CUNA
  • Advocacy
    • Priorities we’re fighting for
    • Actions you can take
  • News
  • Learn
  • Compliance
  • Shop
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • COVID-19
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • COVID-19
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Contact
Learn More about Member Value

News

Member Benefits
Learn more
Learn more about the benefits of membership.
Home » Employees key to phishing defense
Technology Human Resources

Employees key to phishing defense

Orange County’s Credit Union makes staff an invaluable part of the security process.

November 30, 2020
Ron Jooss
No Comments
2020-12-Employees_118786

Phishing attacks can leave credit unions vulnerable to security leaks, especially because the attacks often prey on the emotions of an employee or member to gain access to valuable information.

In phishing attacks, scammers use email or text messages to trick recipients into giving them confidential information. This is why regular and thorough staff training is crucial to protect members’ information.

One Santa Ana, Calif., credit union has made huge strides in this effort.

Orange County’s Credit Union has implemented an anti-phishing program that makes staff an invaluable part of the security process.

Orange County’s information security team involves all employees in regular phishing tests and connects them with resources about phishing and how to avoid scams.

“We also reach out to associates after the phishing test emails and do one-on-one training with them,” says Kevin Hill, information security manager at the $2 billion asset credit union. “We show them anything they might have missed and what a typical phishing email might include.

“We want this to be a collaborative approach to maintaining and improving security,” he continues. “This approach works by reinforcing to associates they are an important part of the security team.”

It’s working. Orange County’s phishing email failure rate is well below the industry average of 2.4%, Hill says.

Accountability is another reason testing is successful. Security testing is part of all employees’ performance appraisals to ensure staff takes security seriously and stays vigilant.

Typical signs of a phishing email include inconsistencies in email addresses, links, or domain names; poor grammar and misspellings; and suspicious attachments.

But scammers are getting more sophisticated, Hill says.

“For instance, there are fewer phishing attacks with typos and poor grammar compared to a couple years ago,” he says. “One thing you almost always see is a sense of urgency. Scammers want to prey on the recipients’ emotions to force a quick action and make them act irrationally.”

With this sense of urgency in mind, Orange County’s advises members to carefully read all messages from the credit union and contact the credit union directly if there is any question of validity.

Orange County’s educates members that staff can assist them with next steps, payments, or other measures to keep them in good standing and protect their assets, and that it will never ask members to verify their PINs, Social Security numbers, account numbers, or other confidential information via email.

Hill advises other credit unions to test employees often and to not underestimate the value of staff in the fight against fraud.

“Our associates have made a big difference in the security of our credit union,” he says. “Having a dedicated staff committed to cybersecurity is part of our promise to take care of members.”

KEYWORDS phishing security training

Post a comment to this article

Report Abusive Comment

Credit Union Magazine - Winter 2020

Winter 2020

Credit Union Magazine’s Winter 2020 edition features CUNA’s 2021 lending outlook, CEO insights on adjusting to the pandemic, and board recruitment strategies.
Digital Edition •  Subscribe

Trending

  • Compliance: 2020 Year in Review, Checklist now available

  • 5 fraud predictions for 2021

  • CUNA sends recommendations to incoming Biden administration

Tweets by CUNA_News

Polls

Will you ask employees to receive the coronavirus vaccine?

View Results
More

Champion of America’s Credit Unions

Credit Union National Association is the only national association that advocates on behalf of all of America’s credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • About
  • Careers
  • Contact Us
  • Recommended Websites
  • Privacy Policy

Resources for

  • CUNA Board Members
  • Credit Union Advocates
  • Leagues
  • Press
  • Vendors