Cybersecurity: Tips to keep your information safe

Cybersecurity has never been more important. Every 3 seconds, a hacker or fraudster is trying to scheme their way into your personal information using a form of phishing attack (nefarious emails or other messages designed to spoof a legitimate source to get you to click bad links). Other types of attacks can include smishing (SMS or text phishing), vishing (voice phishing), or quishing (QR code phishing). Learning about these attacks and how to avoid falling prey is a must in the modern world.

Top Banking Related Phishing/Spoofing Scams

Columbia Credit Union staff is knowledgeable about fraud and how to work with people to spot red flags. When it comes to spoofing, we work with a cybersecurity vendor and phone carriers to take the bad actors down so they can no longer spoof our phone numbers. But being prepared yourself can help us big time. Let’s look at some common scams.

Account Verification Phishing

Scam emails claiming issues with your bank account will urge you to click a link and reveal your login details. DO NOT CLICK! If you are ever sent a link via text or email to “verify” your account or to confirm a transaction, don’t click the link. Call us directly to confirm who sent the communication.

Bank Survey Scams

Fake banking surveys that offer rewards can be employed in order to collect personal information under the appearance of customer feedback. A survey from Columbia Credit Union will never ask for personal info.

Fake Call Spoofing

Spoofing is when a scammer impersonates a known phone number, such as Columbia Credit Union’s 360-891-4000 and 800-699-4009 phone numbers. Caller ID may say it’s Columbia CU calling, leading members to believe they’re talking to someone from Columbia CU, while fraudsters are in fact tricking members into sharing their usernames, their passwords, and their one-time passcodes! These bad actors are professionals and very, very convincing.

If at any point you are uncertain about questions being asked or the call itself, HANG UP and call us directly at Columbia Credit Union: 360-891-4000.

Remember: Columbia Credit Union, government agencies, and other financial institutions will never ask you to input your personally identifiable information such as card numbers, online banking credentials, PINs, card expiration dates, or CV2 codes over the phone.

Password Power

Ensure all of your passwords are unique across all accounts. It’s tempting to use the same password, but in this digital world, it is imperative to keep them all unique to protect each individual account. Never trust requests for your Online Banking password—it is yours and yours alone. We don’t even know what it is! And we don’t want to.

Stolen Device Protection on iPhone

A feature with iOS 17.3 and later makes it harder for thieves to access your secure information if they steal your iPhone. Turn on Stolen Device Protection from Settings > Face ID & Passcode. After you enable Stolen Device Protection, your iPhone will require additional authentication for the user to access some information, and it will also prevent certain changes if it detects that it isn’t at a trusted location such as your house or your workplace. If a thief tries to change your Apple account password or your phone’s passcode when your iPhone isn’t at a trusted location, Stolen Device Protection requires you to wait an hour and then authenticate your identity a second time with Face ID or Touch ID. This prevents thieves from using your unlocked iPhone to steal your money or open an Apple credit card in your name.

Reporting & Responding to an Attack

If you think a hacker has grabbed your personal information such as your SSN, credit card numbers, or bank account info, go to identitytheft.gov to report it and get a recovery plan.

Columbia Credit Union is here for you, too. Check out all of the cybersecurity-first Digital Services available to Columbia Credit Union members here.