Scammers go phishing in the winter, too.

Online scammers are upping their game these days, making it harder to tell a real email message from a fake one aimed at duping you into giving them your personal information.

Over the past couple of years, the FBI's Internet Crime Complaint Center has received a record-breaking number of phishing complaints that have cost individuals and businesses billions of dollars in losses.

Phishing – especially by email or text – are among the most frequently reported complaints. Scammers use ever-more-sophisticated ploys to "disguise" emails and text messages to look like they're coming from your financial institution, credit card company, social networking site, online payment website/app, or an online store. They try to create a sense of urgency to fool you into calling or clicking on a link so they can collect your personal or financial information.

Some of their typical ploys involve:
  • Alerts of suspicious activity or log-in attempts
  • Claims of problems with your account or your payment information
  • Requests to confirm some personal information
  • Attachments of fake invoices
  • Links to make a payment
  • Claims that you’re eligible to register for a government refund
  • Offers that sound too good to be true
Phishing emails can be hard to tell from the real thing. But here are some things to look for:
  • Does the message use a generic greeting instead of your name?
  • Does the sender's email domain (the part of the email address to the right of the "@" symbol) match the company’s official website?
    • For example, an email from @amazon.com is NOT the same as one from @amazon.email.com.
Instead of interacting with the email, you should:
  • Use your web browser to log into your account and look for any messages posted there.
    • It’s a good idea to bookmark the official websites of companies you have an account with, so you don't have to go searching for them when you need to contact customer service.
  • Use a different source, such as a printed statement or the back of your debit or credit card, to find the customer service number and call them to ask if the email you received was in fact from them.

It’s important to make sure TCU and other companies you do business with have your most up-to-date contact information so you can be alerted as quickly as possible of any suspicious activity.

Your online security is very important to us

While we and all reputable businesses work hard behind the scenes to combat fraud, there are steps you can take to protect yourself. The first step is to simply be aware that scammers never rest, so it’s important that you think twice before providing personal or account information.

For our part, we will NEVER call, email or text you asking for any of the following information:

  • Your account number or any information about your account
  • Your security word (i.e. mother’s maiden name)
  • PIN number
  • Online Banking username, password or one-time passcode
    • If you receive a one-time passcode you did not initiate, please do not provide the code to anyone who contacts you requesting it.

If you suspect you are being "phished", do not respond and do not use any phone numbers or email addresses provided. If you want to verify that a communication is legitimate, please contact us via our secure web form or by calling Member Services at (800) 552-4745.

Easy ways to help detect and reduce fraud

  • Customized Alerts: Stay up to date with your online account activity by setting up email, text or push notifications. You can activate these for your TCU account within Online Banking.
  • Check your credit report regularly: Make sure the accounts listed are ones you’ve created. For a copy of the report, or to open a fraud alert, contact one of the major credit reporting agencies (Experian: (888) 397-3742; TransUnion: (800) 916-8800; Equifax: (800) 685-1111).

You can also help combat phishing by reporting suspicious emails to the Anti-Phishing Working Group and the Federal Trade Commission. You can also forward suspicious text messages to SPAM (7726).

To learn more about how you can protect yourself against fraud, and how TCU makes your security a priority, please visit the TCU security page on our website.