Hawaii Central’s Commitment to Security
Hawaii Central’s Commitment to Security
In these times of advanced technology, which is making our lives easier, it is also providing criminals more opportunities to obtain personal information to defraud us. We see news stories almost every day about people who have their identities stolen or about another data breach which compromises our debit or credit cards. We must be more diligent about protecting ourselves against these individuals and Hawaii Central Federal Credit Union (HCFCU) would like to help you become more educated about how to protect yourselves.
Though, HCFCU cannot guarantee that your identify will never be stolen, know that we will never request your personal confidential information by email or text messages. So, if you receive an email that appears to come from HCFCU and it is requesting personal confidential information from you, do not respond or click on any links included in that email. Personal confidential information may include account numbers, passwords, identification information such as SSN, debit/credit account numbers, etc. HCFCU has effective layers of security in place and is dedicated to protect your confidential information.
If you notice anything suspicious with your account, such as unauthorized electronic charges, checks, or debit card/ATM transactions or if you receive any suspicious emails, texts or phone calls relating to HCFCU, please call HCFCU immediately at 808-536-3677 or email us at [email protected].
Identity theft is the deliberate use of someone’s identifying information to gain a financial advantage or obtain credit or other benefits in another person’s name, without their permission. Some of the identifying information includes name, address, social security number, date of birth, account numbers, etc.
Examples of what the criminals use identifying information for are: opening new accounts, purchasing automobiles, applying for loans, credit cards, renting apartments, etc.
Some examples of how criminals can obtain personal identifying information are:
- Retrieving personal data from IT equipment, such as PC’s, mobile phones, USB memory sticks and hard drives disposed of at public dump sites, given away or sold without being properly sanitized or wiped clean of data.
- Stealing bank or credit cards, ID cards, passports from mail or burglary.
- Sifting through rubbish (dumpster diving) for documents containing personal information. Remember to shred those types of documents before discarding in the trash.
- Using questioning tactics to obtain personal information that may be used for account verification, such as: “What’s your mother’s maiden name?”, “What was your first pet’s name?” or “Where were you born?”.
- Stealing personal data from a company’s computer using a data breach.
By phishing, which is sending bogus email or text messages purporting to be legitimate businesses such as a financial institution, your mobile carrier, or any business you may deal with.
Browsing social networking websites for personal detail published unknowingly by users.
What is a Data Breach?
A data breach occurs when an unauthorized person or persons obtains sensitive, protected or confidential data which is copied, transmitted, viewed, stolen or used. Information obtained from data breaches range from financial information such as credit card or bank/credit union details, personal health information, personally identifiable information, trade secrets of corporations or intellectual property.
What is Phishing?
Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details, often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. Criminals often use email spoofing or instant messaging, which often directs users to enter personal information at a fake website, whose look and feel of which are almost identical to the legitimate one. Sometimes phishing emails may contain links to websites that are infected with malware.
NEVER click on any links or open/download any attachments that you receive via email or text, from an unknown or suspicious sender.
Online Banking Security
HCFCU protects your personal information by using a secure protocol on our online banking site. Secure Socket Layer (SSL) protocol is used for transferring data. SSL is a crypto system that creates a secure environment for the information being transferred between your browser and HCFCU. The data is encrypted using 256-bit encryption, the highest level of encryption. Therefore, the personal information being transmitted between our online banking site and your browser is protected from eavesdropping or tampering. Please use the following safety tips to further protect your information while using online banking:
- Never use a public computer and/or don’t use a public Wi-Fi network, save any financial transactions for browsing at home using your private network or the cellular-data connection on your smartphone or your own mobile hotspot.
- Create a strong password using a combination of letters, numbers, and symbols, never use personal information like your SSN or date of birth.
- Never give out any personal information like usernames, passwords, SSN or date of birth which could be used to log on your online banking account.
- Ensure that your financial institution’s website address contains “https” at the beginning and a padlock symbol on the web address bar.
- Never download attachments or click on links contained in any email or text messages you receive from unknown or suspicious senders.
- Always log off and close your browser when you are done with your online banking session.
- Never click on “Remember Password” options for your online banking sites.
- For added protection, install a security app on all your devices that access online banking sites.
- Keep your browser, antivirus and operating system up to date at all times.
Mobile Banking Security
For added convenience, HCFCU offers a mobile application to access your online banking. This gives you 24/7 access to your account wherever you go. HCFCU’s encrypted mobile app is probably more secure than the website, as the app is less susceptible to the dangers that lurk on the web.
Please follow the safety tips outlined in the Online Banking Security section above as well as the tips listed below:
- Set up an auto screen lock and set your phone to require a password, PIN or fingerprint to power on your device or to unlock it.
- Do not use the auto log on feature to your account, in the event that your phone is lost or stolen.
- Do not share or save personal information on your phone, such as passwords, account numbers, PINs, answers to security questions, etc.
- Cybercriminals are able to tap into your phone or computer using Bluetooth, turn off your Bluetooth when you are not actively using it.
- In the event your phone is lost or stolen, contact HCFCU and your mobile carrier immediately. Change your online banking log in credentials immediately.
- Always download mobile app updates received from HCFCU, which will ensure that your app contains the latest security credentials.
- Only download apps from well-known and trusted app vendors, such as Apple and Google Play Store.
Credit/Debit Card Security
Your credit/debit cards should be treated like cash. Don’t leave them lying around or hand them over to strangers, would you do that with cash? HCFCU would like to help you minimize your risks of being a victim of telemarketing schemes designed to defraud you, stolen credit/debit cards and unauthorized charges. Here are some useful tips which you should follow to avoid being a victim:
- If your HCFCU credit/debit card is lost or stolen, report it immediately by calling (800) 449-7728 for VISA credit/debit cards and (800) 528-2273 for MasterCard debit cards.
- Always protect your Personal Identification Number (PIN): ◦When selecting your PIN, don’t use any numbers or words that appear on your ID cards, such as your birth date, address or phone number.
- Never share your PIN with anyone, even family.
- When entering your PIN at an ATM or merchant terminal, shield the keyboard from view of onlookers. Be wary of your surroundings, if you feel unsafe, go to a safer location.
- Try to memorize your PIN, never write your PIN down and keep in your wallet or purse.
- Whenever possible, opt to use your debit card as a credit card and sign instead of entering your PIN. There are extra liability protections for signed transactions.
- Always review your statements for unfamiliar or suspicious charges. If you find any, report them immediately, by calling (800) 654-7728 for VISA credit cards and (808) 536-3677 for debit cards.
- Remember that HCFCU will never call you to ask for information about your card, such as your card number, expiration date or the three-digit number on the back of your card. HCFCU already has your card information and will never call and ask you for it.
- Do not give out your card numbers over the phone, unless you initiated the call. Never send your card numbers via email or text messages.
- When you receive a replacement card, always destroy the old card immediately.
- Shopping online with your card has risks, before providing your card information, see the following security tips:
- Ensure that the site you are shopping on is legitimate. There should be “secured transaction” symbols like a padlock icon in the far right-hand corner of the web browser window and/or https:// in the beginning of the website’s address.
- Using the retailer’s mobile app is safer than going on their websites.
- Do not give more personal information than is needed to register with the retailer. Retailers normally do not require your social security number or date of birth, so whenever possible, give the least amount of information when signing up.
- Never save your card number on shopping sites, always enter your card number each time you check out. Criminals can obtain card information saved on retailer’s websites using a data breach.
- Always log off from any website after a purchase with your card and shut down your browser to prevent unauthorized access to your account and card information.
- Follow the tips listed under Online Banking Security and Mobile Banking Security, such as using the public Wi-Fi network, strong password, sharing personal information, etc.
- If it sounds too good to be true, then it probably is. Be wary of tempting offers because criminals will use any means to infect your device or acquire your personal information.
- Sign up for alerts for your credit/debit cards. Most card issuers offer free alerts that will send you notifications via text or email, when transactions are “out of pattern” to your normal spending habits.
- Be extra careful when you travel with your card. Always inform HCFCU of when and where you will be traveling. Only use financial institution ATMs and trusted retailers.
How Do I Protect Myself?
Be diligent about what’s happening around you at all times. Educate yourself about the types of crimes that are occurring, so you are more aware and follow all the tips that we have supplied on this site.
For more information about identity theft and on how to protect yourself, visit the following websites:
Federal Trade Commission. This is the nation’s consumer protection agency. The FTC works to prevent fraudulent, deceptive and unfair business practices in the marketplace. Here’s some helpful links to their site:
- To report identity theft, get a free credit report, register for the Do Not Call registry, and get scam alerts: www.ftc.gov
- Computer Security: www.onguardonline.gov
- Identity Theft: www.ftc.gov/bcp/edu/microsites/idtheft
- Peer to Peer (P2P) File Sharing risks: www.consumer.ftc.gov/articles/0016-p2p-file-sharing-risks
Federal Deposit Insurance Corporation (FDIC). To get consumer Alerts or reports of suspicious or fraudulent activity involving financial consumers or products go to www.fdic.gov/consumers/consumer/alerts
National Automated Clearing House Association (NACHA). This organization is responsible for administering the Automated Clearing House network and acting as an industry trade organization. NACHA oversees the handling of electronic payments. The link to their Fraud Resources page is www.nacha.org/Fraud-Phishing-Resources
US Department of Homeland Security’s (DHS). The mission of the United States Computer Emergency Readiness Team (US-CERT) is to strive for a safer, stronger internet for all Americans by responding to major incidents, analyzing threats, and exchanging critical cybersecurity information with trusted partners around the world. The link to their cybersecurity resource page is www.us-cert.gov/home-and-business
Check Your Credit. It’s a good idea to review your credit report, as it can help you find out if someone has opened unauthorized financial accounts or taken out unauthorized loans in your name without your knowledge. You can request one free copy of your credit report per year. Go to: www.annualcreditreport.com or contact one the three major credit bureaus:
PO Box 105069
Atlanta, GA 30349-5069
To order a report: (800) 685-1111
To report fraud: (800) 525-6285
PO Box 2002
Allen, TX 75013-0949
To order a report: (888) 397-3742
To report fraud: (888) 397-3742
PO Box 1000
Chester, PA 19022
To order a report: (800) 916-8800
To report fraud: (800) 680-7289