ST. PETERSBURG, Fla.-Credit unions can have the biggest impact on fraud by taking one of simplest steps, according to Steve Ruwe.
The chief risk officer for PSCU contends that credit unions need to leverage the close relationships they have with members to educate them and get them to pay attention to what they need to do to avoid disclosing sensitive personal information to fraudsters.
"Social engineering is the biggest data security threat now," Ruwe said. "The recent Michael's compromise is a perfect example. This is still the industry's biggest concern. There are more than 10,000 fake Web sites created each day by hackers and this issue will not go away. The only way to get in front of this is through member education efforts."
Ruwe believes credit unions are in a much better position to get through to consumers since they have a closer relationship with their members than banks have with their customers. "Credit unions should be working on communications and using their websites to educate members to be alert for fraudulent texts or e-mails so they don't fall for them. If someone is asking for personal information, members should know to call the credit union first."
Credit unions need to work harder, too, at collecting members' cell phone numbers so they can communicate faster in the event of a widespread breach or a suspicious transaction. So what could be holding back some credit unions from taking this step and communicating more frequently about fraud prevention, Ruwe said, is the fear that talking to members about these matters might make them think the CU does not have a safe data- security environment.
It's basic blocking and tackling, said Ruwe. "You have to hit members hard with this information. They need to be educated, because it has to be top of mind since it takes only a moment for members to fall for one of these social engineering tricks."
