Fraud Prevention

Fraudsters, phishers, smishers, vishers, identity thieves and elder abusers beware! Smart consumers learn how to protect themselves from your nefarious ways.  

Bay Federal reminds you to never, under any circumstances, supply your name, account number or password to anyone via email. See additional information below for more ways to prevent becoming the victim of fraud.

Bay Federal Credit Union wants to encourage all members to follow safe online practices. There are many scams designed to steal your identity and your money. Financial Institutions will never send you directly to an application form, web page, or telephone number asking for your personal account data, including credit card and PIN information.

As a safe practice, when you have requested a secure page within a website, please be sure to check the URL or web address to ensure it matches the official domain name of that organization. For easy verification, most browsers will show a lock symbol indicating a secure site.

We have collected some very valuable information for you to learn how to protect yourself from fraud and identity theft. If you ever become concerned about the safety and security of your accounts or personal identification information, be sure to contact us immediately at 831.479.6000 or 888.4BAYFED.

Protect Yourself Against Card Skimming

Card skimming — where fraudsters use hidden electronics and surveillance technology to collect your card’s information — is difficult to detect, because skimming devices often look like the real thing. Luckily, you can take steps to protect yourself and stop those fraudsters in their tracks. Here are some easy ways to keep from having your card information stolen at an ATM or at point of purchase:

Card Skimming

1. Familiarize Yourself With ATMs

The safest ATMs are those you know and are familiar with, because you are more likely to spot anything out of place, such as a skimming device. Research has shown that 75% of ATM skimming devices are found at off-premises ATMs. Do not use your card where it appears a card reader may have been altered. Warning signs to look out for include tape residue, loose parts, and pry marks, as well as difficulty placing your card into the ATM.

2. Protect Your PIN

  • Insert your debit card if the card reader is chip-enabled for the best protection against skimming.
  • Swipe your debit card as credit for purchases to avoid using your PIN in public.
  • Remember to always cover the keypad when you enter your PIN.

3. Check Your Balance Frequently

Bay Federal has systems in place to identify suspicious activity that may occur on your account, but no one knows your spending habits like you do. Keep up to date with your account transactions on the go with our Bay Federal mobile app, which is available for iPhone and Android, and report any fraudulent activity on your account immediately by calling 831.479.6000 or 888.4BAYFED.

4. If You Suspect Fraud, Replace Your Card Immediately

Bay Federal now offers instant issuing of debit cards at most branches. If you suspect fraudulent activity, visit a branch as soon as possible during normal business hours, or call Bay Federal’s Member Service Center at 831.479.6000 or 888.4BAYFED.

"Free Government Grants" — Beware of Fraudulent Offers

Scam Alert

Have you received a letter or seen an ad announcing that you may qualify for a “free grant” to pay for education costs, home repairs, home business expenses, or unpaid bills? Or a phone call from someone who says they are from a “government agency” to offer you the opportunity to apply for a guaranteed grant that you will never have to pay back?

Although they may appear to be legitimate, the Federal Trade Commission (FTC) says that “money for nothing” grant offers are usually scams.

Some scam artists advertise “free grants” in the classifieds, inviting readers to call a toll-free number for more information. Others may call you out of the blue, claiming legitimacy using an official-sounding name like the “Federal Grants Administration.” They may ask you some basic questions to determine if you “qualify” to receive a grant, or congratulate you on your eligibility, then ask for your checking account information so they can “deposit your grant directly into your account,” or cover a one-time “processing fee.” The caller may even reassure you that you can get a refund if you’re not satisfied.

In fact, you’ll never see the grant they promise; they will disappear with your money.

To avoid losing money to these “government grant” scams, the FTC recommends that consumers follow these rules:

  • Don’t give out your bank account information to anyone you don’t know. Scammers pressure people to divulge their bank account information so that they can steal the money in the account. Always keep your bank account information confidential. Don’t share it unless you are familiar with the company and know why the information is necessary.
  • Don’t pay any money for a “free” government grant. If you have to pay money to claim a “free” government grant, it isn’t really free. A real government agency won’t ask you to pay a processing fee for a grant that you have already been awarded — or to pay for a list of grant-making institutions. The names of agencies and foundations that award grants are available for free at any public library or on the Internet. The only official access point for all federal grant-making agencies is www.grants.gov.
  • Look-alikes are not the real thing. Just because the caller says he’s from the “Federal Grants Administration” doesn’t mean that he is. There is no such government agency. Take a moment to check the blue pages in your telephone directory or search the Internet to find out if the agency exists – or not.
  • Phone numbers can be deceiving. Some con artists use Internet technology to disguise their area code in caller ID systems. Although it may look like they’re calling from Washington, DC, they could be calling from anywhere in the world.
  • Take control of the calls you receive. If you want to reduce the number of telemarketing calls you receive, place your telephone number on the National Do Not Call Registry. To register online, visit www.donotcall.gov. To register by phone, call 1.888.382.1222 (TTY: 1.866.290.4236) from the phone number you wish to register.
  • File a complaint with the FTC. If you think you may have been a victim of a government grant scam, file a complaint with the FTC online at www.ftc.gov, or call toll-free, 1.877.FTC.HELP (1.877.382.4357); TTY: 1.866.653.4261. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.

The FTC works to prevent fraudulent, deceptive and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them.

"Phishing" — How Not to Get Hooked

Internet scammers casting about for people’s financial information have a new way to lure unsuspecting victims: they go “phishing.”

Phishing is a high-tech scam that uses spam or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, or other sensitive information. According to the Federal Trade Commission (FTC), phishers send an email or pop-up message that claims to be from a business or organization that you deal with – for example, your internet service provider (ISP), credit union, online payment service, or even a government agency. The message usually says that you need to “update” or “validate” your account information. It might threaten some dire consequences if you don’t respond. The message directs you to a website that looks just like a legitimate organization’s site, but it isn’t. The purpose of the bogus site? To trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.

The FTC, the nation’s consumer protection agency, suggests these tips to help you avoid getting hooked by a phishing scam:

  • Be aware that phishing e-mails frequently have links to Web pages that host malicious code and software. Do not follow Web links in unsolicited e-mails from apparent federal banking agencies. Instead, bookmark or type the agency's Web address.
  • Always use anti-virus software and ensure that the virus signatures are automatically updated. Ensure that the computer operating systems and common software applications security patches are installed.
  • Do not open unsolicited or unexpected e-mail attachments because of the risk of malicious code or software in the attachments. Instead, call the agency using a known and appropriate telephone number to verify the legitimacy of the message and attached file.
  • Be alert to different variations of the fraudulent e-mails.
  • If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don’t ask for this information via email. If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct web address. In any case, don’t cut and paste the link in the message.
  • Don’t email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s website, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; some phishers have even forged security icons.
  • Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your financial institution or credit card company to confirm your billing address and account balances.
  • Use anti-virus software and keep it up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting these unwanted files.
  • Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.

You can report suspicious activity to the FTC. If you get spam that is phishing for information, forward it to spam@uce.gov. If you believe you’ve been scammed, file your complaint at www.ftc.gov, and then visit the FTC’s Identity Theft web site at www.consumer.gov/idtheft to learn how to minimize your risk of damage from ID theft. If you have given away personal or financial information, take steps to protect your identity now at www.antiphishing.org or call 877.ID.THEFT (877.438.4338).

"Smishing" — Beware of this New Scam Using Text Messaging

"Smishing," which is phishing using SMS messaging, sends a text message to your cell phone urging you to go to a spoofed website where you are prompted to provide your account information such as PINs or passwords. Numerous credit unions across the country have been targets, and some smishing attempts include a phone number to call where you are asked to reveal personal information to an automated system.

If you are “smished,” it is important that you never reply to requests for personal information. Always call Bay Federal if you are concerned about the legitimacy of a text, phone or email message you receive. Suspicious activity should also be reported to the FTC. If you have been scammed, you may file a complaint at www.ftc.gov, and then visit the FTC’s Identity Theft web site at www.consumer.gov/idtheft to learn how you can minimize risk of damage from ID theft. If you have inadvertently given away personal or financial information, you may take steps to protect your identity now at http://www.antiphishing.org or call 877.ID.THEFT (877.438.4338).

"Vishing" Scams Use Phones Instead of Fake Websites

In a new twist, identity thieves are sending spam that warns victims that their credit union, bank account or PayPal accounts were supposedly compromised. However, unlike typical phishing emails, there is no website address in these phishing messages.

Instead, the victim is urged to call a phone number to verify account details.

The automated voice message says: "Welcome to account verification. Please type your 16-digit card number."  The goal is to get the victim to enter their credit card number. In these reported scams, no mention of the credit union, bank or PayPal is made.

Security experts tracking this scam and other instances of "vishing", short for "voice phishing", say the frauds are particularly despicable because they imitate the legitimate ways people interact with financial institutions. In fact, some vishing attacks don't begin with an e-mail. Some come as calls out of the blue, in which the caller already knows the recipient's credit card number. This increases the perception of legitimacy, the caller asks for the valuable three-digit security code on the back of the card.

Vishing appears to be prospering with the help of Voice over Internet Protocol, or VoIP, the technology that enables cheap and anonymous Internet calling, as well as the ease with which caller ID boxes can be tricked into displaying erroneous information.

Be aware of “Phishing” and "Vishing"

  • Never call a number you receive from a spam email, and certainly don't enter in any private information if you make a mistake and do call. If you want to call your financial institution, use the normal phone number you regularly use, not the phone number you get in an e-mail.
  • Bay Federal Credit Union and other legitimate financial institution e-mail messages will not directly link you to an online application.
  • Never click on the link provided in an e-mail you believe is fraudulent.
  • Do not open an attachment to an unsolicited e-mail unless you have verified the source.
  • Do not be intimidated by an e-mail or caller who suggest dire consequences if you do not immediately provide or verify information.
  • If you believe the contact is legitimate, go to the company’s website by typing in the site address directly or using a page you have previously book marked, instead of a link provided in the e-mail.
  • Visit the FTC (Federal Trade Commission) website, www.onguardonline.gov.  You can take interactive quizzes designed to enlighten them about identity theft, phishing, spam and online-shopping scams.  Elsewhere on the site, you can also find detailed guidance on how to monitor your credit history, use effective passwords and recover from identity theft.
  • Call 877.ID.THEFT (877.438.4338).

10 Tips for Safe ATM Use

Tip  1 - Where possible, use ATMs with which you are most familiar. Alternatively, choose well-lit, well-placed ATMs where you feel comfortable.

Tip  2 - Avoid opening your purse, bag or wallet while in the queue for the ATM. Have your card ready in your hand before you approach the ATM.

Tip  3 - Be especially cautious when strangers offer to help you at an ATM, even if your card is stuck or you are experiencing difficulty with the transaction. You should not allow anyone to distract you while you are at the ATM.

Tip  4 - Stand close to the ATM and shield the keypad with your hand when keying in your PIN.

Tip  5 - Keep your printed transaction record so that you can compare your ATM receipts to your monthly statement.

Tip  6 - Don't be in a hurry during the transaction, and carefully secure your card and cash in your wallet, handbag or pocket before leaving the ATM.

Tip  7 - Memorize your PIN (if you must write it down, do so in a disguised manner and never carry it with your card).

Tip  8 - Never disclose your PIN to anyone.

Tip  9 - Do not use an obvious and guessable number (like your date of birth) for your PIN. It’s also important to change your PIN periodically, and if you think it may have been compromised, change it immediately.

Tip 10 - Regularly check your account balance and statements and report any discrepancies to your bank immediately.

You can take steps to protect your identity now at http://www.antiphishing.org or call 877.ID.THEFT (877.438.4338).

*Please note that you should show the same precautionary care when using your card(s) at a POS (point of sale) pinpad terminal in a retail environment or at a restaurant or when conducting transactions online, telephonically or when writing checks.

Protect Your ATM/ VISA Debit Card From International Fraud

Bay Federal has seen an increase in fraudulent international transactions on ATM and Visa Debit cards. The majority of the fraud being reported has been linked to skimming devices on ATMs in South America and Mexico.

What is card skimming?

Card skimming is the illegal copying of information from the magnetic strip of a credit or ATM/ Visa Debit card. It is a way for scammers to gain access to your accounts. Once scammers have skimmed a card, they can create fake cards with your account details on it. The scammer is then able to run up charges on your accounts. Card skimming doesn't just happen at ATMs, but also at cash registers when making a purchase.

What can you do to protect yourself?

If the merchant has a chip-enabled reader, insert your chip card at all times for the most protection. Pay close attention to the ATM machines you use and always keep your card with you at the places you shop. When paying a restaurant tab with a card, pay at the register, don't let the waiter take your card out of your sight. When using an ATM, take the time to check that there is nothing suspicious about the machine.

If you do use an ATM while in South America or Mexico, we recommend that you monitor your accounts closely and consider closing the card and order a new one soon after your return. You can do this by calling us at 831.479.6000 or 888.4BAYFED (888.422.9333).

Protecting Your ATM/Visa Debit Card or Visa Credit Card

We have implemented a special system to protect your Visa Debit Card or Visa Credit Card from fraudulent use. If this system identifies card usage out of your normal range, your card may be blocked from further use until we verify whether or not these transactions are indeed valid.

To inform us of legitimate transactions outside of your usual habits:

If you are a Bay Federal Credit Union ATM/Visa Debit Card or Visa Credit Card holder, it’s also important to:

  • Regularly check your accounts for fraudulent activity through statements and Internet account access.
  • Always keep your card in a safe place.
  • Do not store your PIN with your card.
  • When you no longer need records pertaining to your account, don’t just throw them away, destroy them.

Cardholders should notify Bay Federal Credit Union of any unusual activity immediately at 831.479.6000 or 888.4BAYFED during normal business hours. Bay Federal Credit Union cardholders are protected from fraudulent use. You will not be held liable for any unauthorized purchases.

If you have been scammed, you may file a complaint at www.ftc.gov, and then visit the FTC’s Identity Theft web site at www.consumer.gov/idtheft to learn how you can minimize risk of damage from ID theft. If you have inadvertently given away personal or financial information, you may take steps to protect your identity now at http://www.antiphishing.org or call 877.ID.THEFT (877.438.4338).

Elder Financial Abuse — Protecting Your Loved Ones

Financial abuse is the theft or embezzlement of money or any other property. It can be as simple as taking money from a wallet and as complex as manipulating a victim into turning over property to an abuser. This form of abuse can be devastating because an elder victim's life savings can disappear in the blink of an eye, leaving them unable to provide for their needs and afraid of what an uncertain tomorrow will bring.

Elder Financial Abuse can take many forms. The most widespread abuses include telemarketing fraud, identity theft, predatory lending and home improvement and estate planning scams. You can help prevent your loved ones from becoming victims by recognizing these warning signs:

  • Unusual bank account activity, such as withdrawals from ATM machines when the individual cannot get to their bank or credit union.
  • Signatures on checks and other documents that do not resemble the elder's signature.
  • Checks or other documents signed when the elder cannot write or understand what he or she is signing.
  • Lack of personal amenities, such as appropriate clothing and grooming items.
  • Numerous unpaid billing statements when someone else has been designated to pay the bills.
  • Change in spending patterns, such as buying items he or she doesn't need and can't use.
  • The appearance of a stranger who begins a new close relationship and offers to manage the elder's finances and assets.

Report suspected abuse to the following agencies:

Santa Cruz County Human Resources Agency:
831.426.7322

National Elder Fraud Hotline website

What to do if you've been Scammed (FTC Consumer Advice website):
https://consumer.ftc.gov/articles/what-do-if-you-were-scammed

San Benito County Health and Human Services Agency:
831.636.4102

Monterey County Department of Social Services:
800.960.0010

Identity Theft Prevention and Reporting

You can file a complaint at www.ftc.gov, and then visit the FTC’s Identity Theft web site at www.consumer.gov/idtheft to learn how you can minimize risk of damage from ID theft. If you have inadvertently given away personal or financial information, you may take steps to protect your identity now at www.antiphishing.org or call 877.ID.THEFT (877.438.4338).

Stay Safe from Fraudulent Websites

Recently, we've observed a notable increase in the number of fraudulent websites aiming to deceive people across the financial industry. This includes sites that falsely claim affiliation with Bay Federal Credit Union, explicitly targeting our community with the intent to steal personal information.

Your Security Is Our Top Priority

We want to remind you of the importance of staying vigilant and ensuring you are securely accessing our legitimate online banking services. When conducting your online banking, always double-check that you are visiting our official websites:

  • bayfed.com
  • bayfedonline.com

Spotting and Avoiding Fraudulent Websites:

  1. Look for the https in the URL — Our official websites use secure connections to protect your data that include the "s" after the "http" at the start of the each URL.
  2. Beware of imitations — Fraudulent sites may try to mimic our branding. Always verify the website's legitimacy before entering any personal information. Look for obvious signs of a fake, such as fuzzy or pixelated logos and images, broken links, and/or grammatical errors and frequent typos.
  3. Do not click on suspicious links — especially those received via unsolicited emails or text messages. These could direct you to phishing sites designed to steal your information. If you ever have questions about an email's validity, please navigate directly to the trusted website rather than clicking a link.

What To Do If You Suspect Fraud:

If you encounter a suspicious site or receive a potentially fraudulent communication pretending to be Bay Federal Credit Union, please do not interact with it. Instead, immediately contact our support team. We are here to assist you and take necessary actions to protect your accounts and personal information.

Continuous Vigilance:

We continuously monitor for fraudulent activity and work diligently to safeguard your financial well-being. Enhancing your awareness and adopting secure online practices are powerful steps toward protecting yourself against fraud.

Trusted Partner Sites

As part of our commitment to providing you with comprehensive and secure financial services, Bay Federal Credit Union partners with select, reputable companies that help us extend the range of services we offer. 

Identifying and Trusting Partner Sites:

  • Secure Links from Trusted Sources — When accessing services provided by our partners, always ensure you're clicking on links from our official website or direct communications from us.
  • Verification — If ever in doubt, contact our member services team for verification of a partner website's legitimacy. We are here to confirm any details for you, ensuring your peace of mind.

Our Promise of Security with Partners:

Every partner site undergoes rigorous scrutiny and is selected based on their adherence to the highest security standards. This ensures that your personal and financial information remains protected, in line with our own security policies.

Your Role in Maintaining Security:

While we and our partners employ advanced security measures, your vigilance is equally important. Be mindful of the websites you visit and the information you share online. Always verify the authenticity of a site that requests your sensitive information, even if it appears to be one of our trusted partners.

Reach Out with Any Concerns:

Should you have any questions or need further clarification on our partner sites, please don't hesitate to reach out to our member service center. Your security and trust in our services are of utmost importance to us.

Thank you for your attention to this important matter and for being a valued Bay Federal Credit Union member. Together, we can ensure a safe and secure banking environment for all our members.

Website Fraud

Attention: You are leaving the Bay Federal Credit Union website

You will be redirected to a website outside of the Bay Federal Credit Union website and entering a website hosted by another party. The linked website is not operated by Bay Federal Credit Union. Bay Federal Credit Union is not responsible for the content or availability of the linked website. Bay Federal Credit Union does not represent the operator of the linked website, the member, or any other users if the two enter into a transaction. Privacy and Security Policies of the linked website may differ from those of Bay Federal Credit Union.