Protect yourself

Look for a "lock" icon at the bottom of your browser and make sure the lock icon and "https" appears in front of the Web address before submitting any personal or financial information through a web site. These visual clues tell you the information you are sending is secure.

Verify links before clicking on them by hovering your mouse over the link and carefully checking that it's the website that you expect. The difference may be as simple as a .net address versus a .com address, or a slight difference in spelling, so pay close attention.

When possible, go to the source directly, and type in the company website yourself to verify and use the information from the website.

Google Ads show the destination website address near the ad headline. Confirm this link is what you expect before clicking, and if unsure, don't click the link. 

Don’t open suspicious attachments or click unusual links in messages. They can appear in email, tweets, posts, online ads, messages, or attachments, and sometimes disguise themselves as known and trusted sources. If you suspect something or are unsure, delete the email, don't not select a link, open an attachment, or respond. You instincts are probably correct. 

Avoid streaming or downloading movies, music, books, or applications that do not come from trusted sources. They may contain malware.

In today’s digital world, we use passwords for almost everything, from online banking and shopping, to apps, medical services, and more. This makes the use of strong passwords an essential piece of the puzzle in protecting yourself from fraud. Here are some reminders on how to create better passwords:
 

• Unique passwords matter. Create a unique, secure password for every site that needs one. That way if one site password is compromised, your other logins will remain secure. It may take more thought, but the extra security is worth it.

• Don’t use the auto-save function on your browser or device for usernames and passwords. Saving your credentials may seem easier, but if your phone or computer should get into the wrong hands, entry to your account is automatic. 

• Use a password generator and keep passwords in a safe place such as a lock box, or safe. 

Lock your phone and computer and use a PIN for your computer or biometric authentication to access your phone as an added layer of security.
 

Online banking security is the responsibility of everyone who uses the system. We invest considerable time and money in fraud detection systems, but online banking requires vigilance on everyone’s part in order to be effective. It’s better to prevent theft than to try to recover losses later.

It’s easy to protect your digital banking account by following these simple rules:
 

• Do not log in to online banking over public Wi-Fi. This is like letting hackers “look over your shoulder” as you do your banking.

• Do not provide personal information over the phone. Financial institutions do not ask for this information. 

• If you receive an email or text with an attachment or a link from your “financial institution”  do not follow the link or open the attachment. SCU will never provide an unsolicited email requesting you log in from a link. This is a common method for hackers to gain access to your confidential information.

• If you receive an Interac e-Transfer^® that you weren’t expecting, do not click the link. Make sure you verify the suspicious Interac e-Transfer with the sender personally before clicking.

• Never provide your password or PIN to anyone. SCU will never ask you to provide us with your passwords or PINs.

• Be skeptical of emails, messages, or websites containing misspelled familiar words; grammatical errors that make it difficult to understand or misuse a common expression.

 

• Don't reply to emails asking for personal information to stop the sudden closure of an account. Do not click on links within the email. 

 

• Instead, type the website address directly into your browser so you can confirm that it is safe, or call the company directly instead

 

• Don't open attachments, follow links, or reply to spam messages — even to unsubscribe. Hover your mouse over the link and carefully check that it's the website that you expect. The difference may be as simple as a .net address versus a .com address, or a slight difference in spelling, so pay close attention.

 

• Do not provide account or personal details through an unsecured email program. If you need to send sensitive documents through email, ensure the company has a secure email portal.  If you’re sending personal documents to SCU, speak with an SCU representative and they’ll help you get set up with our secure email portal.

 

• Only access your online banking from our website or mobile app. Do not use links in an email.

 

• Check for secure, legitimate links by hovering over them and make sure you understand where the link is going, versus where the email says it’s going. If you’re unsure, do not click the link. 

 

• Don’t click links within emails or provide information in exchange for a “gift,” as these often link to unsecured or spoofed sites that look real but are not.

 

• Don’t allow the sender to rush you into a decision when you receive an “urgent” email. Fraudsters will create a sense of urgency to make you act before you think. Be suspicious of anything (an email or phone call) that attempts to panic you into making a hasty decision.

 

• Call the sender directly to confirm the authenticity of the information.

As you use your smartphone or tablet to bank and shop online, it’s important to keep your personal information secure. 
 

Here are tips to help you protect your mobile devices:

• Enable password protection: A reasonably complex six-digit password will protect your phone from the average criminal if it’s lost or stolen. For convenience, most devices also offer biometric identification such as fingerprint or face ID. Remember to set your phone to lock automatically when you aren’t using it.

• Don’t connect to public Wi-Fi hotspots and turn off Bluetooth in public places. Never accept files from an unknown device. Someone else could access your private login details  while you’re connected through Wi-Fi. Instead, use your mobile data network, which has built-in security.

• Be aware of smishing  attacks, which are misleading text messages designed to trick you into clicking on a malicious link or downloading an attachment from a number you don’t know.

• Make sure you have remote access: Most smartphones allow users to remotely track a device location, lock the device, erase the data, and retrieve a backup if it’s lost or stolen.

• Use discretion when downloading apps: Only download apps from the App Store or Google Play. Even apps that seem innocent can have software designed to steal personal data, make fraudulent charges, or even hijack your phone. Be sure to also manage the apps your children can download on your device.

• Keep your device and apps up to date: Update your apps regularly and set your devices to automatically update so they can receive security patches to keep them protected. Consider replacing devices once they no longer receive software updates.

• Set up a PIN for account changes: If you haven’t already, call your service provider and set up a PIN that must be entered before making any changes to your phone plan. This adds an extra layer of security and helps make sure only you have access to your account.

Shopping online is convenient and easy but can also be dangerous if you provide personal banking or credit card information to an online e-commerce site. Take your time, confirm the website is legitimate and secure, and as always, if the deal is too good to believe, it probably is. 
 

• Avoid making purchases and banking transactions — or any communication that conveys a password, account number, or credit card number — unless you are certain that you are on a secure site and connection (i.e., https://).

• When shopping online, check out the website before entering your credit card number or other personal information. 

• Read the privacy policy and look for opportunities to opt out of information sharing. (If there is no privacy policy posted, beware! Shop elsewhere.)

• Learn how to tell when a website is secure. Look for "https" in the address bar or an unbroken padlock icon at the bottom of the browser window. These are signs that the information you transmit is encrypted (or scrambled), protecting it from hackers as it moves across the internet.

Make sure to download recommended updates from your device manufacturer or operating system provider, especially for important software such as your internet browser. Antivirus software, antispyware software, and firewalls are also important tools to thwart attacks on your device. Take advantage of automatic updating when it's available. Antivirus software protects your device from viruses that can destroy your data, slow down or crash your device, or allow spammers to send email through your account.
 

• Update your browser with the latest version. Updated browsers have built-in protection against fake sites and viruses. These updates can eliminate software flaws that allow hackers to view your activity or steal information.

• Get the latest anti-virus or security system software (firewalls) to protect you against online hazards. There are some operating systems that have built-in firewalls that may be shipped in the "off" mode. Confirm that your firewalls are switched “on” and keep all software updated.

• Don't use USBs or other external devices unless you own them.

• To avoid infection by malware and viruses, ensure that all external devices either belong to you or come from a reliable source.