Most Federal Credit Unions Lack Strong Email Security Set Ups

Financial institutions have always been at the forefront of battling cybercrime. As one of the most targeted industries, they face multiple threats, such as phishing, spear phishing and banking malware. Even less sophisticated scams, such as 419 scams, often abuse their brands in order to add credibility to the scammers behind them.

As these aforementioned incidents all use email as the primary method of reaching out to potential victims, email security is an incredibly important aspect in the banks’ efforts of protecting their customers. Specifically, preventing scammers from masquerading as the bank by sending emails that appear as if they were sent from its official domain. When email security is properly enabled, only a bank’s approved mail servers can send email messages from their official domains. In such a case, if criminals wish to convince victims that their scam messages came from the bank, they will have to resort to sending the emails from a similar domain, which they can register. These similar-but-not-exact domains naturally have a lower success rate than an email that appears coming from the official domain, as many recipients can tell the difference. They can also be detected through various intelligence services and taken down. 

Unfortunately, while the larger financial institutions have been able to implement these important email security measures to protect their customers, there is a part of the financial services industry that has not – Federal Credit Unions. These cooperatives offer their members traditional banking services such as checking accounts, loans and credit cards, and therefore are also a major target for cybercriminals. However, a research that was recently conducted by IntelFinder has shown that only 8% percent of a sample of 300 FCUs had strong email security enabled.

Continue reading on SecurityWeek


IntelFinder is the most cost effective threat intelligence solution on the market, offering customer-specific and actionable therat intelligence at a fraction of the cost. We cover a wide variety of threats, such as similar domain registration, rogue apps, leaked employee credentials, leaked source code, leaked documents, exposed subdomains and more – all for only $250/month per brand.

IntelFinder is offered with a one month free trial – no strings attached and no credit card information required! 


Let's Be In Touch

Do you prefer talking with us before trying out the service? no problems!