We have engaged FORVIS, LLP (Attn: Jeff Rosno, 1801 California Street , Ste. 2900, Denver, CO 80202) to perform member verifications. Kindly compare the balance of your accounts on your December 2022 statement WITH YOUR RECORDS. If balances do not agree, please address your discrepancies directly to FORVIS, LLP. Include your name, truncated account number, and an explanation of the difference noted. A reply is not considered necessary unless a difference is noted.
The credit union is experiencing technical difficulties. We greatly appreciate your patience.
By Ashleigh, K-Staff
We often write about the various methods that fraudsters and criminals use to steal info and money from victims. Sometimes, the attempt is relatively obvious. Other methods, like a well-done spoof, are more difficult to detect.
In late February, a local New Mexico school district warned parents about a spoofed website, built to look virtually identical to the real school district website. The website was well done, the fake good enough to not be obvious at first glance. But it held many of the hallmarks of a spoofed website—if you knew where to look.
A spoofed website is a site built to mimic a legitimate website for malicious purposes. A spoofed bank site, for example, could fool customers and members into entering their banking login information, exposing it to the criminals. Another high-profile example of spoofing occurred in November 2020. The FBI issued a warning that several spoofed websites mimicking the federal agency’s official site. According to the FBI:
Some of the spoofed domains are highly suspicious; but others could easily be mistaking for an official FBI page.
A domain that is similar to a legitimate domain but not identical is a hallmark of a spoofed website. For example, our website domain is https://kirtlandcu.org/. A hypothetical spoofed domain could be close to the original (kirtlandfederalcu.org) or add a subdomain (kirtlandfcu.moneyspoof.com) to fool you into thinking it’s the real Kirtland FCU site.
In the school district incident, the spoofed domain had a single extra letter: rrps.net vs. rrpss.net.
With a spoofed domain, a fraudster can also create email addresses with that domain in order to extend the deceit to inboxes. So be sure to check any domain of an email address before you decide to open it or interact with it.
A good spoof can look identical to the legitimate site it’s purporting to be. But there are signs that you aren’t looking at the real website. Here is what the FBI says you can do to spot a spoof and keep yourself safe:
Join us at our 2023 Annual Membership Meeting on Tuesday, March 21 at our Gibson Branch at 4:30 p.m.
Can't be there in person? Register to view online! Click Learn More for more details.
Kirtland CU Online, Mobile, and Telephone Banking will be unavailable on Sunday, December 11 between 12:30 – 7:30 a.m. as we perform system maintenance.