Online Security

Protect Yourself from Cybercrime

Now more than ever, the Internet has become an integral part of our daily lives. From online shopping, paying monthly bills, or planning family vacations, the World Wide Web has created unprecedented convenience for online users, but yet, has also opened the door to extraordinary potential for fraudulent activity and identity theft for consumers. Identity theft is the fraudulent use of a person’s personal identifying information. Often, identity thieves will use another person’s personal information, such as a Social Security number, mother’s maiden name, date of birth, or account number to open fraudulent new credit card accounts, charge existing credit card accounts, write share drafts, open share accounts, or obtain new loans.

Your Personal Information

• Secure your accounts: Ask for protection beyond passwords. Many account providers now offer additional ways for you to verify who you are before you conduct business on that site.
• Make passwords long and strong: Combine capital and lowercase letters with numbers and symbols to create a more secure password.
• Unique account, unique password: Separate passwords for every account helps to thwart cybercriminals.
• Write it down and keep it safe: Everyone can forget a password. Keep a list that’s stored in a safe, secure place away from your computer.
• Own your online presence: When available, set the privacy and security settings on websites to your comfort level for information sharing. It’s okay to limit who you share information with.

Your Home Computer

• Keep a clean machine by making sure your security software, operating system and web browser are up to date.
• Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic.
• When in doubt throw it out. Don’t click on any links or open attachments unless you trust the source.
• Make your passwords long and strong and unique. Combine capital and lowercase letters with numbers and symbols to create a more secure password. Use a different password for each account.
• Set your browser security high enough to detect unauthorized downloads.
• Use a pop-up blocker (the links in pop-up ads are notorious sources of malware).
• Back up your data regularly (just in case your computer crashes).
• Protect all devices that connect to the Internet. Along with computers, smart phones, gaming systems, and other web-enabled devices also need protection from malware.
• Make sure all members of your family follow these safety tips (one infected computer on a home network can infect other computers).

Your Credit Report

• Review your credit report regularly to protect yourself from identity theft. Identity thieves may use your information to open a new credit card account in your name. Then, when they don’t pay the bills, the delinquent account is reported on your credit report. Inaccurate information like that could affect your ability to get credit, insurance, or even a job.
• Report any stolen finances or personal identities to your local law enforcement and financial institution as soon as possible.

Tips To Avoid Identity Theft

Keep the following tips in mind to make sure that you don’t become a victim:

• Check your credit report at least twice a year.
• Shred all personal documents with a crosscut shredder before you throw them out.
• Don’t leave incoming mail in your mailbox overnight.
• Deposit outgoing mail that contains any personal information at the post office or other safe, closed location.
• When selecting your PIN, don’t use information such as your birthday, social security number, phone number or address.
• Make a copy of everything in your wallet, front and back, and keep it in a secure location.
• Don’t leave personal information in your vehicle.
• Always take your ATM or store receipts with you.
• Never give personal information over the phone to people you are not familiar with.
• Never open email attachments from people you do not know.
• Never shared personal information over email, even if you believe it’s been requested by a legitimate company.

Your Mobile Phone

CODE Credit Union’s Mobile Banking allows you to bank anytime, anywhere from the convenience of your mobile phone. This service provides secure access to you credit union accounts, allowing you to view account balances and recent activity, to search for account activity, transfer funds, pay bills, send money via text and email, and much more!

We employ multiple forms of identification authentication and encrypted communication to make sure your mobile banking application is safe and secure.

While every effort is made by CODE and its associated vendors who help to offer this service to thwart any fraudulent usage; another important piece of the security puzzle is you. Fraudsters know that one of the possible ways to access your data is through your mobile device using malware and social engineering. Security awareness education is a key to minimizing these risks to your information from these data thieves.

Please find below some tips for protecting your phone and the access to your account data:

• Be diligent of logging into the correct website. If using the App, be sure that you have downloaded the correct app from the official web store for your device. If accessing the mobile web version, be sure that you are following a trusted bookmark or have double-checked your URL for accuracy.
• Remember that CODE CU will NEVER ask for your password under any circumstance. Do not give your password to others under any circumstances (including mobile phone support operators or mobile phone sales representatives, etc.) Fraudsters will try to obtain mobile banking password by e-mail, phone calls, asking for your mobile banking account number, username, password and other important information. If you have any doubts, please contact CODE CU at 937-222-8971 for verification.
• Please use strong passwords composed of numbers, letters (both uppercase and lowercase) and special characters. The stronger the password the harder it would be to guess.
• Change your mobile banking password regularly.
• Do not lend others your phone with mobile banking function opened and use on trusted networks.
• Password protect your mobile device and lock your device when it’s not in use. Keep your mobile device in a safe location.
• If using the SMS/Text feature, delete text messages from your financial institution, especially if they contain sensitive information.
• If you change your mobile number, discontinue service or lose your mobile phone, contact CODE CU to change the details of your mobile banking profile.
• Do not modify (jailbreak / root) your mobile phone. It will make your mobile phone susceptible to an infection from a virus, Trojan or malware.
• When possible, install mobile security software on your mobile phone, similar to antivirus software you have on your laptop or desktop computers.
• Be alert to changes in your mobile phone performance. If you download any new applications and your mobile phone starts performing differently (for example responding slowly to commands or draining its battery faster) that could be a sign that malicious code is present on your mobile phone.
• Monitor your financial records and accounts on a regular basis. Use eAlerts to send account activity alerts. Regularly review your statement with online banking / mobile banking which will enable you to spot any suspicious activity.

What is Phishing?

Phishing is a form of social engineering. Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. For example, an attacker may send an email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts.

Phishing attacks may also appear to come from other types of organizations, such as charities. Attackers often take advantage of current events and certain times of the year, such as:

• natural disasters (e.g., Dayton Tornadoes)
• epidemics and health scares (e.g., H1N1, COVID-19)
• economic concerns (e.g., IRS scams)
• major political elections
• holidays

How To Avoid Becoming a Victim

• Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
• Do not provide personal information or information about your organization, including its structure or networks, unless you are certain of a person’s authority to have the information.
• Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email.
• Don’t send sensitive information over the internet before checking a website’s security. (See Protecting Your Privacy for more information.)
• Pay attention to the URL of a website. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net).
• Take advantage of any anti-phishing features offered by your email client and web browser
• If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a website connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group. See the APWG eCrime Research Papers.

What to do if You Have Become a Victim

• If you have become a victim of identity theft, follow the steps below:
• Immediately change any passwords you might have revealed. If you used the same password for multiple resources, make sure to change it for each account, and do not use that password in the future.
• Report the theft to the three major credit reporting agencies: Experian, Equifax and Trans Union Corporation.
  • a) Request that they place a fraud alert and a victim’s statement in your file. This will alert creditors to contact you before opening any new accounts or making any changes.
  • b) Request a free copy of your credit report to check whether any accounts were opened without your consent.
  • c) Request that the agencies remove inquiries and/or fraudulent accounts stemming from theft.
• Notify CODE Credit Union and your other financial institutions and ask them to flag your account and contact you regarding any unusual activity:
  • a) If checks were stolen, place stop payments on them.
  • b) If bank accounts were set up without your consent, close them.
  • c) If your ATM card was stolen, get a new card, account number and PIN.
  • d) Use Identity Theft Affidavit to dispute new unauthorized accounts.
• Notify the issuers of the credit cards you carry. If unauthorized charges appear on your legitimate credit cards or if unauthorized cards have been issued in your name:
  • a) Request replacement cards with new account numbers.
  • b) Monitor credit card bills for new fraudulent activity.
  • c) If found, report it immediately to the credit card issuers and credit reporting agencies.
• Check with any online accounts, merchants or payment services that you use for any fraudulent activity against your account.
• Contact your local police department to file a criminal report.
• Contact the Social Security Administration’s Fraud Hotline to report the unauthorized use of your personal identification information.
• Notify the Department of Motor Vehicles of your identity theft. Check to see whether an unauthorized license number has been issued in your name.
• File a complaint with the Federal Trade Commission. Ask for a free copy of ID Theft: When Bad Things Happen in Your Good Name, a guide that will help you guard against and recover from your theft.
• Document the names and phone numbers of everyone you speak to regarding the incident. Follow-up your phone calls with letters. Keep copies of all correspondence.