As part of our Identity Theft Prevention Program, we've teamed up with Equifax to offer credit monitoring service at special member discounted rates. This service provides a way for you to review your credit reports so you can be alerted to possible fraud and identity theft. Learn how Equifax can help you protect your good credit. Sign up now!

ID Theft

FBI Fraud Alert (PDF 700kb) FTC's Identity Theft Site Privacy Rights Clearing House Identity Theft Resource Center Do we have your current address?

Phishing

FTC Consumer Alert: How Not to Get Hooked by a `Phishing´ Scam (Acrobat file) Scam Alert: Watch Out for "Phishing" Emails Attempting to Capture Your Personal Information

Internet Security

Ten Tips To Online Security

Get the Acrobat plugin

Not a member? Join now!

Fraudulent Emails

  > Examples of Fraudulent Emails and Scams

Consumer Alert: Beware of “Phishing” Emails

“Phishing” is an online scam that hopes you’ll bite and give out personal information that can be used to steal your identity. An email may look as if it comes from Navy Federal and includes a message that encourages you to link to a fraudulent site that looks similar to Navy Federal's Web site.

Sadly, these phishing scams occur often and are aimed at members and customers of all financial institutions, including Navy Federal.

It is very important to remember that Navy Federal will never send you an email asking you for confidential information.

Phony emails can appear from all kinds of services, such as your Internet Service Provider (ISP), retailers, online auction sites and others. They’ll often use legitimate “From” email addresses, logos and links. Remember, they are trying to get you to take immediate action without thinking about the consequences.

Currently, there are two basic types of Internet phishing schemes:

1. An email asks you to provide personal account information online. The email links to a false Web site that's been constructed to resemble that of your financial institution, where you are told to verify certain information.
2. An email asks you to provide personal account information by calling a fraudulent phone number. When you call, you're asked to provide such things as card numbers and PINs to verify their information.

What kind of information are they looking for?

Your Social Security number (SSN), bank and credit card account numbers, PINs and date of birth for starters. With that kind of information, they can steal your identity and open new accounts that you might not find out about until fraudulent charges start showing up on your credit report.

Remember, you should never reply to an email that:

• Requires you to enter personal and confidential information, including your SSN, account number(s), login ID numbers, etc.
• Threatens to close or suspend your account(s).
• States that your account has been compromised in some way and you need to confirm your information.
• Asks you to enter an account access code or personal password in any way.

How can you protect yourself?

Here are some tips to protect yourself from "phishing":

• If an email looks at all suspicious or is from an unknown source, don’t click on links, provide any information or open any attachments.
• Don’t trust a link from an email just because it takes you to a site that looks legitimate. Scammers can copy those easily.
• Verify with the company that the email is legitimate before submitting any personal information online or by phone.
• Try not to fill out forms contained emails. You can never be sure where the information is going or who sees it along the way.
• Email headers can be forged. Be suspicious until you know for sure.
• If you click on a link from an unsolicited email, make sure there’s an “s” after the http in the address and a lock at the bottom of the page, signifying a secure site that is encrypted. This is no guarantee, however, that the site is legitimate.

Read more tips for staying safe online

Did you respond to a fraudulent email?

If you mistakenly answered a fraudulent email, do the following:

1. Change your Account Access password from an uninfected PC.
2. Ensure that you have a current firewall, anti-virus software and spyware detection software installed on your PC.
3. Run a virus scan on your PC, and clean up any viruses or Trojans that are detected.
4. Change your Account Access password again.

For your ongoing protection, we recommend that you carefully review your account transactions on Navy Federal Online Account Access, and then every week or so on an on-going basis. Immediately report any fraudulent transactions or activity to Navy Federal.

Contacting Navy Federal about fraudulent emails

If you believe that you have received a "phishing" email, rather than a legitimate email from Navy Federal, forward it to: phishalert@navyfederal.org for review along with the name of your ISP. Do not change the original subject line of the email and do not send emails that require a response. Navy Federal will not respond to emails sent to the phish alert address.

Information on ID Theft, Security Breaches, Fraud and Phishing

• Security at Navy Federal
• ID Theft: Don't Become a Victim!
• Attention! Copiers Pose New Fraud Threat
• Ten Tips To Online Security
• When Navy Federal Contacts You by Email
• Fraudulent Emails
• Examples of Fraudulent Emails and Scams
• Monitoring Your Credit Record With Free Credit Reports and Alerts
• If Identity Theft Strikes—Here's What to Do