Understanding Cybersecurity: The Threat at Your Fingertips

People Driven Credit Union is committed to keeping you informed and protected against the evolving cybersecurity threats in the digital banking landscape. Today, we need to bring to your attention a cyber threat that is targeting mobile banking app users globally.

What is the Threat?

A sophisticated malware used by various criminal groups to exploit mobile banking users. Its primary method of attack involves social engineering, where attackers pose as trusted entities to deceive victims.

How Does the Attack Work?

1. Initial Contact: Attackers send phishing messages via SMS or email, pretending to be your bank. For example, you might receive a message that reads: “Hi Mrs. Smith, this is Bob from People Driven Credit Union. We have important information about your account and need to talk with you.”
2. Engagement via Instant Messaging: The attackers then guide victims to continue the conversation on a chat or IM app. An example message could be: “A member advocate is available immediately on instant messenger. Skip the phone queue and chat now by clicking here.”
3. Fake URLs: In the chat, victims receive URLs that mimic legitimate app stores or banking sites. For instance: “Download the newest version of our banking app here.”
4. Malicious Downloads: Clicking these links leads to fake websites, where victims unknowingly download dangerous malware.

The Consequences of Falling Prey to Malware

Once installed, this malware attempts to harvest personal information, including ID copies, photos, and may intercept SMS messages. Alarmingly, it may also attempt to capture images using the device’s camera.

Criminals then use this data to:

• Access real banking apps to perform unauthorized funds transfers.
• Create deepfake videos, often to deceive entities in other transactions requiring visual authorization.

Our Members’ Safety: Current Status and Precautions

At PDCU, we prioritize your security and are vigilant against such threats. As of now, there are no known instances of our members being targeted by this particular malware threat. However, awareness and proactive measures are key to prevention.

Tips to Protect Yourself:

1. Be Skeptical of Unsolicited Messages: Always verify the authenticity of messages claiming to be from your bank.
2. Avoid Clicking Unverified Links: Be cautious of links sent via email or instant messaging.
3. Update Your Apps Through Official Channels: Only download or update apps from official app stores.
4. Stay Informed: Regularly check our website and communications for security updates.

Staying informed and vigilant is our best defense against such sophisticated cyber threats. If you suspect any fraudulent activity or have concerns, please contact us immediately. Together, we can ensure a safe and secure digital banking experience.