2317 Easton Avenue
Bethlehem, PA 18017-5099

Phone 610-691-0041
Fax 610-691-8624
E-mail service@beth1st.org

Convenient Access:

Click here to do your Bethlehem 1st FCU banking on the Internet--including Bill Pay. (Requires registration before using first time.)

Install our 'Touch Banking' Mobile Banking App on your Apple or Android smart phone.

The phone number for Audio Response (Bank-by-Phone) is 1-800-553-0857. Click here for audio response instructions.

Click here to do your VISA card banking on the Internet. (Requires registration before using first time.)

Click here to check on your Visa Card Rewards balance.

Click here to find ATMs that charge no fees to Bethlehem 1st FCU members.

Click here for an online Mortgage Application.

Click here for an online Loan Application.

Click here to see Bethlehem 1st FCU 's Savings Accounts and Savings Rates. Click here to see Bethlehem 1st FCU 's Loans and Loan Rates.

Read more about Visa TravelMoney.

Find out how to join Bethlehem 1st FCU.

CLOSED  Monday, February 20th Presidents' Day

Office Hours:

Monday, Tuesday,
Wednesday, Friday:

9:00 a.m. - 5:00 p.m.
9:00 a.m. - 6:00 p.m.

Closing or delay due to weather? Check WFMZ:

Click here to go to Channel 69's Stormcenter Update webpage.
Click here to go to the Beth 1st FCU Facebook page.
About Us
Annual Meeting
Applications & Forms
Back to School Loans
Bill Pay
Canceled Checks
Car Loans
Contact Us
Credit Card
Debit Card
Enterprise Car Sales
Gift Cards
Home Page
Instant Balance
Mobile Banking App
Online Banking
Routing Number
Sallie Mae Student Loans
Scholarship Application
Scorecard Rewards
Student Care Package
Technology Loan
Info on ATM (Star) Cards and VISA Debit Card Mortgages (BTFCU is an Equal Housing Lender)
Information on VISA Credit Cards
Your savings are federally insured  to at least $250,000 and backed by the full faith and credit of the United States Government. Click here to learn more about how you are protected by the NCUA.
Serving Members
Since 1935


'Tis the Season for...Phishing???????

It's Phishing season!You get an email that looks like it comes from a bank or credit card company. Even the "from" address looks real. The message says something like "we have detected fraudulent activity on your account" and asks you to click a link to fix the problem.

You click the link and it looks like the real bank or credit card site login page. But look closely: there's no lock symbol in your web browser, so the site is not secure. The website address starts with http: and not https: That's a really bad sign, because all legitimate banking and e-commerce sites have security certificates that allow the site to encrypt sensitive information (like your login and password) on web pages that ask for such information before it is transmitted by you over the Internet.

What's going on here?

Criminals now have the ability to copy the exact look of any website. They then host the copy on any available webserver. Those criminals often purchase domain names that are close to, but not exactly, the address of legitimate organizations.

Once the victim goes to the fake site, enters his or her login, and presses a "login" button, they are presented with a second page that asks users for sensitive data like:

  • Credit or Debit Card Numbers
  • Expiration Date
  • CVV Number (the 3-digit number printed on the back of a card)
  • Your name as it appears on the card

Wallah! If the victim falls for this scam and fills in some or all of the information requested and presses the "GO" button, they have just provided a criminal with everything he/she needs to use a debit or credit card for anything they want to purchase without the cardholder's knowledge or consent.

How Did They Get My Email Address?

Criminals obtain email addresses through a variety of means, including hacking into the address books of infected computers. The owners of the infected computers usually don't even know their computers have been broken into. The hacker plants a program on the infected computer that opens its address book and sends all of the addresses stored there to a computer that could be located anywhere in the world. Often that computer is located in Russia or China.

Another source: If you have ever posted your email address on a website, there are programs that harvest email addresses from public websites.

Since email costs nothing to send, the criminals send messages to thousands of stolen email addresses. That's why you can receive messages pretending to be from companies that you don't even do business with. The current Internet email standard allows senders to "fake" the "from" address of an e-mail. It's called a "Phishing Expedition" because the criminals cast their "nets" of email torrents and haul in account information of people who get caught.

Suppose I Get a Message That Says There's a Problem With My Account?

  1. MOST IMPORTANT: Do NOT click on the link that appears in the email! Either open your browser and go directly to the organization's website (for instance, ours is http://www.btcu.org) or call the organization's customer service (our phone number is 610-691-0041) and tell them about the message and ask if it's real.
  2. Whenever you go to any website that seeks your login or account information, make sure that it is a secured site. How do you tell? Check for the "padlock" symbol in your browser. Also check the site's address to make sure it starts with https: and NOT just http:
  3. A financial institution or store ALREADY KNOWS YOUR ACCOUNT INFORMATION. Once you have logged into their legitimate site, they will NEVER ask you for an account number.
  4. If you even think you may have sent sensitive information (Social Security number, card number, PIN, etc.) to a fraudulent site, contact the issuer of the card immediately. They can quickly disable the card or account and issue a replacement.

Remember: If in doubt, contact the financial institution or store directly. Don't use telephone numbers or email addresses in an email message. Check your monthly statements for contact information.

According to the Credit Union Journal, Internet security firms are warning that phishers are using a new technique to keep spoofed websites up and running even after authorities "pull the plug." Using so-called smart site redirection, attackers are creating identical copies of a spoofed site, each with a different URL (uniform resource locator--addresses like www.something.com), often hosted by different Internet Service Providers. When phishing e-mails go out, all include links to a separate "central redirector". When the potential victim logs onto the e-mailed link, the redirector checks all of the phishing sites, identifies which ones have not been shut down, and redirects the victim to that site. This allows cyber-crooks to lengthen phishing attacks even after they have been discovered by authorities.

E-mail fraud attempts, known as "Phishing", ask for the recipients to click on a link to verify their credit union account registration. If the recipient does so, the link directs them to a false website. On that website, the intended victim is asked for his/her bank or credit union account number and PIN, along with other personal information.

Please note: Neither Bethlehem Teachers FCU nor the NCUA asks credit unions members for personal information such as account numbers or PINs via e-mail. Anyone who receives an e-mail that purports to be from BTFCU or the NCUA and asks for account information should consider it to be a fraudulent attempt to obtain their personal account data for an illegal purpose and should not follow the instructions in the e-mail.

What Do I Do If I Already Responded to such an E-Mail?

If you responded to such an e-mail and provided any confidential account information, please notify BTFCU (610-691-0041) immediately of the scheme. You should also change your account's PIN, and take any additional action recommended by BTFCU to protect your account.

What Does A Phishing Scam Look Like?

The screenshot, shown here, is typical of "phishing" e-mails you might receive:

Example of a phish email.

Example of a phish e-mail.

The NCUA logo and most of the links on the page are real. However, the "Click here to update your account." link points to an IP address instead of the ncua.gov website. If you click the link, this page appears:

Example of a web page illegally seeking your private information.

Example of a web page illegally seeking your private information.

The NCUA and the company that "hosts" the website have both been notified of this scam. The site should have been shut down by the time you read this. Since this is a potentially lucrative scam, expect other, similar sites to take the place of this one, so you need to be wary of all e-mail requesting personal information.

How Do I Know It's A Scam?

Here are the clues that this is a site that attempts to steal from you:

  • No legitimate financial institution will ever ask you via e-mail to "verify" sensitive and personal information online. Financial institutions like BTFCU have no need to "verify" your account number, bank name, or expiration date. Bottom Line: If you receive any e-mails that claim to be from BTFCU or the NCUA requesting you to "verify" or provide personal and private information, delete the e-mail. Do NOT enter information or submit it! If you have any questions about any such e-mails, call us at 610-691-0041.
  • The web address starts with "http://" instead of "https://". When information travels over the Internet on a "http" web page, it is in "plain text" that anyone with the right tools and knowledge could intercept.

    Example of a page address that starts with http instead of https.

    Example of an http (NOT secure) web page.

    An address that starts with "https:" is encrypted and considerably less susceptible to such "eavesdropping".

    Example of a secure page address that starts with https instead of http.

    Example of an https (secure) web page.

    BOTTOM LINE: If the page seeking information does not start with "https://", close the window. Do NOT provide any information.
  • There is no "padlock" symbol at the bottom of the web browser. The padlock A padlock symbol like this should appear on any site seeking personal information. is a sign that the page you are looking at has been registered with an agency that has investigated and documented the organization or person responsible for the site. Information gathered and sent via the page is encrypted before it is sent over the Internet. BOTTOM LINE: If the padlock does NOT exist, close the window. Do NOT enter any information!
  • It is a good practice to check on who has registered the site. To do that, double-click the padlock and a window should pop up like this:
    Example of the window that appears when you double-click the padlock symbol.
    If you click on the "Details" tab, and then on the "Subject" line, you should see to whom the certificate has been issued. In this example, the certificate was issued to the www.btcu.org website, specifically the Bethlehem 1st Federal Credit Union in Bethlehem, PA.
    Information on who the security certificate was issued to.
    BOTTOM LINE: If the organization to whom the certificate was issued does NOT match the organization asking for the information, close the windows. Do NOT provide any information.

Copyright © 1999-2017 Bethlehem 1st Federal Credit Union.
Last Updated: 1/19/2017 11:40:39 AM Eastern Time