1.877.451.HNCU

Scam Alerts

With new cases of fraud reported every day, it is important to protect yourself. Horizons North Credit Union wants to help ensure your accounts and identity remain safe.

Please click on the links below to guard yourself against other fraud threats.

Horizons North Credit Union is working to keep your accounts and your identity safe.

Target Breach - Target has reported that nearly 40 million customers who made credit or debit card purchases in their U.S. stores from Nov. 27 to Dec. 15, 2013 may be affected by a data breach. Customer names, payment card numbers, expiration dates, and CVV security codes may have been compromised. If you feel your HNCU debit card has been compromised, please contact us immediately at 303-451-1146, so we can take the proper steps. If you have a HNCU credit card please call 1-877-875-8078.

Svpeng and Dyreza targeting Android devices!

While HNCU does not have any reason to believe our mobile app is at risk from Svpeng or Dyreza, we take security issues very seriously and understand that you do too.

What is Svpeng?

Svpeng is a new malicious malware, ransomware app for Android devices. Svpeng searches for specific mobile banking apps on the device, then locks the device and demands money to unlock it. In the U.S., Svpeng breaks into a mobile device through a social engineering campaign using text messages.

Svpeng capabilities include:

  • Spoofing legitimate banking applications
  • Stealing personal banking information
  • Capturing user input, including passwords
  • Sending SMS messages to premium numbers without user's knowledge resulting in charges
  • Stealing SMS messages
  • Stealing contact information and pictures
  • Tracking user location

What is Dyreza?

Dyreza or "Dyre" is a new family of banking malware that redirects the traffic to malicious servers, while end users think they have a secure connection with their legitimate online banking site.

Dyreza is spread through spam e-mail messages such as "Your FED TAX payment ID [random number]" and "RE: Invoice #[random number]." These messages contain a ".zip" file often hosted on legitimate domains, to minimize suspicion.

Opening this file infects the computer with the malware. Using a technique called "browser hooking" Dyrezea views unencrypted web traffic in the Internet Explorer, Chrome and Firefox browsers and captures an end user's credentials by sending the user to malicious servers, while the end user thinks they are securely connected to their financial institution's legitimate website.

Is my iPhone vulnerable to Svpeng and Dyreza? iPhones and Android devices use different operating systems. Svpeng specifically targets the Android operating system. Dyreza does not target mobile devices; it exploits Internet Explorer, Chrome and Firefox browsers.

How can my end users protect themselves against threats like Svpeng and Dyreza?

  • Installing an antivirus app and keeping it updated
  • Avoiding installing Android apps from third-party websites or unreliable sources
  • Reading the permissions requested by every application before installing
  • Performing regular backup of data stored in Android devices
  • Protecting devices with a password
  • Not viewing or sharing personal information over a public Wi-Fi network

Please watch one of the educational videos below to learn more about potential and how to protect yourself.

Fraud Prevention Videos
Simple Tips For Keeping Your Personal Information Safe

To help educate our members, we have five short videos available that address keeping your personal information secure.

Videos use Adobe Flash, download the most recent version of Adobe Flash Player.

Identity Theft Resources

Click here to learn about ways to protect your identity.

Scam Alert

Members have received text alerts/phone calls asking them to verify their account information. HNCU will NEVER ask you to update or verify your personal or account information through an unsolicited phone call, text message or e-mail. Please call us at 303-451-1146 if you have any questions or have received and responded to a text message or automated call.

809 Area Code Scam

Be cautious when responding to e-mails or phone calls from the 809, 284 or 876 area codes.

THIS IS VERY IMPORTANT INFORMATION PROVIDED TO UNITED STATES RESIDENTS BY AT&T.

Fraudsters / pranksters are getting people to call someone at these area codes by telling you that it is information about a family member who has been ill or to tell you someone has been arrested, died, or to let you know you have won a wonderful prize, etc.

Click here to learn more about the 809 Area Code Scam