Security Alerts

Check our Security Alerts page periodically for the most up-to-date information about identity theft, web scams, Internet security and more!

October 7, 2010: NCUA Fraudulent Email Survey Phishing Scam

The NCUA has issued a fraud alert to inform all credit unions’ members about a recent phishing attempt to obtain credit card account numbers, expiration dates and electronic signatures. In cases reported by the NCUA, the perpetrator(s) sent fraudulent emails, representing to be from the NCUA, to credit union members and the general public. Read more. The emails state that the NCUA will add $50.00 to the member’s account for taking part in a survey. The link embedded in the message directs members to a counterfeit version of NCUA’s website with an illicit survey that solicits credit card account numbers and confidential personal information. Any email from the NCUA that asks for account information is fraudulent and should be considered suspicious. Members affected by this scam should forward the entire email message to phishing@ncua.gov.


July 6, 2010: FDIC Bank Deposit Insurance Email Scam

Recently, we have been alerted that the Federal Deposit Insurance Corporation (FDIC) has received reports of a fraudulent e-mail which has the appearance of being sent from the FDIC.

The e-mail's subject line reads: "you need to check your Bank Deposit Insurance Coverage." The body of the email states, "You have received this message because you are a holder of a FDIC-insured bank account. Recently FDIC has officially named the bank you have opened your account with as a failed bank, thus, taking control of its assets." The email instructs the recipient to click a link that reads, "You need to visit the official FDIC website and perform the following steps to check your Deposit Insurance Coverage."

The e-mail and the website it is associated with are fraudulent. Recipients should consider this e-mail as an attempt to obtain personal or confidential information, or to load malicious software onto end users' computers. The FDIC does not issue unsolicited e-mails to consumers. Recipients of this e-mail should NOT click on the link.



May 25, 2010: Fraud Email Phishing Activity Reported

The National Credit Union Administration (NCUA) is reporting recently simulated NCUA email boxes. The fraudulent emails solicit credit union member participation in an Online Survey or Member Survey, and promise compensation of $40 as an inducement to respond to the email. The emails are fraudulent, and may be an attempt to obtain confidential member information. NCUA does not solicit such information from credit union members. This is a phishing activity with no NCUA activity or approval. If you have received these emails please do not respond. If you have any questions or concerns please email NCUA at pacamail@ncua.gov.



May 17, 2010: Mortgage Loan Audit Scam

The Federal Trade Commission has recently released a warning against a home foreclosure rescue scam that begins with “rescue” professionals offering audit services for a fee.

In the scam the homeowner pays several hundred dollars up front to have a “forensic loan auditor,”  “mortgage loan auditor” or “foreclosure prevention auditor”  backed by “forensic attorneys” review the homeowner’s loan documents to see if the lender complied with state and federal mortgage lending laws. The auditors claim their reports can be used to avoid foreclosure, accelerate the loan modification process, reduce loan principal or cancel the loan.

The FTC notes that there is no evidence such an audit can result in any kind of mortgage relief, even if it’s done by a licensed, trained practitioner. It says if there are errors in the loan documents, the borrower may be able to sue, but the lender won’t be required to modify the loan to make it more affordable. Cancelling the loan, it adds, will mean loss of one’s home and an obligation to return borrowed funds to the lender.

To learn more about the Mortgage Loan Audit Scam click here.



March 31, 2010: Zuesbot Computer Virus

Security experts are monitoring credit unions for a so-called "Zeusbot " attack, which is bypassing many anti-virus and malware scanning software used by credit union members, putting their personal financial information in jeopardy when they log on to their home banking service.

The Zeusbot waits for the user to log in to their online banking, logs the credentials, and then offers a screen that asks the user to further verify their login by entering their credit card data. All information gathered is sent to the attackers. Credit Union Information Security Professionals Association (CUISPA) noted that "while some users may be skeptical and not enter their data, the damage is already done. The online banking credentials have been compromised."

Please note that no REALTORS® FCU servers have been compromised by the Zeusbot attack. The Zeusbot malware program resides on the personal computers of online banking users, and collects information from the user's PC as it is transmitted to the financial institution.

In cases where members report activity, CUISPA said credit unions’ only recourse is to have members shut down, wipe and reload their PC, while the CU changes account passwords. The association, which monitors such security threats, said it has identified "dozens of cases throughout the country."

It is unclear at this time whether REALTORS® FCU, A Division of Northwest Federal Credit Union members are specifically targeted by the malware. If you believe that your computer has been infected by the Zeusbot malware, please contact Member Care immediately at 866.295.6038.

For more information about Zeusbot click here.

For information more information about potential scams and how to keep safe while banking online you can visit the following websites: