Alerts & Notices

Summer Travel-Know the Risk:

When shopping, banking, or sharing personal information online, take the same precautions with your smart phone or other device that you do with your personal computer.

Do not use public Wi-Fi networks

Avoid using open Wi-Fi Networks to conduct personal business, bank or shop online. Open Wi-Fi networks at places such as airports, coffee shops, and other public locations present an opportunity for attackers to intercept sensitive information that you would provide to complete an online transaction. 

If you simply must check your bank balance or make an online purchase while you are traveling, turn off your device's Wi-Fi connection and use your mobile device's cellular data internet connection instead of making the transaction over an unsecured Wi-Fi network.

Turn off Bluetooth when not in use

Cyber criminals have the capability to pair with your phone's open Bluetooth connection when you are not using it and steal personal information.

Be Cautious when charging

Avoid connecting your mobile device to any computer or charging station that you do not control, such as charging station at an airport terminal or a shared computer at a library. Connection a mobile device to a computer to interact with the phone in ways that a user may not anticipate. As a result, a malicious computer could gain access to your sensitive data or install new software.

Phishing Scams Summer Edition

It might be time for Summer Vacation, but the bad guys never take a break. During these summer holidays make sure you are still aware of all the possible scams out there. 

These are some of the most recent Phishing scams emails you might receive:

  • Microsoft/Office 365: Secure your Microsoft Email Now-This message spoofs Microsoft and advises users to reconfirm ownership of their account by clicking a malicious link.
  • Outlook/McAfee notification and attempts to trick the user into clicking a malicious link to comply with their account requirements.
  • Summons Notification: This shocking message informs the user they've violated a Federal Law and provides a malicious link that they need to click on to download more information. 
  • Western Union: Too many login attempts on your account. This message contains a malicious HTML file that is disguised as updated sof
  • Message from Microsoft: Upgrade to our advanced secure software and safety precautions the user must follow for security reasons; to prevent phishing attacks-this message contains a malicious link which the user is prompted to click on to migrate to a newer, more secure email platform.
  • American Express: you have a new message-This message advises the user that their personal security key has expired and that they must verify their information by clicking on a malicious link.

*Always be cautious when opening emails from an unknown sender*


 Stay Safe & Help Protect Yourself from Stolen Check Scams

Unfortunately, there is currently a nationwide surge in check fraud associated with mail theft. Crafty criminals are stealing checks from USPS blue collection boxes and residential mailboxes, among other places. Stolen checks are “washed” by removing the ink and then altered to show a different payee and amount. These altered checks are then negotiated for much higher amounts, often before the consumer even realizes the original check has been stolen. 

Take these important steps to protect yourself against “check washing” scams:

  • Pay your bills through Online Banking or pay directly through the individual company’s payment portal to ensure your payments are delivered safely.
  • Use a blue or black gel ink pen when writing checks, as it’s much harder to remove than traditional ink.
  • Write out all information on the check, including the memo line, to make it harder for the scammer to remove all the additional information.
  • Mail your checks inside of your local Post Office whenever possible.
  • Avoid using USPS blue collection boxes after the last pickup of the day has been made.
  • Avoid leaving outgoing mail in your residential mailbox, especially overnight.
  • Monitor your bank accounts daily to keep an eye out for unusual activity. Vigilance is key.
  • If you do notice unusual account activity, be sure to report the potential fraud to your bank as soon as possible. 

With scammers becoming more sophisticated, you’re the first line of defense for preventing scams.

By recognizing these three common tactics, you can protect yourself and your money.

Compromising business email: Scammers can impersonate a company official to request a change for your account by email or text. Don’t call the number provided in the message. Instead, find the company’s official number from a trusted source and validate that the request is legitimate.

Impersonating a Colonial Federal associate: Some scammers will pose as Colonial Federal and use email, phone or text to request your personal information or to transfer money. When in doubt, ignore the message and call us at the number listed on the back of your debit card or bank statement.

Gaining remote access: Scammers claiming to be from well-known companies can try to gain remote access to your personal devices. If an associate from one of these companies cold calls you claiming they can fix an unknown issue, ignore the call and contact the company directly. Be sure to use a phone number from a trusted source.

We want to help protect you from scammers that attempt to impersonate Amazon or other well-known merchants. Remember these important clues so that you can identify scams and keep your account and information safe:

  1. Never feel pressured to give information (such as your credit card number or account password) over the phone, especially if the call was unexpected. Scammers may try to use calls, texts, and emails to impersonate Amazon customer service. If you're ever unsure, it's safest to end the call/chat and reach out directly to customer support through the Amazon app or website.
  2. Never pay over the phone. Amazon will never ask you to provide payment information, including gift cards (or “verification cards”, as some scammers call them) for products or services over the phone. 
  3. Trust Amazon-owned channels. Always go through the Amazon mobile app or website when seeking customer support or when looking to make changes to your account.
  4. Be wary of false urgency. Scammers may try to create a sense of urgency to persuade you to do what they're asking. Be wary any time someone tries to convince you that you must act now.

Cybersecurity advice to protect your connected devices and accounts

For so many of us, cell phones and computers are embedded in our personal and professional lives. We talk and text, we browse the web, we watch, and we create. Our devices store a lot of personal information, so it’s a good idea to take a few minutes to make sure your computer, phone, and other connected devices are protected.

Update your software

Software developers release updates — to software, operating systems, and internet browsers — to patch vulnerabilities before attackers can exploit them. Some programs are pre-set to update automatically.

Check your settings and turn on automatic updates to keep up with the latest protections against security threats.

If your software is not set to update automatically, you’ll have to update it manually.

The same principles apply for your phone: set it to update automatically. Otherwise, keep an eye out for updates, and don’t delay in running them.

Update your apps, too.

Protect your accounts

Besides securing your devices, protect your accounts. Start with strong passwords and enable multi-factor authentication.

When it comes to passwords, longer is stronger: at least 12 characters. You could use a passphrase of random words to help you remember it — but avoid common words or phrases. If your username and password are leaked in a breach, having multi-factor authentication enabled will make it harder for a scammer to get into your account. For more, check out this password checklist.

Back up important data

As an extra precaution, back up your important data. Save your files to an external storage device, like a USB flash drive or an external hard drive. Also, save your information with an online cloud storage service.

Mobile payment apps

Using Mobile payments apps such as Venmo, Zelle, Paypal etc. is the new quick and convenient way to get and send cash. Scammers are aware of how popular they have become and are trying to trick you and your contacts. Make sure you know who is on the receiving end before using these services.

Here are some tips to protect yourself:
  • Never send money to anyone you don't know
  • When you use and app for the first time, it will usually ask permission to access information on your device (contacts) to make these payments easier. If you are not comfortable with that, deny access or uninstall the app.
  • Keep and eye on your account through your statement or online banking.  

Keeping yourself secure:

Some tips to help you shop wisely and protect your personal information. 

  • Use Caution when browsing the internet, shopping online, and using email. Don't click on ads or popups, go directly to the merchant site by typing in the URL.
  • Do not use public Wi-fi connections for any financial apps or online accounts.
  • Setup alerts on your card and bank accounts, for transaction activity and thresholds. 
  • Enable locations and device required settings for debit cards, that way your card can't be used unless your phone/device is with the card.
  • Don't fall victim to phishing scams, think before you click!
  • Make purchases from known sellers.
  • An email that appears to be from a legitimate retailer might be difficult to resist. If the deal looks to good to be true, or the link in the email seem suspicious, do not click on it.
  • Contact your financial institution immediately if you feel your account and personal information may have been compromised. 

As always Think Before You Click.

Home Network Security:

The US-CERT advises home users to update their software regularly, remove unnecessary services and software, install a network firewall, and create strong, unique network passwords to decrease their risk to cyberattacks.

Social Security Scam:

Social Security Numbers do not get suspended. This is just a scam that's after your SSN, bank account number or other personal information. In this particular scam the caller pretends to be protecting you from a scam while he's trying to lure you into one.

Tips to protect yourselves:

  • Never give our or confirm personal information over the phone, via email or on a website unless you are sure of the person asking you.
  • Do not trust a name, phone number, or email address just because it seems to be connected with the government.
  • Check with the Social Security Administration-Call them directly at 1-800-772-1213 if you come across one of these scams. 
  • Contact government agencies directly, using telephone numbers and website addresses you know to be legitimate.
  • If someone has tried to steal your personal information by pretending to be from the government, report it to the Federal Trade Commission (FTC).


Safe and Secure Online-Seniors

Learn how to be safe and secure while connecting with friends and family in this new digital age.

  • Always think before you click.
  • Make sure you keep your computer and software updated. 
  • Create Strong and unique passwords.
  • Do not post sensitive information on social media sites.
  • Know who you are speaking and connecting with.
  • It is better to question what you see in e-mails and pop-ups.
  • Be mindful of email and phone call fraud attempts. 
  • Like always "if it seems too good to be true, it probably is"

Security Education

Visit Colonial Federal's Privacy & Security page for security tips and your responsibilities.