Concer - Phishing Scam at Parent Company Sunova | Hubert Financial | Discussion forum

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
Concer - Phishing Scam at Parent Company Sunova
September 14, 2020
6:11 am
GilbertD
Newbie
Members
Forum Posts: 1
Member Since:
September 14, 2020
sp_UserOfflineSmall Offline

Back in July Sunova Credit Union knew about a phishing scam of their online banking site, but didn't inform their membership, not until August 17 after which 48 members had etransfers of around $3,000 fraduently sent. News is that Sunova is passing the $1,000 insurance deductible onto their members who had the fraudlent etransfers sent.

Do we have to be concerned about Huberts site having been phished around the same time? I've changed my password since finding out, but it's concerning that Sunova wasn't open and transparent with their membership base. I'm really debating pulling my HISA and eventually all my GICs when they renew.

https://www.cbc.ca/news/canada/manitoba/sunova-scam-phishing-deductible-1.5713366#:~:text=Fraudsters%20created%20a%20fake%20ad,and%20entered%20their%20login%20credentials.

September 14, 2020
7:42 am
Nehpets
Ontario
Member
Members
Forum Posts: 994
Member Since:
December 20, 2016
sp_UserOfflineSmall Offline

Last week I had an unrelated issue with a push transfer from Hubert, for which I tried, unsuccessfully, to get assistance and information with multiple calls to telephone CSR's.

I found that the kind of commitment and dedication to resolving a problem I had become accustomed to in the past with Hubert was lacking, despite speaking to at least three CSR's and being promised to receive a call back from a manager that never came.

Wanting to alert senior management about the inadequate service I received, I left a voice mail message for Sunova President and CEO Ed Bergen, who also never called me back.

When combined with this news report about the delayed response to the phishing breach by Sunova along with their unsympathetic demand to those affected, I too am concerned about their apparent shift in corporate attitude and diminished commitment to supporting customers (members) going forward.

Stephen

September 14, 2020
7:55 am
Norman1
Member
Members
Forum Posts: 7194
Member Since:
April 6, 2013
sp_UserOfflineSmall Offline

People are really expecting Sunova CU to eat $1,000 when they search on Google, click on the phony link http://www.myenterprisenews.com instead of the real link http://www.sunovacu.ca, and provide their username and password to the phony site?

Do people not keep bookmarks to the web sites of their financial institutions anymore?

September 14, 2020
9:43 am
AltaRed
BC Interior
Member
Members
Forum Posts: 3143
Member Since:
October 27, 2013
sp_UserOfflineSmall Offline

I agree victims should not expect Sunova to cover the $1000 deductible, but as noted in the link, they could have done better in informing their membership.

That said, I see phishing emails on a regular basis. Most are a laugh because they are from institutions or companies I know I have not done business with, at least not recently. As Norman says, use your bookmarked links to the correct site, or at least look hard at the URL for accuracy before clicking on a link.

September 14, 2020
10:12 am
Dean
Valhalla Mountains, British Columbia
Member
Members
Forum Posts: 2158
Member Since:
January 12, 2019
sp_UserOfflineSmall Offline

.
A quote from the CBC article, linked by GilbertD in Post #1 ... it pretty much says it all:

    "We accept responsibility for clicking on the wrong site. We can't hold that against Sunova at all," said Mitchell. "But do some due diligence and just try and let your members know so that we don't all go through this."

There a two sets of 'Guilties' here ... foolish/gullible CU members, and poor Sunova management ❗ sf-confused

Best we govern ourselves accordingly,

    Dean

sf-cool " Live Long, Healthy ... And Prosper! " sf-cool

September 14, 2020
10:49 am
Londonguy
Member
Members
Forum Posts: 535
Member Since:
May 27, 2016
sp_UserOfflineSmall Offline

Thanks for bringing this up, I hadn't heard about it. To be on the safe side I logged into Hubert to change my password and see that 2FA will be mandatory as of Sep 28

September 14, 2020
1:17 pm
Norman1
Member
Members
Forum Posts: 7194
Member Since:
April 6, 2013
sp_UserOfflineSmall Offline

It is good to change one's password once in a while. However, there's no vulnerability to fake ad phishing if one does not use a search engine to find and access Hubert's site.

September 14, 2020
4:17 pm
mmlt
Member
Members
Forum Posts: 168
Member Since:
February 4, 2017
sp_UserOfflineSmall Offline

Nice to see they have 2fa available. Wished my local bank did. What's with banking institutions dragging their feet?
I understand there is a bit of a learning curve and inconvience but its so necessary.
I am disappointed Hubert did not warn customers.

September 14, 2020
7:58 pm
Dean
Valhalla Mountains, British Columbia
Member
Members
Forum Posts: 2158
Member Since:
January 12, 2019
sp_UserOfflineSmall Offline

mmlt said

Nice to see they have 2fa available. Wished my local bank did. What's with banking institutions dragging their feet?
I understand there is a bit of a learning curve and inconvience but its so necessary.

I am disappointed Hubert did not warn customers.  

Actually 'Hubert' (per se) is not really directly involved in this. The fault here lies with; 'The Much Bigger Fish' ... Sunova ❗

As for 2FA, any FI that doesn't have it now, No Longer Gets My Business. sf-confused

    Dean

sf-cool " Live Long, Healthy ... And Prosper! " sf-cool

Please write your comments in the forum.