Security Center

Welcome to PCU's Security Center. We work hard to protect your financial information, but you also play an important role in keeping it safe. Click the topics below to learn about Internet safety and identity theft. Also, check out our online security webinars and lost/stolen wallet checklist.

Online Security

General Security

For your convenience, PCU also has safe deposit boxes available at most of our locations.

Beware of email scams

What to do if you receive a suspicious email - PCU is aware that other fraudulent emails are circulating as well. If you receive a suspicious email, send it to This email address is being protected from spambots. You need JavaScript enabled to view it. by following the steps listed below, or call PCU at 651-770-7000 or 800-247-0857.

  1. Do not use the forward feature of your email application - instead create a new email to This email address is being protected from spambots. You need JavaScript enabled to view it. .
  2. Drag and drop the suspicious email from your inbox into this new email (in Firefox/IE, drop it in the attachment area).
  3. If you use a browser-based email application, your only option may be to use the standard forward feature.

Safely manage your accounts online

PCU Online Banking is an easy way to access your accounts online 24/7 from the comfort of your home or office. The information in PCU Online Banking is protected by:

SSL Enabled Browsers
- Your SSL enabled browser contains the necessary encryption algorithms to "scramble" the information that is transmitted between you and PCU Online Banking. This ensures the confidentiality of information you submit electronically. For this reason, we recommend that you use the most recent versions of Mozilla Firefox or Internet Explorer.

Learn about "phishers"

Phishing occurs when thieves pretend to be financial institutions or companies and send emails to get you to reveal personal information. There are generally two types of messages currently being sent.

The first is an email that links you to a false website that is constructed to resemble your financial institution. You are then asked to verify/provide personal information on the site.

The second is an email instructing you to call a fraudulent phone number to verify or update your account information. Once you call, you may be asked for your account number, online banking password, Social Security Number and more.

Phishing emails are often written with a sense of urgency, as the thieves want you to act quickly without questioning the validity of the email or the consequences of your actions. Fraudulent emails are very real-looking and may link to websites that also appear legitimate.

Here are some helpful guidelines for avoiding phish emails:

  • Be suspicious of any email that requests your personal financial information. PCU will never request your private information in an email.
  • If you ever receive a suspicious email that appears to have come from PCU, call 651-770-7000 or 800-247-0857 or forward it to This email address is being protected from spambots. You need JavaScript enabled to view it. by following the instructions listed above.
  • If you suspect an email is fraudulent, do not click on any links within it.
  • Avoid filling out forms in email messages that ask for personal information.
  • Regularly monitor your accounts through PCU Online Banking to ensure all transactions are legitimate.
  • Make sure browser and security patches are the most current version.
  • Notify PCU and your other financial institutions immediately if think you may have shared account information with a fraudster. See below for tips on what to do if you believe you're a victim of identity theft.

Watch out for Zeus malware

What is malware?

Malware, short for malicious software, is software designed to infiltrate a computer system without the owner’s informed consent. Malware includes computer viruses, spyware, etc.

What you need to know about Zeus Financial Malware
There is a class of malware called Zeus that targets financial institutions. It is a customizable malware development platform that criminals purchase for their own needs. This means that each instance of released malware is likely different from any other. Zeus works by manipulating your browser.

One of the key strengths of Zeus is its ability to avoid detection from antivirus and antimalware products. Most victims have no idea their computers are infected, even if their antivirus software is up to date.
Zeus works by prompting you for credit or debit card information (including your PIN, security code and expiration date) during or after you’ve signed into online banking. PCU will never ask you for this information online.

If you enter the information and click to continue, your card has been compromised and you should contact PCU immediately. Remember, the malware is running on your computer and PCU’s system has not been affected.

What to do if you think your computer is infected
Contact each financial institution that you accessed on the infected computer. Change your passwords and ask if any of your account information has been changed (such as address or phone number). If you provided credit or debit card information, report the card as compromised to have it blocked and a new card issued.

Do not use your computer for financial transactions until it has been cleaned. Follow up with your anti-virus vendor or computer service vendor for the best methods of getting your system cleaned. As always, it is a good idea to frequently monitor your account activities.

Protect yourself on the web

Follow these general guidelines when using the Internet to further protect your privacy:

  • Install anti-virus software on your PC, including a firewall and spyware detection software.
  • Update your browser with patches and upgrades as they become available.
  • Never provide any information over the phone or by email to anyone who contacts you asking for verification of your account numbers, personal identification numbers, etc.
  • When conducting transactions over the Internet, only use secure sites. Look for the SSL lock indicator in your browser.
  • Review copies of your three free credit reports once per year by visiting www.annualcreditreport.com.
  • Don't use obvious passwords like your birth date or your mother's maiden name. Passwords should have at least eight characters and consist of letters and numbers.
  • Don't select the "remember password" browser feature when using a publicly accessed computer.
  • Perform transactions only on sites that are well established and familiar to you.
  • If you make online purchases with a Visa card, sign up for Verified by Visa to help prevent credit card theft.

For more information about protecting yourself from identity theft, check out PCU's FREE online security webinars. You can also find helpful advice on the Federal Trade Commission's website.

What to do if you're a victim

If you know or believe you've been a victim of identity theft, contact PCU and any other financial institutions you have a relationship with. We can flag your account and monitor it for suspicious activity.
You should also contact the three major credit bureaus to determine if you need to place a fraud alert on your file, which will help prevent thieves from opening new accounts in your name.

  • Equifax: 800-525-6285
  • Experian: 888-397-3742
  • TransUnion: 800-680-7289

In addition, you may want to file a compliant with the Federal Trade Commission online or by calling 1-877-IDTHEFT.
If you know you have been a victim of identity theft, you should also file a police report. Law enforcement officials can help you with creditors who may want proof of the crime.  
The threat of identity theft is scary, but if you follow the steps above it will be a lot less likely to happen

Welcome to PCU's Security Center. We work hard to protect your financial information, but you also play an important role in keeping it safe. Click the topics below to learn about Internet safety and identity theft. Also, check out our online security webinars and lost/stolen wallet checklist.

General Security

Watch out for telephone scams

A variety of phone scams occur on a regular basis. Recently, some PCU members have received calls from fraudsters claiming to be from their "federal credit union." They proceed to ask for members' debit card numbers, PINs, etc. PCU would NEVER call to ask you for this type of information. Below are tips for avoiding phone scams:

  • Never provide personal or account information to an unsolicited caller. If you did not make the phone call, you should NOT provide any information.
  • Contact the company yourself. If you receive a suspicious call, ask the caller for his/her name, department and phone extension. Then contact the company at a number you know to be correct to verify the call is legitimate.
  • Review financial statements regularly to ensure all transactions are correct. If you have Internet account access, periodically review activity online as well.

Internal Revenue Service (IRS) scams – the IRS has issued consumer alerts about telephone scams that use the IRS name as a lure. Be on the lookout for these and other IRS-related scams (including email versions). The IRS NEVER asks for personal or financial information.

  • Rebate phone call – Callers say they are IRS employees who have a sizable rebate for you. They then ask for your checking/savings account information so they can ‘deposit’ the money.
  • Paper check phone call – Scammers claim to be calling because the IRS sent you a check and you have not yet cashed it. The thieves then ask you to verify your financial institution account number(s).

If you believe you have given personal information to a scammer, contact your financial institution and the three credit reporting agencies immediately. Also, closely monitor your credit files and account statements.

Learn about identity theft

Identity theft occurs when someone uses your personal information without your consent to commit fraud or other crimes. You can't always control whether or not you are victimized, but you can make it harder for thieves to steal your information. These tips will help minimize your risk:

  1. Protect PIN numbers. Try to memorize your PIN number(s). When entering a PIN number at an ATM, make sure nobody is peering over your shoulder.

  2. Safeguard your Social Security Number. Don't carry your Social Security card in your wallet unless you need it. Never divulge it to telephone solicitors or in response to emails.

  3. Shred personal documents. Buy a cross-cut shredder and shred all papers including bills, credit card statements, ATM receipts, medical statements and credit card solicitations.

  4. Destroy digital data. When you dispose of a computer, make sure the data is completely removed. Just deleting the data or reformatting the hard drive is not enough. Use software to make sure that data is destroyed.

  5. Review your financial statements. Check your statements each month for suspicious activity. Inquire with your financial institution(s) if your statements don’t arrive on time. Take advantage of PCU Online Banking to review your PCU accounts online 24/7. PCU also offers eStatements for free and convenient online access to your recent and past statements.

  6. Don't put bill payments in an unsecure mailbox. Drop your bills at the post office or use online Bill Pay.

  7. Limit the information on your personal checks. Never include your driver’s license number or Social Security Number.

  8. Choose cryptic passwords for accounts. Avoid using easily available information like your mother’s maiden name, birth dates, your phone number, etc.

  9. Review your credit report. You should review your credit report from the three credit bureaus at least annually. You can get a free copy of your credit report every 12 months.

For more information about protecting yourself from identity theft, check out PCU's FREE online security webinars. You can also find helpful advice on the Federal Trade Commission's website.

Beware of check scams

There are many variations of the counterfeit check scam. Thieves may offer to buy something you advertised, give you an “advance” on sweepstakes winnings and more. Whatever the pitch, the person may sound quite believable.

Here are some tips for recognizing and avoiding counterfeit check scams:

  • Scammers hunt for victims. They scan newspaper and online classified ads. They also check online job postings and place their own ads for various products and services.
  • They tell you to wire money to them after you’ve deposited the check. If you’re selling something, they’ll pay you by having someone in the U.S. send you a check. It will be for more than he sale price and you’ll be asked to wire the overage amount back to them.
  • The checks are counterfeit but they look real. In fact, even tellers may be fooled. Some are phony cashier’s checks and others look like they’re from legitimate business accounts.
  • Just because you can withdraw the money does not mean the check is good. It can take weeks for the counterfeit or forgery to be discovered and the check to bounce.
  • You are responsible for the checks you deposit. That’s because you’re in the best position to determine the risk — you’re the one dealing directly with the person who is paying you.
  • If a stranger wants to pay you for something, insist on a cashier’s check for the exact amount, from a local credit union or bank.
  • Don’t deposit it — report it! Report counterfeit check scams to the National Fraud Information Center, a service of the nonprofit National Consumers League.

Source: CUNA Mutual Group

What to do if you're a victim

If you know or believe you've been a victim of identity theft, contact PCU and any other financial institutions you have a relationship with. We can flag your account and monitor it for suspicious activity.
You should also contact the three major credit bureaus to determine if you need to place a fraud alert on your file, which will help prevent thieves from opening new accounts in your name.
Equifax: 800-525-6285
Experian: 888-397-3742
TransUnion: 800-680-7289

In addition, you may want to file a compliant with the Federal Trade Commission online or by calling 1-877-IDTHEFT.

If you know you have been a victim of identity theft, you should also file a police report. Law enforcement officials can help you with creditors who may want proof of the crime.

If your wallet has been lost or stolen, use this helpful checklist to minimize problems. The threat of identity theft is scary, but if you follow the steps above it will be a lot less likely to happen to you.

Back to Top

safe-deposit-box-ad

rates-sm-ad