Online Security

Before you do anything on your credit union’s website, ensure the URL is correct. Many scammers use URLs that deliberately look very similar to a real credit union, but link to a copycat website. Scammers hope to lure you into the “evil twin” website to trick you into giving them personal information such as your account number and password.

If you have doubts that you’re on the right page you can retype the URL into your browser, conduct an internet search for your credit union’s name, and see if the same website is in the top listing. You can also read the website’s “About Us” section to look for a brief history of the credit union, address and information about its insurance coverage.

Always be cautious! Keep your personal information personal and protect yourself from cyber criminals by following these ABCs:

Always

• Protect your phone from hackers. Your cell phone holds some of your most sensitive personal information, such as your passwords and account numbers, emails, text messages, photos, and videos. If your phone ends up in the wrong hands, someone could steal your identity, buy things with your money, or hack into your email or social media accounts. To protect your phone, keep it locked when not in use. Keep your software updated and keep your data backed up.
• Secure your computer. Never leave it unlocked or unattended in public areas. Scammers can easily capture your data or hack into your system while you aren’t looking.
• Keep your software up to date. Maintain your security settings to keep your information safe by turning on automatic updates, so you don’t have to think about it and set your security software to run regular scans. Whether it’s your computer, smartphone, game device, or other network devices, the best defense against viruses and malware is to update to the latest security software, web browser, and operating systems. Sign up for automatic updates, if you can, and protect your devices with anti-virus software.¹
• Be aware of scams and phishing attempts. Think before you click! If the promise looks too good to be true, it probably is. Hackers and scammers may be luring you to a website with a virus designed to steal your information. Cybercriminals also use phishing tactics using a familiar site to get you to click on links and attachments. Be vigilant about protecting your information from cyber criminals. When available. use the “junk” or “block” option to no longer receive messages from a particular sender.
• Be diligent about password protocols. Use password managers to generate and remember different, complex passwords for each account.
• Be a hard target by layering your security whenever possible. This means enabling and using two-factor or multi-factor authentication on your smartphone, an authenticator app, or a secure token.

Cautious

• Don’t log into your sensitive accounts on public networks that offer free WiFi.
• Don’t put all your information on social media sites. Never click and tell. Limit what information you post on social media—from personal addresses to where you like to grab a coffee. What many people don’t realize is that these seemingly random details are all those criminals need to know to target you, your loved ones, and your physical belongings—online and in the real world. Keep Social Security numbers, account numbers, and passwords private, as well as specific information about yourself, such as your full name, address, birthday, and even vacation plans. Disable location services that allow anyone to see where you are—and where you aren’t—at any given time.
• Don’t assume that apps aren’t collecting your information in the background. Keep tabs on your apps. Most connected appliances, toys, and devices are supported by a mobile application. Your mobile device could be filled with suspicious apps running in the background or using default permissions you never realized that you approved. These apps gather your personal information without your knowledge while also putting your identity and privacy at risk. Check your app permissions and use the “rule of least privilege” to delete what you don’t need or no longer use. Learn to just say “no” to privilege requests that don’t make sense. Only download apps from trusted vendors and sources.¹
• For more information, check out the FTC’s Online Privacy and Security guidance (opens new window) (You will be leaving NCUA.gov and accessing a non-NCUA website. We encourage you to read the NCUA's exit link policies. (opens new page).) .

¹ "Cybersecurity Awareness Month 2021: Do Your Part. #BECYBERSMART - Cisa." Cisa.gov, 2021, https://www.cisa.gov/sites/default/files/publications/Cybersecurity%20Awareness%20Month%202021%20-%20Cybersecurity%20101%20Guide_0.pdf (opens new window) (You will be leaving NCUA.gov and accessing a non-NCUA website. We encourage you to read the NCUA's exit link policies. (opens new page).) .

Kids have lots of opportunities for socializing online, but they come with certain risks. Parents can help reduce these risks by talking to kids about making safe, responsible decisions.

• The Children's Online Privacy Protection Act (COPPA) helps you protect your children's privacy. Enforced by the Federal Trade Commission (FTC), COPPA requires websites to get parental consent before collecting or sharing information from children who are under 13 years old.
• Take advantage of your COPPA rights. Your child's personal information is valuable, and you can do a lot to protect it.
• The FTC offers an online toolkit (opens new window) (You will be leaving NCUA.gov and accessing a non-NCUA website. We encourage you to read the NCUA's exit link policies. (opens new page).) of free resources to help you teach people in your community about kids’ online safety.