In these attacks, members receive an email message that attempts to draw their attention with subject lines like “Important Unread Message.” In many cases the sender appears to be from a ‘bates.edu’ email account. Members are directed to a fake Credit Union website and asked to provide their Online Banking login credentials. In the event that you receive a message fitting this description, do not click the link, do not enter any personal data, and do not reply under any circumstances. Delete the email.
Members should neither provide information to this website nor attempt to conduct any financial transactions through it. The Credit Union would not request personal financial information in this manner.
In an effort to circumnavigate our Multi-Factor Authentication, the scammers have sent follow-up emails to some members requesting their email address and email password. Again, if you have received a message fitting this description, do not click the link, do not enter any personal data, and do not reply under any circumstances. Delete the email.
If you think you may have already been deceived into disclosing your personal information, you should immediately change your email and online banking passwords and contact us at 617-495-4460 or huecu@harvard.edu.
This appears to be a highly sophisticated attack. We want to assure you that HUECU’s systems have not been breached and as long as you have not provided any personal data in response to these fraudulent emails, your accounts will not be compromised in any way. If you have any concerns or questions, please do not hesitate to contact us directly.
What is phishing?
Phishing is a fraudulent process used by spammers to acquire sensitive information from users such as usernames, passwords, and credit card details. Email recipients are often deceived by phishing attempts since messages appear to be sent by legitimate and trustworthy sources.