When you think of making safe choices, what comes to mind? Looking both ways before crossing the street? Locking your doors? Not playing with matches? Online and mobile security call for many of the same habits. Pay attention to where you are, protect what belongs to you, and avoid unnecessary risks. Those choices can help keep your information and accounts safer.
What Does “Being Smart” With Online Security Look Like?
Technology changes quickly, but the habits that protect you online are straightforward: slow down, guard access to your accounts, and confirm unexpected requests before you respond.
When Browsing
- Pause before clicking. Be cautious with links in unexpected emails, text messages, social media posts, advertisements, and direct messages. Check the sender and the link’s destination before you continue.
- Treat QR codes like any other link. A QR code can hide its destination until you scan it. Be especially careful when a code arrives unexpectedly, appears to have been placed over another code, or asks you to log in, make a payment, or provide personal information.
- Check the complete web address. Look for “https” and your browser’s security indicator before entering personal or financial information. That tells you the connection is encrypted, but it does not prove the website is legitimate. Watch for misspellings, extra words, or unusual addresses that imitate familiar organizations.
- Use care on public Wi-Fi. Confirm the correct network name, avoid unfamiliar or look-alike networks, and turn off file sharing. For banking or other sensitive activity, use your cellular connection or a trusted personal hotspot when possible.
- Secure your home network. Protect your home Wi-Fi with a strong, unique password, replace the router’s default administrator login information, and keep its software up to date.
When Banking or Accessing Important Accounts
- Go directly to the source. Access your account through the financial institution’s official app or a web address you entered, saved, or bookmarked yourself. Avoid signing in through a link in an unexpected message.
- Create a long, unique password for every important account. If you reuse a password, one stolen login could put several accounts at risk. A reputable password manager can create and store different passwords for you.
- Use a passkey when one is available. Passkeys use the security built into your device and are harder for scammers to steal through a fake login page than a password.
- Turn on multifactor authentication. This adds another verification step if someone tries to access your account. Depending on the account, that step might use an authentication app, security key, fingerprint, facial recognition, or one-time code.
- Never share a verification code. A code sent to your phone or email is intended to confirm your identity. A caller or message asking you to read it back may be attempting to access your account.
- Do not approve an unexpected login request. Repeated authentication notifications may mean someone already knows your password. Do not approve a request just to make the notifications stop. Deny it, change your password through the official app or website, and contact the organization if needed.
- Choose security questions carefully. Use answers that strangers cannot research or easily guess from social media, online searches, or public records. Store the answers securely if you need help remembering them.
When Communicating
- Do not share sensitive information in response to an unexpected request. This includes passwords, account numbers, Social Security numbers, debit or credit card details, security answers, and one-time verification codes.
- Do not trust caller ID or a sender’s display name by itself. Scammers can make a call, email, or text message appear to come from a familiar person, business, financial institution, or phone number.
- Be cautious of fake fraud alerts. A scammer may claim there has been a suspicious purchase, transfer, or security problem with your account. The message may begin with a simple question and then lead to a call from someone pretending to represent your financial institution.
- Never move money to “protect” it. A legitimate financial institution will not instruct you to transfer money to another account, purchase gift cards, send cryptocurrency, or use a payment app to keep your funds safe.
- Slow down when someone creates a sense of urgency. Scammers often pressure people to act immediately, stay on the phone, keep the conversation secret, or avoid contacting anyone else. That pressure is your cue to stop and verify the request.
- Verify the request independently. End the call or close the message. Contact the person or organization using a phone number, app, website, or email address you already trust. Do not use the contact information in the suspicious message.
A Familiar Voice Is Not Proof of Identity
Artificial intelligence tools can imitate a person’s voice, face, or writing style. If a family member, friend, coworker, or trusted representative makes an urgent request for money or information, end the conversation and contact that person using a number or channel you already know. Some families also use a private word or phrase to confirm urgent requests.
When Sharing Information Online
- Think before posting. Vacation plans, birthdays, pet names, schools, workplaces, and family details may help scammers guess passwords, answer security questions, or create more convincing messages.
- Review your privacy settings regularly. Social media platforms and apps may change their settings over time. Private settings reduce exposure, but screenshots and resharing can still carry your information beyond the audience you intended.
- Be cautious with quizzes and trending posts. Questions about your first car, childhood street, favorite teacher, or pet may resemble the security questions used to protect your accounts.
- Limit what strangers can learn about you. Personal details can help a scammer create a story that sounds believable and specific to you.
When Thinking About Your Devices
- Review app permissions. An app should not have access to your location, contacts, camera, microphone, photos, or other personal information unless that access is necessary for the app to work.
- Download apps and software only from trusted sources. Do not follow links or pop-ups that claim your device is infected or needs immediate repairs.
- Keep your software up to date. Install updates for your operating system, web browser, apps, router, and security software. Turn on automatic updates when possible so important security fixes are installed promptly.
- Keep built-in security protections turned on. Modern devices often include malware protection, firewalls, app screening, and other security tools. Make sure these protections remain active.
- Lock your devices. Use a passcode, password, fingerprint, or facial recognition, and set your phone, tablet, and computer to lock automatically after a short period of inactivity.
- Never install remote-access software for someone who contacted you unexpectedly. Scammers may pose as a financial institution, technology company, retailer, or government agency and ask to view or control your screen. Do not sign in to online banking while another person can see or control your device.
- Protect your mobile phone account. Ask your cellular provider about adding a unique account PIN or number-transfer lock. If your phone suddenly loses service or you receive an unexpected notice about a SIM card or number transfer, contact your provider immediately.
- Treat your smartphone like a computer. Safe networks, trusted websites, careful downloads, and strong account protection are especially important when shopping, banking, or handling personal information.
If You Think Something Has Gone Wrong
Scams are designed to create confusion and urgency. If you believe your information, device, or account has been compromised, act quickly.
- Contact your financial institution immediately through a trusted phone number or official channel, especially if you sent money, provided account information, shared a security code, or approved an unfamiliar login.
- Explain exactly what happened. Let the organization know whether you clicked a link, entered login information, installed software, granted remote access, or sent money. These details can help determine the appropriate next steps.
- Change affected passwords from a trusted device. If the same password was used on other accounts, update those accounts as well.
- Review recent activity and turn on alerts. Look for unfamiliar purchases, transfers, profile changes, or login attempts.
- Contact your cellular provider if your phone service, SIM card, or phone number may have been compromised.
- Follow the organization’s instructions for securing your account, disputing unauthorized activity, and reporting identity theft or fraud.
Slow Down, Check, and Protect Your Accounts
You do not need to memorize every new scam. Pause before clicking, protect your sign-in details, keep your devices updated, and verify unexpected requests through a trusted source. Those habits make it harder for a scammer to rush you into a costly decision.
Questions about account security can be difficult to sort out on your own. Call Federal Credit Union is here to help members recognize scams and protect their accounts.
Visit our Account Security page for more information. If you have questions about your Call Federal accounts or believe something may be wrong, call us directly at 804.274.1200 or contact us via our secure online form.