Fraud Alert Archives

March 5, 2012 - Fake Email Scheme

The FBI recently sent out a warning of a new spam email scheme that involves a type of malware called "Gameover".

In this scheme, the Credit Union member receives a fake email from a Federal Agency (NACHA, the Federal Reserve, the FDIC or NCUA) attempting to trick the recipient into opening a link to resolve some type of problem with their account or deal with a recent transaction. Once the link is opened, "Gameover" takes control of the person's computer and thieves have access to usernames, passwords and eventually money in the account.

While warnings of phishing scams have been widely publicized, this is just a reminder of how susceptible account holders can be to malicious attacks. Below are some important steps to help your members avoid falling victim to internet fraud and reducing the risk of loss:

  • Maintain the newest version of anti-virus software on your computer and mobile device;
  • Do not open any embedded links from emails if you doubt the authenticity of the sender;
  • Arizona State Credit Union will never request any personal information via email, and
  • Access your account often to verify the balance and check for any unauthorized transactions - report any discrepancies immediately.

It is very important to remember that Arizona State Credit Union never asks for personal information through text message, email or by phone. Emails may contain links to our website or other sites related to our industry. If you prefer not to use the link in the email, please visit our website by typing our web address into your web browser. Please contact us immediately if you ever have questions or concerns about suspicious emails you may have received from us.

Learn More about Phishing
Learn More About Vishing

January, 23, 2009 - Text Message Scam Alert

The Credit Union has become aware of a new text message scam being circulated to both members and non-members.  It is important to note that fraudsters send these text messages to a large list of random telephone numbers, hoping to reach a few members with the text message. 

The current fraudulent text message claims that “we have detected unusual activity on your account.” You are then prompted to call an 800 telephone number with instructions to provide sensitive information including Credit Card Number, Pin Number, and Account Number.

What to Watch For:

  • Urgent Requests for Personal Information
  • A Link to a Website in the Email
  • Threats, Urgency, and Too-Good-to-Be-True Offers

It is very important to remember that Arizona State Credit Union never asks for personal information through text message, email or by phone.  Arizona State Credit Union never provides a link to a website through email.

Learn More about Phishing
Learn More About Vishing



February 27, 2008 – Advanced Phishing Scam Alert

The Credit Union has become aware of a fraudulent email being circulated to both members and non-members. The fraudulent email does not reference our credit union specifically or our website, but instead references the Arizona Credit Union System website and claims you need to provide your personal information "if you are a member of any Federal Credit Union or Credit Union in Arizona" to "fight the funding of terrorism."”

This is a fraudulent email designed to trick people into entering their personal information and appears to have additional threats to members previously unknown.

This fraudulent website may contain a virus if you choose “save” after entering your personal information

The fraudulent email provides a link that leads to a fraudulent website. While the link and website look legitimate, they are fraudulent. The fraudulent website cites out-of-context Federal laws and provides a link to the Federal Financial Institutions Examination Council’s website. These federal laws are out-of-context and do not apply to you at this time. You do not need to enter your personal information in response to this email.

The fraudulent website then leads to a form which asks for your full name, social security number, birthday, address, phone number, and email. After you provide this information, it asks you to “save” a file, which is almost certainly a virus. Never respond to emails asking for account or personal information and never follow a link within these emails.

Never download anything from unknown sources.

Again, the Credit Union does not need you to provide your personal information. Members do not need to provide personal information through the Arizona Credit Union System. Fraudsters use scare tactics like this to obtain personal information and Credit Card information.

It is very important to remember that Arizona State Credit Union never asks for personal information through email or by phone. Arizona State Credit Union never provides a link to a website through email.


January 31, 2008 - Phishing / Vishing / Phone Scam Alert

Arizona State Credit Union has become aware of a new email being circulated to members which states that due to fraud attempts, "VISA Debit Cards Security Department" has suspended your account. The subject line is "Urgent Notification."

The email then provides a phone number for recipients to call in order to reactivate their debit card.

These emails are particularly concerning because they are playing on the "we will not solicit you to provide or update personal or financial information, or send an email containing links to VISA Debit Card web sites." These types of messages have previously been used in deterring phishing/vishing scams.

January 11, 2008 - Phishing Scam Alert

The Credit Union has become aware of an email being circulated to both members and non-members claiming that "we've been working to implement some new security enhancements" and in order to "enable these new security enhancements.you must verify your account information before you can continue using your card." The subject line is "Member Alerts" and it provides an email address to respond to called "accounts@azstcu.org."

This fraudulent email then provides a link to a fraudulent website that looks similar to the Credit Union's website. While the link within the email is disguised to look legitimate, it actually sends you to a fraudulent website. Within this spoof website, there is another link to follow to "verify your account." This next screen provides fields that ask for sensitive information including Social Security Number, Credit Card Number, PIN, and Card Security Number. This email and webpage are fraudulent.

New Fraud Alert November 1, 2007 - Phishing / Vishing / Phone Scam Alert

Arizona State Credit Union has become aware of a new email being circulated to both members and non-members which asks for personal account information. The fraudulent email is titled, "Identity Theft Protection Program." The email states that it is introducing a new identity theft program for Credit Union members. The email then provides a phone number that members must call in order to reactivate their account by giving personal information, including card number, PIN, and expiration date.

These emails are particularly concerning because they are playing on the "we will not solicit you over the web" message that has previously been used in deterring phishing / vishing scams.

October 29, 2007 - Phishing/Vishing Scam Alert
The Credit Union has become aware of an email being circulated to both members and non-members claiming to be a "CUNA Alert." The email claims that they have "detected some irregular activities on your check card" on a specific date.

The email then provides a phone number to call to "reactivate your card" and "remove restrictions on your account." If you call the number, you will be asked for your card number, PIN, and expiration date.

This is a fraudulent email and a fraudulent phone number.

This is a form of Vishing. Please click here to learn more about Vishing.

October 18, 2007 - Phishing Scam Alert

The Credit Union has become aware of an email being circulated to both members and non-members that claims that there is a "member verification error." The fraudulent email states that "your account has been locked." The email then provides a link to click on to "unlock your account." The link takes you to a fake log in page and accepts user names and passwords. The next window requests your name, email, credit card number, expiration date, verification number, and PIN. This is a fraudulent email and this is a fraudulent website.

August 21, 2007 - New Computer Virus May Prompt Online Fraud Attempt

Please be on the look out for a new computer virus that may be on your computer. This virus may cause a fraudulent screen to appear in the online Bill Payment window. The screen posts messages that attempt to trick you into providing sensitive information such as your account numbers and passwords - information the bill payment system already knows and you should not provide again.

If you are using online Bill Payment and a new screen appears out of context asking you to provide sensitive information, do not provide this information.

If you're in doubt about the validity of a screen, please contact us.

April 20, 2007 - Phishing Scam Alert

The Credit Union has become aware of a fraudulent email being circulated to both members and non-members. The fraudulent email does not reference our credit union specifically or our website, but instead references the Arizona Credit Union System website and claims that "savings accounts of customers have been stolen." The email then claims that "customers" will need to login at the Arizona Credit Union System website. There are numerous typos and misinformation in the email. No Savings Accounts have been stolen. There has been no change to the way members login to Online Banking. This is a fraudulent email designed to trick people into entering their personal and Credit Card Information.

The fraudulent email lists credit unions throughout Arizona and provides a link to follow. The link leads to a fraudulent website that looks similar to the Arizona Credit Union System website. There, it asks for a User ID, Password, and to identify the Credit Union name. Then it leads to a form which asks for a Credit Card Number, Expiration Date, CVV, PIN, and email address. Again, the Credit Union has made no changes to the way members login to Online Banking, and no accounts have been stolen. Members do not need to login through Arizona Credit Union System. Fraudsters use scare tactics like "stolen accounts" to obtain personal information and Credit Card information.

January 12, 2007 - Phishing Scam Alert
The Credit Union has become aware of an email being circulated to both members and non-members claiming that there has been "unsuccessful attempts to log in to your Online Branch Account" on a specific date "from a foreign IP address." Then the email asks you to sign in through a link provided in an email. The link takes you to a website that looks like our real website. The site allows you to log in and takes you to a screen that asks for your Credit Card number, expiration date, security code, PIN number, and mother's maiden name.

December 8, 2006 - Phishing Scam Alert
The Credit Union has become aware of an email being circulated to both members and non-members that claims to be part of CheckID Enhanced Security. The email copies some of the exact wording about CheckID Enhanced Security from our website. However, just like other phishing scams, the email provides a link to a spoof website. The spoof website provides a login page that looks like our Online Banking page and gives copied information about CheckID Enhanced Security. The fake page then asks for a card number, expiration date, and PIN.

November 13, 2006 - Phishing Scam Alert
The Credit Union has become aware of an email scam being circulated to both members and non-members stating we "had to lock" account access because it may have been "compromised" by outside parties. The email gives safety tips regarding passwords and card statements and then provides a link to follow. The link leads to a fraudulent version of our homepage, where a person can log in to a false screen, and then provides a form to enter a credit card number, expiration date, and PIN.

November 9th, 2006 - Phishing Scam Alert
The Credit Union has become aware of an email being circulated to both members and non-members giving information about phishing scams and online security. The email provides a link to follow to answer supposed "security questions" for "enhanced security." The link takes you to a replica of our homepage, allows you to log in to a false screen, and then asks for personal information including a Credit Card number.

November 7, 2006 - Phishing Scam Alert
The Credit Union has become aware of an email being circulated to both members and non-members asking them to answer a series of questions concerning the quality of service and internet banking services at the Credit Union. The survey promises to deposit $100 in your account and asks you to enter your account, credit card and other personal information under the pretext that this information is needed to deposit the $100.

September 25, 2006 - Phishing Scam Alert
The credit union has learned that members and non-members have received an email directing them, through a link contained in the email, to a scam website designed to look like it is part of the credit union. They are asked to log in using their password and later are asked for more information concerning their credit or debit card.

Never respond to emails asking for account or personal information and never follow a link within these emails.

It is very important to remember that Arizona State Credit Union never asks for personal information through email or by phone. Arizona State Credit Union never provides a link to a website through email.