We take great pride in the fact that Educators Credit Union’s Mobile Banking app is user friendly, efficient, and extremely safe and secure. We remind all members to be vigilant. As the public increases its use of mobile banking apps, the FBI anticipates cyber actors will continue to attempt to exploit these platforms.
The FBI expects cyber actors to attempt to exploit new mobile banking members using a variety of techniques, including app-based banking trojans and fake banking apps.
APP-BASED BANKING TROJANS
The FBI advises the public to be cautious when downloading apps on smartphones and tablets, as some could be concealing malicious intent. Cyber actors target banking information using banking trojans, which are malicious programs that disguise themselves as other apps, such as games or tools. When the user launches a legitimate banking app, it triggers the previously downloaded trojan that has been lying dormant on their device. The trojan creates a false version of the bank’s login page and overlays it on top of the legitimate app. Once the user enters their credentials into the false login page, the trojan passes the user to the real banking app login page so they do not realize they have been compromised. Using biometric logins, such as fingerprint or face scans can help keep you safe from this type of fraud.
FAKE BANKING APPS
Actors also create fraudulent apps designed to impersonate the real apps of major financial institutions, with the intent of tricking users into entering their login credentials. These apps provide an error message after the attempted login and will use smartphone permission requests to obtain and bypass security codes texted to users. Ensure you are downloading the correct apps to your phones to avoid this fraud.
Don’t click links in emails or text messages. Ensure these messages come from the financial institution by double-checking email details. Many criminals use legitimate-looking messages to trick users into giving up login details.
Don’t give two-factor passcodes to anyone over the phone, via email or text. We will never call, email you or text you to ask for these codes.
USE STRONG PASSWORDS AND GOOD PASSWORD SECURITY
Cyber actors regularly exploit users who reuse passwords or use common or insecure passwords. Create strong, unique passwords. The National Institute of Standards and Technology’s most recent guidance encourages users to make passwords or passphrases that are 15 characters or longer.
- Use passwords that contain uppercase letters, lower case letters, and symbols.
- Use a minimum of eight characters per password.
- Create unique passwords for banking apps.
- Use a secure password manager or password management service.
- Use common passwords or phrases, such as “Password1!” or “123456.”
- Reuse the same passwords for multiple accounts.
- Store passwords in written form or in an insecure phone app, like a notepad.
- Give your password to anyone. We will not ask you for this information over the phone or text message.
If you encounter suspicious activity related to your Mobile Banking app, exercise caution and contact us at 262.886.5900.
In addition, if you believe that you are the victim of a financial crime, here is the contact information for the Wisconsin FBI Field Office:
FBI Field Office*
3600 S. Lake Drive
St. Francis, WI 53235
*Covers the entire state of Wisconsin
– Rich with Educators Credit Union