News

Category: Fraud View all

“Heartbleed Bug” – Internet Security

POPA Federal Credit Union has assessed and found all member web-facing systems unaffected by the “Heartbleed Bug”. Please feel confident that POPA Federal Credit Union has and will continue to take the required steps to address current and future security issues. We will, continue to monitor all systems and keep members informed as necessary.

What is “Heartbleed Bug”?

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users. This is all accomplished without leaving a trace on the server.

What can I do to protect myself?

It is recommended that members regularly change all internet accessible passwords (Online banking systems, e-mail accounts, online shopping accounts, etc.) and use a unique password for each system. POPA Federal Credit Union recommends that members contact manufacturers of all internet connected devices about any possible Heartbleed Bug vulnerabilities.

Is my mobile device secure?

Apple computer announce that all their devices and applications have not been affected by the Heartbleed Bug, except for the Blackberry Messenger for IOS application. Google Android and Windows devices have been found secure except for Google Android versions 4.1.0 and 4.1.1. We recommend that members contact their mobile device provider or cellular carrier for more information about any Heartbleed bug vulnerabilities.

What is not affected?

Web, email and mobile-app communications that were never meant to be secure. Windows PCs, Macs, most Linux desktop and laptop machines. iOS (Apple) devices and most Android devices.

Questions?

Please call us at (562) 229-9181 and one of our Member Service Representatives will be happy to assist you.

Key Copies… by Smartphone!

  • Categories: Fraud
Opdc6odhr28k1bpvmkk3+article-image-keys

Smartphone apps are convenient in ways we never imagined!
There is now an app that allows you to copy keys with your phone. “Keys Duplicated” aka “Shloosl”, will copy your house key for you using nothing more than a couple of smart phone photos.

MasterCard® SecureCode™

Doer8ccjt7qnn8tvb7fs+home-article-mastercard-securecode

MasterCard® SecureCode™ is a service from MasterCard and POPA FCU that provides added protection when you buy online. There is no need to get a new MasterCard card. You choose your own personal MasterCard SecureCode and it is never shared with any merchant. A private code means added protection against unauthorized use of your credit or debit card when you shop online.

Stay Safe: Change Your Passwords

Password-security

According to a report released Dec. 3rd by cybersecurity firm Trustwave, over two million passwords have been stolen, compromising accounts at Facebook, Gmail, Twitter, Yahoo, ADP and more.

Target Issues Phishing Warning

Target

As we continue to monitor the recent Target compromise, we have learned of recent phishing emails related to the Target breach. The emails look like they are from Target and play on the fears of the public that they may have had their card compromised.

To be safe, proceed with caution if you receive an e-mail from Target. Do NOT OPEN any links that may be included in these emails as that could potentially allow additional access to your personal information. Target is posting any and all emails to their breach-related site so you will know the difference between valid emails and phishing emails.

Target’s breach-related site can be accessed here.

Important Notice: Recent Data Breach at U.S. Target Stores

Please be aware that the recent unauthorized access to payment card data at U.S. Target stores may impact you. If you have used your POPA MasterMoney Debit Card and/or POPA VISA Credit Card from Nov. 27 to Dec. 15, 2013, we recommend that you closely review your account statements for any suspicious or unusual activity on your accounts. We also encourage you to set up “Alerts” on Online Banking to immediately notify you via text or email on account transactions. If you suspect fraud, please contact us immediately. You may also choose to take precautionary measures by having a new card reissued to you by calling the closest POPA office nearest you, POPA Phone Banking, or Online Banking – please remember that choosing this option may take 10 business days or more for you to receive your new card. For details regarding the data breach, please see Target’s press release here.

PHONE SCAMS Claiming to be from the California State Sheriffs Association

  • Categories: Fraud
Article-image-phone-scam

The California State Sheriffs’ Association Foundation (CSSAF) has recently been advised that citizens have received suspicious phone calls that appear to be coming from their number 916.375.8000.

If you receive any suspicious calls DO NOT give out any personal information, such as social security number, bank account numbers, etc., and report these calls to your local law enforcement agency immediately.

Utility Bill Scams Continue to Target So Cal Edison Customers

  • Categories: Fraud

Southern California Edison (SCE) is advising customers to be aware of a telephone scam that demands immediate payment for allegedly past due electricity bills. Impostors have been calling SCE customers telling them they must make immediate payment on past due bills or have their electric service disconnected. The callers are also demanding that payment be made through a prepaid cash card. Other forms of fraud involve customers being asked to purchase prepaid debit cards. Scammers ask for the debit card number and collect the value deposited on the card.