Secure Online Banking

1. Always access PeoplesChoice Credit Union’s online banking by typing in the correct URL ( into your browser. Never click on a link in an email to take you to a website and enter personal details either in the email or website.

2. Password and PIN security: You should always be wary if you receive unsolicited emails or calls asking you to disclose any personal details or card numbers. This information should be kept secret at all times. Be cautious about disclosing personal information to individuals you do not know. PeoplesChoice would never contact you directly to ask you to disclose your PIN or all your password information.

3. If it sounds too good to be true - it probably is: Don't be conned by convincing emails offering you the chance to make some easy money. As with most things if it looks too good to be true, it probably is! Be cautious of unsolicited emails from overseas - it is much harder to prove legitimacy of the company behind the emails.

4. PC security: It is important to use up-to-date Anti-virus software and a personal firewall. If your computer uses Microsoft Windows operating system, it is important to keep it updated via the Windows Update feature, equally if you use another PC operating system or have an Apple Mac you should check regularly for updates. You should be vigilant if you use a computer that is not your own and over which you have no control.

5. Keep your identity private offline: Your identity can be as easily stolen offline as it can online. It is important destroy documents with new PIN numbers and expired bank cards. You should also consider using a shredder to destroy unneeded statements that may contain sensitive personal information. It is advisable to store retained documents in a suitable locked and fireproof container.

6. Review your statements: It is important to check your statements regularly; a quick check will help identify any erroneous or criminal transactions that might have been performed on your account without your knowledge.

7. Verify your banking session is secure: When undertaking any banking on the Internet, check that the session is secure. There are two simple indicators that will tell you if your session is secure. The first is the use of https:// in the URL. An indicator is the presence of a digital certificate represented by a padlock or key in the bottom right hand corner. If you double click on this icon it should provide you with information about the organization with which you have entered into a secure session.

8. Check for Spyware: In addition to being protected by using up-to-date antivirus software you should also regularly use software to remove Spyware from you computer, as these programs record information about your Internet use and transmit it without your permission.

9. Always completely log off from your Internet session: It is important to completely log off from your Internet session; simply closing the window you performed the transaction in may not close the session. If your computer is infected with a Trojan, your session could be hijacked by a criminal and financial transactions performed without your knowledge.

10. Be confident in PeoplesChoice Credit Union: PeoplesChoice uses a combination of Secure Socket Layer (SSL) protocol and passwords to protect your information.

How to reduce SPAM

Spam is the slang term for unsolicited email. The practice of sending unsolicited bulk email ("spam") is an increasing problem on the Internet and it provides criminals with the ability to operate anywhere in the world. In order to reduce the amount of spam that you receive, you should be careful about disclosing your e-mail address and consider taking some of the measures below to protect yourself from spam.

7 ways to reduce spam:

1. Only share your main e-mail address with people you know.

2. Use an email program that includes spam filters, an anti-spam product, or a service that scans your email for spam automatically.

3. Don't list your e-mail address in full on any websites, newsgroups or forums.

4. Disguise your e-mail address on websites, newsgroup posts, chat rooms, or bulletin boards. By doing this you will still make it possible for other people to read your address, but prevent the automated programs that spammers use from harvesting your email address.

5. Make sure that you opt out of marketing offers allowing your address to be sold to third parties when registering or buying products or services.

6. NEVER reply to spam emails or attempt to use the "remove me" link as this will confirm that your address is live and you will receive more spam.

7. Don't open or preview spam messages as this may enable them to validate that the message has been opened.

How to Avoid Phishing

Phishing is the term given to the criminal practice of sending random emails purporting to come from genuine companies such as financial and ecommerce organizations. The emails try to convince customers of those companies to disclose personal information on fake websites operated by criminals. The emails often contain urgent messages and claim that it is necessary to "validate" or "update" customer account information. The emails contain instructions to click on a link within the email which takes the recipient of the email to the fake website. Here all information entered is collected by the criminals. Information captured through Phishing may be used to perpetrate different criminal acts. Your funds may be stolen and and your identity stolen.

How to avoid becoming a victim of Phishing?

It is important to remain vigilant and be suspicious of all unsolicited or unexpected emails you receive, even if they appear to originate from a trusted source such as PeoplesChoice Credit Union. It is important to remember that PeoplesChoice will never ask you to reconfirm any personal information by clicking on a link in an email and visiting a website.

Who is the email from?

The structure of the Internet makes it relatively simple for criminals to create fake entries in the "From:" box of an email. This means that Phishing emails often look like they come from a real company email address. 
It is important to remember that the email address you see in the "From" field may not be from the person or organization that it claims. The message is also likely to contain odd "spe11ings" or cApitALs in the "Subject:" box - this is designed to bypass spam filter software and increase their chances of delivery to a potential victim.

Who are the intended victims?

Phishing emails are sent out randomly using bulk email lists. The criminals are cunning and whilst they may not know your real name or indeed anything else about you they will try to convince you to provide your account details. Because it is unlikely they know your name they tend to address their victims in vague terms such as "Dear Customer". The email may well include grammatical and spelling errors as it is likely that English is not their first language.
Some emails may also contain a login form directly in the body of the email to add authenticity to the scam.

Fake hyperlinks

As with forging email addresses in the 'From' box, it is also very simple to hide a hyperlink's true destination. This means that the link displayed in an email and anything which shows up in the status bar at the bottom of your email program can be faked.

The structure of a Phishing website

The criminals are clever and use a number of techniques to hide the true location of a fake website in the address bar. The website address may begin with the genuine site's domain name (eg:, but unfortunately that is no guarantee that it points to the real site. Another technique involves loading a genuine website into your web browser and then creating a fake 'pop-up' window over the top of it. When used you can see the real website in the background, however any information you type into the pop-up window will be captured by the criminals and used for their criminal purposes.

**It is important to remember that you should always access your online banking account, by typing the address into a new window.


What to do in the event you receive a Phishing email:

If you do receive a suspicious email, please contact PeoplesChoice Credit Union by calling 207-282-4156.

How to Avoid Vishing

Vishing is the term given to the practice of leveraging Voice over Internet Protoco (VoIP) technology to trick people into providing personal and financial details over the phone by pretending to represent real companies, which the fraudster then uses to achieve some financial gain. The term is a combination of "voice" and phishing.

With the advent of VoIP, telephone services may now terminate in computers, which make illegal acts easier to achieve than with traditional "dumb" telephony endpoints.

A typical Vishing attack could follow a sequence such as described below:

The fraudster sets up an automatic dialler which uses a modem to call all the phone numbers in a given region.
When the phone is answered, an automated recording is played to alert the customer that his/her credit card has had illegal activity and the customer should call the recorded phone number immediately. The phone number could be a toll free number often with a caller identifier that makes it appear that they are calling from the financial company they are pretending to represent.

When the customer calls the number, it is answered by a computer generated voice that tells the customer they have reached 'account verification' and instructs the consumer to enter their 16-digit credit card number on the key pad.

Once the customer enters their credit card number, the "visher" has all of the information necessary to place fraudulent charges on the consumer's card.

Those responding are also asked for the security number found on the rear of the card.
The call can then be used to obtain additional details such as security PIN, expiry date, date of birth, bank account number, etc.

How to avoid becoming a victim of Vishing:

Take steps to protect your personal information and bank account.
Legitimate financial organizations would have knowledge of some of your personal details.

Be suspicious of any call that appears to be ignorant of basic personal details like first and last name (although it is unsafe to rely on this alone as a sign that the call is legitimate). If you receive such a call, report it.

Do not call and leave any personal or account details on any telephone system that you are directed to by a telephone message or from a telephone number provided in a phone message, an email or an SMS especially if it is regarding possible security issues with your credit card or bank account. When a telephone number is given, you should first call the phone number on the back of your credit card or on your statement to verify if the number given is legitimate.

Make sure the call is legitimate before disclosing any personal information.

Who are the intended victims?

Vishing calls are indiscriminate and randomly target people. The fraudsters are cunning and they may not know your real name nor any other real information about you but they will try to convince you to provide your account details. Because it is unlikely they know your name they tend to address their victims in vague terms, like "sir" or "madam".

If you do receive a suspicious call/email/phone message, please call PeoplesChoice Credit Union at 207-282-4156

Click here, call 1-877-785-6328 or come in to any of our four convenient branches and become a member today!