How to Keep Your Credit Union of Southern California (CU SoCal)
Accounts Safe

Strong account security starts with a few consistent habits. Criminals often rely on reused passwords, stolen verification codes, and last-minute pressure to get Members to approve a transfer or share sensitive information related to their Credit Union of Southern California (CU SoCal) accounts.

• Use unique passwords for online banking and email; consider a password manager
• Turn on multi-factor authentication where available and never share one-time passcodes
• Set account alerts for logins, transfers, and new payees
• Keep devices updated and use a screen lock; avoid public Wi-Fi for banking
• Be skeptical of urgent requests to “verify” information, move money, or add a new payee
• Review statements regularly and report suspicious activity right away

Also watch for “new payee” or “contact info change” confirmations you didn’t request—those can be early signs of account takeover. If you share devices, always sign out fully and don’t save passwords in browsers.

Remember: a legitimate call or text should never require you to disclose your online banking password or the one-time passcode sent to your phone.

If you’re unsure about a message or notice suspicious account activity, call CU SoCal’s Member Care Center at 866.287.6225 Monday-Friday: 9 a.m.-6 p.m. and Saturday: 9 a.m.-1 p.m. to learn more or report fraud.

Protect Yourself and the Seniors You Love

Fraud is increasing nationwide, and senior citizens are being targeted at alarming rates. According to the FBI, fraud targeting individuals aged 60 and older has risen by double digits in recent years.¹

Criminals target seniors because they believe older adults may be more trusting, less familiar with rapidly changing technology, and more likely to have savings. Common fraud includes romance schemes, tech-support scams, government impersonations, and calls claiming there’s an urgent emergency involving a grandchild.

Whether you’re a senior or have parents who are, here are important reminders to stay safe:

• Never share Online Banking credentials, PINs, or one-time passcodes. We will never ask for them. Credentials are your username and password. Credit Union of Southern California (CU SoCal) will never ask for your Online and Mobile Banking credentials.
• Pause before acting on urgent requests. Scammers create panic to override good judgment.
• Be skeptical of unexpected calls, texts, or emails. Even if caller ID looks legitimate, it could still be fraud. Hang up and call us direct.
• Be cautious sending gift cards, wire transfers, or person-to-person payments. Only send to people you know and trust, and if you receive an unexpected transfer of funds from a stranger, contact CU SoCal. It could be a prelude to fraud.
• Never allow a stranger to come to your house. CU SoCal will never ask to pick up your debit card, PIN, or cash.
• Review your accounts regularly. If you notice suspicious activity, report it immediately.

For more information on how to protect yourself from financial fraud, visit our Fight Fraud webpage. If you experience a fraud attempt, please report it to our Member Care Center at 866.287.6225.

¹ FBI’s Internet Crime Complaint Center (IC3)

Romance Scams: How Criminals Build Trust and Steal Money

Romance scams happen when a criminal pretends to form a real relationship—often through dating apps, social media, or messaging platforms—then uses that trust to ask for money or access to accounts. These scams can be emotionally draining and financially devastating, and they can move quickly once the scammer believes you’re invested.

Common tactics include professing strong feelings early, moving the conversation off the app, avoiding video calls, and sharing a dramatic story (a medical emergency, travel problem, business setback, or military deployment). The request for money may start small—then escalate to wires, gift cards, cryptocurrency, or “temporary” help covering expenses.

• They won’t meet in person or consistently avoid live video
• They ask you to keep the relationship or money requests secret
• They push urgency: “I need help today”
• They request payment via gift cards, crypto, or transfer apps
• They ask for your online banking login, one-time passcodes, or to “receive money” for them

If you’re unsure, do a quick “reverse image” search of profile photos and look for inconsistencies in their story. Talk with a trusted friend or family member—an outside perspective can help spot manipulation.

Protect yourself by slowing down, verifying identities independently, and never sending money or sensitive account information to someone you haven’t met and confirmed. If you’ve already sent funds or shared details, don’t wait.

Call CU SoCal’s Member Care Center at 866.287.6225 Monday-Friday: 9 a.m.-6 p.m. and Saturday: 9 a.m.-1 p.m. to learn more or report fraud.

10 Red Flags That a Text, Email or Call Is a Scam

Scammers use calls, texts, and emails to create urgency and get you to click, pay, or share personal information. Even if a message looks official, pause and verify—fraudsters can copy logos, spoof phone numbers, and mimic real support teams.

1. Unexpected message about a “problem” with your account
2. Pressure to act immediately or you’ll be locked out
3. Requests for passwords, one-time passcodes, or full card numbers
4. Links to “verify” information or “unlock” an account
5. Payment demands using gift cards, crypto, or wire transfer
6. Spelling/grammar mistakes or slightly “off” branding
7. Sender address, URL, or phone number doesn’t match the company
8. They won’t let you hang up and call back using a trusted number
9. Threats (legal action, arrest, account closure) or extreme promises
10. They ask you to move money to “protect” it

A good habit is to slow down and independently verify any request—especially if it involves money movement or account access. Real organizations will allow you time to confirm, and they won’t punish you for being cautious.

When in doubt, don’t click, don’t reply, and don’t share codes. Instead, contact the company using a phone number from its official website or the back of your card.

To learn more or report suspected fraud, call CU SoCal’s Member Care Center at 866.287.6225 Monday-Friday: 9 a.m.-6 p.m. and Saturday: 9 a.m.-1 p.m.

How to Manage Credit Freezes at the Major Bureaus

A credit freeze (also called a security freeze) restricts access to your credit report at the major credit bureaus—Experian, TransUnion, and Equifax—making it harder for someone to open new credit in your name. It won’t affect your credit score, and you can lift it temporarily when you need to apply for a loan, credit card, or certain services.

Best practices for managing a freeze:

• Freeze with each major credit bureau (freezes are bureau-specific)
• Where to place a freeze: Experian, TransUnion, and Equifax
• Store your login credentials and security questions in a secure password manager
• When applying for credit, ask which bureau will be checked so you can lift the correct one
• Use a temporary lift with a defined timeframe whenever possible
• Continue monitoring accounts—freezes help with new-credit fraud, not account takeover

If you’ve already applied for credit recently, a freeze can still be useful going forward, especially after a breach. Plan ahead: lifting a freeze can take a few minutes, so give yourself time before deadlines.

A fraud alert is different: it asks lenders to take extra steps to verify your identity, but it doesn’t fully restrict access like a freeze.

If you’re not sure which option fits your situation or you suspect identity theft, don’t go it alone. Call CU SoCal’s Member Care Center at 866.287.6225 Monday-Friday: 9 a.m.-6 p.m. and Saturday: 9 a.m.-1 p.m. to learn more or report fraud.

Identity Theft Warning Signs and How to Respond Fast

Identity theft can start with a stolen password, a compromised device, or personal information taken from a data breach. Once criminals have enough details, they may open new accounts, take over existing ones, or redirect your mail and payments—often before you realize anything is wrong.

Watch for these warning signs:

• Unexpected account alerts, password reset emails, or multi-factor authentication codes
• Charges or transfers you don’t recognize
• New accounts, inquiries, or address changes on your credit report
• Bills or collection notices for services you didn’t sign up for
• Tax, benefits, or medical statements that don’t match your activity

Respond fast: Change passwords (use strong, unique ones), enable account alerts, review recent transactions, and monitor your credit. If you believe your CU SoCal accounts may be impacted, act immediately—quick reporting can limit losses.

It also helps to review your credit reports routinely and consider placing a credit freeze or fraud alert if your information may have been exposed. Keep documentation of suspicious notices, dates, and amounts so you can act quickly.

To learn more or report fraud, call CU SoCal’s Member Care Center at 866.287.6225 Monday-Friday: 9 a.m.-6 p.m. and Saturday: 9 a.m.-1 p.m.

Online Shopping Scams: How to Spot Fake Stores Before You Buy

Fake online stores and “too good to be true” ads can lead to stolen card information, counterfeit items, or purchases that never arrive. Scammers often build convincing websites, then disappear after collecting payments.

Before you buy, check for these warning signs:

• Prices far below competitors for high-demand items
• New or misspelled web addresses, or a URL that doesn’t match the brand name
• Limited contact information (no physical address or working customer service)
• Only accepts unusual payment methods (gift cards, crypto, wire)
• High-pressure countdown timers and “last chance” pop-ups
• Reviews that seem copied, overly generic, or only appear on the seller’s site

Another step is to look for clear return policies, secure checkout indicators, and a realistic shipping timeline. If the site’s contact info is missing or the “support” email looks generic, consider shopping elsewhere.

Use strong, unique passwords for shopping accounts, enable alerts on your cards, and monitor statements for unauthorized charges.

If you think you paid a scammer or entered your card details on a suspicious website, contact us quickly. Call CU SoCal’s Member Care Center at 866.287.6225 Monday-Friday: 9 a.m.-6 p.m. and Saturday: 9 a.m.-1 p.m. to learn more or report fraud.

Fraud Prevention Tips for Older Adults

• Don’t click unexpected links in emails or texts. Visit the company’s official website instead.
• Verify emergency requests from family. Scammers may pose as relatives in urgent need.
• Destroy sensitive documents. Shred anything containing personal information before throwing them away.
• Protect your mail. Pick it up promptly and avoid leaving outgoing mail in your mailbox overnight.
• Be cautious of “guaranteed” investment offers. If it sounds too good to be true, it probably is.
• Consult a trusted person before sending large amounts of money. A second opinion can help prevent fraud.
• Limit what you share on social media. Personal details can help scammers impersonate you.
• Use strong, unique passwords. This helps protect financial and email accounts.
• Set up account alerts. Use “Settings” in Online or Mobile Banking; call us if you need help.
• Lock your credit report at all three major credit bureaus, Experian, Equifax, and TransUnion, through their websites. There is no cost to do this, and you can unlock your report if you need to apply for credit.

What to Know About Mule Fraud

Money mule fraud happens when criminals trick or recruit someone to move stolen money on their behalf—often through deposits, transfers, or cash withdrawals. The “mule” may think they’re helping a friend, doing a legitimate job, or completing a simple favor, but the activity can be tied to theft, scams, or account takeovers.

Common setups include online “work-from-home” offers that pay you to “process payments,” social media messages asking you to forward funds, or a new romantic interest who needs help moving money quickly. In many cases, criminals will ask you to accept a deposit and then send part of it back via wire, gift cards, cryptocurrency, or person-to-person (P2P) payment apps.

• Pressure to act fast or keep the transaction secret
• Instructions to move money between accounts you don’t control
• Payments that come from unknown people or businesses
• Requests to convert funds to gift cards or crypto

Remember that being a “mule” isn’t always intentional—criminals may use fake checks, overpayment schemes, or “payment processing” tasks to make the money look legitimate. If you receive unexpected funds, confirm the source directly and don’t forward money for anyone.

If something feels off, stop the transaction immediately and don’t share account details, online banking credentials, or verification codes.

To learn more or report suspected fraud, call CU SoCal’s Member Care Center at 866.287.6225 Monday-Friday: 9 a.m.-6 p.m. and Saturday: 9 a.m.-1 p.m.

Safety Tips to Keep Your Information Secure

Keeping your personal and account information secure starts with a few simple habits. Use the tips below to spot scams, protect your login details, and make sure you’re sharing sensitive information only in safe, trusted ways.

Protect sensitive information
CU SoCal does not email, text, or phone to ask Members for sensitive information such as CVC numbers on debit or credit cards, account numbers, PINs, usernames, passwords, or Social Security Numbers.

Verify the source
We recommend you verify links, email addresses, or website domains you receive. Look for strange characters in the links, or unfamiliar URLs. Incoherent letters, numbers, and symbols may indicate a fraudulent, spoofed website.

Frequently change your password
Change your password frequently and use a complex password. Consider setting up two-factor authentication for every Digital Banking login. In Online or Mobile Banking, go to Tools > Settings > Security to set up your two-factor authentication.

Call CU SoCal to verify if necessary
Ensure that CUSoCal.org or My.CUSoCal.org/Authentication is the URL when visiting our website or accessing Online Banking. When in doubt, call CU SoCal directly at 866.287.6225, not what is listed in the text or email, and/or go directly to CUSoCal.org, bypassing any links provided.

Phone Spoofing Explained: Why Caller ID Can’t Always Be Trusted

Phone spoofing is when a caller deliberately changes the information that appears on your caller ID. A scammer may make it look like the call is coming from your credit union, a government agency, or even a local number—so you’re more likely to answer and trust what you hear.

During a spoofed call, criminals may claim there’s fraud on your account and ask you to “verify” information, provide a one-time passcode, or move money to a “safe” account. They can sound professional and may already know some of your details from a breach or public sources.

• Never share login credentials, PINs, or one-time passcodes—legitimate employees won’t ask for them
• If a caller pressures you, hang up
• Call back using a trusted number (for example, the number on your card or a verified website)
• Be cautious with “verification” links sent by text during a call

Caller ID is a helpful clue, but it isn’t proof. If you miss a call and receive a voicemail asking for urgent action, don’t call the number left in the message—use a verified contact number instead.

If you think you received a spoofed call related to your CU SoCal accounts, contact us right away.

Call CU SoCal’s Member Care Center at 866.287.6225 Monday-Friday: 9 a.m.-6 p.m. and Saturday: 9 a.m.-1 p.m. to learn more or report fraud.

How to Stay Safe with Person-to-Person Payments

Person-to-person (P2P) payment apps (for example, Zelle, Venmo, Cash App, or PayPal) are a convenient way to send money, but that speed can also help scammers. Once you send funds to the wrong person, it may be difficult—or impossible—to reverse the transaction.

Use P2P payments safely:

• Only send money to people you know and trust
• Double-check usernames, phone numbers, and email addresses before hitting “send”
• Be cautious of “accidental payment” messages asking you to send money back
• Don’t use P2P to pay strangers for high-risk purchases (tickets, rentals, marketplace items)
• Watch for impersonation: scammers may pose as a friend, your credit union, or a merchant
• Enable security features like passcodes, biometrics, and transaction alerts

For extra control, set transaction limits when available and keep notifications turned on so you see activity in real time. If you’re paying a business, use a method that includes purchase protections rather than P2P.

If someone pressures you to pay immediately or insists on a specific payment method, pause and verify independently.

If you think you’ve sent money to a scammer or shared account information, call CU SoCal’s Member Care Center at 866.287.6225 Monday-Friday: 9 a.m.-6 p.m. and Saturday: 9 a.m.-1 p.m. to learn more or report fraud.