If you receive this email or something similar, please disregard. It is a fraudulent email.
Phishing (pronounced “fishing”) is a type of email scam in which identity thieves send official looking emails with urgent-sounding messages asking the recipient to click a link within the email. The link takes you to a website, which may look like Arizona Central Credit Union’s website, where you will be asked to provide confidential information such as account numbers, credit card numbers, and other sensitive information.
Fraudsters send these emails to a large group of random email addresses, hoping to reach at least of few of our members.
Arizona Central will NEVER send unsolicited emails asking you to give or verify personal information online. In addition, the emails we send will never direct you to a website to verify personal information.
Please contact us immediately if you ever have questions or concerns about suspicious emails you may have received.
Identity thieves want to scare you into releasing your personal information by sending you messages that sound urgent or critical. Arizona Central will NEVER send you these types of messages via email. Phony emails of this nature typically carry one of the following messages:
- Account access denied/expired (Sample) (Sample)
- Alert messages – these emails claim you have a message waiting and you must login to retrieve them. To be safe, always type in the web address. Do not click the links within the email. (Sample)
- Bill Pay is out of date, denied or expired (Sample)
- Contact information change/update – These emails inform the recipient their contact information or personal profile has been changed or reset. They are asked to click on a link, log into their account, and verify this action. (Sample)
- Member Satisfaction Surveys and Cash Rewards – This email promises to pay you money for completing a survey online. Arizona Central sends surveys from time to time, but we will NEVER ask for account numbers, credit card numbers or login information.(Sample)
- Emails from the NCUA – The NCUA is the federal agency that insures credit union deposits. The NCUA will never send email messages directly to credit union members instructing them to provide personal account information.
It is very important to remember that Arizona Central will NEVER send unsolicited emails asking you to give or verify personal information online. In addition, the emails we send will never direct you to a website to verify personal information.
Email is a timely, effective, and convenient way to communicate with our members. Therefore, we have outlined the types of emails that we DO send and how you can tell if the email you receive is real or a fake.
- Email Alerts – These are emails that notify you of balance information, a check that has cleared, or Certificate maturity dates. Since these emails are set up by you, the end user, you are in complete control. These emails will NEVER contain links to a website.
- Bill Pay Emails – These emails notify you when a bill has arrived or when a bill has been paid. You can change your Bill Pay options for each payee by logging in to eBRANCH, clicking on “Bill Payment” and then clicking on the “Payees” tab. These emails will NEVER contain links to a website.
- Password Changes – Whenever you change your eBRANCH password under “User Options,” an email is automatically sent to your email address on file. These emails will NEVER contain links to a website.
- eStatement Notifications – These emails are sent at the beginning of each month to notify you that your statement is available online for your review. These emails will NEVER contain links to a website.
- eNewsletter/Marketing Emails – These emails are designed to keep you informed of current promotions and specials. These emails may contain links back to our website. If you still feel uncomfortable clicking a link, please visit our website by typing our web address into your web browser or utilizing your saved bookmarks.
Please note, the emails we send will NEVER include phone numbers. If you receive an email that looks to be from us but contains a phone number, it is most likely a “vishing” scam.
Please contact us immediately if you ever have questions or concerns about suspicious emails you may have received.
How we protect you:
Arizona Central will never ask for account numbers, passwords, credit card numbers, Social Security numbers, or other sensitive information via unsolicited email. If you have received an email like this, do not respond!
- Arizona Central will never send an email that includes a phone number for you to call. If you have received an email like this, do not respond!
- We've partnered with Cyota, a leader in online risk monitoring and management. They constantly monitor for online fraud and work to shut down fraudulent sites.
How to protect yourself:
- Do not respond to emails requesting personal information, and do not click on links within suspicious emails.
- Do not call phone numbers listed in email messages you receive. Instead, go to our website to find our number or look on the back of your credit/debit card.
- Update your computer software with current versions and utilize virus protection and firewall software to protect data.
Please contact us immediately if you ever have questions or concerns about suspicious emails you may have received.
Q: How did the fraudster get my email address?
A: There are several ways someone could obtain your email address.
- Web Pages – Spammers have programs called "spiders" which go through web pages looking for email addresses. Many businesses and organizations who list email addresses on their site are easy targets for these programs.
- Personal Website - It's very common to include a "mailto:" link so visitors can click on a link to send you an email. Again, this is a very easy way for spammers and fraudsters to obtain your email address.
- Mailing Lists – A spammer could obtain a mailing list with your address on it. Before providing your email address to any third party, make sure you read the privacy and security policies and know how your information will be used. Arizona Central will NEVER share or sell your email address to unaffiliated third parties.
- Electronic Bulletin Boards – If you use your email address to post information on a comment board or other forum, fraudsters have the technology to scan these sites and extract your email address.
Are you curious if your email address is available on a web page? Try searching for your email address in Google. You might be surprised how many pages it's listed on.
Q: What should I do if I clicked on a link or entered information?
A: Please contact us immediately if you responded to a potential email scam. A representative will guide you through the steps you should take to minimize potential losses.
Q: I get several emails a week that claim to be from Arizona Central. Why can't you stop them? Why don't you prosecute the people responsible?
A: We can't share all the steps we take, but we are able to stop many scams. First, we try to shut down the fraudulent website. Then we work with domestic and international law enforcement to track and arrest the criminals responsible. Many, however, are based outside the United States, and disguise their email's origins by sending them from hacked computers.
Q: How do the criminals doing the phishing know I have an account with Arizona Central?
A: They might not know anything about you specifically, but they do know Arizona Central has thousands of members. Their idea is to cast a very broad net in hopes of catching unsuspecting members.
Q: I don't have an account with Arizona Central, but I'm getting email about my Arizona Central account. How does that happen?
A: It works like this: Phishers target the customers of large companies. They phish millions of email accounts, knowing that many of their targets will be among the recipients. In the process, they end up sending mail to many people who aren't members of Arizona Central.