General Email / Website Awareness
Below are several tips that will help protect you online. Many go hand in hand with the information provided on the phishing tab above.
- If you receive an email that warns you, with little or no notice, that an account will be shut down unless you reconfirm your billing information, you should not reply or click on the link in the email. Instead, directly contact the company cited in the email using a telephone number or website address that you know to be genuine.
- Similar to above, be suspicious of emails requesting personal information or “updates” to your account. Reputable companies will NEVER ask for sensitive information in an email. If you need to update your information online, open a new browser window and type in the website address of the legitimate company and go to their account maintenance page. Call only numbers listed on official websites and never telephone numbers in suspicious emails.
- If a website address is unfamiliar, it probably is not real. Only use the address that you normally use.
- If you suspect a website is not real and are asked to enter account information, try a fake password first. If the password works, you are not going to the official company website.
- Always report fraudulent or suspicious emails to your Internet Service Provider as this helps shut down fake websites before they can do more harm.
- If you have any doubts about an email or website, contact the legitimate company or check with websites devoted to eliminating spam and scams (see section at the right for some resources.)
- Do not respond to a suspicious email by return email. Do not call phone numbers listed in suspicious emails. Never click on website links embedded in suspicious emails.
- Avoid emailing personal and financial information, unless you are using a secure form on the website with which you are doing business, such as our secure email form. Additionally, before submitting financial information through a website, look for the “lock” icon on your browser’s status bar. (You should also look for the “lock” when signing-on to a website.) Also look for “https” in a website address. Both the “lock” and the “https” signal your information is secure during transmission.
- Review credit card and HVFCU account statements as soon as you receive them to determine if there are any unauthorized charges or suspicious activity. If your statement is late by more than a couple of days, call the credit card company or HVFCU to confirm your billing address and account balances.
- Report suspicious activity to the FTC. Send the actual spam email to [email protected]. If you believe you have been a victim of a fraudulent scheme, file a complaint at www.ftc.gov, and visit the FTC’s Identity Theft website to learn how to minimize your risk of damage from the identity theft.
- Neither the National Credit Union Administration (NCUA) nor any other federal financial agency uses email to request non-public information, such as account numbers, date of birth, or Social Security Number.