Computer Safety

Protecting your computer means more than just signing-out of websites. To help prevent malware (e.g., viruses, Trojan horses, worms, spyware) from invading your computer, install and update anti-virus and Internet security software. Regularly scan your computer to make sure it’s free from malware and help avoid performance issues and lost data.

Download the latest authorized system and application updates, which may include security patches. Use spy-ware detection software tools to identify and delete unknown code that may monitor and collect your keystrokes and send personal information to third parties.

Enable an updated firewall, especially when using DSL or a cable modem to access the Internet. Always sign out and close your browser after using a secure website.

When you use Online Banking, type the entire www.tdecu.org address directly into your browser. Avoid completing online forms in unsolicited email messages that ask for financial information. If your security software identifies malware on your computer, remove it and immediately change your Online Banking password.

When your computer is not in use, consider shutting it down or disconnecting it from the Internet.

Home Wireless Security Tips

Home safety comes from locked doors and other precautions. Keep your wireless connections just as secure by following a few simple steps. Review your wireless online help guide for more detailed instructions.

Change your Service Set Identifier (SSID), the default “address” that identifies your wireless connection. Hackers know the most common SSIDs and changing your SSID can thwart their efforts.

Check your SSID features and disable SSID Broadcast. SSID Broadcast allows others to find your wireless connection and gain unauthorized access to your network.

Control Access Point Coverage to lessen the opportunity for others to use your network and gain access to your information. If possible, use directional antennas at the perimeter directing their broadcasting inward. Radio signals used to broadcast your wireless network are visible to others trying to use your network. Any wireless signal that spills outside of the desired area could provide an opportunity for a hacker to access the network without entering the premises.

Turn on the encryption feature. The signal from your wireless network is broadcast throughout your surrounding area. Encrypting data allows only the intended recipient to access the information you’re sending.

Change the default password on a regular basis. Many people use familiar passwords that hackers easily access. Combinations of letters, numbers, and symbols changed frequently are the best defense against this type of system hacking.

If your wireless network is tied to a MAC, enable MAC filtering to prevent or permit specific PCs to access your wireless network.
Disable File and Print Sharing features to limit the ability to steal data or commandeer resources if encryption is bypassed.

These suggestions should reduce the likelihood of security breaches but do not guarantee total wireless security. Guard your information carefully and know what to do in the event that your wireless network is hacked.

Phishing and Internet Related Fraud

Phishing is a common type of scam that usually involves a spammed email message, phone call, voicemail, or text message being sent to illegally capture your personal information. The messages may appear to come from legitimate companies such as banks, credit card companies, government agencies, or Internet Service Providers (ISPs).

Phishing scams may carry urgent-sounding information. The content may claim that your account will close if you do not confirm or authenticate your personal information immediately. It may claim that the bank has lost important security information that needs to be updated or it might request that you update this information online and provide you with a link or internet address to a counterfeit Web site.

If you receive a suspicious message, do not click on any links, open any file attachments, return phone calls, or use an internet address provided in a text message. TDECU will never send emails requesting personal information --because of potential fraud with Online Banking and other accounts -- or attach files that are not expected.

Simple steps to help avoid phishing scams:

Be aware of any unsolicited message that asks you to enter personal information

Be on the look out for improper grammar and misspellings

Never open an email or attachment, or click any links from an unknown or suspicious sender

Never log in to your account through a link or internet address provided in an email or text message

Be selective when providing your email address to sources you are unsure of

Only enter your credit card information on sites that have the "lock" icon at the bottom of the browser and "https" preceding the URL

If you are a victim of fraud, contact the proper law enforcement agency

If you receive a suspicious email message that appears to come from TDECU, do not respond to the message. Instead, forward the message to emailfraud@tdecu.org then delete the message from your mailbox. If you respond to the fraudulent email or have specific questions, call us at 800-839-1154.

Phishing emails may contain telltale signs that could immediately alert you to fraudulent intent. The text contained in the email as well as the URL can provide clues that you may have received a phishing email and not an authentic email from TDECU.

Carefully review the contents of any email claiming to be from TDECU. Poor spelling or grammar and urgency in the message are warning signs that should make you suspicious of a phish.

If you ever doubt the authenticity of a link, check the URL. In a phishing email, the URL may look like it goes to www.tdecu.org, but the link may actually go somewhere else like, for example, to an overseas website.

If you receive a text message that claims your credit union debit card has been or will be deactivated for security reasons, this message is fraudulent and an attempt to steal your identity. These text messages may claim that you must call an 800-number and provide personal information to reactivate your cards. This activity is commonly known as “smishing”.

Never provide personal information in response to unsolicited text messages, emails or telephone calls – even if they appear to be from a legitimate business. You should never click on links provided in unsolicited e-mails or text messages. TDECU does not send unsolicited electronic messages asking you for your personal information.

If you have any questions about the validity of communication that claims to be from TDECU or another financial institution, you should contact the institution directly by telephone or in person.

The following tips will help you avoid becoming a smishing identity theft victim:

• Assume unsolicited text messages are fraudulent.
• Become familiar with policies businesses use for communicating with customers.
• Upon receipt of an unsolicited text message, call the actual business at a telephone number that appears on a statement, a credit/card, or the telephone directory.

To report fraudulent text messages, emails or telephone calls seeking personal information, contact the Texas Attorney General’s Office at (800) 252-8011. Also, we ask that if you encounter an e-mail seeking personal information that claims it is from TDECU we request that you forward us a copy of the email to emailfraud@tdecu.org.

Suspicious Emails That Appear To Be From Government Agencies

September 2011 - The Federal Deposit Insurance Corporation (FDIC) reported several e-mails that appear to be from the FDIC containing hyperlinks and/or an infected attachment are fraudulent and were not sent by the FDIC. Recipients should consider them an attempt to collect personal or confidential information, or to load malicious software onto their computers.

What to Know:

The fraudulent e-mails appear to be sent from various “@fdic.gov” e-mail addresses. Examples include, but are not limited to: "subscriptions@fdic.gov," "alert@fdic.gov," accounts@fdic.gov., no.reply@fdic.gov, “notify84zma@fdic.gov"

The messages may appear with spelling and grammatical errors and include a variety of narratives. Examples include, but are not limited to:

ACH and WIRE transactions being temporarily suspended for security reasons or until certain software can be installed or updated

Reports of counterfeit cashier’s checks in circulation bearing the name of a well known bank, credit union, and other financial institution

Consumers should be aware that these fraudulent e-mails may be modified over time with other subject lines, sender names, and narratives

The FDIC does not directly contact consumers, nor do they request bank customers to install software upgrades

What to Do:

Do NOT click the link provided within the body of the e-mail or attempt to open the attached file

Do NOT under any circumstances provide any personal information through this media

Make sure your computer has up-to-date Internet security software (e.g., anti-virus, personal firewall, etc.)

Check for the latest security updates available for your operating system, and keep your web browser and other applications up-to-date

If you clicked the link or attached file and are not sure your computer is safe, immediately shut it down and contact your computer professional to scan for and/or remove this malware.

Do not contact any financial institution or conduct any financial transactions from that computer until you or your computer professional is sure that it is safe to use.

If you believe you are the victim of identity theft, report the situation to TDECU

Visit the FDIC Security Alerts site to learn more.