Privacy & Security

Current News

October 6, 2011 - Be aware of fraudulent phone calls asking for information

We have recently been made aware of a situation where credit union members are receiving fraudulent phone calls where they are asked to provide their credit (or debit) card number and it’s expiration date in order to activate their card. The credit union would never call you asking for this information because we already have it. Another variation of this scam is where an automated system calls you to tell you “your account is locked” and to “press 0 to unlock your account”…DO NOT do this. We believe these are a few of many scams circulating around where fraudulent individuals are trying to gather sensitive personal or financial information. If you happen to receive a phone call like this DO NOT provide the information they are requesting. Then if possible please record the Caller-ID information & write down exactly what the person said to you. Then call the credit union at 563-355-0152 or 800-426-5241 Ext 0. If you received this kind of phone call in the recent past, and you DID provide information about your credit or debit card then please call the credit union at 563-355-0152 or 800-426-5241 Ext 0 so we can discuss blocking your current card number & reissue you a new card...

 

May 19, 2011 - Keeping Children Safe Online

Children present unique security risks when they use a computer- not only do you have to keep them safe, you have to protect the data on your computer.  By taking some simple steps, you can dramatically reduce the threats.  Read More...

 

April 27, 2011 -  Iowa Attorney General Advises Sony PlayStation Account Users in Iowa to Take Precautions

Iowa Attorney General Tom Miller is advising Sony PlayStation account users in Iowa to take precautions to protect themselves from identity theft in the wake of the company’s disclosure of a massive personal data breach.

Through a statement issued Tuesday, Sony confirmed that “between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network.” The breach could affect 77 million account holders worldwide, according to media reports.

“While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility,” the company’s statement added.

Miller advised any consumer who provided credit card data through PlayStation Network or Qriocity to assume their credit card information may have been compromised.  

December 22, 2010 - Phone Scam Alert 

November 12, 2009 - Phishing Alert from NACHA

Random individuals and/or companies may have received a falsified e-mail with the subject title "Rejected ACH Transaction."  This e-mail appears to be from NACHA - The Electronic Payments Association telling them that there is a problem with an ACH transaction they have originated.  The e-mail includes a link which redirects the individual to a fake web page which appears like the NACHA website and contains a link which is almost certainly executable virus with malware.  See sample below.
Please alert any financial institution and/or company who have questions about this site and inform them that the e-mail did not originate from NACHA, the website is not that of NACHA's, and inform them to not click on the link.
= = = = = Sample E-mail = = = = = =
From: nacha.org [mailto:report@nacha.org]
Sent: Thursday, November 12, 2009 10:25 AM
To: Doe, John
Subject: Rejected ACH transaction, please review the transaction report
Dear bank account holder,
The ACH transaction, recently initiated from your bank account, was rejected by the Electronic Payments Association. Please review the transaction report by clicking the link below:
Unauthorized ACH Transaction Report  (this is the how the link is presented)
------------------------------------------------------------------
Copyright ©2009 by NACHA - The Electronic Payments Association
=============================

June 29, 2009 - "Iceman," Founder of Online Credit Card Theft Ring, Pleads Guilty to Wire Fraud Charges

United States Attorney Mary Beth Buchanan announced today, June 29, 2009, that Max Ray Butler, also known as Max Ray Vision, of San Francisco, California, has pleaded guilty in federal court in Pittsburgh to wire fraud charges. 

Butler, age 36, of 73 Webster Street, San Francisco, California, pleaded guilty to two counts before Senior United States District Judge Maurice B. Cohill.

In connection with the guilty plea, Assistant United States Attorney Luke Dembosky advised the court that Butler, known widely on the Internet as "Iceman," among other aliases, conducted computer hacking and identity theft on the Internet on a massive scale.  As part of the scheme, Butler hacked into financial institutions, credit card processing centers and other secure computers in order to acquire credit card account information and other personal identification information.  Many of these cards
were provided to an accomplice, Christopher Aragon, based in the Los Angeles area, who used the cards and a team of associates to buy up merchandise for sale.  Butler sold the rest of the card numbers outright over the Internet.

Dembosky stated that Butler and Aragon created a website known as "CardersMarket," devoted to the acquisition, use and sale of credit card account information, a process known as "carding."  A primary purpose of the site was to recruit talented individuals to assist in carding activity.  At its peak, CardersMarket had approximately 4,500 members worldwide.

Butler was arrested by the United States Secret Service on a criminal complaint in the case on September 5, 2007 in San Francisco. Dembosky informed the court that a search of the computer systems in Butler’s apartment revealed more than 1.8 million stolen credit card account numbers.  The Secret Service provided these account numbers to Visa, Mastercard, American Express and Discover, which reported that the amount of fraudulent charges on the cards in Butler’s possession totaled approximately $86.4 million.  Dembosky said that these losses have been borne by the thousands of banks that issued the cards.

Judge Cohill scheduled sentencing for October 20, 2009 at 1:30 pm.  The law provides for a maximum sentence at each count of 30 years in prison, a fine of $1,000,000, or both.  Under the Federal Sentencing Guidelines, the actual sentence imposed would be based upon the seriousness of the offense and the prior criminal history, if any, of the defendant.

The United States Secret Service led the investigation of Butler, with the assistance of the Computer Crime and Intellectual Property Section (CCIPS) of the Department of Justice; the Federal Bureau of Investigation; the Vancouver Police Department, Vancouver, Canada; the Newport Beach Police Department, Newport Beach, California; and the Orange County Sheriff's Department, Orange County, California.  The United States Attorney's Office forthe Northern District of California also assisted in the
apprehension of Butler.

An indictment is only a charge and is not evidence of guilt.  A defendant is presumed innocent and is entitled to a fair trial at which the government must prove guilt beyond a reasonable doubt.

 

March31, 2009 - FTC Tells Congress Changes in Law and More Resources Would Enhance the Agency’s Consumer Protection Efforts in Financial Services Markets
The Federal Trade Commission today told the U.S. House Subcommittee on Financial Services and General Government of the Committee on Appropriations that the FTC has intensified its efforts to protect consumers in financial services markets, and that changes in the law and additional resources would enhance the agency’s effectiveness.

FTC Chairman Jon Leibowitz testified that the economic crisis has had devastating effects on consumers’ ability to obtain credit, make their credit payments, and maintain their credit ratings. Federal agencies need to more effectively police the financial services industry, the testimony stated.

The testimony noted that the Commission has brought more than 70 financial services consumer protection cases in the past five years, focusing on foreclosure rescue and loan modification scams, mortgage servicing, fair lending, credit advertising, debt collection, debt settlement, and credit repair. The FTC also has provided consumer and business education, and undertaken research and policy development in the financial services market.

The FTC is committed to protecting consumers in the broader credit marketplace, the testimony stated. To enable the Commission to perform a greater and more effective role protecting consumers of financial services, the testimony recommended changes in the law and additional resources to enhance the agency’s authority to romulgate needed rules, prosecute cases against law violators, and conduct critical research.

The Commission vote authorizing presentation of the testimony and its inclusion in the formal record was 4-0.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,500 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC’s Web site provides free information on a variety of consumer topics.

 

February 16, 2009 - Telephone Credit Card Scam
It has been brought to our attention that fraudulent TELEPHONE CALLS are being made to mobile and landline phones to people randomly across the country. In this "vishing" scam, people receive a phone call (often showing a phone number such as 862-579-2935 and sometimes a business name such as Ascentra Credit Union or some other financial institution) and upon answering the call an automated recording is played stating they are from Ascentra Credit Union or some other financial institution to alert the consumer that their credit card has had fraudulent activity. The message instructs the consumer to press 1 and then enter their credit card number (a variation of this scam may instruct the consumer to call a phone number such as 862-579-2936 and then enter their credit card number and other personal information).   Typically the phone number has already been disconnected by law enforcement.

When the victim calls the number, it is answered by automated instructions to enter their credit card number or bank account number on the key pad.  Once the consumer enters their credit card number or bank account number, the visher has the information necessary to make fraudulent use of the card.
The call is often used to harvest additional details such as security PIN, expiration date, date of birth, social security number etc.

PHONE MESSAGES LIKE THIS DO NOT ORIGINATE FROM ASCENTRA CREDIT UNION. DO NOT CALL THE NUMBER IN THE MESSAGE. Ascentra Credit Union will never contact you in regards to your account status in this manner.  If you receive such a phone message where the message states they are from Ascentra Credit Union we would appreciate hearing from you.  Please write down the name and number that appears on your caller ID.  Also, please write down what the message said as best you can remember it.  Then please call the credit union at 355-0152 or 800-426-5241 Ext 0 to inform us.  It is NOT necessary to contact us if the message does not use the name of Ascentra Credit Union

If you ever have a question concerning your account or credit/debit card, contact us directly at 355-0152 or 800-426-5241 Ext 0.       .
Please remember that Ascentra Credit Union, the NCUA, CUNA, CUNA Mutual, or any other organization pertaining to credit unions, DOES NOT e-mail, text message, or instant message our members asking for personal information such as social security numbers, account numbers, dates of birth, etc.
 

February 5, 2009 - Text Message Scam
It has been brought to our attention that a fraudulent TEXT MESSAGE is being circulated via mobile phone to people randomly across the country. In this "smishing" scam, people receive a text message via cell phone warning that their account has been locked. It then tells people they need to call a certain phone number to reactivate the account. Unsuspecting people who dial the number provided in the text message will be taken to an automated voice mail box that prompts them to key in their credit or debit card number, expiration date and PIN to verify their information (often the phone number has already been disconnected by law enforcement).

TEXT MESSAGES LIKE THIS DO NOT ORIGINATE FROM ASCENTRA CREDIT UNION. DO NOT CALL THE NUMBER IN THE TEXT MESSAGE. Ascentra Credit Union will never contact you in regards to your account status in this manner.  If you receive such a text message, please contact your cell phone service provider immediately to alert them of the fraud attempt, and discuss recommendations for handling scam text messages.

An example of the fraudulent text message is below:

"(8877) Dear Credit Union Customer, we regret to inform you that we had to lock your bank account access. Call (801) 804-7139 to restore your bank account. Sent on Feb 4, 10:38 pm"

If you ever have a question concerning your account or credit/debit card, contact us directly at 800-426-5241.

Please remember that Ascentra Credit Union, the NCUA, CUNA, CUNA Mutual, or any other organization pertaining to credit unions, DOES NOT e-mail, text message, or instant message our members asking for personal information such as social security numbers, account numbers, dates of birth, etc.
 

December 19, 2008 - Defendants Sentenced for Role in Sale of $2.5 Million Worth of Counterfeit Software

Three defendants were sentenced to prison today for their roles in an online copyright infringement scheme involving the sale of counterfeit software worth $2.5 million, Acting Assistant Attorney General Matthew Friedrich of the Criminal Division and U.S. Attorney Johnny Sutton for the Western District of Texas announced. The case is part of the Justice Department’s ongoing initiative to combat the commercial distribution of pirated and counterfeit goods through online auction sites and other Web sites.  Thomas C. Rushing III, 24, of Wichita Falls, Texas; Brian C. Rue, 29, of Denton, Texas; and William Lance Partridge, 24, of Royse City, Texas, were sentenced by U.S. District Judge Sam Sparks in Austin, Texas, for selling counterfeit computer software over the Internet in violation of criminal copyright laws.

Rushing was sentenced to three years in prison, threes years of supervised release and a $10,000 fine. In addition to the prison term, Rushing also was ordered by Judge Sparks to forfeit his 2006 Porsche Cayenne purchased with illegal proceeds and approximately $40,000 seized from bank accounts controlled by Rushing. Rue and Partridge were each sentenced to 12 months and one day in prison, three years of supervised release and a fine of $3,600. In addition to the prison terms, Rue was ordered by the court to forfeit approximately $17,000 seized from a bank account he controlled and Partridge was ordered to forfeit a 46” HDTV purchased with illicit funds.

The court also ordered the forfeiture of the Web site domain names - “valuesoftwaresales.com,” “allsoftwaredownload.com,” “esoftwarevalue.com” and “priceslashsoftware.com” - used in the sale of pirated software.

Documents filed with the court indicate that from early 2006 through September 2007, Rushing, Rue and Partridge operated Web sites that sold a large volume of downloadable counterfeit software without authorization from the copyright owners. The defendants also promoted their illicit scheme by purchasing advertising for their Web sites from major Internet search engines. During the course of the scheme, the defendants processed more than $1.2 million in orders through credit card merchant accounts under their control. Rushing, Rue and Partridge each pleaded guilty in Austin on Aug. 22, 2008, to criminal copyright infringement for selling pirated software through the Internet.

The case is part of the Department of Justice’s ongoing initiative to combat the sale of pirated software and counterfeit goods through commercial Web sites and online auction sites such as eBay. Including these cases, the initiative has obtained 33 felony convictions. The Department’s initiative to combat commercial online piracy is just one of several steps being undertaken to address the losses caused by intellectual property theft and hold responsible those engaged in criminal copyright infringement. The cases were prosecuted by Trial Attorney Marc Miller of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorney Matthew B. Devlin of the Western District of Texas. The cases were investigated by the U.S. Immigration and Customs Enforcement (ICE) Cyber Crimes Center, the National intellectual Property Rights (IPR) Coordination Center and ICE field offices in Austin and San Antonio, Texas.

October 1, 2008 - FTC’s Cyber Security Site Gets an Upgrade - Makeover Marks National Cyber Security Awareness Month
The Federal Trade Commission’s Web site that helps consumers stay on guard against Internet fraud is revamping to provide extra tools for cyber safety. The FTC’s announcement of the newly designed and improved site comes on the first day of October, which is National Cyber Security Awareness Month.

Since the September 2005 launch of www.OnGuardOnline.gov and its Spanish-language counterpart, www.AlertaEnLínea.gov , more than 8.1 million visitors have learned about computer security at these sites.

Now, with the help of 22 federal agencies, industry organizations, and non-profit groups, the FTC has introduced a variety of new features to help consumers avoid Internet fraud, secure their computers, and protect their personal information. The site’s Web 2.0 redesign allows users to download and embed games and videos, and search for topics.

The articles, games, and videos on the site provide information on 16 topics, including social networking, phishing, spam scams, and laptop security. Consumers can use buttons and banners to link from their sites. They also can order free publications and link to OnGuard Online’s partners, which include:

The Department of Homeland Security’s National Cyber Security Division; the Department of Justice’s Office of Justice Programs; the Internal Revenue Service; the United States Postal Inspection Service; the Department of Commerce's Technology Administration; the Securities and Exchange Commission; the Internet industry’s public service organization GetNetWise; the National Cyber Security Alliance; the Anti-Phishing Working Group; i-SAFE America, an Internet education and outreach program; AARP; the National Consumers League; the Direct Marketing Association; WiredSafety.org; the SANS (SysAdmin, Audit, Network, Security) Institute; the National Association of Attorneys General; the Better Business Bureaus; NetFamilyNews, a Web site, blog, and e-mail newsletter for parents; the Computing Technology Industry Association; the National Crime Prevention Council; the Association of College Unions International; and the Latinos in Information Sciences and the Technology Association (LISTA).

The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint or to get free information on consumer issues, visit ftc.gov or call toll-free, 1-877-FTC-HELP (1-877-382-4357); TTY: 1-866-653-4261. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel , a secure online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.

 

July 8, 2008 - ‘Red Flag’ Regulations Require Financial Institutions and Creditors to Have Identity Theft Prevention Programs
Financial institutions and creditors are now required to develop and implement written identity theft prevention programs under the new "Red Flags Rules."

The Red Flags Rules are part of the Fair and Accurate Credit Transactions (FACT) Act of 2003. Under these Rules, financial institutions and creditors with covered accounts must have identity theft prevention programs in place by November 1, 2008, to identify, detect, and respond to patterns, practices, or specific activities that could indicate identity theft.

The Commission staff is launching an outreach effort to explain the Rules in greater detail. It has now published a general alert on what the Rules require, and, in particular, an explanation of which businesses - financial institutions and creditors - are covered by the Rules.

"We want financial institutions and creditors to know that they are covered by the Red Flags Rules and to understand what is required of them," said Lydia Parnes, Director of the Bureau of Consumer Protection at the Federal Trade Commission. "We encourage all organizations that have ongoing accounts or relationships with consumers to keep an eye out for red flags that signal identity theft. But this rule does not apply to every business or employer; only those entities that are considered creditors or financial institutions are subject to the Red Flags Rules."

To learn more, go to http://www.ftc.gov/bcp/edu/pubs/business/alerts/alt050.shtm.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,500 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC’s Web site provides free information on a variety of consumer topics.

 

Random Ascentra Credit Union members have reported receiving phone calls with a pre-recorded message that offers a lower interest rate (or increase their credit limit) on their Ascentra account (the message may not mention Ascentra and might mention other bank names) . The caller is then prompted to press a number on their phone keypad to get further information about their lower rate. It is likely that if a member responded to this prompt they would be further prompted to enter their account/credit card number and other private information such as their social security number.   THESE PHONE CALLES ARE FRAUDULENT! Ascentra Credit Union would never use an automated phone dialer system to call you and prompt  for account or private information! If you receive a call like this please report it to Ascentra Credit Union at 800-426-5241, Ext. 0 immediately.