Credit Union News

Cyber Security Awareness Month

October is Cyber Security Awareness Month and Randolph-Brooks wants to ensure members are up to date on all the latest scams and have an opportunity to refresh skills with online security. Listed below are some of the common online scams. Please take time to familiarize yourself with the different categories. You can also visit our security section to receive additional hints, previous security alerts, and go to the FREE online security training center.

This training center provides you with opportunities to learn information about online shopping, passwords, child safety online, and much more!

Important Note: Unless you have initiated the contact, keep in mind that Randolph-Brooks will never request your sensitive personal, financial, or account information either by phone or email. Additionally, you should never reply to or click on links within e-mails from unknown or suspicious senders, especially those that are requesting your personal account information. If you are skeptical of a message's intent, delete the message.

FTC and FDIC warn of phishing attacks

The Federal Trade Commission last week warned that phishers are taking advantage of the recent upheavals in the financial services industry to launch attacks on consumers by fraudulently posing as the financial institution that recently acquired their institution or mortgage company. Click here for the full information.


Phishing scams continue to affect credit unions and their members, but the styles of phishing are shifting and changing. Smishing, Vishing, and E-mail Phishing are ways to bait members into divulging personal and financial information. Scammers are turning to these different methods with the hope of confusing members into thinking they can only be "phished" in one way. Be on the lookout for all the scams below.

Text Message Smishing

Smishing (SMS Phishing) is the mobile phone counterpart to phishing. Instead of being directed by e-mail to a Web site, a text message is sent to the user's cell phone or other mobile device with some ploy to click on a link. The link causes a Trojan to be installed in the cell phone or other mobile device.

Land Line Telephone Vishing & VoIP (Internet Phones Vishing)

Vishing, (Voice Phishing) also called "VoIP phishing for the Internet phones," is the voice counterpart to phishing. Instead of being directed by e-mail to a Web site, an e-mail message asks the user to make a telephone call. The call triggers a voice response system that asks for the user's card number or other personal or financial information. The initial bait can also be a telephone call with a recording that instructs the user to phone an 800 number or another area code within or outside of the United States.

In either case, because people are used to entering card numbers over the phone, this technique can be effective. Voice over IP (VoIP) is used for vishing because caller IDs can be spoofed and the entire operation can be brought up and taken down in a short time, compared to a land line telephone.

E-mail Phishing

This is a scam to steal valuable information such as credit card and Social Security numbers, user IDs, and passwords. In phishing, also known as "brand spoofing," an official-looking e-mail is sent to potential victims pretending to be from their internet service provider, credit union, bank, or retail establishment. E-mails can be sent to people on selected lists or on any list, and the scammers expect some percentage of recipients will actually have an account with the real organization.