Privacy & Security
Coastal1 Credit Union will NEVER text, call, or email you to request, verify, or update account or personal information such as account numbers, online banking credentials, debit card information, security questions or one-time codes, or social security numbers. If we detect suspicious activity on your account, we may reach out to you and ask you to validate transaction information such as the merchant and amount, but we will NEVER ask you to provide account or personal information. You should never reply to text messages or emails that ask you to send account or personal information. If you do receive a suspicious text, email, or phone call claiming to be from Coastal1, please call us at our main number 401-722-2212 at your earliest convenience.
ATM Safety Tips
- Use ATMs that are in well-lit areas.
- Observe your surroundings. Be aware of anything suspicious. When in doubt, leave the area.
- Do not open locked ATM vestibule doors for others, or allow any unknown persons to enter the ATM area while you are making your transaction. Authorized customers should have their own access.
- Upon entering or exiting an ATM, be sure to close the door completely.
- Have your card in hand when approaching the ATM.
- Avoid counting cash while at the ATM. Put away your card and cash after completing your transaction.
- Stand directly in front of the ATM during a transaction. Shield the keypad with your hand or body when entering your PIN.
Credit & Debit Card Safety Tips
- Sign the back of your card immediately upon receipt.
- Remember your PIN. Do not write it on your card.
- Be cautious of who you’re giving your card number to. Unless you have initiated the call, never provide your card information over the phone.
- Check your receipts and statements.
- Keep a list of your credit card numbers and the numbers to call if your card is lost or stolen. Keep them in a separate and secure place.
Personal Information Protection Tips
- Verify who the person you’re speaking with is before sharing personal information such as your Social Security Number and bank or credit card account information over the telephone, in person or on the Internet.
- Do not carry Social Security cards, passports or birth certificates with you unless they are needed that day.
- Monitor bills and bank statements frequently, and immediately report anything suspicious.
- Receive your account statements electronically.
- Safely store cancelled checks, new checks and account statements.
- Coastal1 Credit Union will never initiate an email request asking for your online ID or password.
- Personal Identification Number (PIN), Social Security, driver’s license or credit card account numbers should not be written on checks, or on your ATM, credit card or debit card.
- Tear or shred pre-approved credit offers, receipts (including ATM receipts) and other information that could link your name to your account numbers.
- Check your credit report periodically and be sure all information is up to date and accurate.
- Treat your mail carefully. You should never use an unsecured mailbox for mailing materials containing sensitive information. Mail these pieces at the post office.
Security Measures Coastal1 Takes
Mail Returns and Address Change Requests
If mail is returned to us due to an incorrect address, or if an address change is requested, we always confirm the identity of the person making the request to correct or change the address. Once a positive confirmation has been made, we will then and only then, release mail or complete a change of address request.
Credit Report Fraud Alerts
If a fraud alert is included on a member’s credit report indicating that identity theft has previously occurred, or a member wants extra measures taken to verify their identity when an account or loan is opened:
- We will call the number that is included with the fraud alert to confirm the authenticity of the new account/loan request.
- We may require additional identification to be presented in order to positively identify the applicant.
- We will also review these reports for possible identity theft indicators such as activity that is not consistent with the person’s history.
I.D. verification software is used when a new account is opened. This software enables us to confirm that the information presented by the applicant matches information contained in the I.D. verification database.
Photo Documentation Alterations
Photo documentation presented to us is carefully reviewed for alterations to ensure its validity and that it matches the person presenting it.
When notified of an error or unauthorized charge regarding electronic transmissions, we follow specific timeframes in which the matter will be resolved.
In general, you can visit our website without disclosing to us who you are or revealing any information about yourself. There are some areas that will collect certain information about you and it is important for you to know how we use this information. When you visit our website, we collect and store information on the Internet domain and IP address you use to access our website, the date and time you access our site, and the pages you visit. This information is used solely for the purposes of creating site activity and statistical reports. These reports enable us to improve the usefulness of our site and to better serve our membership.
Coastal1 Credit Union (Coastal1) Mobile Banking Applications (“Applications”) allow you to access your account balances, make deposits, make transfers and pay bills on your mobile device in accordance with our Online Banking Mobile Agreement.
We are committed to transparency about your personal information. We ask for your consent when required, otherwise by using our Site and Mobile Apps, you consent to the collection, use and sharing of your personal information subject to and consistent with applicable laws and other notices you may have received based on your relationship with us. For example, as a convenience for transferring money, our mobile app may ask for access to your contacts to allow for the import of a contact to our app. We also collect location data even when the app is closed or not in use to enable location services such as finding nearest branch locations.
We use a tool called “Google Analytics” to collect information about use of this site. We have implemented the Google Analytics Demographics and Interest Reporting feature. This feature consists of a series of reports where we can see behavior information relating to visitor age range, gender and interests. This data can also be used to segment standard reports and create remarketing lists. Visitors can opt-out of Google Analytics for Display Advertising and customize Google Display Network ads using the Ads Settings (www.google.com/settings/ads).
When you email us, we collect and store personal information to process your email request. Users of this site should understand that any personal information that is voluntarily sent via an unsecured email form might be collected and used by others. Please do not include your account number, your Social Security number, your personal identification number (PIN), your password or any other confidential information in your email requests to Coastal1. Secured forms and applications are available on our website to contact us and to apply for various services and loans online. When you send an e-mail or other electronic communication to us, you are communicating with us electronically and consent to receive reply communications from us or our providers electronically. We may retain the content of the e-mail, electronic communication, your e-mail address, unique identifier (such as Facebook, Instagram, LinkedIn, or Twitter user name), and our response in order to better service your needs or for audit, legal, regulatory or other business-related reasons.
THIRD PARTY WEBSITES
Coastal1 utilizes passwords, 256-bit SSL encryption, and firewalls to keep your account information secure and private when you use our online banking service, Digital Insight. For your protection, be sure to always log off Digital Insight when you are done using it. Other safe computing practices you may want to consider include: • Installing virus detection software. • Performing regular backups. • Acquiring a home firewall especially if you utilize a DSL or cable modem connection to the Internet and leave your computer on all the time. • Password protecting sensitive files on your computer.
WHAT YOU CAN DO TO HELP
Coastal1 recommends that you take the following precautions to guard against the disclosure and unauthorized use of your personal and account information:
- Protect your account numbers, plastic card numbers, PINs (personal identification numbers) and passwords. Never keep your PIN with your card, which can provide free access to your accounts if your card is lost or stolen.
- Never provide personal information (including full Social Security numbers or account and credit card information) over the phone unless you have initiated the call and know with whom you are speaking. If someone calls you explaining the call is on behalf of the Credit Union, you should beware. Credit Union staff will have access to this information and will not need to ask for it.
- Notify us immediately if your ATM, credit or debit card has been lost or stolen. Also notify us immediately if your checks have been lost or stolen.
- Keep your information with us current. Be sure to notify us if your address or phone number changes, so we know how to reach you.
ONLINE ACCOUNTS AND PASSWORD SAFETY
Billions of user names and passwords have been stolen just this year by skilled hackers. Consumers are urged to be more vigilant online. Because people tend to use the same password on multiple sites, when a breach occurs, it can have major repercussions. You can’t completely protect yourself from hackers but you can limit your exposure by following some simple steps: Mix it up. Choose passwords that are long and complex typically 10 characters or longer with uppercase letters, lowercase letters, symbols and numbers. Be more creative. Use a unique password for each account. Split social media and money. Do not use the same password for credit cards and bank accounts that you use for social media or websites. Revise record-keeping. Don’t store your account information in an unsecured document on your computer or network. Keep data close. Don’t share your password, even with friends and family. Stay informed. Beyond changing passwords and creating better ones, stay informed as the details of a breach become released. If you have any weak or duplicate passwords anywhere, you should change them as soon as possible. Also consider regularly auditing and updating not just your passwords, but your computer security as well. After all of that, enjoy the peace of mind that you’re doing the best you can to protect yourself.
PERSONAL INFORMATION ON CHILDREN
We do not knowingly collect or retain personal information from children under the age of thirteen. We advise all visitors to our Site under the age of 13 not to disclose or provide any personally identifiable information on our Site. To learn more about the Children’s Online Privacy Protect Act (COPPA) please visit the Federal Trade Commission’s website (https://www.ftc.gov/).
Coastal1 is committed to providing a website that is accessible to the widest possible audience in accordance with the ADA standards and guidelines. We are actively working to increase accessibility and usability of our website to everyone. All products and services available on this website are available at all of our branches.
QUESTIONS OR COMMENTS
If you have any questions or comments concerning our Website Policy please let us know by going to:
Coastal1 Card Manager (the “App”) – powered by Fiserv – helps you control your debit card through your mobile device, making it easy to manage your finances on the go.
The App allows you to:
- manage travel settings/plans – enable locations for uninterrupted purchases during travel
- report lost/stolen – easily detect fraud and access replacement cards
- set real-time card controls and alerts – set limits on where, when, and how cards are used
- view transaction history – merchant name, logo, location, and contact info
- see where your cards are stored online for recurring transactions
- file disputes electronically
THE TYPES OF INFORMATION WE COLLECT IN THE APP
Through your use of the Services, we may collect personal information from you in the following ways:
(a) Personal Information You Provide to Us.
- We may collect personal information from you, such as your first and last name, address, e-mail, telephone number, and social security number when you create an account.
- We will collect the financial and transaction information necessary to provide you with the Services, including account numbers, payment card expiration date, payment card identification, verification numbers, and transaction and payment history.
- If you provide feedback or contact us via email, we will collect your name and email address, as well as any other content included in the email, in order to send you a reply.
- We also collect other types of personal information that you provide voluntarily, such as any information requested by us if you contact us via email regarding support for the Services.
(b) Personal Information Collected from Third Parties. We may collect certain information from identity verification services and consumer reporting agencies, including credit bureaus, in order to provide some of our Services.
(c) Personal Information Collected Via Technology. We and our service providers may automatically log information about you, your mobile device, or your interaction over time with our Services, our communications and other online services, such as:
- Device data, such as your mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers, language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 3G), and general location information such as city, state or geographic area.
- Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Service, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access.
- Cookies, which are text files that websites store on a visitor’s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, and helping us understand user activity and patterns.
- Local storage technologies, like HTML5 and Flash, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.
- Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.
- Location Information. If you have enabled location services on your phone and agree to the collection of your location when prompted by the Services, we will collect location data when you use the Services even when the app is closed or not in use; for example, to provide our fraud detection services. If you do not want us to collect this information, you may decline the collection of your location when prompted or adjust the location services settings on your device.
HOW WE USE YOUR INFORMATION COLLECTED IN THE APP
(a) General Use. In general, we use your personal information collected through your use of the Services to respond to your requests as submitted through the Services, to provide you the Services you request, and to help serve you better. We use your personal information, in connection with the App, in the following ways:
- facilitate the creation of, and secure and maintain your account;
- identify you as a legitimate user in our system;
- provide improved administration of the Services;
- provide the Services you request;
- improve the quality of experience when you interact with the Services;
- send you administrative e-mail notifications, such as security or support and maintenance advisories; and
- send surveys, offers, and other promotional materials related to the Services.
(b) Compliance and protection. We may use your personal information to:
- comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities;
- protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
- audit our internal processes for compliance with legal and contractual requirements and internal policies;
- enforce the terms and conditions that govern the Service; and
- prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.
(c) Creation of Non-Identifiable Data. The App may create de-identified information records from personal information by excluding certain information (such as your name) that makes the information personally identifiable to you. We may use this information in a form that does not personally identify you to analyze request patterns and usage patterns to enhance our products and services. We reserve the right to use and disclose non-identifiable information to third parties in our discretion.
DISCLOSURE OF YOUR PERSONAL INFORMATION
We disclose your personal information collected through your use of the Services as described below.
(c) Authorities and Others. Regardless of any choices you make regarding your personal information, The App may disclose your personal information to law enforcement, government authorities, and private parties, for the compliance and protection services described above.
LINKS TO OTHER SITES
YOUR CHOICES REGARDING YOUR INFORMATION
You have several choices regarding use of information on the Services.
(a) How We Respond to Do Not Track Signals. Some web browsers transmit “do not track” signals to the websites and other online services with which your web browser communicates. There is currently no standard that governs what, if anything, websites should do when they receive these signals. We currently do not take action in response to these signals. If and when a standard is established, we may revise its policy on responding to these signals.
(b) Access, Update, or Correct Your Information. You can access, update or correct your information by changing preferences in your account. For additional requests, please contact us.
(c) Opting Out of Email or SMS Communications. If you have signed-up to receive our email marketing communications, you can unsubscribe any time by clicking the “unsubscribe” link included at the bottom of the email or other electronic communication. Alternatively, you can opt out of receiving marketing communications by contacting us at the contact information under “Contact Us” below. If you provide your phone number through the Services, we may send you notifications by SMS, such as a fraud alert. You may opt out of SMS communications by unlinking your mobile phone number through the Services.
(d) Opting Out of Location Tracking. If you initially consented to the collection of geo-location information through the Services, you can subsequently stop the collection of this information at any time by changing the preferences on your mobile device. Please note, however, that if you withdraw consent to our collection of location information, you may no longer be able to use some features of the App.
SAFEGUARDS AND RETENTION
We implement reasonable administrative, technical and physical measures in an effort to safeguard the information in our custody and control against theft, loss and unauthorized access, use, modification and disclosure. Nevertheless, transmission via the internet is not completely secure and we cannot guarantee the security of your information.
A NOTE ABOUT CHILDREN
The Services are not directed towards individuals under the age of 18, and we do not, through the App, intentionally gather personal information about visitors who are under the age of 18. If a child under 18 submits personal information to us through the App and we learn that the personal information is the information of a child under 18, we will attempt to delete the information as soon as possible.
Coastal1 Credit Union
ATTN: Online Banking
1200 Central Avenue
Pawtucket, RI 02861
What does Coastal1 Credit Union do with your personal information?
Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.
The types of personal information we collect and share depend on the product or service you have with us. This information can include:
- Social Security number
- Account balances
- Payment history
- Credit history
- Account transactions
- Checking account information
When you are no longer a member, we continue to share your information as described in this notice.
All financial companies need to share members’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their members’ personal information; the reasons Coastal1 Credit Union chooses to share; and whether you can limit this sharing.
|Reasons we can share your personal information||Does Coastal1 Credit Union share?||Can you limit this sharing?|
|For our everyday business purposes
such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus
|For our marketing purposes
to offer our products and services to you
|For joint marketing with other financial companies||Yes||No|
|For our affiliates’ everyday business purposes
information about your transactions and experiences
|No||We don’t share|
|For our affiliates’ everyday business purposes
information about your creditworthiness
|No||We don’t share|
|For nonaffiliates to market to you
such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus
|No||We don’t share|
What We Do
How does Coastal1 Credit Union protect my personal information?
To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings.
We also maintain other physical, electronic and procedural safeguards to protect this information and we limit access to information to those employees for whom access is appropriate.
How does Coastal1 Credit Union collect my personal information?
We collect your personal information, for example, when you:
- Open an account
- Give us your contact information
- Apply for a loan
- Show your driver’s license
- Provide account information
We also collect your personal information from others, such as credit bureaus, affiliates, or other companies.
Why can’t I limit all sharing?
Federal law gives you the right to limit only:
- Sharing for affiliates’ everyday business purposes – information about your creditworthiness
- Affiliates from using your information to market to you
- Sharing for nonaffiliates to market to you
State laws and individual companies may give you additional rights to limit sharing.
Companies related by common ownership or control. They can be financial and non-financial companies.
- Coastal1 Credit Union has no affiliates.
Companies not related by common ownership or control. They can be financial and non-financial companies.
- Coastal Credit Union does not share with nonaffiliates so they can market to you.
A formal agreement between nonaffiliated financial companies that together market financial products or services to you.
- Our joint marketing partners include Credit Card Companies and Insurance Companies
Call 401-722-2212 or toll-free at 800-298-2212 or email us at [email protected].
What Is Identity Theft?
Identity theft occurs when your personal information is obtained without your knowledge in order to commit fraud or theft. Personal information refers to your name, date of birth, social security, driver’s license, credit card and bank account numbers. The crime takes many forms. Identity thieves may rent an apartment, obtain a credit card, or establish a telephone account in your name. You may not discover the theft until you review your credit report or a credit card statement and notice charges you didn’t make – or until you’re contacted by a debt collector.
Identity thieves attempt to obtain personal information in a variety of ways, including, but not limited to: stealing wallets, stealing financial statements from the mail, submitting a change of address form at the post office, or rummaging through trash for personal data.
Signs Of Identity Theft
- If you find new accounts on your credit report that are not yours.
- If you receive credit cards that you didn’t apply for.
- If you are denied credit or are offered less than favorable credit terms for no reason.
- If you get calls from creditors or debt collectors regarding merchandise or services that you did not buy.
What You Should Do If You Believe Someone Has Stolen Your Identity
At Coastal1 Credit Union we recognize the consequences of identity theft and want to assist you if you are a victim of this crime. Please follow the steps below so that we can help you in a timely manner:
- Contact us immediately to close any accounts that have been tampered with or established fraudulently.
- File an Identity Theft Report with your local police, state police, or other law enforcement agency. Obtain a copy for your records. Identity Theft Reports entitle you to certain legal protections, click here to find out more.
- Print and complete the ID Theft Complaint Form located at the Federal Trade Commission website. Click here for more information on how to file a complaint.
- Contact one or all of the three major credit bureaus listed below to place a fraud alert on your credit file. You also can order a credit report to identify any unauthorized activity.
- The fraud alert requests creditors to contact you before opening any new accounts. As soon as one credit bureau confirms your fraud alert, the other two credit bureaus will be automatically notified, and all three credit reports will be sent to you free of charge.
- Submit the completed FTC affidavit and law enforcement incident report to any Coastal1 Credit Union branch or mail to:
- Coastal1 Credit Union
Attn: Security Department
1200 Central Avenue
Pawtucket, RI 02861
- Coastal1 Credit Union
Further questions or concerns? Contact our Security Office at (401) 722-2212 for assistance. You may also visit one of our branch locations to pick up an Identity Theft Assistance packet. Designed to assist you in resolving disputes, click here to learn more about a variety of Identity Theft Tools available to you.
For more information about fighting identity theft and reporting fraud, visit the Federal Trade Commission.
Examples of Common eMail Scams
The “Nigerian” Email Scam
Con artists claim to be officials, businesspeople, or the surviving spouses of former government honchos in Nigeria or another country whose money is somehow tied up for a limited time. They offer to transfer lots of money into your bank account if you will pay a fee or “taxes” to help them access their money.
Email or pop-up messages that claim to be from a business or organization you may deal with – say, an Internet Service Provider (ISP), bank, online payment service, or even a government agency. The message may ask you to “update,” “validate,” or “confirm” your account information or face dire consequences. Coastal1 Credit Union will never send you an email asking for this information unless you have initiated the request.
Check Overpayment Scams (Fake Check Scams)
A response to your ad or online auction posting, offering to pay with a cashier’s, personal, or corporate check. At the last minute, the so-called buyer (or the buyer’s “agent”) comes up with a reason for writing the check for more than the purchase price, and asks you to wire back the difference after you deposit the check. It’s a phony story but might take awhile to discover. Once discovered, your bank wants the money back. The bank is required by law to give you access to the deposited funds within a few days, but they can’t be sure the check is valid by then. The responsibility rests on you for the checks or money orders that you deposit.
Pay-In-Advance Credit Offers
News that you’ve been “pre-qualified” to get a low-interest loan or credit card, or repair your bad credit even though banks have turned you down. But to take advantage of the offer, you have to ante up a processing fee of several hundred dollars.
Emails touting a way you can consolidate your bills into one monthly payment without borrowing; stop credit harassment, foreclosures, repossessions, tax levies and garnishments; or wipe out your debts.
Emails touting “investments” that promise high rates of return with little or no risk. One version seeks investors to help form an offshore bank. Others are vague about the nature of the investment, but stress the rates of return. Promoters hype their high-level financial connections; the fact that they’re privy to inside information; that they’ll guarantee the investment; or that they’ll buy it back. To close the deal, they often serve up phony statistics, misrepresent the significance of a current event, or stress the unique quality of their offering. And they’ll almost always try to rush you into a decision.
Never send sensitive information via regular unsecured email. Coastal1 Credit Union has secure email available within Online Banking. Should you need to contact the Credit Union with account specific questions, call or secure email us with your concerns and contact information. We’ll respond using the necessary security precautions.
Coastal1 Credit Union’s Security Measures
Coastal1 Credit Union employs a number of powerful security measures to protect you online.
Our web site address begins with “https://” which means your session is secure and your transactions will be encrypted using the latest encryption software technology. A “lock” icon will appear in the bottom right hand corner of your screen or in the address bar of your browser window – both are indications that you’ve entered a secure site.
Each time you sign in to your online banking account via www.Coastal1.org you’ll be asked to provide a user ID and password.
Online User ID Change
You may change your user ID or password at any time by clicking on Preferences and then Security within Online Banking. We strongly recommend you make both your user ID and password something that is known only to you and is easy to remember. To keep them secure, do not share them with anyone.
Time Out Sessions
If you leave your computer unattended or forget to exit, we will automatically end your online banking session after a few minutes. We refer to it as a “time-out” and another way we work to keep your information safe and secure.
State-of-the-Art Encryption Technology
Information exchanged within Online Banking is encrypted for your protection. Encryption is the process by which information is translated into un-interpretable code and then back into a recognizable form.
Our data systems are protected by firewalls that are set up between our system and the Internet.
The best detector of fraud and identity theft is you. Through proactive monitoring, you’ll be the first to notice any unusual activity and act fast before damage can occur.
- Over 50 percent of all identity fraud is first discovered by the victim.
- Email alerts will ensure you receive timely notification of Important Account Activity.
What You Should Look For
- Accounts you didn’t open and debts on your accounts that you can’t explain.
- Fraudulent or inaccurate information on your credit reports, including accounts and personal information like your Social Security number, address(es), name or initials, and employers.
- Failing to receive bills or other mail. Follow up with creditors if your bills don’t arrive on time. A missing bill could mean an identity thief has taken over your account and changed your billing address to cover his tracks.
- Receiving credit cards that you didn’t apply for.
- Being denied credit, or being offered less favorable credit terms, like a high interest rate, for no apparent reason.
- Getting calls or letters from debt collectors or businesses about merchandise or services you didn’t buy.
Check Your Credit Report Annually
An amendment to the federal Fair Credit Reporting Act requires each of the major nationwide consumer reporting companies to provide you with a free copy of your credit report, at your request, once every 12 months.
To order your free annual report from one or all the national consumer reporting companies, visit www.annualcreditreport.com, call toll-free 877-322-8228, or complete the Annual Credit Report Request Form and mail it to:
Annual Credit Report Request Service
P.O. Box 105281
Atlanta, GA 30348-5281
You can print the form from ftc.gov/credit. Do not contact the three nationwide consumer reporting companies individually; they provide free annual credit reports only through www.annualcreditreport.com, or by calling 877-322-8228, or requesting by mail: Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281.
Types of Fraud
Coastal1 Credit Union is committed to our member’s financial well-being. The information below can help you to identify many types of fraud:
The following list contains various types and examples of Online Fraud.
Phishing and Spoofing
- Sometimes criminals may send you email that looks like it has come from Coastal1 Credit Union. These emails may even ask you to call a phone number and provide account information. Unless you have initiated the request, Coastal1 Credit Union will never ask you to reply in an email with any personal information, such as your bank account number, Social Security number, ATM or Debit Card PIN.
- Unexpected messages requiring urgent action on your part because your account may be closed if you fail to confirm, verify or authenticate your personal information. We will not ask you to verify your personal information in this way.
- Claims, via email, that the Credit Union needs to confirm important information due to system and security upgrades. We will not ask you to verify information in this way.
- Offers asking that you fill out a short survey in exchange for money that will be credited to your account. But, in order to receive payment, you must provide your account number for proper routing of the credit. We will not request your account number in this way.
- Misspellings and grammatical errors are often the mark of fraudulent emails or websites.
Victims (Money Mules) are lured by the promise of making large sums of money for minimal work. The money mule is sent stolen money which they then send back through a wire or transfer. This type of fraud is similar to money laundering only done online. In some cases, victims of these scams not only have their bank accounts closed and financial reputation ruined but are often left financially responsible for returning the stolen funds.
- Overseas companies requesting money transfer agents in the US
- Opening new bank accounts to receive money from someone you don’t know
- Accepting large sums of money into your personal bank account for a new job
- Transferring or wiring funds out of your personal bank account to people you do not know
Malware or “malicious software” is often used to steal personal information and commit fraud. Malware includes viruses, spyware and trojans designed to infiltrate or damage a computer system. Updated security and system software can protect your computer from malware threats.
Examples of malware distribution points:
- Downloads from file sharing and social networking sites
- Attachments and free software from unknown sources
- Pop-up advertisements asking for personal or financial information
Keylogging Malware is a software program that records keystrokes entered on the PC on which it’s installed. It then transmits a record of these keystrokes to the person controlling the malware over the internet.
Man-In-The-Middle / Man-In-The-Browser Attack
By “inserting” himself between the customer and the financial institution, these fraudsters literally hijack the online session.
- By intercepting the authentication credentials you’ve submitted and log in to your accounts.
- By modifying the transaction content or by adding additional unauthorized transactions which, in most cases, are fund transfers to accounts controlled by the person committing the fraud.
VoIP or Voice Over Internet Protocol are automated computer generated messages notifying consumers that their account has experienced unusual activity.
Fake Mobile Banking Apps
Criminals may develop and publish fake mobile banking applications attempting to steal your Online Banking credentials.
Tips for recognizing an unofficial Coastal1 Credit Union application:
- The application is being promoted on a third party site, somewhere other than the official application store for your mobile device.
- There is a charge for downloading the application – Coastal1 Credit Union does not currently charge for mobile application downloads.
Smishing is phishing that happens via an SMS text message. A text message is sent tricking you into replying with financial or personal information. A virus can also be snuck onto your mobile device by clicking on links contained within the message. Don’t respond to a text message that requests personal or financial information. We will never ask you to respond in this way.
While offering convenience, mobile phones and tablets are easy to lose or steal, putting your information at risk.
Tips To Safeguard Your Mobile Device:
- Password-protect your device.
- Enable an automatic screen-locking mechanism to lock the device when it’s not actively being used.
- Keep a record of the device’s make, model and serial number in case it’s stolen.
Traditional Online Threats
Viruses, malware and other programs that steal your personal information or financial details are also able to infect some mobile devices. Anti-virus programs are supported depending upon the type of device you use.
Coastal1 Credit Union is committed to our member’s financial well-being. The information below can assist you in your fraud prevention efforts:
Safeguard Your Social Security Number
- Do not provide your Social Security number unless you have initiated the contact and have confirmed the business or person’s identity.
- When choosing a Personal Identification Number (PIN) or password, do not use your full or partial Social Security Number.
- If you must provide your Social Security number in an email or on a website, ensure that it is secure, encrypted, and you know how the recipient will protect it.
- Never record your full Social Security number on a check, traveler’s check, gift certificate, etc., unless required by law. In most cases, the last 4-digits of your SSN should be enough.
- Don’t carry your Social Security card with you.
- Have funds deposited directly into your account using direct deposit.
Secure Your Computer
- Anti-virus and anti-spyware protections detect and remove viruses, spyware, etc. that can steal your personal information.
- Operating system and software updates should be installed as soon as they become available.
- Keep your web browser updates current.
Online Fraud Prevention Tips
- Choose a password that’s hard to guess – not hard to remember. A combination of letters, numbers and special characters make the strongest passwords.
- Emails sent offering you a prize or a discount may ask you to choose a User ID and password (most people use the same access information for several accounts. Thieves will collect your login information and try them at other sites, like financial institutions or credit card sites).
- Don’t open an email from senders you don’t know.
- Fraudulent emails often include misspellings and poor grammar. If you have any doubts about the authenticity of an email, do not respond.
- Monitor your online account for unusual activity.
- We recommend that you change your password every 60 days.
- Update your anti-virus software frequently. Common anti-virus software includes McAfee and Norton.
- Beware of emails with a sense of urgency, attempting to rush you into action like “Update now or we’ll close your account…”. Coastal1 Credit Union will never notify you in this way.
- Not all email is secure. Do not include personal or sensitive data in or in response to an email.
Mobile & Online Banking
Step 1: Protect Your Computer / Mobile Device
- Install and update your anti-virus and anti-spyware software frequently.
- Keep your computer and mobile device operating systems up to date.
- Make sure to keep your web browser software up to date by installing the most recent version to all devices used to access mobile/online banking.
- Avoid using public wifi as hackers can position themselves between you and the wifi access point. If you must use public wifi, be sure to update any file sharing or privacy settings to help prevent hackers from planting infected software on your device.
- If your computer or mobile device operating system has a firewall, enable it.
Step 2: Keep Your Information Secure
- If you do not recognize the sender of an email or have any doubts about the authenticity of an email, do not respond and delete it immediately.
- Do not open the email or click on links or attachments, especially if they tell you the problem is urgent or the attached file ends in “.exe”.
- Always use secure passwords. A secure password consists of upper- and lowercase letters and numbers.
- Never share your password with anyone.
- Do not include personal or sensitive data in, or in response to, an email.
- Monitor your account activity closely and watch for unusual activity.
- When you finish your online and/or mobile banking sessions, be sure to log out.
- Do not store financial or personal information on your laptop, phone, or mobile device.
Step 3: Practice Safe Web Browsing
- Only allow popups from sites that you authorize.
- Do not give out personal information to blogs, forums, and other social networking sites.
- Only make online purchases using secure sites that encrypt your information. To determine if a site encrypts your information, look for the locked padlock icon in the browser and “https:” in the address line.
- Never access a website from a link in a suspicious email.
- Access online banking sites by typing the address directly into the browser’s address bar.
Step 4: Protect Your Laptop, Phone, and/or other Mobile Devices
- Be suspicious when installing applications/programs that require you to provide information that has nothing to do with the application’s purpose.
- If you use your laptop, phone, or other mobile devices to conduct mobile banking, and your device becomes lost or stolen, contact your financial institutions and cell phone provider immediately.
- Never leave your laptop, phone, or other mobile devices logged on and/or unattended in public.
- Password protect and lock your laptop, phone, or other mobile devices when not in use.
- Do not store financial or personal information on your laptop, phone, or mobile device.