Current Fraud Alerts

April 2014

HeartBleed Bug

A security bug nicknamed Heartbleed has exposed millions of usernames and passwords to hackers. While Keystone has tested our systems, and that of our third-party providers, a major concern remains: YOU! Why? While you may have so-called "strong" passwords, they are not secure if you use them for everything. For example, the problem begins when you use that very same "strong" password at gaming sites, news sites, social media sites, or wherever passwords are required. Criminals could exploit Heartbleed at one of those non-financial sites, nab the password, and try that password at many financial institutions. Eventually, they will hit the jackpot. How can you protect yourself? Please log into homebanking from our website and choose a new password for your Keystone FCU homebanking, billpay, and mobile banking. DO NOT choose a password which you use for anything else. Be alert for any emails which seem to be sent from Keystone FCU and which provide a link for you to change your password. The email will not be from Keystone FCU and clicking on the link will take you to a site controlled by the hacker. YOU are in the best position to protect your Keystone FCU accounts!

January 2014

NCUA Warns about Telephone Fraud

Consumers Targeted by Vishing Scam Should Call Agency's Hotline

Jan. 21, 2014 - The National Credit Union Administration today warned consumers to beware of a new telephone fraud, known as a "vishing" scheme, that is using the agency's name in an attempt to obtain personal financial information.

Several credit union members have been contacted by an automated phone call claiming to be from NCUA and notifying consumers their debit cards have been compromised. The call then asks the receiver to follow prompts, which request personal information, including sensitive financial data and personal identification information.

Anyone contacted by this so-called "vishing" scheme should immediately contact NCUA's Consumer Assistance Center Hotline at 800-755-1030 or by email at phishing@ncua.gov to report the scam. Operators answer calls Monday through Friday between 8 a.m. and 5 p.m. Eastern.

Click here to view our Previous Fraud Alerts