Navy Federal Credit Union warning members not to take ‘phishing’ bait
SASEBO NAVAL BASE, Japan — Navy Federal Credit Union, which has 15 bank branches in the Pacific region, is warning its 2.5 million members not to take the bait offered by e-mail “phishing” scams it recently discovered.
Phishing occurs when an account holder receives a real-looking e-mail ostensibly from a company they know and trust. A message will instruct the recipient to click on a link to an official-looking Web site, where he or she is asked for personal or account information, said Keasha K. Lee, a Navy Federal spokeswoman in Merrifield, Va.
“Navy Federal will never send unsolicited e-mails to members requesting personal information,” Lee stated in an e-mail response to Stars and Stripes questions.
“An insignificant amount of members have been affected by the phishing scams,” she stated, adding that education is the best protection against becoming a victim.
Navy Federal officials have issued an alert about the scams on their Web site at www.navyfcu.org. In addition, several links on the site notify consumers about the types of information thieves request, as well as tips to protect themselves.
Those using Navy Federal’s online banking options are not the only ones susceptible to a scam, Lee said.
“Anyone that has an e-mail address is at risk for receiving fraudulent ‘phishing’ e-mails.” Phony e-mails can represent themselves as from all kinds of services, she said, including utility companies, retailers and Internet service providers.
Among information on the Navy Federal Web site is an example of a phishing letter. The e-mail message contains a link to a site that looks like Navy Federal’s account access page and actually states that the credit union “and its service providers are committed to protecting your privacy and ask you not to send sensitive account information through e-mail.”
If you sign on and follow the instructions contained in the e-mail, you are taken to other pages that also look like actual pages from Navy Federal’s Web site, including a page that asks you to enter personal and account information.
This information includes your name, Social Security number, date of birth, credit card number and expiration date, ATM personal identification number and e-mail address.
“If a member does disclose information and notifies us that they have done so,” Lee said, “the account that has potentially been compromised will be closed and a new account will be opened.”
The spokeswoman said the credit union is maintaining ongoing dialogue with law enforcement agencies in reference to these types of scams.
The credit union asks anyone who receives a questionable e-mail to forward the complete header and message to email@example.com, she said.