Fraud Protection: Recognizing Phishing Emails

❯

The safety and security of your account is of utmost importance to us. Occasionally, you may receive fraudulent emails from sources that claim to be Bethpage Federal Credit Union, asking for personally identifiable information. Bethpage will never contact members through email to request information, such as account numbers, passwords, debit or credit card numbers, expiration dates, Social Security numbers or personal identification numbers (PIN).

You should never respond to an email that:

Asks you to validate or update your personal information.
Threatens to close or suspend your account if you do not take immediate action and provide personal information.
Solicits your participation in a survey where you are asked to enter personal information.
States that your account has been compromised, or that there has been third-party activity on your account, and requests you to enter or confirm your account information.
States that there are unauthorized charges on your account and requests your account information.
Asks you to enter your User ID, password, account number, PIN or card expiration date.
Asks you to confirm, verify, or refresh your account, credit card, or billing information.

If you are questioning the authenticity of an email claiming to be sent by Bethpage Federal Credit Union, please follow the steps below:

Open a new email and attach the email you suspect is fake. Send the new email to spoof@bethpagefcu.com. If you are unable to send the email as an attachment, simply forward it to spoof@bethpagefcu.com.
Note: Sending the suspicious email as an attachment is the best way for us to investigate it.
Permanently delete the message from your inbox.
Call us at 1-800-628-7070 if you have additional questions or are concerned that you may have provided personal account information.

Our security team will investigate the legitimacy of the email and take necessary actions should the communication be fraudulent. The Spoof address is intended solely for reporting phishing emails directing users to fake or spoofed Bethpage web sites, and should not be used for other purposes. To report instances of fraud, please contact us at the number noted above.

Recognizing Fraudulent Emails

To identify a fraudulent email, look for the various highlighted elements in the example below:

"From" address - Find out who the email is really from

View the email header and "from" address to identify the sender and find out where the message really originated. This email attempt uses a phony email address: “gfhggf@gmail.com”.

Distorted (stretched) logo

A phishing email may contain the Bethpage logo, but fraudulent emails may have an image that appears stretched or distorted.

Note the email greeting

Some emails may not address the member by name. Or, there may be no name mentioned at all.

Strange wording / Misspelled company name

Another tactic used to bypass email filters. Examples in this email: “Beth Page” & “BethPage”.
Look for misspellings, grammatical or punctuation errors that can help identify phishing emails.

Check that the website you're accessing is legitimate

One common phishing technique is to include links in an email that look like they go to a legitimate website. Upon closer inspection, the link may actually take you to a website that has nothing to do with the company the email is pretending to be from, even though the resulting website may be designed to look exactly the same.

This link looks official, but notice what happens when the mouse curser rolls over it. The link’s destination points to a completely different website. Remember that you can always type a URL into your web browser instead of clicking a link.

On mobile devices, you cannot mouse over a link, so extra care needs to be taken when clicking on email links. Always check the site that you clicking through to by verifying the website address in the address bar.

When we receive reports of fraudulent e-mails, Bethpage works aggressively with law enforcement agencies to investigate them.