It’s human nature to use the shortcuts provided to us. The criminal element is getting better at recognizing that and using it to their advantage.

One of the best things you can do when going to a site where you need to identify yourself, is to type out the URL. Avoid clicking on links in an email or text messages.

If it isn’t already second nature, start building the habit of looking at the URL critically before clicking on a link. Hovering your mouse cursor over a link should show you where the link will take you.

• For the ELGA site, is ELGA spelled correctly?
• Is it where you thought you were going?

Remember: the official URL for the main ELGA website is www.ELGACU.com

If there is anything about the link that feels off to you, don’t click the link and don’t input information about yourself on the site.

Remember that your identity and personal information is valuable and there are those who will try and trick you. Don’t give them the chance.

There appears to be a new phishing attack that uses a spoofed address from JHA (Jack Henry).

A spoofed address means that the sender is forging an
email address usually to pretend it’s from a trusted resource.

This attack includes a zip file that could include ransomware. The current reports say that the email references “Your Online Electricity Bill” but this could change as the attack continues. It could use any common bill payee.

Please use caution when opening any email attachment, especially those that you aren’t expecting. When possible, always go directly to a website to log in and don’t use links inside of emails, which can subtly misdirect you.

Our team discovered something about using the ELGACU.com website on Chrome. There’s a limit to how much you can decrease the size of our page before some of the elements wrap and cause the page to look really messy.

This is how it might appear:

If you’ve used the + or – keys to decrease the size, sometimes it doesn’t resize properly after that.

But the fix is super simple!

To tidy up the page again, just reset it by clicking on the magnifying glass in the address bar and choosing Reset.

This will reset the page to full size and clear up any formatting issues you might see.

Email threats of ransomware up their game

There is a new Ransomware attack called Goldeneye and it packs a double punch.  It not only encrypts your files but also your Master File Table (MFT).  The attack has two attachments, a PDF document and an Excel spreadsheet.  The PDF file is a social engineering attempt to get you to open the Excel spreadsheet which pulls down the malware to infect your workstation.  In this case the bad guys don’t ask that you enable macros (a clear red flag that has been communicated in multiple Cybersecurity updates) but will encourage you to change your Microsoft Office settings to a setting that will enable the embedded macros to run.  At that point Goldeneye is downloaded and launched and your files and file system become unusable.

In related news:
Ransomware….with payment options!  Some ransomware is now being delivered with the option to pay for the key to unlock your files with bitcoin or the option to pass the infected files to two additional people.  Why?  Because everyone is being taught to be cautious of e-mails from senders you don’t know but not people you do know, or might be expecting something from. Question every email. Email is, and will continue to be, the number one way to deliver malware to your computer.  

Stay alert and question attachments in email from both known and unknown senders.

The screen shots below will alert you to Goldeneye ransomware.

If you suspect that you have been infected with ransomware and your computer is part of a network, remove the infected computer from the network immediately. From another computer or mobile device, do a web search using the phrase I might have ransomware, what do I do now? and look for articles that are less than 6 months old and from a reputable source (i.e.: Microsoft, Sophos, PCWorld) for instructions on what do to next.

Members are reporting that they are receiving a Credit Union Alert text message. The message gives instructions to call a number.  An automated message requests them to input their full card number to reactivated and then press “1”.

Please ignore any such text message. ELGA Credit Union will never employ this type of system where you would be asked to input your card number, account number or social security number from a text message or automated call.

If you ever are in doubt of what you are being asked to do in regards to giving out your information, please call our Member Support line (810) 715-3542.

In our continuing efforts to keep your accounts secure, we’ve improved our alert system for potential fraud.

Here’s how it works:

1. When potential fraud is detected, you will receive an automatic email notification from ELGA Credit Union, with the option to reply with “fraud” or “no fraud.”
2. One minute after the email, you will receive a text alert from 32874 between 7am and 9pm, which also has the “fraud” or “no fraud” option. (*SEE BELOW)
3. If there is no response received from you, five minutes after the text alert, you will receive automatic phone calls to confirm or deny fraud.

Remember – our messages will never ask for your PIN or account number.

*The phone number for our Fraud Center has changed to 1-800-417-4592. If you add this number to your phone contacts and label it “ELGA Fraud Center,” it will display whenever you get a call from this number.

Please take this time to update your phone number and email with us to ensure you are getting these important fraud messages.

The news is reporting another email hack, this time effecting Gmail, Yahoo, and Hotmail. If you use any of these services, you should change your password now.

Here are a couple of tips to keep your important online accounts safer:

• If your email provides a multi factor authentication option, consider using it.
• Keep your email passwords different from your other passwords.
  • Hackers can use your email password to attempt to access other services you use. The thought process is that if you use that password for email, you might also use the same password for accessing your financial accounts.
• Change your passwords!
  • Set up a schedule and change your passwords a few times a year. The benefit of keeping your information protected is worth the temporary inconvenience.
• Don’t reuse old passwords.
  • Modifying a password slightly is more secure than reusing old passwords.

The latest trend in computer viruses is ransomware. Ransomware is fraudulent activity that attempts to take over your computer and blackmail you for cash to release it. All of the virus protection software is reporting an increase in the number of attacks. Here are some things to help keep your computers from falling prey to these criminals:

1. Keep your virus protection software updated. If you don’t use virus protection on your computers, you should start.
   • If you can configure your email server, block attachments with the following extensions: .exe, .vbs, .scr.  If you need to get files with these extensions from a reputable source, ask the sender to zip the files first.
2. Back up your most important files regularly. 
   • Keep copies of your backups somewhere other than on your computer.
3. Be suspicious of all emails that have attachments. 
   • Phishing attempts are emails the pretend to be notifications from delivery services, financial institutions, law enforcement, major retailers offering big dollar savings, and even the IRS. Don’t open attachments unless you were expecting to receive them.
   • Do not enable macros or content when opening files unless you know the source and reason for them.
4. Train yourself to think twice before clicking on a link sent to you in email, text, or on social networks.
   • These links can even come from people you know who have had their accounts hacked or emails stolen. Hover your mouse over the link to see if it looks suspicious.
5. Keep your operating system and browsers up to date.
6. Use a good pop up blocker and only let through trusted sources.
   • ELGA’s XpressLink needs you to allow pop ups for www.elgacu.com. We will never send you messages this way, but it is required to see the login box.
7.  Make sure that you share these tips with everyone that uses your computer.

ELGA has contracted with Digital Defense Inc. to bring our members a wealth of FREE training, education and awareness modules concerning your digital safety. The content is designed for quick, informative reading full of useful tips. Take a look at the topics that are included:

• Online Shopping
• ATM Safety
• Banking Myths
• Home Firewalls
• Home Computer Tips
• Secure Transactions
• Online Fraud
• Passwords
• Viruses/Worms
• Trojans & Spyware
• Child Safety Online
• Wireless Security
• Keylogging
• Vishing
• Botnets
• Old Computer Disposal
• Social Networking Online
• VoIP Security
• Social Media Dangers
• Identity Theft Prevention

You can access this information here:    It’s FREE and we don’t ask for identifying information.

We’ve also put it under the link at the top of our Alerts Page under Web Security so that you can find it any time!

We hope you’ll take advantage of this valuable resource.

Please use caution when selling items via Craigslist or other means where a face-to-face transaction is not required, as there has been an increase recently in transactions via these channels. For instance, if you have posted an item for sale on Craigslist, you may receive an email or text from an unknown person who expresses a desire to buy your item. Through whatever means, they propose the exchange of funds via a means which will not require a meeting in person, and most often offer to mail you a cashier check for payment.

Quite often, the check received will exceed the amount of the sale price, and the scammer offers some explanation for the excess balance, and ‘trusts you’ to wire the overage back to them. However, once you negotiate the fake check, when the check fails to clear you will be held responsible. You have wired the scammer good funds from your own account, but are now responsible for the full amount of the fake check that you negotiated.

So, the old adage is true ~  If it seems too good to be true, it probably is!