People Driven Credit Union is committed to keeping you informed and protected against the evolving cybersecurity threats in the digital banking landscape. Today, we need to bring to your attention a cyber threat that is targeting mobile banking app users globally.
What is the Cybersecurity Threat?
A sophisticated malware used by various criminal groups to exploit mobile banking users. Its primary method of attack involves social engineering, where attackers pose as trusted entities to deceive victims.
How Does the Attack Work?
- Initial Contact: Attackers send phishing messages via SMS or email, pretending to be your bank. For example, you might receive a message that reads: “Hi Mrs. Smith, this is Bob from People Driven Credit Union. We have important information about your account and need to talk with you.”
- Engagement via Instant Messaging: The attackers then guide victims to continue the conversation on a chat or IM app. An example message could be: “A member advocate is available immediately on instant messenger. Skip the phone queue and chat now by clicking here.”
- Fake URLs: In the chat, victims receive URLs that mimic legitimate app stores or banking sites. For instance: “Download the newest version of our banking app here.”
- Malicious Downloads: Clicking these links leads to fake websites, where victims unknowingly download dangerous malware.
The Consequences of Falling Prey to Malware
Once installed, this malware attempts to harvest personal information, including ID copies, photos, and may intercept SMS messages. Alarmingly, it may also attempt to capture images using the device’s camera.
Criminals then use this data to:
- Access real banking apps to perform unauthorized funds transfers.
- Create deepfake videos, often to deceive entities in other transactions requiring visual authorization.
Our Members’ Cybersecurity Safety: Current Status and Precautions
At PDCU, we prioritize your security and are vigilant against such threats. As of now, there are no known instances of our members being targeted by this particular malware threat. However, awareness and proactive measures are key to prevention.
Tips to Protect Yourself:
- Be Skeptical of Unsolicited Messages: Always verify the authenticity of messages claiming to be from your bank.
- Avoid Clicking Unverified Links: Be cautious of links sent via email or instant messaging.
- Update Your Apps Through Official Channels: Only download or update apps from official app stores.
- Stay Informed: Regularly check our website and communications for security updates.
If you suspect any fraudulent activity or have concerns, please contact us immediately.
Staying informed and vigilant is our best defense against such sophisticated cyber threats. Together, we can ensure a safe and secure digital banking experience.
For more information on how to protect your personal and financial data online, visit our Fraud Alerts page.