information security issues that can impact the workplace. These include cyber threats to the workplace and the nation, understanding how employee behavior is exploited, the importance of regulatory compliance, better workplace security, effective password practices,understanding social engineering, improved email practices, safer web surfing practices, protection of sensitive data, as well as laptop, PDA and mobile security.



Participants can also elect to obtain their personalized InfraGard Certificate in Information Security Awareness in the Workplace. The examination consists of 100 randomly-generated questions based upon the material covered in the course and an individual may take the exam as many times as necessary to achieve a passing score.



The free course and additional information may be found at InfraGard Awareness



"This interactive and engaging training targets issues central to Critical Infrastructure Protection (CIP) and dovetails seamlessly with InfraGard National Members Alliance's priorities. We're pleased to make this important training available to anyone for free and also encourage people to earn this certification. Each opportunity to gain additional professional development contributes to enhancing the capabilities and contributions of our extensive membership to homeland and national security," said Dr. Kathleen Kiernan, Chairman of the Board of the InfraGard National Members Alliance.



"We at the Center for Information Security Awareness are excited to partner with InfraGard in this important initiative. In today's economic climate, security and training budgets are shrinking while fraud schemes and data security breaches are increasing. Our goal in offering this free awareness training is to make meaningful progress in improving awareness of computer and information security best practices and, as a result, reduce the frequency of data and security breaches," said Jon McDowall, director of education and co-founder of the Center for Information Security Awareness.


Main Menu

Security Center
Fraud Alerts
Identity Theft FAQs
Online Resources
TrustedID


HOME | CONTACT US | SAVINGS | CHECKING | GET A LOAN | ONLINE BANKING | CONVENIENCE SERVICES
INVESTMENTS | BUSINESS SERVICES | CARD SERVICES | IN THE SCHOOLS | CAREERS


AEA Federal Credit Union
membercare@aeafcu.org

Privacy Policy

Logos
AEA FCU has no control of, nor any responsibility for, any information
provided by a linked site or any link contained in a linked site or any changes to such sites.

Copyright © 2002 - 2010 AEA Federal Credit Union
All rights reserved.