Phishing and Fraud

What is phishing?

Phishing is a deceptive tactic used by cybercriminals who often craft emails and text messages that appear to come from trusted sources like banks, credit card companies, or online payment platforms. These messages typically tell a compelling story to trick recipients into taking specific actions, such as clicking on links or opening attachments. Phishers may claim:

  • There's suspicious activity or unauthorized log-in attempts on your account
  • There's a problem with your account or payment information
  • You need to confirm personal or financial details
  • An unfamiliar invoice requires your attention
  • You must click a link to make a payment
  • You're eligible for a government refund

Signs of a phishing attempt

Recognizing a phishing attempt is the first step in safeguarding your finances. Watch out for these red flags:

  • Suspicious Emails: Be cautious of unexpected emails asking for personal information or urging immediate action, especially if they contain spelling errors or unfamiliar sender addresses.
  • Urgent Messages: Phishers often create a sense of urgency, claiming your account is compromised and demanding immediate action.
  • Unusual Links: Hover over links in emails or texts to reveal the actual URL. If it looks unfamiliar or doesn't match the claimed sender, don't click it.
  • Requests for Personal Information: Legitimate organizations won't ask for sensitive information via email or text. Be wary of requests for passwords, Social Security numbers, or credit card details.
  • Generic Greetings: Phishing emails often use generic greetings like "Dear Customer" instead of addressing you by name.
Phishing attacks exploit emotions by invoking fear or urgency related to personal value or security, such as unauthorized purchases. For instance, fake invoices congratulate recipients on a purchase, inviting them to call or click for clarification.

How to protect yourself

Stay one step ahead of cybercriminals with these proactive steps:

  • Verify Contacts: Before sharing any information, confirm the legitimacy of the request by contacting the organization directly using official contact details from their website or official sources.
  • Keep Software Updated: Regularly update your operating system, antivirus software, and web browsers to patch vulnerabilities that cybercriminals may exploit.
  • Enable Multi-Factor Authentication (MFA): Implement MFA wherever possible to add an extra layer of security to your online accounts. This makes it much harder for attackers to gain access.
  • Educate Yourself: Stay informed about the latest phishing techniques and scams. Share this knowledge with family and friends to protect them as well.
  • Use Strong Passwords: Create strong, unique passwords for each of your online accounts, and consider using a reputable password manager to keep them safe.
  • Report Suspicious Activity: If you receive a phishing attempt, report it to the Credit Union and relevant authorities. Reporting helps them take action and protect others.

How to report fraudulent activity

Is there a transaction posted to your account that you do not recognize? Did you receive a call from someone claiming to be from Chevron Federal Credit Union asking for your account number, login credentials, or other details? Report it!

If you get a suspicious call or text from someone claiming to be from the Credit Union, even if the number appears to belong to the Credit Union, please call us at 800-232-8101.

Only provide sensitive information if you have called us directly, if we call in response to a wire transfer transaction you initiated online, or via Secure Email within Digital Banking.

Search

From everyday finance to life’s big money moments, it’s better when you belong.