Information Desk

- Security Information

PAFCU will never send unsolicited e-mails regarding security issues or account information and will NEVER ask for personal information such as credit card or PIN numbers, or online banking passwords. Again, recipients should NOT click on the links in the message. Instead, they should delete the message.

How to practice "safe computing"

The number and sophistication of phishing and spoofing scams sent out to consumers is continuing to increase dramatically. While online banking is widely considered to be as safe or safer than in-branch or ATM banking, as a general rule you should be careful about giving out your personal financial information over the Internet. Below is a list of recommendations you can use to avoid becoming a victim of these scams:
  1. Be suspicious of any email with urgent requests for personal financial information.
  2. Phishers typically include upsetting or exciting (but false) statements in their emails to get people to react immediately.
  3. They typically ask for information such as usernames, passwords, credit card numbers, Social Security numbers, etc.
  4. Phisher emails typically are not as personalized and may contain spelling errors while valid messages from your bank or e-commerce company generally are accurate in the way they spell your name and your financial institution's name.
  5. Don't use the links in an email to get to any Web page, if you suspect the message might not be authentic. Instead, call the company on the telephone, or log onto the website directly by typing in the Web address in your browser.
  6. Avoid filling out forms in email messages that ask for personal financial information.
  7. Only communicate information such as credit card numbers or account information via a secure website or the telephone.
  8. Always ensure that you're using a secure website when submitting credit card or other sensitive information via your Web browser.
  9. A secure Web server designation can be found by checking the beginning of the Web address in your browser's address bar - it should be "https://" rather than just "http://".

What is "Phishing"?

Phishing ( is a high-tech scam that uses spam or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, or other sensitive information.

Example Citations:
Phishing is the term coined by hackers who imitate legitimate companies in email messages to entice people to share passwords or credit-card numbers. Recent victims include Bank of America, Best Buy and eBay, where people were directed to Web pages that looked nearly identical to the companies' sites.

What is "Spoofing"?

Pretending to be something it is not, whether an email, website, etc...

How to report "Phishing" or "Spoofing"

We suggest reporting "phishing" or "spoofed" emails to the following groups:
  • Forward the email to
  • Forward the email to the Federal Trade Commission at
  • Forward the email to the "abuse" email address at the company that is being spoofed (e.g. "")
  • When forwarding spoofed messages, always include the entire original email with its original header information intact.
  • Notify the Internet Fraud Complaint Center of the FBI by filing a complaint on their website: