Home Guides PenFed members v2 email scam – red flags and precautions

PenFed members v2 email scam – red flags and precautions

4 min read
0
23,494
Remove PenFed members v2 email scam
Learn the undercurrents of a recent surge in emails that appear to come from a U.S. credit union PenFed and ask recipients to join its ‘members v2’ program.
  1. What is GoGoAnime?
  2. Automated removal of GoGoAnime virus
  3. GoGoAnime redirect removal for Android
  4. Restore web browser settings to their original defaults


What is the PenFed members v2 email scam?

Pentagon Federal Credit Union, commonly abbreviated as PenFed, is a major United States-based financial services entity focused on providing loans, mortgages, as well as savings and investments products for organizations and individuals representing the national defense sector. It largely follows a limited membership model that narrows down the customer audiences to current and retired employees of the country’s military institutions and veteran associations. Nonetheless, with roughly 2 million members and assets amounting to tens of billions of dollars, this company in its essence creates fertile soil for phishing attacks and impersonation stratagems. The latest story of this genre involves the PenFed members v2 email scam.

Dubious PenFed members v2 email
Dubious PenFed members v2 email

Before we proceed, let’s go over some conceptual foundation of such a strategy. There are several things that set email-based frauds aside from all the other cybercrime spin-offs. First off, ubiquitous availability of this “victim outreach” channel democratizes the brainwashing process significantly. Secondly, duping humans is so much easier than masterminding complex exploits that parasitize software or hardware vulnerabilities to compromise devices. Thirdly, with the whole ease and effectiveness of phishing, the sketchy benefits for criminals are high as they can get hold of highly sensitive data, including account sign-in credentials and credit card information.

Threat details:
Name PenFed members v2 email scam
Threat Category Phishing, remote access Trojan
Distributing email address csltsiruganiv@penfed.org
URLs involved https://home.penfed.org/v2
Symptoms Fake request to sign in to an “updated” PenFed account
Severity Medium
Damage Identity theft
Removal Scan your PC with Combo Cleaner for Windows to detect all files related to PenFed members v2 email scam virus. Free scan determines if your system is infected. To get rid of the threat, you need to purchase the full version of the anti-malware tool.
Download

Zooming back into the matter at hand, numerous people have recently received emails claiming to be from PenFed Member Service and offering something strange. Their subject field says, “Welcome to members v2”. The body includes the following phrase, “To get started, go to hxxps://home.penfed.org/v2” and specifies the person’s real username followed by “@members.penfed.org”. At first sight, this seems to be an invitation to give the credit union’s new member account version a shot. However, a few things are giving vigilant recipients a heads-up.

While the URL appears to lead to the genuine website of the financial services provider in question, some have traced its IP back to a country overseas, not the U.S. That’s suspicious, isn’t it? One of the theories is that the string may use Unicode Transformation Format (UTF) encoding to mimic the authentic domain but redirect to its rogue replica. Some users have also noticed an oddity about the timestamp of the message that’s set to China Standard Time (CST). Plus, the text font in the notification differs from that in normal correspondence from the company. Furthermore, the embedded link takes unusually long to load, which shouldn’t be the case with any element of an IT infrastructure as well-tailored as PenFed’s.

If the conspiracy is real, then the sender’s goal is to harvest unsuspecting users’ usernames and passwords as these details are being entered in a fake login form. Despite these discrepancies, users who claim to work for PenFed have been dropping comments in threads on Reddit and other discussion forums that say the messages were sent by mistake and are safe to ignore. One way or another, there is too much controversy to trust the PenFed members v2 emails and enter confidential details in the form they lead to. Not only can this be a data theft attempt, but it may also trigger malware downloads via hidden scripts on the landing page. That being said, if you have received one of these and clicked the link, make sure you check your device for threats to err on the side of caution.

Use Combo Cleaner for Windows to remove PenFed members v2 email scam

When faced with malware like PenFed members v2, one of the best shortcuts in terms of removal is to use Combo Cleaner, a lightweight and incredibly effective application with PC security and optimization features under the hood. It detects and thoroughly deletes threats while giving you insights into the overall health of your computer.

This program’s protection power spans modules that forestall all known types of malware, including ransomware and browser hijackers, and take your online security to the next level by blocking phishing sites and other suspicious web pages. Follow these simple steps to eliminate the infection for good:

1. Download Combo Cleaner installer.

Download PenFed members v2 email scam remover

Combo Cleaner scans your PC with no strings attached, but you’ll have to buy its fully functional version to remove the threats it detects. The disk optimization tools that find large files and duplicates are free to use.

Download and run Combo Cleaner installer on your PC

2. Open the CCSetup.exe file to get started. Several subsequent screens will allow you to make initial customizations so that the program works exactly as you need from the get-go.Setup customizations

3. The installation will be followed by an update of malware signatures. Once this process is through, click the Start Scan button in the left-hand sidebar.Start initial scan

4. Combo Cleaner will then check system locations that are most often polluted by Windows malware. The first scan can take a while to finish.Combo Cleaner scan in progress

5. Combo Cleaner will display a system tray notification as soon as the scan is over. Click the Resolve found threats button to view the results.Scan completed

6. The scan summary shows the names and types of the detected threats as well as their statuses and locations. Click the Remove all threats button and follow further on-screen prompts to get rid of these items.Scan results

Use Control Panel to get rid of PenFed members v2 email scam virus

• Open up the Control Panel from your Start menu in Windows. Depending on the OS build, select Uninstall a program (Windows 10, 7 and Vista) or Add or Remove Programs (Windows 8).Access program uninstall screen on Windows

• To facilitate the process of locating the threat, sort the programs list by date to get the latest ones displayed at the very top. Find an unfamiliar, suspicious entry under the Name column, click Uninstall and follow further directions to get the removal done.Uninstall unwanted program

Restore web browser settings to their original defaults

In the circumstances of a complex browser hijack like this, executing a reset makes the most sense despite a few obvious downsides. Customizations such as saved passwords, bookmarked pages etc. will be gone, but so will all the changes made by the potentially unwanted program. The instructions below address the workflow for the web browsers most targeted by the PenFed members v2 email scam.

Reset Google Chrome

• Open Chrome, expand the Customize and control Google Chrome menu and choose Settings.Go to Settings in Chrome

• Click Advanced in the sidebar, scroll down to Reset and clean up, and select this option.Click Reset and clean up in the sidebar

• Click Restore settings to their original defaults.Restore Chrome settings to their original defaults

• Finally, confirm the restoration by clicking Reset settings on the warning message.Reset Chrome settings

• Restart Chrome.

Reset Mozilla Firefox

• Open Firefox, type about:support in the URL area and press Enter. Alternatively, you can click on the Open menu icon in the top right-hand part of the browser window, then select the Help option and proceed to Troubleshooting Information.Access Troubleshooting Information page in Firefox

• On the Troubleshooting Information screen, spot the Refresh Firefox button and click on it.Refresh Firefox button

• Follow subsequent directions to reset Firefox to its original settings.Complete refreshing Firefox

• Restart the browser.

Reset Internet Explorer

• Select Internet options under IE’s Tools (Alt+X).Open up Internet options in Internet Explorer

• Proceed by clicking on Advanced tab, then select Reset.Locate and click the Reset button in IE

• To confirm the intended changes, click Reset on the Reset Internet Explorer Settings screen after ascertaining that the Delete personal settings checkbox is enabled.IE reset confirmation

• Reboot the machine to fully implement the fix.

Reset Safari

• Go to the Safari menu and select Preferences.Go to Safari Preferences

• When on the Preferences screen, select the Privacy tab and hit the Manage Website Data button.Hit the Manage Website Data button

• Click the Remove All button to purge all website data. Be advised this will log you out of online services and undo personalized web browser settings such as saved passwords, etc. If you aren’t okay with this, proceed to the next step.Remove all website data in Safari

• Safari also allows deleting data for specific sites rather than all sites in general. To use this option, select the unwanted site in the ‘Manage Website Data’ list and click Remove. Then, click Done.Erase website data in Safari

• Click the Develop menu in the Finder bar and select Empty Caches.Safari: Empty Caches

• Finally, expand the History menu from the Finder bar and click Clear History.Safari: Clear History

• Make sure all history is selected on the dialog that will appear and click Clear History to get rid of cookies and other potentially unwanted data.Click the Clear History

• Restart Safari.

Revise your security status

Post-factum assessment of the accuracy component in malware removal scenarios is a great habit that prevents the comeback of harmful code or replication of its unattended fractions. Make sure you are good to go by running an additional safety checkup.

Download PenFed members v2 email scam removal tool

Rate article

No rating result yet

Leave a Reply

Your email address will not be published. Required fields are marked *