Box 326, 4809 Herald St.
Macklin, SK S0L 2C0

P: 306-753-2333

 F:306-753-2676

 

back to home page

 

Fraud Alerts

 

 

 

 

We would like to remind all our members that Macklin Credit Union staff will never send any emails containing personal information unless you, as our member, specifically requested it.

 

If you receive ANY email, even an email that looks legitimate, from a sender claiming to be a Macklin Credit Union employee, and you did not specifically request this information, please do not open the email and give us a call immediately on 306-753-2333.

 

Likewise, with Interac E-transfer notifications: if you are not expecting an e-transfer, do not open any links in notification emails without verifying the source of the message.

 

If you have signed up for E-statements, you will never receive the statement as an attachment in an email. If you have any questions or concerns, please do not hesitate to contact us.

 

Current Fraud/Scams

 

Recently, there has been a spike in attack vectors known as Intercepted e-Transfers.

 

This is a fraud trend that occurs when a legitimate member sends an e-Transfer to someone they know, and criminals seize the opportunity to deposit the funds to their own account before the intended recipient can do so.  The interception is NOT caused by a vulnerability in the mobile App, or the e-Transfer product, but by the recipient's email account.  If an email account has weak security and is hacked, the hackers watch for e-Transfer notifications and then attempt to deposit the funds into their own account.  They are successful at this because the security question that protects the e-Transfer is either easy to guess, or in some cases, even sent to the recipient by email when the e-Transfer is created.

 

How can you protect yourself from this trend?

   • Never send the answer to the security question by email.  Use text, or call the recipient yourself.

   • Select a question and answer that would be impossible for a third party to guess.  If the criminal cannot guess your

     answer, they cannot access the funds.

   • Protect your email account by enabling two-factor authentication and sign in notifications.  Change your password

     regularly and use strong, complicated passwords for your account.

 

Macklin Credit Union will be introducing Autodeposit within the next few months.  This service will let you set up a profile for e-transfer and when the notification for a e-Transfer comes to the recipient, the funds will be deposited into the account with one click - no sign on needed.  This will make e-Transfers much more secure as the account information or the sign on information cannot be manipulated or stolen by criminals.

 

Watch this space for more information and release dates of this new feature.

 

 

Credential Stuffing

 

This term refers to the trend where fraudsters take a stolen username and password and then run it through different sites to see if they can access secure sites anywhere else on the web.  This works, because many people use the same username and password for most of their secure online profiles.  In 2018 alone, there were more than 30 billion of these attacks on the internet, mostly performed by botnets.

 

How can you protect yourself from these attacks?

  • Do not re-use your usernames and passwords.  Especially those you use for

      Online Banking or sites that contain credit card information and personal

      credentials.

  • Change your passwords frequently - best practice is at least every 90 - 120 days.
  • Use two-factor identification for any site that has this available.

 

 

 

 

© 2015 MACKLIN CREDIT UNION LTD.