COMPROMISED EMAIL

UPDATED: 11/15/23

Members have reported having their email hacked. In this situation, it’s important to also check and secure your Digital Banking.

Steps to Take
If you suspect fraudulent access to you email or bank account(s), you should proceed as follows:

Contact us immediately
Check your online banking for any indication fraudsters have accessed your account
Change your password
Enable multiple-factor authentication

Signs of a Compromised Email

Unauthorized login attempts: If you receive notifications or emails indicating that someone has attempted to log in to your email account from an unfamiliar location or device, it's a red flag that your account may have been compromised.
Changes to account settings: If you notice that your account settings, such as your password, security questions, or forwarding rules, have been changed without your knowledge or consent, it's possible that your account has been hacked.
Suspicious activity: If you notice unusual activity in your email account, such as emails that you didn't send, or emails that have been deleted or moved to the trash folder without your knowledge, it's a sign that someone else may have gained access to your account.
Spam or phishing emails: If your contacts start receiving spam or phishing emails that appear to be coming from your email account, it's possible that your account has been hacked and is being used to send out spam or phishing emails.

If you suspect that your email account has been hacked, it's important to take immediate action to secure your account. Change your password and security questions, enable two-factor authentication, and check your account settings and activity logs for any suspicious activity. You may also want to contact your email service provider for further assistance.

Additional Considerations
These steps can help prevent email-related fraud:

Use a password manager to keep all strong passwords secure
Use security software like malware scanners
Remove any malware that’s found (or take your computer to a reputable business to be cleaned)
Warn your contacts that your email has been hacked
Check your email settings to see if there are rules set up to forward emails
Delete any rules you didn’t set up
Check your sent folder for emails the hacker sent from your account
Look in your deleted folder for emails the hacker may have read then deleted

Phone Scam

UPDATED: 11/10/23

Members have reported receiving fraudulent phone calls. The caller is stating that they are “from CFCU.”

We will never call to ask a member for digital banking credentials, sensitive information, or a member’s PIN.

If you believe you may have given your information by mistake, please contact us immediately so we can take steps to protect your accounts.

Contact our Member Contact Center at 920-830-7200 or 1-866-273-2328.
Change your Digital Banking Password.
Refresh Digital Banking Security Questions.
Setup Digital Banking notifications to more actively monitor your account activity.

Text Scam

UPDATED: 8/28/23

Members have reported receiving the following text messages from Community First Credit Union. Please beware and do not reply. Community First Credit Union will NOT contact you about charges by text or email.

Text from Community First Credit Union Fraud Department.

What if you are worried about being compromised?

Ask for help. If you are questioning something, even just a little. Reach out to us so we can help you determine if a request is legitimate or potentially an attempt at fraud.
Report it. In every instance where personal information has been compromised or money has been sent, our greatest asset is time. If you ever believe you may have been misled, made a transaction or shared information with a fraudster, contact us immediately so we can take steps to protect your accounts.

Do not engage with or respond to a text or email like this. Instead, if you have any concerns, always contact us directly at phone numbers you know to be Community First or visit us in person.

Never provide PIN, digital banking credentials or other sensitive information to anyone who calls or texts you to ask for it – even if they claim to be us. We will never ask for that information.

If you believe you may have given your information by mistake, please contact us immediately so we can take steps to protect your accounts.

Contact our Member Contact Center at (920) 830-7200 or 1-866-273-2328.
Change your Digital Banking Password.
Refresh Digital Banking Security Questions.
Setup Digital Banking notifications to more actively monitor your account activity.

Tech Scams

UPDATED: 6/29/23
We have been alerted of several local instances of tech scams. Please be very cautious and follow the recommendations below:

What are tech scams?
In these scams, messages appear on your computer, phone or smart tv with urgent warnings about the security of your device. You are directed to click a link or call a number that eventually leads to providing remote access to your device to fix the problem. During the session, they will either load software that tracks your activity, usernames and passwords (including those for digital banking), for their own use later.

What can you do to prevent tech scams?

Protect Your Information. Account information or digital banking access can be just as valuable as money to fraudsters.
- Do not share your digital banking credentials.
- Do not provide remote access to your computer, phone or smart tv.
- If you are using your cards to make payments, understand who you’re dealing with.
Watch for Red Flags. Has someone you’ve never met in person asking for money or digital banking access? Is the person who is offering to help with your computer someone you trust? Have you verified that the person on the phone is really your grandchild that is in trouble? Are you being coached on what to say and how to answer questions? Are you being threatened? Is there a pressing sense of urgency? Are you being asked to send money or payment via untraceable and unrecoverable wire transfers, gift cards or crypto currency? All of these are red flags for scams.
Scrutinize communications. Scammers attempt to impersonate trusted businesses, including ours. Before you click on links, or respond to messages or calls or provide information, take a closer look. Is the email address what you expect? Is the website address valid? Are their typos or other formatting inconsistencies? Are you being asked to share sensitive information? If anything seems off, contact the company at a number you know to be valid – through an internet search or other communications.
Monitor your accounts. Digital Banking give you many ways to stay connected to the activity in your accounts. Real-time Alerts are available to notify you of transactions, balances, even logins, even as they take place so you can recognize if something has taken place on your accounts that you didn’t authorize. Setting up Alerts is one of the best practices you can put in place to protect yourself and your money.

Student Loan Debt Relief Scams

10/20/2022

The Department of Education (ED)’s application for federal student loan debt relief is now open and, of course, scammers are on the move — trying to get your money and personal information. Luckily, there are ways to stop them, so keep reading to find out how to protect yourself as you apply for relief.

As people file their applications, ED will review them on a rolling basis. Pack some patience and follow the process…not those who say they can put you in front of the line. Because those are scammers. Here’s what to know right now to steer clear of scammers:

Apply at StudentAid.gov/DebtRelief. Nowhere else. Right now, application is online only and in English and Spanish. A paper application will be available later.
Don’t pay to apply. It’s FREE. Anyone who says you need to pay is a scammer. And anyone who guarantees approval or quicker forgiveness: scam, scam, scam.
Know what to share, where, and when. The real application will ask for your name, birth date, Social Security number, phone number, and address. But, when you apply online, you don’t have to upload or attach any documents.
Know what not to share. When you apply, nobody legit will ask for your FSA ID, bank account, or credit card information. Anyone who does: scammer. (Stay tuned for more info when ED starts processing applications. Some applicants will have to verify their income, but not yet.)
Expect email updates from ED. After you apply, you may hear from ED — to upload tax documents verifying your income — or to give updates on your application. Those emails will only come from noreply@studentaid.gov, noreply@debtrelief.studentaid.gov, or ed.gov@public.govdelivery.com. Pay close attention the sender address for emails about loan forgiveness — looking for slight typos — to avoid a scammer’s fake emails.
Follow ED’s process if your application is denied. Anyone who says they can get you approved (for a fee) is a scammer. Your email notice will have instructions. Follow those, and if you have questions, call FSA’s dedicated phone line at 1-833-932-3439. Expect long wait times.

Have you spotted one of these scams? Tell us about it at ReportFraud.ftc.gov.

Lost Stolen or Damaged Cards

Lost, Stolen or Damaged Card

You can report your card lost or stolen if you are missing your card or think someone stole your card information. Damaged cards can be replaced.

For Lost or Stolen Cards:

CREDIT CARDS

DEBIT CARD

If you are not a Digital Banking user:
Call us at 920-830-7200 Mon-Fri, 7 am to 6 pm, Sat, 7 am to 1 pm CST.

Outside of these days and times, please call 866-820-5874 (24hrs).

If you are a Digital Banking user:
1. Login to Digital Banking
2. Select your card.
3. Select Card Controls.
4. Toggle the card to Off.
5. Select Report Card as Lost/Stolen from the More menu.
6. Review your transactions for any unauthorized activity. Be sure to notify us immediately if anything looks suspicious.

If you are not a Digital Banking user:
Call us at 920-830-7200 Mon-Fri, 7 am to 6 pm, Sat, 7 am to 1 pm CST.

Outside of these days and times, please call 866-820-8847.

If you are a Digital Banking user:
1. Login to Digital Banking
2. Select the account associated with the card
3. Select Card Controls.
4. Toggle the card to Off.
5. Call 920-830-7200 or 866-820-8847 (24hrs) immediately.
6. Review your transactions for any unauthorized activity. Be sure to notify us immediately if anything looks suspicious.

Damaged Card

We understand that after a while there can be some wear and tear on your card that makes it impossible or difficult to use, like a scratched swipe strip or worn off numbers. We’ll send you a replacement card, free of charge. Your card number will not change, but your expiration date will change. Please update your accounts accordingly

CREDIT CARD	DEBIT CARD
If you are not a Digital Banking user: Call us at 920-830-7200 Mon-Fri, 7 am to 6 pm, Sat, 7 am to 1 pm CST to request a replacement card. If you are a Digital Banking user: 1. Login to Digital Banking 2. Select your card. 3. Select More 4. Select Order New Card from the menu.	To replace a damaged debit card, please contact a Member Service Representative in our Member Contact Center at 920-830-7200 during business hours.