Log in to online banking

close

Top Results

Search Featured Block

An update from Civic

Important information to protect yourself from fraud


The world has changed and there are many bad guys who continue to take advantage of consumers. Using tools like Artificial Intelligence (AI), online criminals now outnumber law enforcement professionals. At Civic, we strive to stay ever mindful and vigilant about these trends and emerging threats. We work hard to keep your information secure. But we cannot do it alone. Here's how you can help. 

Do any of these scenarios sound familiar? 

  • A "representative" calls trying to obtain your sign-in credentials.
  • You receive a cryptic or suspicious text with links, saying your account has been disabled or blocked.
  • You receive an urgent email with a link to reactivate your account. 

These types of communication are fraud attempts and can give criminals access to your data by either placing malware on your device or tricking you into visiting websites that look legitimate but are not. These bad actors use these methods to gain access to your credentials (username and/or password) so they can then conduct fraudulent/unauthorized transactions. 

During our recent transformation to Civic, some members have seen fraud attempts aimed at obtaining their account login credentials. Our information security and fraud teams consistently monitor and proactively work with law enforcement to prosecute offenders and help members resolve any incidents where they may have become a victim of fraud. 

To protect your accounts here at Civic, as well as any other banking relationships you have, we must fight together, as unfortunately, the bad guys only need one "hit" to encourage them to continue taking advantage of consumers. With all the measures we take, we strongly urge you to work with us to take action to safeguard your online identity – not just with Civic, but for relationships where you share personal and confidential information. Like all businesses (financial, retail, medical, to name a few) that maintain personal information, we take safeguarding this information very seriously. 

What you should do NOW to protect yourself: 

  1. Use strong, unique passwords
    If you use the same password for your Civic account as you do for other online services, or if your password is old or weak, please change it. Passwords should not be easily guessed. They should be at least 15 characters and include a combination of upper and lowercase letters and special characters. Also, consider a password manager (app on phone/online) to securely keep track of all passwords.
     
  2. Enable two-factor authentication (2FA) 
    If you haven't already, enable 2FA for your Civic account and any other online accounts that offer it. This adds an extra layer of security by requiring a second form of verification (i.e., a code sent to your phone) in addition to your password.
     
  3. Beware of unsolicited messages 
    Never click on links or open attachments in unexpected emails or texts claiming to be from your financial institution. Civic will never initiate a request for personal account information via text or email. Some of our trusted service providers may use these to verify your information on our behalf; contact us if you have a concern. 
     
  4. Verify the website or app 
    Only use official banking websites (look for HTTPS and correct spelling in URLs) and apps downloaded from trusted app stores. 
    Our website is: https://www.civicfcu.org
    Online Banking: https://my.civicfcu.org
     
  5. Monitor your accounts regularly
    Set up alerts for large transactions or logins from new devices to catch suspicious activity early. See our "Set up alerts" how-to guide for help.  
     
  6. Update your devices
    Keep your phone, tablet, and computer updated with the latest security patches.
     
  7. Keep your passwords private
    Don’t disclose your passwords to anyone – even someone claiming to be from Civic.
     

What to do IMMEDIATELY if you suspect fraud:

If you notice unauthorized activity or believe you’ve been targeted by fraud:

  • Contact us immediately at 844-772-4842.
  • Change your login credentials.
  • Report phishing attempts to us. 

Be consistently diligent in how you engage with those who hold your personal information. If something seems amiss, it may be fraudulent. Always check validity if you question communication. Awareness is key. Always get in touch with us when you see suspicious activity.  


Fraudulent communication examples
 

The link provided is NOT a valid Civic URL

POSSIBLE RESULT

  • Once you click, malware can be installed on your mobile device, placing all accounts on the device at risk.
  • You could be prompted to enter your username and password at a fake or spoofed site, giving the bad guys access to log in to your account without your knowledge. 

What to do: 

  • NEVER click on links received in a text from an unknown entity.
  • DELETE the text and report it as SPAM.
  • BLOCK the sender.
  • REPORT any suspicious sites to Civic immediately at 844-772-4842.
Example of a fraud text message.

Here is an example of a fake online banking website

The URL is misspelled (two F’s), and Civic does not use any ".click" internet addresses. When looking at the Civic graphic, note the weird underline. 

POSSIBLE RESULT

Entering your username and password provides your credentials to the bad guys, who can use them to access your account. 

What to do

  • KNOW the correct website for the Civic homepage.
  • Be ALERT for things that look strange or that weren’t there the last time you logged in.
  • DON’T use ‘Remember Me’ for your password. Type in your password each time.
  • REPORT any suspicious sites to Civic immediately at 844-772-4842. 
Example of a fraudulent website.

Lack of Civic branding or grammatical errors

Note a lack of branding or our signature Civic colors. Also take note of grammatical errors like "Civicfcu Credit Union" or "Civicfcu Microfinance." Neither of these exist, and this is not how we reference Civic. 

POSSIBLE RESULT: 

Clicking on any of the links may install malware on your device. You may be prompted to enter online banking credentials, enabling the bad guy to access your account. 

What to do

  • KNOW the correct website for the Civic homepage.
  • Be ALERT for things that look strange or that weren’t there the last time you logged in.
  • DON’T use ‘Remember Me’ unless you are on a trusted device.
  • REPORT any suspicious sites to Civic immediately at 844-772-4842.
Example of a fraudulent website.

The link provided is NOT a valid Civic URL

POSSIBLE RESULT

  • Once you click, malware can be installed on your mobile device, placing all accounts on the device at risk.
  • You could be prompted to enter your username and password at a fake or spoofed site, giving the bad guys access to login into your account without your knowledge.

What to do: 

  • NEVER click on links received in a text from an unknown entity.
  • DELETE the text and report it as SPAM.
  • BLOCK the sender.
  • REPORT any suspicious sites to Civic immediately at 844-772-4842.
Example of a fraudulent link.