Consumers report bogus emails from local financial institutions.
STCU has heard from a handful of credit union members and non-members who have received official-looking — but bogus — emails, asking them to log into their STCU accounts. Here's how to respond to such "phishing" email scams.
Did you receive a suspicious email?
If you receive an email urging you to sign into your STCU account, ignore it. It's a fraud. If you accidentally clicked a link, contact us at (509) 326-1954.
december 20, 2018
STCU is aware that similar phishing attempts have also targeted members of other financial institutions. The scam artists appear to be sending their emails to random email addresses without any knowledge of whether the person banks at the financial institution.
The emails brought to STCU's attention ask you to log into your account by clicking a link in the email that takes you to an unsecure, un-administered website that mimics the financial institution's official website. Once there, you are prompted to enter your banking credentials — which gives your sensitive information to the fraudsters.
STCU reminds consumers that your financial institution already has your banking information and has no reason to be requesting that information. In addition, phishing emails can often be identified by these tipoffs:
- Poor grammar or spelling errors.
- An excessively long or unlikely web address, which can be previewed by hovering over any links in the email.
- A supposedly secure website that is designated "http." A secure website, such as those used by STCU and other financial institutions carry the designation "https." Secure websites also show an image of a padlock after the URL address.
- An email from a credit union that mentions "customers" is most likely fraudulent. Credit unions have members, not customers, and tend to be adamant about that language.
- An email from STCU that says "Spokane Teachers Credit Union." The credit union stopped using its original name years ago, except where required by law.
Phishing emails that are masked as coming from STCU can be forwarded to firstname.lastname@example.org, which will help the credit union track whether the fraudsters have changed tactics in any way. Otherwise, phishing emails should be deleted without clicking any links.
Consumers interested in more information about fraud prevention are welcome to attend a "Prevent Fraud and Identity Theft" workshop, offered free by STCU. Several upcoming workshops are listed on our website at stcu.org/workshops.
Founded by educators in 1934, STCU is a member-owned, not-for-profit cooperative with nearly 190,000 members. We are committed to financial education and the security of all consumers.