ALEXANDRIA, Va.–NCUA is cautioning credit unions to be vigilant in watching out for social engineering and phishing attacks, particularly as the war in Ukraine continues.
In a new Risk Alert, the agency credit union employees and members, as well as vendors serving credit unions, to educate themselves on how to avoid the threats.
The alert defines phishing and other malicious attempts to gather personal information about individuals through either emails or websites. The alert further defines “smishing” as involving malicious code that uses text messaging applications (such as SMS) to entice victims to click on malicious links to achieve similar goals to email phishing.
NCUA outlined common indicators of phishing attacks, and how to avoid becoming a victim in the Risk Alert.
“The NCUA encourages credit unions to review the Cybersecurity and Infrastructure Security Agency’s Shields-Up website, which provides information about cybersecurity threats, including several resources and mitigation strategies,” NCUA told credit unions.
In addition, the alert reminds that the agency has recently created the Automated Cybersecurity Evaluation Toolbox (ACET) for credit unions to use when evaluating their levels of cybersecurity preparedness. It further noted ACET is a downloadable, stand-alone app developed to be a cybersecurity resource for credit unions.
The Risk Alert, which includes additional resource links, can be found here.