We're concerned about the financial well being of our members. Whether you're interested in developing a workable budget, getting out of debt, taking a look at your credit report, buying a home, or planning for your financial future, we want to help. That's why we've provided access to free financial education and confidential financial counseling through the BALANCE Financial Fitness Program.
To speak to a financial counselor
Mon.-Thurs. – 8am-11pm
Friday – 8am-8pm
Saturday – 11am-8pm
Please do not email any sensitive information including your account numbers or social security number.
We value the trust you place in us. We will remain vigilant and committed to protecting our members from fraud of any kind. Our Security Center will feature security alerts regarding current threats being perpetrated in our community so our members don't unknowingly fall victim to identity theft, phishing scams, etc. We encourage our members to educate themselves about security and to use the fraud protection tips we've provided.
Although we have monitoring systems in place to detect and prevent fraud, it is always a good practice to monitor your account closely for unusual activity. If you are concerned about the possibility of fraud, call Member Services at (407)-896-9411 or (800)-771-9411 outside Orlando, option 3.
Amazon Scam Targets Holiday Shoppers
Decemebr 9, 2016
A new scam involving Amazon.com proves that when it comes to holiday shopping, crooks always play the role of the Grinch.
Customers are being told to look out for emails that look like they're from Amazon, but are clever fakes that appear authentic.
The emails state that a recent order cannot be shipped and there are problems with processing that require the customer to confirm information so they can access their accounts or place future orders.
When shoppers click on the link to confirm their account, they are taken to a page where they are told to enter their name, address and credit card information. The page, of course, is a fraud. There are many ways to identify whether you are being targeted for this scam:
Amazon officials say if customers are concerned about orders placed from the retail site, they should head to Amazon.com and confirm email details match order information under "Your Orders."
NCUA Warns of Text Phishing Scam
August 23, 2016
The National Credit Union Administration is warning consumers about a telephone texting scam in which consumers are contacted by text messages claiming to come from the agency. The text message reads: “National Credit Union Administration Alert for (recipient's phone number). Contact 844-234-5445.”
A press release from the NCUA stated, “This is not a communication from NCUA. The agency does not seek personal information through the internet or on the telephone.”
For those receiving one of these messages, the NCUA urged consumers to contact NCUA's Consumer Assistance Center at 1-800-755-1030 between 8 a.m. and 5 p.m. Eastern. NCUA also recommended members contact their credit union, local law enforcement, or the Internet Crime Complaint Center, a partnership between the Federal Bureau of Investigation and the National White Collar Crime Center.
NCUA operates an online Fraud Prevention Center that offers information about avoiding frauds and scams on its MyCreditUnion.gov website.
Tax Refund Scam Artists Posing as Taxpayer Advocacy Panel
April 6, 2016
The IRS reminds taxpayers to guard against all sorts of con games that arise during any filing season. A new email scam targeting taxpayers has emerged. According to the Taxpayer Advocacy Panel (TAP), taxpayers are receiving emails that appear to be from TAP about a tax refund. These emails are a phishing scam, where unsolicited emails which seem to come from legitimate organizations -- but are really from scammers -- try to trick unsuspecting victims into providing personal and financial information. Do not respond or click the links in them. If you receive an email that appears to be from TAP regarding your personal tax information, please forward it to firstname.lastname@example.org and note that it seems to be a scam email phishing for your information.
TAP is a volunteer board that advises the IRS on systemic issues affecting taxpayers. It never requests, and does not have access to, any taxpayer's personal and financial information such as Social Security and PIN numbers or passwords and similar information for credit cards, banks or other financial institutions.
Scam Artists Claiming IRS is Demanding Tax Payments
March 4, 2016
Recently, many residents of Central Florida received a telephone call from scam artists fraudulently claiming that they were about to take drastic action relating to IRS tax payments. These scammers try to scare their victims. Do not believe them!
The real IRS will not:
If you receive a scam call, do not provide any information to the caller. Hang up immediately. Contact the Treasury Inspector General for Tax Administration at www.treasury.gov/tigta/contact_report_scam.shtml or contact our 7th Congressional District office at (407) 366-0833.
NCUA Posts New Online Resources to Help Consumers in Fighting Identity Theft
January 25, 2016
With tax season beginning, the Federal Trade Commission has announced Tax Identity Theft Awareness Week for 2016 (Jan. 25 - 29), and the National Credit Union Administration has new online resources to help consumers protect themselves.
NCUA has updated its tax identity theft resources page on the MyCreditUnion.gov consumer website. The page includes useful information for preventing or reporting identity theft that may be perpetrated using fake contacts that appear to be legitimate Internal Revenue Service requests for taxpayer information. Credit unions are encouraged to share this information with their members.
“Cyber hackers and old-fashioned thieves can trick people into divulging personal and financial information not only during tax season, but all year long,” Board Chairman Debbie Matz said. “NCUA has an ongoing commitment to protecting and educating consumers, helping them understand how they can prevent theft and informing them where to get help should they become victims of fraud.”
Consumers should be aware the IRS does not initiate contacts with taxpayers by email, text messages or social media channels to request personal or financial information.
Use caution with EMV Cards at ATMs and Gas Pumps
January 15, 2016
As retailers push to update their credit card readers and systems to be compatible with EMV chip technology, crooks have turned their attention to gas pumps and ATMs to steal card information. Law enforcement officials are reporting a spike in the use of credit card skimmers at ATMs and fuel pumps, according to media sources. Skimmers are devices — often nearly undetectable — that fit over a card reader and copy credit or debit card information from the magnetic strip when you swipe. Identity thieves can then use the data to run up fraudulent charges. This means that even though you might be carrying new cards with EMV chips, they’re just as susceptible to fraud at the pump or an ATM as they were before. In fact, they may be more vulnerable now that identity thieves are targeting those terminals more.
If something looks suspicious, ask someone from the bank, credit union, or gas station to inspect the reader — or simply use another one.
Read the entire article at NerdWallet.com, a personal finance website.
NCUA Warns Consumers about Telephone Scam Seeking Personal Information Page
December 18, 2015
The National Credit Union Administration is warning consumers about a telephone scam in which consumers are contacted by a caller claiming to work for NCUA and asking for personal and financial information.
The caller tells the consumer her or his credit card or debit card has been frozen or blocked. The caller then asks for the consumer’s Social Security number, account number, date of birth and home address to supposedly verify the information.
NCUA offers extensive information to help consumers identify frauds and scams at its Fraud Prevention Center. Consumers who suspect they may have become victims of identity theft should immediately contact their financial institutions and, if necessary, close existing accounts and open new ones.
NCUA urges consumers also contact the three major credit bureaus—Equifax (866-349-5191), Experian (888-397-3742) and TransUnion (800-916-8800)—to request a fraud alert be placed on their credit reports.
NCUA supports credit unions and their members with financial literacy and consumer protection resources available without cost at MyCreditUnion.gov.
NCUA also provides up-to-date financial education information on the agency’s YouTube channel, Facebook page and consumer Twitter feed.
Warning About a Debit Card Scam Targeting Senior Citizens
November 23, 2015
CFE is advising members to use caution with their debit cards as there are identified cases of suspects convincing people to turn in their debit cards. The suspects are primarily targeting senior citizens, telling them their cards are compromised and convincing them to disclose their account numbers and pins. The suspects often ask victims to drop their debit card in the mailbox to be picked up.
A number of people have been contacted as part of this scheme. CFE has proactively been working with law enforcement which has resulted in the arrest of one of the suspects, but another is still being sought.
Please remember that CFE Federal Credit Union will never call a member and ask them for their debit card or pin number and will never ask them to be placed in a mailbox for pickup.
Phishing Scam Phone Number Alert: 888-503-0711
May 12, 2015
This is a phishing scam stating your Debit MasterCard has been locked. A robotic recording asks you to "push one (1) to reactivate and speak with fraud prevention department". Beware of phishing phone calls! Treat all unsolicited phone calls with skepticism. Do not provide any personal information.
NCUA Warns Consumers about "Spoofing" Scam Mimicking Agency's Telephone
March 25, 2015
This attempted fraud scam is called “spoofing." The perpetrators are able to mimic a telephone number to generate text messages. The texts may warn of a debit card reaching its limit or use some other trick to persuade individuals to provide personal information or go to a malicious website. Consumers should not click on links in the message, provide information to any websites referenced in the message nor attempt to conduct any financial transactions through those websites.
More than 40 consumers around the country received text messages yesterday. Consumers receiving these texts should contact NCUA’s Consumer Assistance Center Hotline at 800-755-1030. NCUA also offers information about avoiding frauds and scams at MyCreditUnion.gov.
Consumers who suspect they may have become victims of identity theft should immediately contact their financial institutions and, if necessary, close existing accounts and open new ones. When identity theft occurs, NCUA urges consumers also contact the three major credit bureaus—Equifax (800-525-6285), Experian (888-397-3742) and TransUnion (800-680-7289)—to request a fraud alert be placed on their credit reports.
NCUA Warns Consumers about "National Credit Union" Phising Scam
March 17, 2015
The National Credit Union Administration has received reports of an online phishing scam that uses a website with a logo and a design similar to the agency’s own site in an attempt to convince unwary customers to provide information or send money.
Consumers have received emails from the National Credit Union website, which apparently originates in Australia and claims to offer services in the United States, Europe and the Commonwealth of Independent States. This website is not affiliated in any way with the National Credit Union Administration, a federal agency, and the emails are not from NCUA.
Consumers receiving such emails should call NCUA’s Fraud Hotline toll-free at 800-827-9650 or 703-518-6550 in the Washington, D.C., area. Consumers should also contact the Internet Crime Complaint Center, a partnership between the FBI and the National White Collar Crime Center. NCUA also offers information about avoiding frauds and scams on its MyCreditUnion.gov website.
Consumers who suspect they may have become victims of identity theft should immediately contact their financial institutions and, if necessary, close existing accounts and open new ones. NCUA urges consumers also contact the three major credit bureaus—Equifax (800-525-6285), Experian (888-397-3742) and TransUnion (800-680-7289)—to request a fraud alert be placed on their credit reports.
Data Security: How CFE Federal Credit Union is Looking Out for You
March 3, 2015
As data breaches at merchants continue to permeate the news, we want you to know that CFE Federal Credit Union is ready to help if your personal or financial data is ever compromised. We take service to our members seriously and will do everything we can to ensure that action is taken – quickly – to help you avoid becoming a victim of identity or account theft.
Your credit union is subject to strong data security standards established by Congress and federal regulators. While data breaches can happen anywhere, we are ready with a plan designed to ensure the safety and confidentiality of your sensitive data.
Unfortunately, merchants and retailers aren’t subject to these federal requirements. Many of them follow their own data security standards, but, as the crush of data breaches over the last couple of years has shown, these self-imposed merchant standards are no substitute for a stronger federal standard. When it comes to protecting your personal information, every measure counts.
When your debit or credit card data is breached at a merchant, the cost of card replacement or account reimbursement to you is typically paid by your credit union and not the retailer where the breach occurred. Unfortunately, this can become a very expensive proposition for the credit union, as we are often never reimbursed for these costs by merchants—as there is no liability requirement on them to pay for data breaches that occur on their watch.
We want you to know that in the event of any breach affecting your accounts, this credit union will always do what we can to make you whole. In the meantime, credit unions around the country are leading the effort to get Congress to pass legislation ensuring merchants and retailers meet a national standard for protecting any of your financial data they collect when you make a purchase and are held liable for breaches that occur on their end. We hope you will support us in this effort.
While we can’t control what happens at merchants and retailers, we want you to know that CFE Federal Credit Union will do everything we can to assist you and your family if a breach does occur when you use your debit or credit card. You can always feel free to reach our Member Service Center at 407-896-9411 option 3.
NCUA Videos Educate Consumers on Frauds, Scams, and Cyber Threats
January 9, 2015
Credit union members have a new resource to educate themselves about frauds, scams, and cyber threats. The National Credit Union Administration released a two-part video on how to recognize, avoid, and report cyber fraud.
Available on the NCUA’s YouTube channel, the videos are part of NCUA’s Consumer Report series developed by the Office of Consumer Protection.
The Home Depot Warns of Possible Phishing/Smishing Scams
November 10, 2014
On November 6, 2014, Home Depot issued an email to their customers warning of a possible phishing/smishing scam that may have occurred simultaneously to the recent payment card breach of their stores.
Some customer email addresses are reporting to have been acquired during the incident; however, Home Depot has stated that they do not believe that email passwords, payment card information or other sensitive information was compromised.
We advise you to use caution against phony emails requesting personal or sensitive information.
Customers with concerns or that would like more information regarding the alleged email breach are being asked to visit the Home Depot website or call 1-800-HOMEDEPOT.
Russian Hackers Amass Over a Billion Internet Passwords
August 7, 2014
On Aug. 5, The New York Times broke a story that may have wide-reaching implications for CFE members.
Members should assume their personal information may have been stolen and:
Test Message "Smishing" Scam
June 9, 2014
Please be aware of a scam currently being sent via text message to phone numbers in the Central Florida area. The message states that your card has been locked and to call a phone number. You are then asked to provide your card information.
If you receive a suspicious message, do not call the phone number or respond to it. These messages are fraudulent attempts to collect your personal information.
REMINDER: CFE will NEVER ask you to provide confidential information, such as account numbers, card numbers, or social security numbers via email, text message, direct mail, or over the phone.
Debit and ATM card PIN security precautions
May 20, 2014
Members are encouraged to protect the secrecy of your Personal Identification Number (PIN). Protect your Debit or ATM card as though it were cash. Don't tell anyone your PIN! CFE will not ask you for your PIN. Don't give anyone information regarding your Debit or ATM card or PIN over the telephone or if approached by anyone. Use caution when utilizing any ATM that does not look genuine, has been modified, has a suspicious device attached, or is operating in a suspicious manner. Don't write your PIN where it can be discovered. For example, don't keep a note of your PIN in your wallet or purse. Never relinquish your Debit or ATM card to anyone with your PIN in return to get cash for allowing them to make check deposits with your Debit or ATM card. This would make you a participant in a fraud against a federal credit union. If you have any questions please contact CFE Federal Credit Union at (407) 896-9411, option 3.
Apple iOS Security Flaw Prompts Patch Advice
February 27, 2014
Apple announced a significant security flaw affecting literally hundreds of millions of iPhones®, iPads® and iPod Touches® running iOS 7, the latest version of the company’s mobile operating system. Baked into the system was a flaw that allowed an attacker, under certain circumstances, to intercept and read in plain sight traffic the users thought was encrypted via Secure Socket Layer technologies. That would include email, tweets, Web browsing and, potentially, mobile banking sessions that occur within the Web browser.
Mark Bower, a vice president at Voltage Security, elaborated: “For quite some time, attackers with knowledge of this bug had the ability to mount man-in-the middle attacks to users operating Apple devices. This could have allowed interception or modification of SSL communications which are supposed to be private and encrypted.”
Experts appear divided as to whether this flaw also impacted traffic via apps, such as mobile banking apps. On Friday, Apple issued a patch that it said fixed the problem on iPad®, iPhone® and iPod Touch®. However, the company also indicated that a related flaw exists in its OS 10 operating system for desktop and laptop computers. No patch has been issued so far, although Apple has indicated that one is imminent. Note, too, the SSL attack can occur only when the hacker has control over a WiFi network (typically a public network) or has erected a rogue cellular network (technically doable but sophisticated and rare). This requires significant skill on the part of the attacker, said experts.
Users who never access public WiFi probably have nothing to fear, said most experts. Experts also, unanimously in this reporter’s poll, urged Apple mobile device owners to download the security patches as soon as possible. Experts also suggested that financial institutions such as credit unions alert their members who use Apple devices to the need to download the patch, which is free.
NCUA Warns about Telephone Fraud
January 21, 2014
The National Credit Union Administration today warned consumers to beware of a new telephone fraud, known as a “vishing” scheme, that is using the agency’s name in an attempt to obtain personal financial information. Several credit union members have been contacted by an automated phone call claiming to be from NCUA and notifying consumers their debit cards have been compromised. The call then asks the receiver to follow prompts, which request personal information, including sensitive financial data and personal identification information.
Anyone contacted by this so-called “vishing” scheme should immediately contact NCUA’s Consumer Assistance Center Hotline at 800-755-1030 or by email at email@example.com to report the scam. Operators answer calls Monday through Friday between 8 a.m. and 5 p.m. Eastern.
NCUA neither seeks personal information from consumers over the telephone nor handles day-to-day maintenance of member account information. NCUA works with law enforcement agencies, including the FBI, to protect consumers from frauds of this nature. NCUA urges consumers to never verify or release personal financial information to unknown callers.
Major Retailer Security Breach
December 19, 2013
Target recently announced a security breach involving debit and credit cards used to make purchases in their stores between November 27 and December 15, 2013. Click here for more information.
On a daily basis, we receive listings of compromised debit and credit cards from Visa and MasterCard. Our standard procedure is to reissue cards identified on the reports and follow up with a letter to explain why a new card was issued. In addition, we closely monitor card activity for possible fraud. If we identify a problem, we communicate with the affected cardholder and place additional protective measures on their account(s). If we are notified of a problem on your card, we will then implement the above process.
It is always prudent to monitor your accounts frequently for unauthorized transactions, and contact us at 407-896-9411, or 1-800-771-9411 outside Orlando, option 3, if you see suspicious activity on your account.
CryptoLocker Ransomware Infections
November 6, 2013
Please be advised, CryptoLocker appears to have been spreading through fake emails designed to mimic the look of legitimate businesses and through phony FedEx and UPS tracking notices. As of this time, the primary means of infection appears to be phishing emails containing malicious attachments. The malware has the ability to find and encrypt files located within shared network drives, USB drives, external hard drives, network file shares and even some cloud storage drives. To protect yourself from the CryptoLocker infection do not follow unsolicited web links in email messages or submit any information to webpages in links and use caution when opening email attachments. Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
July 29, 2013
CFE is receiving multiple calls from members who are receiving phone calls from an automated message stating that their card has been compromised and asking the member to press 1 to activate their cards. These telephone calls are not from CFE. There are several phone numbers listed below that have been reported to us from our members and we have had more than 20+ calls from the Call Center thus far regarding this.
XXX-865-6696, 000-000-0000, 615-378-6237, 999-999-9999, 352-274-9332, 609-997-0176, 301-927-2683, 310-262-9872
If you receive a similar call, please contact CFE at (407) 896-9411, option 3.
You can report phishing to the US government by sending an email to firstname.lastname@example.org.
“Phishing is an illegal attempt to obtain important personal information, such as usernames and passwords. Learn how to protect yourself from the various forms of phishing.”
Money Mule Scam
August 22, 2012
A number of credit unions have reported that their members are being recruited as money mules by fraudsters. Money mules unknowingly assist fraudsters in laundering stolen funds. The source of the stolen funds received by the money mules is often from account takeovers at other financial institutions through online banking systems.
In one case, a credit union member was recruited to assist a foreign company in purchasing heavy construction equipment. The fraudsters deposited the stolen funds to the member's account via wire transfer. The member even received a bogus purchase invoice for the equipment from the fraudsters. The member was instructed to wire the funds to the equipment manufacturer's account, which turned out to be a fraudulent account opened by the fraudsters. The deposits made to the money mule accounts via ACH and/or wire transfer were actually stolen from deposit accounts at other financial institutions and investment accounts held at brokerage firms. Using sophisticated banking Trojans, such as Zeus, fraudsters steal the login credentials of online banking users and investors who access their investment accounts online. The fraudster logs into the account and transfers funds via ACH and/or wire transfer to the money mules' accounts.
If you or someone you know is falling victim to the money mule scam, contact our Risk Management department by calling (407) 896-9411 or (800) 771-9411 ext. 2357 or email RiskManagement@mycfe.com.
Fraudulent Emails from Sprint
August 9, 2012
Any members participating in the Sprint Credit Union Member Discount program should be on alert. Sprint has been notified recently that there may be members receiving emails that claim to come from Sprint in an attempt to collect on a bill for mobile service. These are fraudulent emails. Sprint is currently investigating a phishing scheme involving bogus email disguised as a Sprint e-bill (online bill) notification. These emails are being sent to both Sprint and non-Sprint customers and will look like they have come from Sprint. The phony emails will notify the customer of an unusually high balance due.
Anyone who receives an email of this nature should not click on any links in the email and delete the email immediately. If you think you or someone you know has given out personal information about a Sprint account (such as a Sprint account number, online profile name, password, or PIN), or typed it into a website that may not be legitimate, immediately contact Sprint at 888.211.4727. Dial *2 from your phone. Sprint will take steps to help secure your account. For more information about this phishing scheme, contact CU Solutions Group Sprint Partnership Director Lisa Treat at 800.262.6285, ext. 523 or email Lisa.Treat@CUSolutionsGroup.com.
Sweepstakes Scam Alert
June 12, 2012
Please be advised, a telephone scam emerged last month promoting a "sweepstakes" by the Consumer Financial Protection Bureau, promising prizes up to $1.5 million after the consumer pays "taxes." The scammers try to trick the intended victim into cashing a fraudulent check in order to send a portion of it to them. The CFPB does not host sweepstakes and will never ask you to send us money in exchange for us sending you money in return.
Furthermore, sweepstakes sponsored by CFE FCU (and/or UCF FCU, a division of CFE FCU), never require the winner to pay taxes up front, and we do not collect taxes. Depending upon the prize amount, we issue winners a 1099 form at the end of the year for income tax reporting purposes. We never collect personal information over the phone. We provide a winner's affidavit to the member and ask that it be returned securely, preferably in person. If in doubt it is always best to contact your financial institution and inquire of the validity of any contest.
Local Vishing Attempts
May 30, 2012
On May 25, our Member Service Center reported at least 12 "vishing" calls that were received by members. Vishing is the criminal practice of using social engineering over the telephone system, most often using features facilitated by Voice over IP (VoIP), to gain access to private, personal and financial information from the public for the purpose of financial reward. The term is a combination of "voice" and phishing. Please remember that we will never contact you attempting to gain access to private, personal and financial information. If anyone is attempting to gain access to your information, please contact us immediately.
Fraud Alert: Phishing attempts are on the rise!
February 3, 2012
NACHA continues to receive reports that individuals and/or companies have received a fraudulent e-mail that has the appearance of having been sent from NACHA. These emails vary in content and format, and appear to be transmitted from email addresses associated with the NACHA domain (@nacha.org). Some bear the name of fictitious NACHA employees and/or departments. NACHA does not send communications to individuals or organizations about individual ACH transactions that they originate or receive. NACHA has requested that you please forward fraudulent emails claiming to be from NACHA to email@example.com.
Other phishing attempts have surfaced that spoof the Federal Reserve Bank, the FDIC, and even some Regional Payments Associations as the sender. Like the emails purporting to be from NACHA, these emails typically claim that a recently-initiated transaction was cancelled. The links in these fraudulent emails are directed to web pages that host malicious code and software. Do not follow web links in unsolicited e-mails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual. If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system.
Publishers Clearing House Scam
January 31, 2012
ConsumerAffairs.com is warning consumers about a phony Publishers Clearing House Sweepstakes scam in a recent article. Criminals are notifying victims through the mail that they have won a large amount of money from the Publishers Clearing House Sweepstakes. The letter asks the victim to call the suspects of the scam. When the victim calls the suspects, they tell them that they need to pay the taxes on the winnings (usually around $15,000) before they can collect the prize. The sweepstakes scam is one of the older schemes designed to separate consumers from their money. Sweepstakes "winners" should never send money to "claim their prize."
Ramnit Worm is Evolving
January 25, 2012
Ramnit is a worm, which means, unlike malware, it can spread to other computers without being sent through e-mail or a malicious website.
Researchers at Seculert say the Ramnit worm, which last year defeated two-factor authentication measures used to protect online banking accounts and corporate networks, is now targeting Facebook. Lab researchers working for the Israel-based provider of cyberthreat management services say Ramnit has been linked to the compromise of more than 45,000 Facebook log-in credentials, primarily hitting users in the United Kingdom and France. "We suspect that the attackers behind Ramnit are using the stolen credentials to log in to victims' Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware's spread even further," says a blog posted on Seculert's website Jan. 5. "In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services (Facebook, Gmail, Corporate SSL VPN, Outlook Web Access, etc.) to gain remote access to corporate networks."
In August 2011, security vendor Trusteer was the first to discover Ramnit's merger with the Zeus variant designed to target online banking accounts. The Ramnit-Zeus hybrid was superior because of its advanced man-in-the-browser capabilities, which enabled it to steal online banking and corporate log-in credentials. The Ramnit hybrid bypassed two-factor authentication, and between September 2011 and December 2011, Trusteer estimated that some 800,000 machines had been infected. Amit Klein, chief technology officer of Trusteer, says Seculert's new findings show how quickly Ramnit is evolving to use multiple distribution vectors. "The combination of file infection, social network propagation and man-in-the-browser capabilities creates an aggressive threat," he says. Ramnit's man-in-the-middle looks like an actual social-media or bank-account sign-in page that captures a user's ID and password, and sometimes other personal information en route to the actual log-in page. The difference, however, is that the page in the middle captures authentication data and allows the attacker to gain access to the victim's accounts at will.
A Call for Multifactor Authentication
Bill Wansley an analyst at Booz Allen Hamilton, says every organization should take Ramnit's rapid evolution as a sign that outdated authentication measures are no longer effective. "Everyone needs to go to multifactor authentication - like Google has recently - for social-media sign-in, and certainly for anything that is for financial or medical-related accounts," Wansley says. Passphrases are better than passwords, but multifactor authentication is the new standard. "Nobody should be using their social-media passwords or phrases for their financial accounts," Wansley says. In the financial space, cybercriminals increasingly use older malware to capture individual passwords and personal information that is later exploited to gain access to financial accounts. Ramnit is actually an older malicious code that has been updated with new features to achieve other purposes.
NOTICE OF ATM/NIGHT DEPOSIT FACILITY USER PRECAUTIONS
As with all financial transactions, please exercise discretion when using an automated teller machine (ATM) or night deposit facility. For your own safety, be careful. The following suggestions may be helpful.
Identity (ID) Theft is when a person uses your information, such as your name and social security number, to commit fraud or other crimes. Learn more to keep yourself protected from ID Theft.
Phishing is an illegal attempt to obtain important personal information, such as usernames and passwords. Learn how to protect yourself from the various forms of phishing.
Does the credit union ask for information via emails?
We have never and will never use email to request account information such as account numbers, credit card numbers, social security numbers, PIN codes, or any other personal identifiers. We will not ask you to join a security protection plan via email.
How do I report a phishing email?
If you receive a request for any personal information by email, forward the email to: Info@mycfe.com. Then delete the email. Do not respond to it or click on any links within the email.
We offer a large number of online calculators to help you with a variety of financial topics such as: "Should I refinance?", "How much car can I afford?", "How long will it take to pay off my loan?", "How much should I save each month?", "How much do I need to fund my retirement?", and many more financial calculators for topics related to:
Important Account Information For Our Members:
Credit Card Disclosures:
The MEMBERS Financial Services program has one objective: to help you reach your financial goals. The program works in cooperation with the credit union to help you make sound financial decisions. Consider attending a complimentary seminar to learn more.
Take a minute to consider your various financial goals, from sending your kids to college to purchasing adequate life insurance to retiring. We can help! We provide a range of products and services that can be tailored to your unique needs. For a no cost, no obligation meeting, contact a MEMBERS Financial Services Representative. Call (407) 228-7600 to set up your appointment or click the "Contact Me" button.
Securities sold, advisory services offered through CUNA Brokerage Services, Inc. (CBSI), member FINRA/SIPC, a registered broker/dealer and investment advisor. CBSI is under contract with the financial institution to make securities available to members. Not NCUA/NCUSIF/FDIC insured, May Lose Value, No Financial Institution Guarantee. Not a deposit of any financial institution. CUNA Brokerage Services, Inc., is a registered broker/dealer in all fifty states of the United States of America.
Check the background of this firm on FINRA's BrokerCheck.
Learn to make sound, educated financial decisions that will afford you the opportunity to fulfill your financial goals. MEMBERS Financial Services offers complimentary workshops and seminars. These seminars are open to the public, so feel free to invite a guest!
Securities sold, advisory services offered through CUNA Brokerage Services, Inc. (CBSI), member FINRA/SIPC, a registered broker/dealer and investment advisor. CBSI is under contract with the financial institution to make securities available to members.
Not NCUA/NCUSIF/FDIC insured, May Lose Value, No Financial Institution Guarantee. Not a deposit of any financial institution.
CUNA Brokerage Services, Inc., is a registered broker/dealer in all fifty states of the United States of America.
Have changes in your financial circumstances made it difficult to meet your financial obligations or are you concerned that you may fall behind?
Life doesn't always go according to plan, and when the unexpected happens a financial hardship can result. Our promise is to always be there with each step along the individual financial paths of our members, especially during the difficult times. We have a genuine concern for our members' financial well being, and we've developed programs that may help you get back on track.
What is a Loan Modification?
When a significant life event occurs resulting in a financial hardship, we will evaluate the member's current financial position to determine if the loan(s) can be modified for a more affordable monthly payment. Loan products that are eligible for restructuring include:
Valid Hardship Reasons:
Below is a Modification Application Worksheet and a set of printable checklists based on the type of loan(s) that you may have with us. They will serve as a guide to help you gather the necessary information and documents that will be required for us to assist you. Although we cannot promise that we will agree to modify your loan(s), we do hope to find a solution that is acceptable to you and to us.
Once your required documentation is gathered, you can submit the packet by dropping it off at any branch or you may fax it to our Loss Mitigation department at (407) 893-5124 After the information is received, someone from the Loss Mitigation department will contact you within 3 – 5 business days.
We hope to have a decision within 30 days of receiving your information. If you have questions regarding your modification assistance, email us at LossMitigation@mycfe.com.
Please note: If a modification is granted the following will apply:
We want to help you achieve your financial goals, whether that means getting out of debt, sending the kids to college, or retiring. We've established a partnership to make sure you have access to comprehensive, confidential financial education and counseling.
We have partnered with BALANCE, a financial education and counseling service to provide our members with the resources to be financially successful. Through BALANCE, members will receive free, unbiased information and assistance.
In many cases BALANCE counselors can answer your questions immediately. If you're wondering how long something stays on your credit report, then you'll get the answers as soon as you call. For more complex issues, like debt or money management, an appointment will be scheduled – allowing enough time to go over your budget and discuss options.
Appointments are available weekdays, evenings, and weekends. The average counseling session lasts approximately one hour, and there is no limit on the number of sessions you may have. To schedule an appointment, call (888) 456-2227 or email firstname.lastname@example.org.
Counselors are qualified to discuss general money management, credit and housing topics including goal setting, spending and savings plans, credit and credit reports, debt management, mortgage delinquency, and foreclosure prevention. Each session is goal oriented and results in a written action plan clearly outlining the steps you and your counselor decide to take in order to establish personal financial control.
Here are some BALANCE courses and publications to help:
The US Treasury has created a fund, entitled the "Housing Finance Agency (HFA) Innovation Fund for the Hardest-Hit Housing Markets", to assist qualified homeowners in foreclosure prevention. CFE Federal Credit Union filed with the Florida Housing Finance Corporation as a participating servicer/lender, but the State of Florida determines who qualifies for assistance.
To see if you qualify and to apply:
Homeowners in Florida can submit applications via the Hardest Hit Fund (HHF) website: https://www.flhardesthithelp.org
Two program options: