Skip Navigation Documents in Portable Document Format (PDF) require Adobe Acrobat Reader 5.0 or higher to view, download Adobe® Acrobat Reader.
Man using laptop and mobile phone

Security Updates


Security is a Top Priority

At Pima Federal, keeping our members and member assets safe is one of our highest priorities in this ever-increasing digital age. Security is top of mind, and fraud is on the rise internationally. That said, we want to ensure our members have easy access to pertinent security information. 

Member Fraud Alert: Phishing Attempt

October 9, 2023
Pima Federal Credit Union has been notified about a recent phishing scam. Members have reported receiving a phone call from a person claiming to be a representative from Pima Federal requesting personal information. Pima Federal will never contact you and request personal identifying information including: online banking credentials, date of birth, social security number, debit card PIN, etc.

If suspicious behavior is suspected on your account, our team may contact you to verify the validity of the transactions in question; however no personal identifying information will be requested of you.
 
If you receive a call from an unknown source claiming to be a representative from Pima Federal, it’s best not to provide any personal and/or account information by any means. Advise the caller you will be contacting Pima Federal directly and give us a call at (520) 887-5010.
 

Automated Fraud Alerts: Your Best Defense Against Fraud

We’ve strengthened our defenses with a new, automated system that can identify threats faster, notify you sooner and equip you with the tools you need to take immediate action against fraud. Previously, you would have only received a personal call from a live agent if fraud was suspected.

The new system allows you to receive an automated call that easily walks you through reviewing suspicious activity on your card. You may also receive Automated Fraud Alerts text messages on your mobile phone. We will also send a fraud alert via email.

Our new automated system includes:

  • IMMEDIATE alerts
    When suspicious activity has been detected on your account, we don’t wait for an agent to dial your number – our automated system will contact you by text, phone or email.
  • 2-Way Communication
    You can take action the second you receive your alert – by texting the provided command word or interacting with the automated system on the phone; simply follow the instructions to answer questions regarding your recent card activity.
  • Real-time Support
    Our live agents are ready to assist you at any time to ensure you receive the best defense exactly when you need it.

Please Log in to Online Banking to review and update your contact information to make sure you receive important fraud alerts about your account.

Automated Fraud Alerts FAQs



The videos below offer relevant information and helpful tips to ensure you are aware of ways to protect your identity and keep your information secure. 



 

Mail Theft Increase Leads to Check Fraud*

August 16, 2022

Mail theft and armed robberies against U.S. Postal Service carriers have increased substantially throughout the country. The criminal's focus is to gain access to the master keys of the blue USPS mailboxes –ultimately in search for checks that can be altered, counterfeited, or sold online.

According to the U.S. Postal Service Office of Inspector General, mail theft complaints more than doubled from March 2020 to February 2021. The criminals rob mailboxes and mail carriers of the master keys to the blue mailbox drops to gain access to the mail. The criminals then sift through to locate checks that can be altered, counterfeited, or sold online. The checks can also be used to open fraudulent new accounts and loans using the name and address information for stolen identities.

What can you do?

  • Sign up for estatements so you can electronically receive your account statements and notices
  • Pay bills online or use our online banking Bill Pay service
  • If your only option is to mail a check, do so inside the Post Office lobby rather than using blue mailboxes
  • Log into your accounts frequently to review transaction history – looking for unfamiliar transactions
  • Report unfamiliar and unauthorized transactions immediately to the credit union
*Source: CUNA Mutual Group

Zelle® Fraud Alert

May 20, 2022
Fraudsters have been targeting Zelle users recently. They have implemented a sophisticated scam that bypasses security features put in place by Zelle to help combat fraud.
Here’s how the scam works:
  • Fraudsters pose as the credit union and send a text to the member about a suspicious debit card transaction.
  • Once someone responds to the text, they will follow up with a call claiming to be the fraud department. They spoof the credit union’s phone number to make it appear legitimate. Spoofing is when criminals masquerade as a trusted entity to get you to do something beneficial to the fraudster. For example, they will copy a trusted business’ phone number or email address.
  • The fraudster asks for the members username for online banking claiming that it is a form of authentication.
  • Next, they tell the member that they will receive a passcode via text or email. They state that this code must be given to them to verify the member’s identity. In reality, they have initiated a forgot password feature and used that passcode to pass two-factor authentication.
  • The fraudster logs in the member’s online banking and changes the password.
  • Then, they begin to use Zelle to initiate fraudulent transfers to others.
In response, Zelle initiated a feature that would help mitigate this scam. Zelle began to send the member a text containing the details of a Zelle transfer-payee and dollar amount- to the member. The member must reply to authorize the transfer.
 
To bypass this security feature, fraudsters will keep members on the phone after initiating a transfer.
  • They inform the member that they will be receiving a text containing details of a Zelle transfer.
  • They instruct the member to authorize the transfer claiming that this is how the refund of the previously mentioned “suspicious” transactions will occur.
  • The member authorizes the transfer, and the funds go to another account/person.
What can you do?
  • Be wary of calls or texts that appear to come from the credit union. If you are unsure or suspicious, hang up and call the credit union using a reliable number (520-887-5010).
  • Never provide personal information in response to a text or phone call.
  • No credit union employee will ask for personal information such as usernames, passwords, and passcodes.

Protecting Yourself at an ATM

July 14, 2020
Precautionary Steps to Take When Using ATMs*
There are several precautions, you as a member can take to increase your personal safety when using ATMs. Your safety at an ATM is about being prepared.
  • Remain aware of your surroundings, particularly at night. If you observe or sense suspicious person or circumstances, do not use the machine at that time.
  • Prepare your transaction before you approach to minimize time spent at the ATM. Get down to business at the ATM. Fumbling for your card in front of the machine makes you vulnerable and takes your attention away from what is happening in the vicinity.
  • If an ATM is hidden from public view (including overgrown shrubbery or landscaping), poorly lit, or ATM lights are not working; don’t use it and go to another ATM.
  • Avoid using ATMs at night or take a companion with you if necessary. Park as close as possible to the ATM walk-up. When you have completed your transaction, leave the ATM as quickly as possible.
  • If anyone or anything seems suspicious, cancel the transaction and leave immediately. Do not accept assistance from strangers when using an ATM.
  • Do not count or visually display cash; instead, pocket it immediately when you complete the transaction, and take your card and receipt. Verify the cash when safe to do so.
  • If anyone follows you after making an ATM transaction, go immediately to a crowded, well-lit area and call the police.
  • If you are involved in a robbery situation while using the ATM, do not resist. Give the money to the suspect immediately. Contact the police when safe to do so.
  • Protect your PIN and the privacy of your transaction by shielding the keypad while standing close to the ATM to prevent others behind you from observing your transaction detail.
  • Always check your ATM receipt against your statements to identify any unauthorized transactions.
  • Immediately report a lost or stolen ATM, debit, or credit card.
A few additional tips when using an ATM located within a drive-thru lane:
  • Keep all doors locked on your vehicle, windows rolled up, and your engine running while using a drive-up ATM.
  • Leave enough room between your vehicle and the vehicle in front of you to exit, should the need arise.
  • Keep a close eye on your rear and side view vehicle mirrors during the transaction. 
*Source: CUNA Mutual Group

Member Communication – COVID-19

March 25, 2020
As we continue to wrestle with the Coronavirus (COVID-19) pandemic, we are also grappling with new methods criminals are using to perpetrate fraud against our members. To help combat these new fraud schemes, we are sharing information to help you protect yourself against some of these new scams.
 
The Federal Trade Commission (FTC), Division of Consumer and Business Education, release the following tips:
The federal government has discussed several proposals involving sending money by check or direct deposit to American consumers.
  • The government will not ask you to pay anything up front to get this money. No fees. No charges. No nothing.
  • The government will not call to ask for your Social Security number, bank account, or credit card number. Anyone who does is a scammer.
  • These reports of checks aren’t yet a reality. Anyone who tells you they can get you the money now is a scammer.
While the details are still being worked out, the Federal Trade Commission posted a blog entry on several important things consumers should know, no matter what the final decision turns out to be.
 
The FTC also urges anyone who spots one of these scams to submit a complaint to the FTC. You can click here for the FTC’s up-to-date information on the COVID-19 related scams.
 
The FTC also has an article on How to Recognize and Avoid Phishing Scams.
 

Fraudulent Activity Notice

February 5, 2020
Pima Federal received multiple member notifications of fraudulent pin-based ATM transactions. Every indication thus far shows no breach in Pima Federal’s security, or any other credit unions’ for that matter. This type and limited scope of debit card fraud, mixed with the fact that multiple financial institutions have been affected, is indicative of a Tucson-based merchant point of compromise. The most likely method of compromise is by the use of a card skimmer that captures card and PIN information.

Once notified, Pima Federal immediately began working with our card processor to put a strategy into place to mitigate future fraudulent activity. Members affected are being issued provisional credit to ensure no financial impact to them. We are further instructing them to get a new debit card, which can be instantly issued at their nearest branch.
 
As always, our members’ security is a top priority for us and we will continue to monitor our cyber security measures on a daily basis to ensure they are working properly.
 
Here are some helpful tips in preventing debit card fraud:
  • Regularly monitor your account statements and immediately report any suspected fraud.
  • Before inserting your card, check any merchant or gas pump terminal carefully for skimming devices. If the card reader appears to have been tampered with, immediately report it to that organization’s management.
  • Sign up for Debit Alerts, such as the service offered by Pima Federal.
  • Be wary of utilizing ATMs not owned or affiliated with a financial institution.
  • Utilize available tools and technology such as the Pima Federal mobile banking app or online banking site to have instant access to account activity and information.
 
January 30, 2020
It has come to our attention that Tucson credit union members may be receiving fraudulent phone calls that appear to be coming from their credit union, or other local credit unions. These callers may ask for personal, account, or online banking information. Please remember that, in the event we need to call you in regard to your account, we will never ask you to provide confidential information, such as social security number, online banking credentials, account numbers, or date of birth. If you receive any call that appears to be from Pima Federal where the caller requests such information, please do not engage with the caller, hang up, and contact us immediately at 520-887-5010. 

July 11, 2019
As reported earlier this week in the news, a local crime ring has uncovered a new way to access funds affecting the Tucson and Oro Valley communities. In an effort to protect our community from further vulnerability, Pima Federal would like to address the nature of this fraudulent activity. 

It is suspected that these criminals may have obtained consumer information from one of the recent data breaches that had the potential to affect consumers nationwide, such as the Equifax breach. It is important to note that there is no evidence of a security breach at Pima Federal nor was our database compromised in any way.  

This was an isolated incident for our credit union, however there have been reports of other financial institutions being affected. In our case, employees of the credit union were able to detect the suspected fraud early, thwarting any further efforts by this group. Immediately after the fraud was discovered, Pima Federal notified the affected member and quickly reconciled their account to prevent our member from experiencing a financial loss. 
 
As always, please review your account activity on a regular basis, including revolving credit accounts such as home equity lines of credit, credit cards, and personal lines of credit, in order to detect potential misuse early.
If you ever suspect any potential fraud, please contact us immediately. 
 
Pima Federal’s top priority is our member’s safety and security.  

Let's Protect Each Other!

Our members and the credit union as a whole continue to see fraud related activity and suffer losses, generally with no insurance coverage or safeguards outside of prosecution. We continue to see scams in the area of online dating, Craigslist classified ads, and online job opportunities that prove to be fraudulent. Please research before you transact, and use your intuition and best judgment to protect yourself and your family from predatory behaviors. 
 
If in doubt, Pima Federal's Risk Management Department is available for you by calling our Member Service Center at (520) 887-5010 and asking to speak with a member of the Risk Management Team. 

Member Guide to Fraud and ID Theft

At Pima Federal, part of our mission is to “Protect Our Member-Owned Assets”. If you have experienced identity theft or fraud, here are some resources to help you protect your identity and credit history.

Law Enforcement

Contact the appropriate law enforcement agency for your residence. (Non-emergency phone numbers listed)

  • Tucson Police Department – 520-791-4444 (8am–6pm)
  • Pima County Sheriff – 520-351-4900
  • Marana Police Department – 520-682-4032
  • Oro Valley Police Department – 520-229-4900
  • Springerville Police Department – 928-333-4240
  • Eagar Police Department – 928-333-4127
  • Apache County Sheriff – 928-337-4321

Identification

Replace any lost identification

Credit History/Identity Theft

Contact the three credit bureaus to place Fraud “alerts” on your credit report

Remember to visit www.annualcreditreport.com to get copies of all three credit reports in 30-60 days to review for free.

Banking

Change any compromised passwords. For example: computer, home banking, Pima 24/7, personal identification number (PIN) for cards, etc.

If you close your checking account and/or VISA Debit card and open new ones due to fraud or theft, remember to update your new account information with the following entities as necessary:

  • Employer’s Payroll/HR department to change your direct deposit information.
  • All companies that take recurring automatic debits by electronic check, ACH, or debit cards to update your new account information or card number.
    • For example: gym membership, Netflix service, TEP bill, bill pay service, etc.
Staying Safe and Secure with Your Mobile Device
We love that our members are using mobile banking features more and more, where taking care of financial needs are often only a few steps, clicks and swipes away! In order to keep your account information safe, here are a few mobile device security tips:

  • Password protect your mobile device and set your device to auto lock.
  • When not in use, store your mobile device in a secure location.
  • Be cautious when using unsecured, public Wi-Fi.
  • Keep your mobile operating system and mobile software up-to-date to ensure the highest level of security.
  • Install a security app on your mobile device.
  • Avoid storing passwords and other sensitive information on your mobile device where it could be discovered if lost or stolen.
  • If you lose your mobile device, immediately contact your carrier to block or suspend your device.


If you receive a call from an unknown source, it's best not to provide any personal and/or account information over the phone. Legitimate companies generally do not solicit personal information by phone. Check independent sources (e.g. check the business out on the Internet, call the number back or research the number that just called you). The Better Business Bureau has detailed, searchable scam information available at BBB Scam Tracker.
Do not provide your debit, credit card, PIN number to any other individual, including family members. A joint card may be issued to a joint account holder. Online dating scams often involve a financial request (e.g. to deposit a check for someone else, and send them the money, or portray a family / medical emergency), and if you don't know the person (i.e. have never met in person) or haven't known the individual long, the transaction can put you and your account at risk. In addition, many online dating fraudsters ask for your account information or online banking credentials when they convey a financial request.
If it sounds "too good to be true," it likely is. Be cautious of employment ads for secret shoppers, ads for administrative assistants, and nanny employment. The fraudsters often use text messages for communication and can sound quite convincing. They will generally provide overpayment, and then ask for some funds back. Contact the company directly (i.e. look up the phone number from a Google search) to verify the check was issued, valid and authorized. Once you negotiate the check, you are responsible for it.
Keep a watchful eye on your account activity through our mobile app, our Online Home Banking or our "24/7" Automated Phone System. Check on your accounts frequently to ensure the activity is authorized. Sign up for alerts and notify card issuers when you travel.

If ever you are a victim to a fraudulent scheme, you can report it to BBB Scam Tracker us to help warn others. Report online related fraud to the FBI Complaint Department. Additional resources for scams and identity theft can be found at the Federal Trade Commission site.
Public WiFi
The danger with using public WiFi to work remotely or login to your online banking account is that it can also give hackers a green light to spy on you and take note of sensitive information including passwords. Consider this scenario: A hacker creates a hotspot named Hotel WiFi in a hotel lobby using a USB antenna and laptop. You connect to it and log into your email or other account. Counting on you to do this, the hacker creates this fake network, which is masquerading as a legitimate one. A type of rogue WiFi network is an evil twin, which is designed to look official. But when people login, hackers steal your passwords and other sensitive information. They can also use these networks to trick you into downloading malware.