Rest Confident, Your Money is Safe and Secure at Kirtland Credit Union, a message from our President & CEO. Learn More

All Kirtland CU branches and locations will be closed on Monday, May 26 in observance of Memorial Day.

Use caution if you receive a call, email, or text message that appears to be from Kirtland Credit Union. Don’t click on links or call phone numbers in unsolicited messages. Remember: We will NEVER ask for your online banking access codes, credentials or for you to transfer money.

If you may experience financial hardship related to the government shutdown, we’re here to help. Call 1.800.880.5328 or visit one of our branch locations for more information.

Due to technical difficulties, Kirtland CU branches, other than Gibson, are temporarily unable to provide in-branch services,  Online and Mobile Banking remain available for your banking needs. We apologize for any inconvenience.

Search

ROUTING NUMBER: 307070050

LOGIN/REGISTER

Welcome To The Insighter!

Explore the latest happenings at Kirtland CU and learn about important topics from around the financial world. Here’s your insight! To learn about retirements, investments and financial planning, check out Invested now.

Proof of the Spoof

By Ashleigh, K-Staff

Facebook
Twitter
LinkedIn

We often write about the various methods that fraudsters and criminals use to steal info and money from victims. Sometimes, the attempt is relatively obvious. Other methods, like a well-done spoof, are more difficult to detect.

In late February, a local New Mexico school district warned parents about a spoofed website, built to look virtually identical to the real school district website. The website was well done, the fake good enough to not be obvious at first glance. But it held many of the hallmarks of a spoofed website—if you knew where to look.

What’s a spoofed website?

A spoofed website is a site built to mimic a legitimate website for malicious purposes. A spoofed bank site, for example, could fool customers and members into entering their banking login information, exposing it to the criminals. Another high-profile example of spoofing occurred in November 2020. The FBI issued a warning that several spoofed websites mimicking the federal agency’s official site. According to the FBI:

“Adversaries can use spoofed domains and email accounts to disseminate false information; gather valid usernames, passwords, and email addresses; collect personally identifiable information; and spread malware, leading to further compromises and potential financial losses.”

Some of the spoofed domains are highly suspicious; but others could easily be mistaking for an official FBI page.

A domain that is similar to a legitimate domain but not identical is a hallmark of a spoofed website. For example, our website domain is https://kirtlandcu.org/. A hypothetical spoofed domain could be close to the original (kirtlandfederalcu.org) or add a subdomain (kirtlandfcu.moneyspoof.com) to fool you into thinking it’s the real Kirtland FCU site.

In the school district incident, the spoofed domain had a single extra letter: rrps.net vs. rrpss.net.

With a spoofed domain, a fraudster can also create email addresses with that domain in order to extend the deceit to inboxes. So be sure to check any domain of an email address before you decide to open it or interact with it.

How to spot a spoof

A good spoof can look identical to the legitimate site it’s purporting to be. But there are signs that you aren’t looking at the real website. Here is what the FBI says you can do to spot a spoof and keep yourself safe:

  • Verify the spelling of web addresses, websites, and email addresses that look trustworthy but may be imitations of legitimate election websites.
  • Ensure operating systems and applications are updated to the most current versions.
  • Update anti-malware and anti-virus software and conduct regular network scans.
  • Do not enable macros on documents downloaded from an email unless absolutely necessary, and after ensuring the file is not malicious.
  • Do not open emails or attachments from unknown individuals. Do not communicate with unsolicited email senders.
  • Never provide personal information of any sort via email. Be aware that many emails requesting your personal information may appear to be legitimate.
  • Use strong two-factor authentication if possible, using biometrics, hardware tokens, or authentication apps when available.
  • Use domain whitelisting to allow outgoing network traffic to websites that are deemed safe.
  • Disable or remove unneeded software applications.
  • Verify that the website you visit has a Secure Sockets Layer (SSL) certificate. In other words, check to make sure the address has https, not just http at the beginning of the URL.
Think you spotted a spoofed website? Report it to the FBI.
Accounts
Member Services
Help & Support
About
On The Go
Apple
Android

Connect With Us

Facebook Instagram Linkedin

Routing Number: 307070050

6440 Gibson Blvd. SE, Albuquerque, NM 87108

Copyright. Kirtland Federal Credit Union 2025. All rights reserved.

Federally insured by NCUA Equal Opportunity Lender

THIRD PARTY LINK DISCLOSURE: We may provide links to third party sites, independent from Kirtland Federal Credit Union. These links are provided only as a convenience. Kirtland Federal Credit Union does not manage the operation, content or any links contained inside of the website you are about to enter. The privacy and security policies of the site may differ from those of Kirtland Federal Credit Union.
Digital Banking Upgrade Coming May 20, 2025

Improving your online banking and mobile experience.

Key Information
You Need to Know

Member Login

Not registered, Click Here to Register

Credit Card Rewards Points

REDEEM NOW