CUNA News
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • Credit Union Magazine
    • Buyers' Guide
    • COVID-19
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • Advertise
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Contact

News

Home » Employees key to phishing defense
Technology Human Resources

Employees key to phishing defense

Orange County’s Credit Union makes staff an invaluable part of the security process.

November 30, 2020
Ron Jooss
No Comments
2020-12-Employees_118786

Phishing attacks can leave credit unions vulnerable to security leaks, especially because the attacks often prey on the emotions of an employee or member to gain access to valuable information.

In phishing attacks, scammers use email or text messages to trick recipients into giving them confidential information. This is why regular and thorough staff training is crucial to protect members’ information.

One Santa Ana, Calif., credit union has made huge strides in this effort.

Orange County’s Credit Union has implemented an anti-phishing program that makes staff an invaluable part of the security process.

Orange County’s information security team involves all employees in regular phishing tests and connects them with resources about phishing and how to avoid scams.

“We also reach out to associates after the phishing test emails and do one-on-one training with them,” says Kevin Hill, information security manager at the $2 billion asset credit union. “We show them anything they might have missed and what a typical phishing email might include.

“We want this to be a collaborative approach to maintaining and improving security,” he continues. “This approach works by reinforcing to associates they are an important part of the security team.”

It’s working. Orange County’s phishing email failure rate is well below the industry average of 2.4%, Hill says.

Accountability is another reason testing is successful. Security testing is part of all employees’ performance appraisals to ensure staff takes security seriously and stays vigilant.

Typical signs of a phishing email include inconsistencies in email addresses, links, or domain names; poor grammar and misspellings; and suspicious attachments.

But scammers are getting more sophisticated, Hill says.

“For instance, there are fewer phishing attacks with typos and poor grammar compared to a couple years ago,” he says. “One thing you almost always see is a sense of urgency. Scammers want to prey on the recipients’ emotions to force a quick action and make them act irrationally.”

With this sense of urgency in mind, Orange County’s advises members to carefully read all messages from the credit union and contact the credit union directly if there is any question of validity.

Orange County’s educates members that staff can assist them with next steps, payments, or other measures to keep them in good standing and protect their assets, and that it will never ask members to verify their PINs, Social Security numbers, account numbers, or other confidential information via email.

Hill advises other credit unions to test employees often and to not underestimate the value of staff in the fight against fraud.

“Our associates have made a big difference in the security of our credit union,” he says. “Having a dedicated staff committed to cybersecurity is part of our promise to take care of members.”

KEYWORDS phishing security training

Post a comment to this article

Report Abusive Comment

Credit Union Magazine: Spring 2023

Spring 2023

Credit Union Magazine’s Spring 2023 issue features the 2023 Credit Union Heroes and examines CUNA-League advocacy priorities, board leadership, the impact of financial well-being efforts, fee-related compliance issues, predictions for the year ahead, and more.
Digital Edition •  Subscribe

Trending

  • CUNA Mascot Madness: Voting opens for East Region

  • Mascot Madness: East winner crowned; Midwest voting opens

  • League leaders highlight credit union difference, safety, soundness

Tweets by CUNA_News

Polls

CUNA Mascot Madness: Which West Region mascot is your favorite?

View Results
More

Champion for the Credit Union Movement

Credit Union National Association is the most influential financial services trade association and the only national association that advocates on behalf of all of America's credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • Membership
  • Contact Us
  • Careers

Resources for

  • Credit Union Advocates
  • Leagues
  • Press
  • Providers

Our Affiliates

  • American Association of Credit Union Leagues (AACUL)
  • Credit Union Awareness
  • Credit Union House
  • CUNA Strategic Services
  • National Credit Union Foundation
GET CUNA UPDATES
© 2023 Credit Union National Association | ADA Compliance Notice & Legal
Email Us