Skip Navigation Links

Your Money is Safe at PFCU 

Since 1935, PFCU has been providing a safe, secure place for our members to grow their assets. In these uncertain times, you can attend to family, friends, work, home and hobbies knowing that PFCU is well-capitalized and poised to meet the challenges of tomorrow. PFCU has made sound choices, staying away from risky loan practices and concentrating on responsible members like you. We are proud to be very well-capitalized and consistently receive high ratings in our federal exams. Each member's funds are federally insured up to $250,000 by the National Credit Union Administration (NCUA), a government agency. 

You can verify the NCUA portion of your coverage with this convenient NCUA Insurance Estimator

The National Credit Union Administration(NCUA), governed by a three-member board appointed by the President and confirmed by the U.S. Senate, is the independent federal agency that charters and supervises federal credit unions. NCUA, with the backing of the full faith and credit of the U.S. government, operates the National Credit Union Share Insurance Fund (NCUSIF), insuring the savings of 80 million account holders in all federal credit unions and many state-chartered credit unions.

For more information on NCUA share insurance, please visit their website to learn more

Online Safety-It's a collaboration between you and PFCU!

Phishing Attacks are on the Rise: Don’tTake the Bait!

Phishing attacks continue to be a majorconcern for organizations and consumers around the country.

It is imperative your institution continues educating your employees andconsumers about these types of attacks, so you can all play a role in detectingand preventing these crimes.

What is a phishing attack, exactly?

Phishing Explained Simply

Phishing is the fraudulent attempt to obtainsensitive information such as usernames, passwords and credit card details bydisguising as a trustworthy entity in an electronic communication.

To perform these attacks, cybercriminals craft professional-looking and soundingcommunications – such as emails, social media messages, text messages, andphone calls – to trick individuals into providing private or financialinformation. 

Executives of financial institutions areparticularly at risk of being targeted by these cyberattacks, often in the formof “spear phishing” or “whaling” attacks.

Phishing attempts directed at specific individuals or companies have beentermed spear phishing. In contrast to bulk phishing, spear phishing attackersoften gather and use personal information about their target to increase theirprobability of success.

The term whaling has been coined for spear phishing attacks directedspecifically at senior executives and other high-profile targets. In thesecases, the content will be crafted to target an upper manager and the person'srole in the company. The content of a whaling attack email may be an executiveissue such as a subpoena or customer complaint.

Characteristics of a Phishing Email

Message is threatening or explicitly urgent (from IRS/FBI/law enforcement, immediate action required, your account will be closed, your credit card has a large charge, etc.)

  • Sent from an unusual and/or unrecognizable email address
  • Poor spelling and grammar
  • Asking for personal information
  • You did not initiate the action
  • You are asked to send money
  • You are asked for personal/confidential information 

Common Phishing Emails

An email that appears to be sent from recipient’s CEO requesting the recipient to facilitate a wire transfer

  • An email that appears to be sent from a vendor with banking instructions
  • Suspended account email requesting updated personal information
  • Locked account alert requesting verification of login credentials
    Restart a membership email with a link to click that will cause the installation of malware

From May, 2015:

NCUA Warns Consumers about “National Credit Union” Phishing Scam
The National Credit Union Administration has received reports of an online phishing scam that uses a website with a logo and a design similar to the agency’s own site in an attempt to convince unwary customers to provide information or send money.

PFTC Warns of Scam Involving false data breach calls:

    Get the details at the Federal Trade Commission website by clicking here 

    Scam Awareness Alliance Warning: "Money Flipping" Scams Target Consumers on Social Media Sites

    DALLAS (July 20, 2015) (GLOBE NEWSWIRE) -- The Scam Awareness Alliance, a nonprofit organization committed to increasing public awareness about scams, is warning consumers about crafty scam artists who use popular social media sites to lure unsuspecting individuals into sending them money.

    The fraudsters attract victims via social media by advertising a simple way to turn small amounts of up-front cash into large sums of money.These "get rich quick schemes" typically promise money either through an investment or by taking advantage of a flaw in various money wiring systems.

    They often advertise their abilities to 'flip money' by posting pictures of themselves or others holding stacks of cash with a caption stating how easy it was to make thousands of dollars in just minutes on various social media sites.

    "Social sites are a fun way to stay connected with family and friends, unfortunately scammers and criminals also use legitimate and trusted online networking services to take money from unsuspecting victims," says Pam Patsley, chairman of the Scam Awareness Alliance. "You should never provide bank account information to someone you do not know and especially to anyone you have never met in person."

    After a victim is interested, the fraudster asks for personal information such as bank accounts and pin numbers. After taking the money, the scammer blocks the victim from his or her social media account ensuring the victim can no longer make contact or recover the money.

    "Once money is sent via a money transfer service, the money is gone and there is usually no way to get it back," says Patsley."It is just like giving someone cash, so beware of suspicious claims and requests."

    According to the National Consumers League, typical complaints about social media "flipping" are received from younger consumers,with many being under the age of 30. Most victims are experiencing financial difficulties when they are lured in by the scammer; however, anyone who uses social media is a target.  

    About The Scam Awareness Alliance

    The Scam Awareness Alliance was founded by MoneyGramInternational, Inc. and was created to raise awareness around common scams that target innocent Americans on a daily basis. The Alliance helps to provide tips and information in order to educate people to recognize the "red flags" that may indicate potential scams, and arm them with information that they can use to protect themselves and their loved ones. One of the ways the Alliance raises awareness of scams is through a series of publicservice announcements. These ads air on stations across the country and depict common scams; helping everyday Americans recognize the "red flags." The Alliance also created a monthly "RedFlag Award," which it gives to organizations, individuals or groups that go the extra mile in warning Americans about the latest and most damaging scams.

    Here are Some Helpful Tools for Securing Your Passwords: 

    1. Use a different password for every website you visit.
    We know it seems like password overload but it is a lot less work than dealing with getting hacked.
    2. Use a combination of upper case, lower case, numbers and symbols.
    The more original you are the better. According to Norton, some of the most common passwords created by online users last year were password, 123456, qwerty, 111111 and monkey.
    3. Change your passwords every three months.
    4. If it's hard to remember all your passwords, try a password manager.
    5. Make sure your computer has an anti-virus program.
    6. Set up two-step log-ins
    Two-step authentication asks you to sign in with your password, and then add a second sign-in — a numeric code sent by text, e-mail or a phone call. Think of it as a double password.
    Google, Facebook, Twitter and Microsoft all recommend two-step authentication.

    If you notice any unusual or suspicious activity happening on your account, please call PFCU at (626)799-0882 or use our toll free number (800)445-PFCU.

    Here are Fraud Trends That Have Surfaced in the Past and Could Come Back Anytime:  

    April 9, 2014

    The media is full of reports about the Heartbleed Bug.  We are reaching out to maintain your peace of mind about your PFCU accounts and loans.  As you may know, the Heartbleed Bug is a vulnerability in the OpenSSL encryption standard that was discovered by security researchers two days ago. PFCU’s Online Banking Portal does not use Open SSL in our security infrastructure, which means your accounts here are not affected.
    PFCU’s security experts took immediate action to verify that there were no vulnerabilities affecting our members.  Had some been found, we were ready to respond. Our members can safely use all of PFCU’s Online Banking services with confidence. We continue to monitor the situation and if there are any further updates we will notify you.  There is no action required on your part at this time. 
    PFCU remains committed to providing our members with the most up-to-date, thorough, and vigilant security possible. If you have any further concerns, please call (626) 799-0882 or 1-800-445-PFCU (7328).  We will also post any updates in the “Latest News” section of our website.

    Suggestions about file opening

    Never open executable files attached to email messages. Often ".exe" files are blocked by Exchange and Outlook by default. It is best to set up rules to automatically block all ".exe" attachments. On a case by case basis, if someone sends you a file you actually need you can work with them to find a secure means of transferring the information.

    Alert: Phishing Attempts Take Aim at Credit Union Members

    7/28/11 A text phishing scam targeting credit union members tell recipients their credit or debit card has been locked or deactivated and instructs them to call a phone number. The text message falsely claims to be from a credit union, among them. All of the text messages include the first four digits of the named credit union’s debit card BIN, and a phone number to call.

    If you receive such a message, do not call the number or reply to the text. Never give out your personal information in response to an e-mail or text. If issues ever arise relating to your debit or credit card — or if you have concerns about your card status — call only the number(s) listed on the back of your card.

    Alert: Mail Scam targets Credit Union Members

    6/25/11 Mail Scam tries to trick people into thinking they've received a large government grant. Remember the old adage that if it's too good to be true it probably isn't? Well, that's the case in a new mail fraud scheme where members receive a letter claiming they have received a large grant from various agencies of the US government, along with a "check". If you receive a letter similar to this, exercise caution. The likelihood of an unexpected check like this is extremely rare.

    • Identity Theft
      • Know who you are giving your personal information to-especially on the phone or over the internet
      • Shred any documents with personal information on them before discarding
      • Regularly check your account and credit card or line of credit statements for unauthorized activity. Report suspicious activity at once-you may be instructed to also file a police report. To make monitoring of your accounts easier, enroll in PFCU Online Banking and Bill Pay today! View quick and easy demo.
      • Ensure that your mail box is safe. Many people are now purchasing mail boxes with locks on them for added protection.
      • Sign up for E-Statements. Save time, save trees, save money while protecting your privacy and the environment!
      • If someone calls you and starts asking for personal information, call back to the number you have for that company (Don’t let the caller give you a number) before sharing any information.

    Various Types of Electronic Schemes

    • Phishing schemes-Criminals will try to contact you by mail or e-mail pretending to be from the Credit Union or one of your other financial institutions, sometimes warning you of potential security risks, sometimes offering you a great deal of some kind. Do not respond with any personal information. Do not use any links or contact info provided in the e-mail. Use web addresses and phone numbers that you know to be correct to contact them. Sometimes the e-mail might look like it's from PFCU or another institution with which you do business but don’t be fooled. When in doubt, play it safe!
    • The National Credit Union Administration (NCUA) has reported a new Phishing scheme which even promises to pay $40 for completing it. Credit Union members receive an e-mail pretending to be from the NCUA in the form of an "online questionnaire or survey." The e-mails are fraudulent, the NCUA warns, and may be an attempt to obtain confidential member information. The agency does not solicit such information from credit union members.
      "This is a phishing activity with no NCUA activity or approval. If you have received these e-mails please do not respond. If you have any questions or concerns please email NCUA" at this address, pacamail@ncua.gov, an agency alert said.
    • Vishing - "Vishing" similar to "phishing", this is a telephone-initiated scam where you will be contacted and asked for personal or financial information. The call may sound like it is from a trusted partner, and they may pretend to try and identify you by asking for information such as your social security number, birth date or account numbers. Again, if you are interested in the product or service being offered, call back at the number YOU have on file for the institution to ensure that the call is legitimate.
      Smishing (SMS phISHING) is the mobile phone counterpart to phishing. Instead of being directed by e-mail to a Web site, a text message is sent to the user's cell phone or other mobile device with some ploy to click on a link. The link causes a Trojan to be installed in the cell phone or other mobile device.
    • New! Mail LETTER "PHISHING"
      This new scam occurs where the phisher is creating a letter and sending it through the mail to individuals to respond to the letter by calling a phone number. The phisher outlines in the letter that the individual must respond for their own protection. This scam is used in conjunction with other channels to steal valuable personal and financial information of the individual receiving the letter.

    Another new scam involves a phone call where the perpetrator already has your credit card number, name and expiration date and just wants the three-digit security code on the back of the card. They call saying they are working with law enforcement to stop fraudulent charges in amounts ranging from $297 to $497 (although the amounts can change) and that someone just tried to make such a charge on your card. They read all of your information to you and ask for that three-digit number as a “security measure”. DO NOT give them this number. Hang up and report the call to the customer service phone number printed on your card. If you have caller ID, you may be able to provide the phone number to the credit card company.

    PFCU is always watching out for your financial well-being. If you receive an automated message on your telephone claiming that you have won a prize or money, it is possibly a scam for overseas con artists to gain access to your phone line, wracking up calls that will be billed to your number. You will be prompted to dial a 2-digit code preceded or followed by the * or # key on your phone (such as *79 or 72#), then an 800 number to claim your prize. When you dial the number, no connection is made. What this actually does is connect you to an overseas operator who then channels expensive calls through your phone line. A legitimate sweepstakes would not contact you in this manner. If you receive a call like this, simply hang up. If you receive a recorded message, do not call back.

    Another current phone scam involves credit union members receiving an automated phone call telling them that their ATM or Debit card needs to be reactivated. They are asked to press 1, then enter their 16-Digit Debit or ATM card number, then their expiration date, then their PIN. Neither PFCU, nor any financial institution would contact you in such a manner. Always protect your PIN. If you receive such a call, please hang up and notify us. If a number shows up on caller ID, please supply that number when calling or e-mailing us. You may save other members from having their card compromised!

    Advertisements have been posted on Craigslist as part of member recruitment scams nationwide. The ads (example below) solicit current credit union members and offer $75.00 or more for their assistance with qualifying a new member. This scam is targeting credit unions and members across the country.

    2010 Credit Union
    Protection Webinar Series

    Register now!
    Upcoming CU Protection Webinar:
    Covering Your Assets

    Apply for a Loan
    Become a Member
    Receive our eNewsletter
    Find a branch/ATM
    Connect With Pasadena Federal Credit Union TwitterFacebook