UPDATED: 7/23/24
CrowdStrike Outage Leads to Rise in Phishing Scams
The global CrowdStrike outage continues to cause service and website disruptions for customers around the world, creating an opportunity for cybercriminals to compromise unsuspecting victims. Malicious actors are creating fake websites to lure victims by promising a quick fix to the CrowdStrike scam. In some cases, the scammers are also impersonating CrowdStrike employees through email and phone.
If you or someone you know has been affected by the outage:
1. Make sure you are speaking only with someone from CrowdStrike, not an impersonator.
2. If you get a pop-up – immediately turn off your computer. When you turn it back on, the pop-up should be gone.
3. If members receive a call, email or text message from someone offering a fix for the CrowdStrike outage, they should not click on any links, or respond to the texts or calls.
4. CrowdStrike has provided a link to updates through their support portal at https://supportportal.crowdstrike.com/s/login/.
If you believe you may have given your information by mistake, please contact us immediately so we can take steps to protect your accounts.
-
Contact our Member Contact Center at (920) 830-7200.
-
Change your Digital Banking Password.
-
Refresh Digital Banking Security Questions.
-
Lock your Debit Card.
-
Set up Digital Banking notifications to monitor your account activity.
UPDATED: 6/26/24
Members Receiving Spoof CFCU Calls
Several members have reported receiving calls and texts from our known CFCU number, (920) 830-7200. The caller is claiming to be from Community First Credit Union and instructing members to provide personal information. Members have reported the caller:
Questioning them about recent transactions:
-
Having a strong accent
-
Calling several times in a row
-
Requesting card numbers, PINs, and 3-digit CSV codes
Remember, we will never call or text requesting this information. If you receive one of these calls or texts, or believe you may have given your information by mistake, contact us immediately so we can take steps to protect your accounts.
-
Contact our Member Contact Center at (920) 830-7200.
-
Change your Digital Banking Password.
-
Refresh Digital Banking Security Questions.
-
Set up Digital Banking notifications to more actively monitor your account activity.
UPDATED: 5/15/24
Fraudulent Verification Scam
Members are reporting that they are being contacted through automated and live phone calls from people identifying themselves as being with Community First. The fraudster mentions that they will be sending a code to confirm information and the member is asked to verify it with their debit card PIN. Do not engage with these messages. Sharing your code can allow the fraudster access to your debit card.
Please note: Community First will NEVER ask you for your debit card PIN, digital banking credentials, activation codes, or other sensitive information.
If you believe you may have given your information by mistake, please contact us immediately so we can take steps to protect your accounts.
-
Contact our Member Contact Center at (920) 830-7200.
-
Change your Digital Banking Password.
-
Refresh Digital Banking Security Questions.
-
Lock your Debit Card.
-
Setup Digital Banking notifications to monitor your account activity.
UPDATED: 4/22/24
Gamestop Text Scam
Members have reported receiving text referencing a purchase at Game Stop. This is a scam with the goal of obtaining personal and banking information to be used for fraudulent purposes (see image below for an example of the fraudulent text).
If you believe you may have given your information by mistake, please contact us immediately so we can take steps to protect your accounts.
- Contact our Member Contact Center at (920) 830-7200.
- Change your Digital Banking Password.
- Refresh Digital Banking Security Questions.
- Setup Digital Banking notifications to more actively monitor your account activity.
UPDATED: 3/1/24
“Vishing” Campaign
Members have reported receiving fraudulent calls and voicemails regarding a declined airline purchase. The callers are claiming to be from
the credit union card loss prevention center referencing American Airlines purchases made via the member's credit union debit card. This is a scam with the goal of obtaining personal and banking information to be used for fraudulent purposes.
If you believe you may have given your information by mistake, please contact us immediately so we can take steps to protect your accounts.
- Contact our Member Contact Center at 920-830-7200.
- Change your Digital Banking Password.
- Refresh Digital Banking Security Questions.
- Setup Digital Banking notifications to more actively monitor your account activity.
UPDATED: 2/28/24
Text Support Scams
Members have reported receiving fraudulent text messages (Please see message below for an example of a recent fraudulent message).
Tech support scams, which start with an unsolicited phone call or pop-up warning on your device, typically claim to be from Microsoft, Norton, or other tech companies. The pop-up message warns of grave problems, persuading the recipient to allow the "tech support" personnel to remotely connect and resolve the issue. Instead, they are installing malware to harvest personal information, or convincing their victim to pay for extensive repair and protection.
Below is an example of what someone might see when being targeted by this scam:
If you encounter a pop-up message, contact us at 920-830-7200. Then, do the following:
- Step 1: Disconnect from the Internet.
- Step 2: Run a Malware Scan.
- Step 3: Check for Suspicious Programs or Browser Extensions.
- Step 4: Clear Browser Cache and Cookies.
- Step 5: Reset Browser Settings.
- Step 6: Update Windows and Software.
- Step 7: Educate Yourself to Avoid Future Scams.
UPDATED: 2/7/24
Fraudulent text messages
Members have reported receiving fraudulent text messages (Please see message below for an example of a recent fraudulent message). Please be aware and do not open any suspicious messages. Please contact us if you are unsure if the message is from Community First Credit Union at (920) 830-7200.
Please be advised, members who have unknowingly engaged in this scam have received additional communication from the fraudsters, including:
- Multiple (many) calls and texts
- Requests for the members’ information, including expiration dates, CVV codes, account numbers, and digital banking credentials on all of their accounts
- Face-time calls with the “Community First” imposter
- Claims they are representatives of the Community First Fraud Unit and/or performing security checks on the members’ accounts
- Requests to verify if certain charges are fraudulent (in an effort to have members provide their personal information)
UPDATED: 11/15/23
Compromised Email
Members have reported having their email hacked. In this situation, it’s important to also check and secure your Digital Banking.
Steps to Take
If you suspect fraudulent access to you email or bank account(s), you should proceed as follows:
- Contact us immediately
- Check your online banking for any indication fraudsters have accessed your account
- Change your password
- Enable multiple-factor authentication
Signs of a Compromised Email
- Unauthorized login attempts: If you receive notifications or emails indicating that someone has attempted to log in to your email account from an unfamiliar location or device, it's a red flag that your account may have been compromised.
- Changes to account settings: If you notice that your account settings, such as your password, security questions, or forwarding rules, have been changed without your knowledge or consent, it's possible that your account has been hacked.
- Suspicious activity: If you notice unusual activity in your email account, such as emails that you didn't send, or emails that have been deleted or moved to the trash folder without your knowledge, it's a sign that someone else may have gained access to your account.
- Spam or phishing emails: If your contacts start receiving spam or phishing emails that appear to be coming from your email account, it's possible that your account has been hacked and is being used to send out spam or phishing emails.
If you suspect that your email account has been hacked, it's important to take immediate action to secure your account. Change your password and security questions, enable two-factor authentication, and check your account settings and activity logs for any suspicious activity. You may also want to contact your email service provider for further assistance.
Additional Considerations
These steps can help prevent email-related fraud:
- Use a password manager to keep all strong passwords secure
- Use security software like malware scanners
- Remove any malware that’s found (or take your computer to a reputable business to be cleaned)
- Warn your contacts that your email has been hacked
- Check your email settings to see if there are rules set up to forward emails
- Delete any rules you didn’t set up
- Check your sent folder for emails the hacker sent from your account
- Look in your deleted folder for emails the hacker may have read then deleted
UPDATED: 11/10/23
Phone Scam
Members have reported receiving fraudulent phone calls. The caller is stating that they are “from CFCU.”
We will never call to ask a member for digital banking credentials, sensitive information, or a member’s PIN.
If you believe you may have given your information by mistake, please contact us immediately so we can take steps to protect your accounts.
- Contact our Member Contact Center at 920-830-7200.
- Change your Digital Banking Password.
- Refresh Digital Banking Security Questions.
- Setup Digital Banking notifications to more actively monitor your account activity.
Text Scam
UPDATED: 8/28/23
Members have reported receiving the following text messages from Community First Credit Union. Please beware and do not reply. Community First Credit Union will NOT contact you about charges by text or email.
What if you are worried about being compromised?
- Ask for help. If you are questioning something, even just a little. Reach out to us so we can help you determine if a request is legitimate or potentially an attempt at fraud.
- Report it. In every instance where personal information has been compromised or money has been sent, our greatest asset is time. If you ever believe you may have been misled, made a transaction or shared information with a fraudster, contact us immediately so we can take steps to protect your accounts.
Do not engage with or respond to a text or email like this. Instead, if you have any concerns, always contact us directly at phone numbers you know to be Community First or visit us in person.
Never provide PIN, digital banking credentials or other sensitive information to anyone who calls or texts you to ask for it – even if they claim to be us. We will never ask for that information.
If you believe you may have given your information by mistake, please contact us immediately so we can take steps to protect your accounts.
- Contact our Member Contact Center at (920) 830-7200 or 1-866-273-2328.
- Change your Digital Banking Password.
- Refresh Digital Banking Security Questions.
- Setup Digital Banking notifications to more actively monitor your account activity.
Tech Scams
UPDATED: 6/29/23
We have been alerted of several local instances of tech scams. Please be very cautious and follow the recommendations below:
What are tech scams?
In these scams, messages appear on your computer, phone or smart tv with urgent warnings about the security of your device. You are directed to click a link or call a number that eventually leads to providing remote access to your device to fix the problem. During the session, they will either load software that tracks your activity, usernames and passwords (including those for digital banking), for their own use later.
What can you do to prevent tech scams?
- Protect Your Information. Account information or digital banking access can be just as valuable as money to fraudsters.
- Do not share your digital banking credentials.
- Do not provide remote access to your computer, phone or smart tv.
- If you are using your cards to make payments, understand who you’re dealing with.
- Watch for Red Flags. Has someone you’ve never met in person asking for money or digital banking access? Is the person who is offering to help with your computer someone who is in trouble? Are you being coached on what to say and how to answer questions? Are you being threatened? Is there a pressing sense of urgency? Are you being asked to send money or payment via untraceable and unrecoverable wire transfers, gift cards or crypto currency? All of these are red flags for scams.
- Scrutinize communications. Scammers attempt to impersonate trusted businesses, including ours. Before you click on links, or respond to messages or calls or provide information, take a closer look. Is the email address what you expect? Is the website address valid? Are their typos or other formatting inconsistencies? Are you being asked to share sensitive information? If anything seems off, contact the company at a number you know to be valid – through an internet search or other communications.
- Monitor your accounts. Digital Banking give you many ways to stay connected to the activity in your accounts. Real-time Alerts are available to notify you of transactions, balances, even logins, even as they take place so you can recognize if something has taken place on your accounts that you didn’t authorize. Setting up Alerts is one of the best practices you can put in place to protect yourself and your money.