Online Banking Scam Alerts
At RCU we give our full attention to making your online banking experience as safe and secure as possible, so you can use our electronic services with confidence. But online security doesn't stop there – it involves every computer on the internet, even yours.
Recently a small number of Members have reported seeing an unfamiliar page when they attempt to log into eBranch. This page ask for Credit Card information. This is not a real eBranch page, but is part of a computer infection/scam designed to steal your Credit Card information. Below is a picture of what this page looks like, followed by what it is, what to do if you see it, and how to prevent having your computer infected with malicious software like this.
What it is?
Our research shows that this is a crimeware (malicious software used to commit a crime) program called Zeus. This software has complete control over an infected computer, and is often used to steal financial information. It is part of what is called a botnet, which is when one computer has control of many other computers.
A good explanation of this software can be found here.
What to do if you see it?
1. Do not enter any information in this page. RCU would never ask for this kind of information. You will always be informed of any changes to RCU electronic services, including eBranch, before they happen.
2. Unplug your computer from the internet. This will prevent the Zeus program from being able to contact the controlling computer.
3. Seek help in removing Zeus from your machine, and do not use your computer on the internet until you 're sure that it has a clean bill of health. Whether you find information from your anti-virus provider, or you get help from one of the many local shops, it is important that you do not use your computer on the internet until you're sure that Zeus is gone.
How to prevent your computer from becoming infected with malicious software?
1. Always apply security patches from your software providers. Software makers provide security patches on a regular basis. If you're on your home computer, remember to apply them when your computer prompts you. At your business, please follow the patching guidelines of your IT professionals.
2. Use security software. If you're on your home computer, make sure to have good security software installed with its definitions up-to-date. At your business, please follow the guidelines of your IT professionals.
3. Never click on a link in an email, especially an unsolicited one. It's easy for an attacker to make a link look like it's going someplace you trust, when it's really leading you to a dangerous place.
4. Never open email attachments that don't come from a trusted source, and if you do trust them, always scan them for viruses first.
5. Pay attention when your computer prompts you about installing software. If your computer gives you a "Yes/No" prompt asking if it is okay to install software, only say "Yes" if you initiated the install yourself.
6. Pay attention to where a link takes you. When you hover over a link, it will tell you in the lower left corner of your browser where the link is going to take you. If it looks fishy, chances are it is.
7. Turn off your computer when you're not using it! It is not possible to get malicious software when your computer isn't on.
8. Never give out any personal information when you do not trust a web page!