Social Engineering

Social engineering (in the context of information security) is the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes. To put that into a perspective that everyone can understand, social engineering is the art of criminal manipulation. Criminals try to manipulate you into giving up sensitive information like passwords, account information or access to your computer to install malicious software. (Alternatively, this software can give criminals access to your accounts, passwords and control of your computer.

Criminals use this tactic because it works. Humans tend to see the good in everyone. It is usually easier to use a person’s natural inclination to trust than it is to discover other ways to hack your software or computers.

Experts agree that the most vulnerable part of any security system is the human operating it. No amount of locks, deadbolts, alarm systems or guard dogs will protect you from that pizza delivery guy you are trusting at face value. If you let him in without first checking to see if he is legitimate, you are exposed to whatever threat he may represent. The Energy Credit Union would show our members more about how to help protect yourself from social engineering risk and notice common red flags that can help you to determine what to look for when dealing with criminals who are potentially attempting to manipulate you through a fraudulent email. Lets look at how scammers can manipulate an email to catch you!

Who is the email from?

  • I don’t recognize the sender’s email address as someone I ordinarily communicate with.
  • This email is from someone outside my organization and it’s not related to my job responsibilities.
  • This email was sent from someone inside the organization or from a customer, vendor, or partner and is very unusual or out of character.
  • Is the sender’s email address from a suspicious domain (like micorsoft-support.com)?
  • I don’t know the sender personally and they were not vouched for by someone I trust.
  • I don’t have a business relationship nor any past communications with the sender.
  • This is an unexpected or unusual email with an embedded hyperlink or an attachment from someone I haven’t communicated with recently.

Who is the email to?

  • I was cc’d on an email sent to one or more people, but I don’t personally know the other people it was sent to.
  • I received an email that was also sent to an unusual mix of people. For instance, it might be sent to a random group of people at my organization whose last names start with the same letter, or a whole list of unrelated addresses.

When was the email sent?

  • Did I receive an email that I normally would get during regular business hours, but it was sent at an unusual time like 3 a.m.?

What is the subject of the email?

  • Did I get an email with a subject line that is irrelevant or does not match the message content?
  • Is the email message a reply to something

Are there any attachments?

  • The sender included an email attachment that I was not expecting or that makes no sense in relation to the email message. (This sender doesn’t ordinarily send me this type of attachment.)
  • I see an attachment with a possibly dangerous file type. The only file type that is always safe to click on is a .txt file.

Are there any hyperlinks?

  • I hover my mouse over a hyperlink that’s displayed in the email message, but the link-to address is for a different website. (This is a big red flag.)
  • I received an email that only has long hyperlinks with no further information, and the rest of the email is completely blank.
  • I received an email with a hyperlink that is a misspelling of a known web site. For instance, www.bankofarnerica.com — the “m” is really two characters — “r” and “n.”

 What is the content of the email?

  • Is the sender asking me to click on a link or open an attachment to avoid a negative consequence or to gain something of value?
  • Is the email out of the ordinary, or does it have bad grammar or spelling errors?
  • Is the sender asking me to click a link or open up an attachment that seems odd or illogical?
  • Do I have an uncomfortable gut feeling about the sender’s request to open an attachment or click a link?
  • Is the email asking me to look at a compromising or embarrassing picture of myself or someone I know?

Here is a PDF  for quick reference. Remember to stay vigilant and safe!

Holiday Closure

Please be advised that all Energy CU branches will be closed for the Thanksgiving holiday, Monday October 9th, 2017. Branches will re-open Tuesday October 10th, 2017

Did you know? You can bank when and where you like!

You can access your account 24/7 with our Mobile App (for iOS and Andriod), online through our Cyber Teller or our Telephone Teller. We have Remote Cheque Deposit through your Smartphone too! If you are not yet signed up for these free services give our offices a call! For more information: dial 416-238-5606, reach us toll free at 1-888-942-2522 or please visit us online at www.theenergycu.com .

Are you travelling with your MemberCard outside of Canada?

If you’re planning on taking a trip outside of Canada, please contact us at 416-238-5606 prior to leaving. Our ongoing monitoring programs have identified increased levels of fraud in certain countries recently. As a result, debit card transactions may not be processed in those countries effective 1 November 2016. If you are a frequent traveler to the US, you can sign a Bond of Indemnity which would allow you to have full access of your card without having to notify us each time, for the states you specify. Some conditions apply. For more information please contact us at 416-238-5606.

We apologize for any inconvenience this may cause, but the security of our Members and their funds is very important to us.

Credit Union Prime Rate Change

Attention all members. Effective 06 September 2017, the Credit Union’s prime rate will increase by 0.25% to 3.5%. This rate increase may affect some Credit Union member’s variable loan and deposit rates. If you have any questions please do not hesitate to call our offices and speak with a lender at 416-238-5606.

There will be no change to our wonderful TFSA rates. The TFSA variable rate is still 2.15% with no minimum and without locking in your funds. If you want an even better rate of return you can choose to lock in your TFSA funds for 3 years for 3.15%. If you have any questions about TFSAs and how you can take advantage of these great rates please let us know by dropping in a branch or calling us at 416-238-5606.