Protecting Your Identity

Learn about scams and how to protect yourself.


Cyber-attacks against financial institutions are on the rise. View our online brochure to learn more about Cyber-attacks and steps you can take to protect your information.

Protect Yourself from Fraud and Identity Theft

Conducting financial transactions can be risky if you don't take the necessary steps to protect your personal information. Here are some practical tips on protecting yourself from fraud and identity theft:
  1. Unless absolutely required for a legitimate business purpose, avoid disclosing your address, telephone number, birth date, Social Security number, account number, and credit and debit card expiration dates and PINs.

  2. In stores and at ATMs, always cover your card and PIN, and watch for cell phone cameras, mirrors or other tools people can use to see them. Also, beware of people watching your transaction closely, cashiers taking your card out of sight, and any ATMs or card readers that look like they may have been tampered with.

  3. Never respond to unsolicited emails that ask you to verify your card or account number or those that threaten your account will be closed if you don't click on a provided link. These often link to websites that look legitimate but instead steal your data or install spyware on your computer.

  4. Review your free credit report at least once a year. To request yours, go to or call 1-877-322-8228.

Safeguard your identity and account security by:

  1. Never clicking on the link provided in an email you believe is fraudulent.

  2. Never open an attachment in an unsolicited email unless you have verified the source.

  3. Don't be intimidated by an email or a caller who predicts dire consequences if you do not immediately provide your personal information.

  4. Contact companies or individuals directly if you receive suspect emails claiming to be from them.

Phone and Text Message Scams

"Vishing" is a type of fraudulent activity that occurs over the phone. Fraudsters use this technology to obtain consumer information. It can work one of two ways.

Some con-artist send an email disguised to appear as though it’s from a financial institution, an online payment service or other well-known business. The email may sport a trusted logo, typically reports a security issue with the recipient’s account and urges the victim to call a telephone number to resolve the problem. The area code might be a local one they easily recognize or it could appear to be a toll-free number. When the victim calls, they reach an automated attendant prompting them to enter their account number, password or other private information for "security verification" purposes.

Other vishers use automated dialing programs to cold call victims. The caller ID device may list a legitimate-looking local phone number to inspire trust from the recipient. A prerecorded message or sometimes an "employee" claims the victim’s account has been compromised or needs updating or verification.

The Better Business Bureau offers consumers these tips to protect against vishing scams:

  • Typical emails imply urgency, ask you to verify account information, and may contain misspellings.
  • Credit unions do not use prerecorded messages to handle security issues. If they phone you to report suspicious use of your card, they do not need to request identifying information because they already have that on record.
  • Do not automatically trust a Caller ID phone number. Con artists have ways of masking or changing their telephone numbers.

    In "smishing" cases targeting cell phone users, criminals use text messages purportedly from financial institutions – including credit unions – in order to get individuals to disclose personal financial information. Consumers are sent a text message asking them to reply or call with their account number and PIN. Doing so leads consumers to enter their information through an automated system, which delivers it to the thief. To report these text message scams, contact the FBI Internet Crime Complaint Center at

    Sweepstakes, Lottery, and Counterfeit Check Scams

    Sweepstakes & Lottery Scams

    Con-artists posing as lottery or government officials contact unsuspecting individuals claiming to have winnings for them. They try to convince the "winners" that they must send a payment in order to have a courier deliver their winnings in person, but the courier never comes.

    In addition, fraudsters use the telephone and direct mail to entice U.S. consumers to buy chances in high-stakes foreign lotteries. These solicitations violate U.S. law, which prohibits the cross-border sale or purchase of lottery tickets by phone or mail. The FTC recommends ignoring all phone solicitations for foreign lottery promotions. If you receive lottery material from a foreign country, turn it over to your local postmaster.

    Counterfeit Check Scams

    The FTC reports that counterfeit check scams are on the rise. Con artists use high quality printers and scanners to make fake checks that look real. These fakes can be corporate checks, personal checks, cashier’s checks and money orders. They use them in fraudulent schemes, including lottery, overpayment, Internet auction, and secret shopper scams. The really bad news is that scam victims are typically liable for the money if they cash the check as well as the returned check fees.

    Review the FTC’s consumer alert on the latest scams or file a Consumer Complaint at