Phishing Quick Facts and Myths

Hero - Safe Computing Image

Awareness is your best defense against scams, phishes, and hoaxes.

The information below provides an overview of internet safety and scams. It is not all inclusive and we encourage you to continue your education beyond what is provided here.

Perhaps the greatest threat to your account information is giving your member number and/or password to another individual. Please remember:

  • No one except a joint account holder needs to know your member number and/or password.
  • No employee of HVFCU will ever ask you for your Internet Banking password information. Call us immediately at 845.463.3011 / 800.468.3011 if any person, whether an HVFCU employee or not, attempts to learn your password.

Phishing Quick Facts

  • A good phish targets weaknesses and lapses in human nature. For example, we often click “OK” without reading a warning.
  • A phish needs YOUR HELP in order to succeed.
  • Phishing is often conducted by organized crime.
  • Phishing groups are dynamic and can be in any country. They often used people in multiple countries simultaneously.
  • Credit and debit card users are the primary targets of phishers right now (going for fast cash).
  • Phishing can come in more than one form: email, instant messages, pop-up, online postings, and telephone.
  • A phish NEVER includes a real email address for the phisher, so it is pointless to reply to one.
  • A phish has a hook (Trust us. Here’s why.), a required action (Here’s what we want you to do.), and a push (Hurry, act now!).
  • Most servers that host phish sites are legitimate servers that have been compromised. Phishers must use the site’s URL or IP address in the phish.
  • Some servers that host phish sites are fraudulently registered. Phishers can use any URL and try to make it similar to the victim site.

Phishing Myths

  • “It’s hard for criminals to duplicate my institution’s website, so if it looks good, it must be the real site.” (The Truth: Many fake sites look identical to the original site.)
  • “If I see a lock anywhere on the page, I know it is a secure website.” (The Truth: The lock or key that signifies a secure site must appear on the body or chrome of the browser, not as a picture on a webpage.)
  • I can tell by the poor grammar if it is a phish." (The Truth: Fake sites often have perfect grammar and spelling.)

    © 2016 Hudson Valley Federal Credit Union

    PO Box 1071, Poughkeepsie, NY 12602-1071
    ph: 845.463.3011 / 800.468.3011

    Routing Number : 221979363
    HVFCU Prepaid Visa Routing Number: click here

    Unauthorized Access Warning – Access to Internet Banking is restricted to authorized HVFCU members only.