The Credit Union recommends we practice “Safe Computing” with this helpful advice (clicky for more dots):
The link leading to that page was on their website, but the page is on trabian.com, whoever they are. Should I trust the links on that page to return me to the credit union site or not?
Here’s their definition of “phishing”:
Having just switched to “paperless statements” at the Credit Union, a recent email prompted me to look at my statement. Let’s start by seeing where the email came from:
Huh.
It claims to be from the credit union, but does its actual address (insofar as anything concerning email can be actual) of statement2web.com sound a little phishy to you, too?
Well, let’s look at the full headers, which I can do because, yo, 1337 H4X0R. Here’s a snippet from the bottom of the stack:
Huh.
So the email started from statement2web.com and bankshotted off kbmla.com. Further up, the headers show it rattled through pobox.com and eventually arrived in my inbox. As far as I can tell, it never touched its alleged starting point of hvfcu.org at any point in its journey.
Quick: phish or no phish?
Of course, it’s a perfectly innocent message from the credit union, but it contains every single warning sign we’re supposed to notice in spam or phishing emails, complete with a clicky link!
[heavy sigh]
The Smell of Molten Projects in the Morning 
And when you report this to them, you’ll get a big ‘huh?’ From them as well. .
I might point ’em to this writeup, but, fer shure, that’s as far as it’ll go.