Since 1935, PFCU has been providing a safe, secure place for our members to grow their assets. In these uncertain times, you can attend to family, friends, work, home and hobbies knowing that PFCU is well-capitalized and poised to meet the challenges of tomorrow. PFCU has made sound choices, staying away from risky loan practices and concentrating on responsible members like you. We are proud to be very well-capitalized and consistently receive high ratings in our federal exams. Each member's funds are federally insured up to $250,000 by the National Credit Union Administration (NCUA), a government agency, with an additional $250,000 of insurance provided by American Share Insurance (ASI), a private insurance company, for a total of $500,000.
You can verify the NCUA portion of your coverage with this convenient NCUA Insurance Estimator
The National Credit Union Administration(NCUA), governed by a three-member board appointed by the President and confirmed by the U.S. Senate, is the independent federal agency that charters and supervises federal credit unions. NCUA, with the backing of the full faith and credit of the U.S. government, operates the National Credit Union Share Insurance Fund (NCUSIF), insuring the savings of 80 million account holders in all federal credit unions and many state-chartered credit unions.
For more information on NCUA share insurance, please visit their website to learn more
American Share Insurance (ASI) is the nation's largest private deposit insurer, has been providing Credit Unions with extended deposit insurance since 1983. For additional information, visit their website to learn more.
NCUA Warns Consumers about “National Credit Union” Phishing Scam
The National Credit Union Administration has received reports of an online phishing scam that uses a website with a logo and a design similar to the agency’s own site in an attempt to convince unwary customers to provide information or send money.
Click here for information
Here are some helpful tools for securing your passwords:
1. Use a different password for every website you visit.
We know it seems like password overload but it is a lot less work than dealing with getting hacked.
2. Use a combination of upper case, lower case, numbers and symbols.
The more original you are the better. According to Norton, some of the most common passwords created by online users last year were password, 123456, qwerty, 111111 and monkey.
3. Change your passwords every three months.
4. If it's hard to remember all your passwords, try a password manager.
5. Make sure your computer has an anti-virus program.
6. Set up two-step log-ins
Two-step authentication asks you to sign in with your password, and then add a second sign-in — a numeric code sent by text, e-mail or a phone call. Think of it as a double password.
Google, Facebook, Twitter and Microsoft all recommend two-step authentication.
Click here to learn how PFCU is keeping you safe online with our Account Authentication and Online banking.
If you notice any unusual or suspicious activity happening on your account, please call PFCU at (626)799-0882 or use our toll free number (800)445-PFCU.
April 9. 2014
The media is full of reports about the Heartbleed Bug. We are reaching out to maintain your peace of mind about your PFCU accounts and loans. As you may know, the Heartbleed Bug is a vulnerability in the OpenSSL encryption standard that was discovered by security researchers two days ago. PFCU’s Online Banking Portal does not use Open SSL in our security infrastructure, which means your accounts here are not affected.
PFCU’s security experts took immediate action to verify that there were no vulnerabilities affecting our members. Had some been found, we were ready to respond. Our members can safely use all of PFCU’s Online Banking services with confidence. We continue to monitor the situation and if there are any further updates we will notify you. There is no action required on your part at this time.
PFCU remains committed to providing our members with the most up-to-date, thorough, and vigilant security possible. If you have any further concerns, please call (626) 799-0882 or 1-800-445-PFCU (7328). We will also post any updates in the “Latest News” section of our website.
December. 2013: Target Data Breach
On December 19, 2013, Target Corporation confirmed that as many as 40 million customers who used their Debit or Credit Cards at their stores between November 27, 2013 and December 15, 2013 had their data compromised. As with similar data breaches in the past, your PFCU team has been proactive in working with affected members to quickly replace their Debit and Credit cards at no cost to our members While we will always be vigilant on our end, it is important that PFCU members utilize the many tools we provide to help them monitor their accounts on a daily basis. Use our free Per$onal Branch Online Banking and Bill Pay to monitor activity on your accounts and loans. Report any suspicious activity immediately. You can also set up text or e-mail alerts to notify you of specific activities on your accounts. Members will not be responsible for fraudulent activity on their PFCU accounts that is reported to us in a timely manner. It is also imperative that you keep us up to date with phone numbers, including your mobile phone number, so that we may quickly contact you to clarify transactions on your accounts. We keep personal information like phone numbers confidential, so you don't need to worry that you will start receiving unwanted calls.
The Target Corporation has a detailed website geared toward keeping the public up to date on the data breach. You can explore this site here.
It has also come to our attention that various phishing scandals are being perpetrated which involve e-mails pretending to be from Target and asking for personal information. Use extreme caution when receiving e-mails that seem to be from Target. Check their website at the link above for the e-mail you receive. Target plans to publish all communications on this site.
Your PFCU team is always ready to help. Feel free to call us. Together, we can keep your money safe.
The Credit Union National Association (CUNA) has alerted us to a threatened nationwide attack on financial institution websites by means of a Distributed Denial of Service Attack (DDoS) on Tuesday, May 7, 2013. These attacks are performed by harnessing thousands of personal computers through spyware and malware and instructing them to navigate to a specific website, overloading the server and bringing the site down.
As a precaution, schedule critical transactions for any accounts you may have at any financial institution in advance of May 7 and avoid going to their websites on that day. Read more
PFCU members have been receiving text messages stating that they are from "CCU" with the message header: "Maintenance Update", asking them to call (215) 310-0133 or (530) 616-8912.
DO NOT CALL the numbers texted to you! We do not send such messages, known as "smishing". Please follow these steps:
Malware is mailicious software that programmers are able to sneak into your computer through attachments or links which can then wreak havoc on the system or result in financial attacks on users. Security researchers are warning email users of a new viral spam campaign involving two varieties of Bredolab malware. These email campaigns involve clicking on malicious executable file attachments (".exe") within emails that appear to be coming from a potentially believable source.
In the first spam campaign, end users are receiving an email appearing to be a delivery status notification from a popular international shipping company.
Subject lines from this first email campaign might include:
[International Express Shipper] ATTENTION
[International Express Shipper] Delivery Confirmation
DELIVERY CONFIRMATION FROM [International Express Shipper]
[International Express Shipper] id
[International Express Shipper] :DELIVERY CONFIRMATION
Delivery Status Notification
In the second spam campaign, end users are receiving an email appearing to be a notification regarding the status of a money transfer.
Subject lines from this second email campaign might include:
Money Transfer Information
[Money Transfer Service]: Money Transfer
Delivery Status Notification
[National Postal Service] Attention
In each of the cases outlined above, clicking on a link within the email installs the Bredolab malware onto your system, turning it into a "zombie" or "bot." Hackers use malicious botnets in a variety of ways, including denial-of-service attacks, misuse of SMTP mail relays, as well as theft of serial numbers, login IDs, and financial information such as credit card numbers.
Never open executable files attached to email messages. Often ".exe" files are blocked by Exchange and Outlook by default. It is best to set up rules to automatically block all ".exe" attachments. On a case by case basis, if someone sends you a file you actually need you can work with them to find a secure means of transferring the information.
7/28/11 A text phishing scam targeting credit union members tell recipients their credit or debit card has been locked or deactivated and instructs them to call a phone number. The text message falsely claims to be from a credit union, among them. All of the text messages include the first four digits of the named credit union’s debit card BIN, and a phone number to call.
If you receive such a message, do not call the number or reply to the text. Never give out your personal information in response to an e-mail or text. If issues ever arise relating to your debit or credit card — or if you have concerns about your card status — call only the number(s) listed on the back of your card.
6/25/11 Mail Scam tries to trick people into thinking they've received a large government grant. Remember the old adage that if it's too good to be true it probably isn't? Well, that's the case in a new mail fraud scheme where members receive a letter claiming they have received a large grant from various agencies of the US government, along with a "check". If you receive a letter similar to this, exercise caution. The likelihood of an unexpected check like this is extremely rare.
- Identity Theft
- Know who you are giving your personal information to-especially on the phone or over the internet
- Shred any documents with personal information on them before discarding
- Regularly check your account and credit card or line of credit statements for unauthorized activity. Report suspicious activity at once-you may be instructed to also file a police report. To make monitoring of your accounts easier, enroll in PFCU Online Banking and Bill Pay today! Click here for a quick and easy demo.
- Ensure that your mail box is safe. Many people are now purchasing mail boxes with locks on them for added protection.
- Sign up for E-Statements. Save time, save trees, save money while protecting your privacy and the environment!
- If someone calls you and starts asking for personal information, call back to the number you have for that company (Don’t let the caller give you a number) before sharing any information.
Various Types of Electronic Schemes
- Phishing schemes-Criminals will try to contact you by mail or e-mail pretending to be from the Credit Union or one of your other financial institutions, sometimes warning you of potential security risks, sometimes offering you a great deal of some kind. Do not respond with any personal information. Do not use any links or contact info provided in the e-mail. Use web addresses and phone numbers that you know to be correct to contact them. Sometimes the e-mail might look like it's from PFCU or another institution with which you do business but don’t be fooled. When in doubt, play it safe!
- The National Credit Union Administration (NCUA) has reported a new Phishing scheme which even promises to pay $40 for completing it. Credit Union members receive an e-mail pretending to be from the NCUA in the form of an "online questionnaire or survey." The e-mails are fraudulent, the NCUA warns, and may be an attempt to obtain confidential member information. The agency does not solicit such information from credit union members.
"This is a phishing activity with no NCUA activity or approval. If you have received these e-mails please do not respond. If you have any questions or concerns please email NCUA" at this address, firstname.lastname@example.org, an agency alert said.
- Vishing - "Vishing" similar to "phishing", this is a telephone-initiated scam where you will be contacted and asked for personal or financial information. The call may sound like it is from a trusted partner, and they may pretend to try and identify you by asking for information such as your social security number, birth date or account numbers. Again, if you are interested in the product or service being offered, call back at the number YOU have on file for the institution to ensure that the call is legitimate.
- TEXT MESSAGE "SMISHING"
Smishing (SMS phISHING) is the mobile phone counterpart to phishing. Instead of being directed by e-mail to a Web site, a text message is sent to the user's cell phone or other mobile device with some ploy to click on a link. The link causes a Trojan to be installed in the cell phone or other mobile device.
- New! Mail LETTER "PHISHING"
This new scam occurs where the phisher is creating a letter and sending it through the mail to individuals to respond to the letter by calling a phone number. The phisher outlines in the letter that the individual must respond for their own protection. This scam is used in conjunction with other channels to steal valuable personal and financial information of the individual receiving the letter.
Another new scam involves a phone call where the perpetrator already has your credit card number, name and expiration date and just wants the three-digit security code on the back of the card. They call saying they are working with law enforcement to stop fraudulent charges in amounts ranging from $297 to $497 (although the amounts can change) and that someone just tried to make such a charge on your card. They read all of your information to you and ask for that three-digit number as a “security measure”. DO NOT give them this number. Hang up and report the call to the customer service phone number printed on your card. If you have caller ID, you may be able to provide the phone number to the credit card company.
PFCU is always watching out for your financial well-being. If you receive an automated message on your telephone claiming that you have won a prize or money, it is possibly a scam for overseas con artists to gain access to your phone line, wracking up calls that will be billed to your number. You will be prompted to dial a 2-digit code preceded or followed by the * or # key on your phone (such as *79 or 72#), then an 800 number to claim your prize. When you dial the number, no connection is made. What this actually does is connect you to an overseas operator who then channels expensive calls through your phone line. A legitimate sweepstakes would not contact you in this manner. If you receive a call like this, simply hang up. If you receive a recorded message, do not call back.
Another current phone scam involves credit union members receiving an automated phone call telling them that their ATM or Debit card needs to be reactivated. They are asked to press 1, then enter their 16-Digit Debit or ATM card number, then their expiration date, then their PIN. Neither PFCU, nor any financial institution would contact you in such a manner. Always protect your PIN. If you receive such a call, please hang up and notify us. If a number shows up on caller ID, please supply that number when calling or e-mailing us. You may save other members from having their card compromised!
Advertisements have been posted on Craigslist as part of member recruitment scams nationwide. The ads (example below) solicit current credit union members and offer $75.00 or more for their assistance with qualifying a new member. This scam is targeting credit unions and members across the country.
2010 Credit Union
Protection Webinar Series
Upcoming CU Protection Webinar:
Covering Your Assets
Verified by VISA-A Great Tool as Long as YOU Activate it!
PFCU and VISA have teamed up to make your transactions safer. By registering your card with Verified by VISA (there is no charge and it takes a minute or so), you can greatly improve your protection from fraud on both VISA credit and debit card transactions. Criminals are trying to beat you to it, gathering enough information to fraudulently register your cards. Take a moment to learn more and register now.