July 5, 2016 Fraudulent Email
Please be aware that there is a new phishing email that was brought to our attention. This email has the subject of “Fraudulent Activity Suspected” and the body of the email asks you to download an attached file to re-activate your account. This message is a fraudulent attempt to obtain personal information and is NOT from TCU. Please remember, TCU will not ask you for information regarding your account number or card number or ask you to download any files and you should be suspicious of any requests for this information over the phone, email or text messages. At TCU, your security is of the utmost importance to us. Please be assured, we are closely monitoring the situation to ensure you are protected. If you have given any account information to this number or any other number, please contact TCU immediately by visiting your local Service Center or by calling the Member Call Center at: 800.552.4745.
December 23, 2015 Cashier's Check Scam
If it seems too good, then it's probably not true.
There is a long running scam in place that promises you can keep $300 of these dollars if you wire the other $1500 to a specific account. The perpetrators rely on the holiday season and the promise of quick cash to try and recruit "mystery shoppers". Unfortunately, what they are asking you to do is illegal and can get you in trouble with the law. Please take any communications that may have TCU's logo on it to a nearby branch to verify authenticity, especially if it doesn't seem like a normal communication that you receive from us.
December 23, 2015 Android Malware Attack
There is a new malware attack targeting Android users that use multi-factor authentication to get into their bank applications. This could allow your accounts to become compromised which may lead to fraudulent activity on your accounts. The attack originates from a piece of malware already on your system. The malware can detect if you go to a banking site and will then request that you download an RSA app to your device. An RSA app is a separate app used for performing two-factor authentication for a user to a network resource. At TCU we do not require you to download any additional apps to gain access to your account. If you have any questions about a pop-up that does not seem normal when you are attempting to log into your TCU account, please call our member service center.
Follow these simple solutions to help protect you from attacks like this one:
- Never download any RSA mobiles app from any site other than the device platform’s official store (e.g., Google Play, Apple App Store, etc.).
- Be wary of social engineering-based attacks. In this case, the malware prompts the end-user for a mobile device phone number; information that your financial institution likely already has.
- Ensure your anti-malware/AV software is up-to-date, firewalls are enabled and devices have not been rooted.
TCU Insurance Agency: Anthem, Inc. Security Breach
On February 5, 2015 Anthem, Inc. released information that they were the target of a cyber-attack.
The breach occurred with Anthem, Inc. and NOT the TCU Insurance Agency; however, TCU Insurance Agency members with Anthem Insurance could be potentially impacted by this security breach. Anthem is currently investigating which TCU Insurance Agency members may or may not be impacted by this security breach and all information regarding your account will come directly from Anthem.
Anthem’s initial investigation indicates the information accessed included:
- Member health ID numbers
- Social Security numbers
- Street and email addresses
- Employment information, including income data
Please Note: Anthem’s investigation currently indicates no evidence that credit card, medical or financial information were obtained in the attack.
Anthem will contact members and former members that have been impacted by the attack through mail within 2 weeks. All impacted members will be enrolled in identity repair services and will be provided information on how to enroll in free credit monitoring directly from Anthem, Inc. Anthem, Inc. is not calling or emailing members and former members regarding the cyber-attack and is not asking for credit card information or social security numbers over the phone or email.
Beginning Friday, Feb. 13, current and former Anthem, Inc. members whose information was included in the database that was compromised can visit http://www.AnthemFacts.com to learn how to enroll in two years of free credit monitoring and identity theft repair services provided by Anthem, Inc.’s vendor - a leading and trusted identity protection provider. Anthem, Inc. members can access these services starting Friday, Feb. 13, prior to receiving a mailed notification from Anthem, which will be sent in the coming weeks. If your questions were not addressed, please contact the Anthem, Inc. support team directly at 1-877-263-7995.
November 14, 2014: Fraudulent Text Message Phishing Scam
Please be aware members of TCU and various other financial institutions recently reported receiving a text message from (260)564.4973 stating, “Credit Union Bank Alert: Your card has been temporarily frozen. Please call Card Services at (260)564.2353.”
This message is a fraudulent attempt to obtain personal information and is NOT from TCU. Please remember, TCU will not ask you for information regarding your account number or card number and you should be suspicious of any requests for this information over the phone, email or text messages.
At TCU, your security is of the utmost importance to us. Please be assured, we are closely monitoring the situation to ensure you are protected.
If you have given any account information to this number or any other number, please contact TCU immediately by visiting your local Service Center or by calling the Member Call Center at: 800.552.4745.
September 26, 2014: Shellshock – Online Security Breach!
A vulnerability known as “Shellshock” was identified by security researchers earlier today, could potentially put individual’s—who conduct business online— personal information at risk. At this time, there is not a great deal of detailed information regarding the threat and/or resolution being released.
Be assured at TCU, your security is our top priority. Initial investigation indicates our member’s data and TCU Internet Banking are not impacted. You can feel confident knowing TCU is taking the appropriate steps to address this potential risk and as security risks such as this arise, we will keep you informed.
To further protect your information, we advise you to monitor all your online accounts, as well as:
- Update all your current usernames and passwords for the sites you frequent containing your personal information.
- Use Internet Banking and Mobile Banking for up to date account information such as account balance and transactions.
- Set up TCU Text Alerts and email alerts for a specific dollar amounts so you are aware of transactions clearing your account.
- Set up Mastercard® Secure Code for on-line purchases: Enhances protection against unauthorized use of the Debit Mastercard® at participating online merchants. Once the card is registered and a private SecureCode™ is created, the card owner will be prompted at checkout to provide it each time a purchase is made with an online merchant. The SecureCode™ is never shared with the merchant; it is equivalent to entering a PIN number at an ATM. Members can enroll at tcunet.com TCU Cards>TCU Debit Mastercard®.
- Obtain a free credit report at www.annualcreditreport.com annually.
Please be assured that we are monitoring the situation and will provide updates if further action is necessary.
September 9, 2014: Home Depot – Global Data Breach!
At Teachers Credit Union your security is our highest priority, and that’s why we are closely monitoring the situation to ensure the safety and security of your data. You can rest easy knowing, as a member of TCU, you have $0 liability for fraud on your TCU Debit Mastercard® and TCU Visa® Platinum Credit Cards.
In the meantime, if you have concerns about the breach, please:
Review and monitor the activity in your account. If you suspect fraud, immediately contact your branch or the Member Call Center at (800) 552-4745.
Consider setting up alerts on your account through TCU Internet Banking. If you need assistance setting up alerts, please contact the Member Call Center at (800) 552-4745.
Learn more about how you can protect yourself from fraud and identity theft by visiting http://www.tcunet.com/home/about/security/identity-theft.
Please be assured that we are monitoring the situation and will provide updates if further action is necessary.
April 10, 2014: Heartbleed - Online Security Breach!
A vulnerability known as "Heartbleed" was identified by security researchers earlier this week, which could put individuals’—who conduct business online— personal information at risk. This “bug” enables a hacker/attacker to trick a system into revealing pieces of data residing in its memory that can potentially lead to a leak in private usernames/passwords and other sensitive information.
At TCU, your security is our top priority. After performing a thorough investigation, our research indicates that our members' data and TCU Internet Banking was not impacted. We want you to feel confident that TCU is taking the appropriate steps to address this potential risk and as security risks such as this arise, we will communicate with you on tcunet.com and Facebook.
If you have any questions regarding “Heartbleed”, please visit http://heartbleed.com. And, if you would like to know if your information was compromised on other websites you frequent with a personal username/password, please visit https://www.ssllabs.com/ssltest/index.html.
To further protect your information, we advise you to update all your current usernames and passwords for the sites you frequent that contain your personal information.
November 12, 2013: A new phishing scam has been reported!
Be suspicious if you receive an automated call with a recording claiming to represent a local financial institution, indicating your debit card has been frozen and personal information is needed before the card can be used again. This appears to be a variation on a scam known as "phishing," in which individuals call claiming to be from a reputable company, hoping consumers will respond with personal financial information. In the latest twist on this scam, fraudsters have been perpetuating these automated calls late at night, perhaps believing that a tired consumer is less vigilant.
The American Bankers Association Education Foundation recommends never giving out your personal financial information in response to an unsolicited phone call, fax, or email, no matter how official it may seem. Your best response is simply no response.
Remember a financial institution would never ask for your card number and PIN number! If this happens to you, please don’t give your information and contact the financial institution in question immediately. If you have any questions or concerns regarding this scam or any other suspicious activity, please contact the TCU Member Call Center.
February 14, 2013: Phishing emails posing as TurboTax Messages
Please be advised that we have been made aware of a phishing campaign currently underway that is using emails that appear to be related to TurboTax. The email does not contain a link; however, the email has a .zip attachment that contains malware. Do not open the attached file.
If you receive emails that appear to be from TurboTax stating that “Your State Return Has Been Rejected,” please be aware that these are not from Teachers Credit Union or TurboTax. Please do not open the attachment and do not forward the email. Delete the email.
Recommended steps for those who may receive the phishing email:
- Do not open the attachment in the email.
- Do not forward the email to anyone else.
- Delete the email.