Due to scheduled maintenance, online banking and ATMs may be unavailable from 6pm to midnight on Friday, April 26.

Whitefish Credit Union

Whitefish Credit Union

Whitefish Credit Union


Security

Safeguard your sensitive information and data
We'll work together to ensure your peace of mind.

Report Something Suspicious

If you believe you've fallen victim to or been exposed to a scam, please fill out the Suspicious Activity Form

We take all attempts of fraud, scams, phishing, and spoofing seriously. If you have received any communication that you suspect may not be from Whitefish Credit Union, please report it right away.

Additional resources can be found at MyCreditUnion.gov's Fraud Prevention Center page.

Online Threats: What are they and how do you protect yourself?

Cybercrime has become big business, raking in millions of dollars for criminal enterprises operating in nearly every corner of the globe. They typically attack by downloading software such as Spyware, Malware, or Ransomware onto your PC, tablet, or phone… all with your assistance!

How do the bad actors attack?

  • Email (phishing)
  • Text Messaging (smishing)
  • Voice Call (vishing)
  • Copy-cat websites and apps
  • Social engineering: Using your own information to trick you into giving away your data.

What they are after:

  • Personally Identifiable Information (PII)
  • Non-Public Personal Information (NPPI)
  • Your login credentials (username and password)
  • Your money

Online Threats: How do you protect yourself?

  • Keep your PC, Phone, and Tablet software up to date. Unpatched or updated systems are vulnerable to attack.
  • Do not share usernames and passwords for online accounts.
  • Make sure anti-virus / malware software is installed on your devices and is kept up to date.
  • Use a network firewall to protect your home devices or make sure the built-in operating system firewall like Windows Defender is enabled.
  • Do not click email links; go to the website and sign in instead.
  • Do not open unexpected email attachments without verifying with the sender first.
  • Do not trust Caller ID. Even if it looks like a legitimate source, Caller ID is easily hacked and a caller or texter can appear to be anyone they want.
  • Be cautious of what you post online, as personal information can be used against you through Social Engineering.
  • Beware of any communication that expresses a sense of urgency. The attackers are trying to make you believe that it’s critical to click the link to prevent something bad from happening.

Phishing

Phishing is increasing in our area.

  • Fraudulent emails are being sent to members and non-members informing them of restrictions to their accounts.

  • These emails do not come from Whitefish Credit Union - do not click the links.

  • This is an attempt to steal your information.

  •  

Smishing

Text Phishing (or “Smishing”) is increasing in our area.

  • Regardless of who these fraudsters are pretending to be, the goal is the same: lure you into revealing personal information like your password, account number, PIN, or Social Security number.

  • The FCC warns, even if the message requests that you "text STOP" to end messages, do not respond.

  •  

Mortgage Mailing Scams

You may be targeted by a popular postcard mortgage scam if you recently purchased or refinanced your mortgage.

  • These postcards (which come in a variety of colors) are being sent to consumers across the country.

  • How does this scam work? After you move or close on a house, many of the records related to your mortgage become public information. This means that anyone can access details about your mortgage lender, borrower, loan amount, mortgage number, and property address through public records.

  • If you receive a postcard like this, please be aware that it is NOT from Whitefish Credit Union and is not affiliated with us in any way. DO NOT call the 800 number on the card.

  •  

If you've provided personal information to a scammer:

  • Even if you didn’t provide your password to a scammer, it’s best practice to change your passwords after a negative encounter.
  • WCU Online Banking: Find the Security tab under Settings to reset your password.

File a Report with the Federal Trade Commission “FTC”:

Ask for a “Fraud Alert” to be placed on your file.

Stay Informed. Protect Yourself

Text Phishing (Smishing)
Mortgage Mailing Scams
Hang Up, Call Back
Strengthen Your Password

Text Phishing (or “Smishing”) is increasing in our area.

Regardless of who these fraudsters are pretending to be, the goal is the same: lure you into revealing personal information like your password, account number, PIN, or Social Security number. The FCC warns, even if the message requests that you "text STOP" to end messages, do not respond.

You may be targeted by a popular postcard mortgage scam if you recently purchased or refinanced your mortgage.

These postcards (which come in a variety of colors) are being sent to consumers across the country.

How does this scam work? After you move or close on a house, many of the records related to your mortgage become public information. This means that anyone can access details about your mortgage lender, borrower, loan amount, mortgage number, and property address through public records.

If you receive a postcard like this, please be aware that it is NOT from Whitefish Credit Union and is not affiliated with us in any way. DO NOT call the 800 number on the card.

Be cautious of fake calls pretending to be from Whitefish Credit Union. We will never request personal information through phone calls. If you receive a call that seems suspicious, hang up immediately and contact us at (877) 862-3525.

Remember:

  • Do not share any personal information with the caller. Whitefish Credit Union will never ask for your online banking password or last 4 of your social security number.
  • Don't follow any links or phone numbers that the caller may provide.
  • If the caller is asking you to withdraw money or provide personal information to resolve a supposed issue, hang up and call the official phone number of the alleged business, which you can find on their official website.

Y0u C@n Writ3 Pa$$w0rds L1k3 Th1s! By making passwords that are unique, you can further prevent anyone from guessing your password.

Avoid using personal information. Your password should not contain information that can be easily found on the internet, like your name, address, city, birthdate, and so on.

Make it long. While it’s harder to remember, yes, a longer password is simply more secure. Your password should be at least 8 characters (which most websites require anyway), but if you can get it up to 12-16 characters, that is ideal.

Include a mix of character types. Don’t just type two words and call it a day. Your password should include a mix of numbers, symbols, and uppercase and lowercase letters.

Don’t use sequential numbers or common keystrokes. When inserting numbers into your password, avoid sequential numbers like “12345”, as well as common keystrokes like “asdfg”. Choose numbers and letters that are far apart from one another on your keyboard.

Bitcoin and Gift Cards

Government Agencies Don't Ask for Payments in Bitcoin

  • Did you get a call or email telling you that you need to pay a bill, fine, or fee with bitcoin? It is a SCAM. Utilities, jails, and government agencies do not ask for payment in bitcoin.
  • Bitcoin payments are final. Once you send bitcoin to another person you cannot get your money back. Be wary of new online "friends" who ask you to help them by sending bitcoin.
  • Report potential scams to IC3.gov, the FBI's Internet Crime Complaint Center.

Gift Card Payments

  • If a person or company calls demanding ANY payment in the form of gift cards, THIS IS A SCAM!
  • No legitimate source will EVER ask for these. Utilities, jails, and government agencies do NOT ask for payment in gift cards, scammers do.
  • Learn more at fbi.gov/scams-and-safety