Recent Fraud Events

NEFCU is not aware of any current fraud attempts that are specifically targeting NEFCU or its members.  However, we recommend constant vigilance as scam and fraud attempts against the general public are persistent and ongoing.  You can refer to the Federal Trade Commission scam alert website for active U.S. fraud reports.


What You Can Do

  • Ask us to scan your driver's license or photo ID the next time you visit a NEFCU branch. This way we'll know if anyone tries to impersonate you.
  • Ask us to put a password on your accounts.
  • Passwords you use to access your online financial accounts should never be reused on other online accounts. Make your NEFCU login one-of-a-kind! That way, if a security breach happens somewhere else, your most important accounts won't be affected.
  • Use NEFCUOnline and Account Alerts, and receive an emailed alert if your balance drops below a certain amount. This can help you monitor unauthorized withdrawals.
  • When you visit a teller, present your membership card or jot down your member number and pass that to the teller, instead of speaking it aloud.
  • Shred sensitive papers. Drop them in a SecurShred bin at any branch.
  • Attend a seminar to learn more about identity theft, the new techniques thieves are using, and how you can recover if you become a victim.
  • Use BillPay so some payments can be made electronically, avoiding the risk of a check sent in the mail.
  • Check NEFCU newsletters and for updates on security topics - stay informed!

What NEFCU Is Doing

In the Branch or On the Phone

  • We know our members. Scanned IDs are one tool that help us protect you against impersonation. We also keep your signature on file.
  • We use alternative identification methods when we need to verify your identity. We won't ask you for your Social Security number, date of birth or mother's maiden name. Instead, we'll ask you a series of other carefully-constructed questions and the answers to which only you should know.
  • Through the NEFCU newsletter we warn members not to give their personal information or credit card numbers over the phone to telemarketers.
  • Our teller and ATM receipts are printed with truncated card numbers, so your account information is protected from dumpster divers. You also have the option of asking the teller to suppress the printing of your available balance.

Bringing Resources to You

  • We hold seminars to educate members about identity theft, new techniques thieves use, and how you can recover if necessary.
  • We provide SecurShred paper shredding bins free of charge. You can drop sensitive paperwork in a bin at any branch at any time and we'll make sure it is properly destroyed.
  • We encourage you to use Account Alerts, so you can receive an immediate emailed alert if your balance drops below a certain amount.
  • We encourage you to use BillPay as a way of keeping account numbers from falling into the wrong hands.
  • We provide up-to-date information about how you can protect yourself from identity theft on our website,

Behind the Scenes

  • We continually check Visa and Debit cards for unusual activity.
  • We will call you if we detect any unusual activity on your NEFCU card.
  • We follow up-to-date industry standards for password protection.

If you think you have become a victim of identity theft, or if you have any questions, come into any branch or call NEFCU Contact Center at 802-879-8790 or 800-400-8790.

You can also contact the fraud departments of one of the three major credit bureaus and request that a fraud alert be placed on the credit file. These alerts will be on your file for 90 days. Any creditor pulling your report will be advised to contact you prior to extending credit, as you have reported an increased risk of identity theft.


Common Fraud Techniques

These are examples of common fraud schemes (not necessarily experienced by NEFCU members).
Advance Fee Scam
Many scams involve fees or other payments sent in advance. Here are some common scenarios:

  • Online sale asking you (the seller) to immediately refund purchase price "over payments" (which in fact are counterfeit payments, usually money orders).
  • Inheritance from a supposed long-lost relative.
  • Communication claiming you won the lottery in a foreign country.
  • Employment scams offering work permits for highly-paid jobs abroad.
  • Correspondence claiming that an authority figure (often in an African nation) needs help transferring large sums to U.S. accounts. If you agree to help, you are promised a percentage of the funds.
  • Mystery shopper offer asking you to use funds to purchase a money gram sent to a specified person.

Communication About Fraud on Your Account
You get an email, phone call or text message informing you that fraud has been detected on your account. This communication may even appear to come from your own financial institution. You are asked to provide information, usually a credit card number or log in credentials, to resolve the supposed fraud or to prevent the account from being closed.

Impersonation of Family or Friend
Generally done by phone, the fraudster takes advantage of your desire to be helpful.  In a common version, you receive a call telling you that your grandchild needs money, sometimes with further explanation that they have been in an accident or arrested.  The fraudster asks you to wire or send money through Western Union, further advising "Don't tell Mom and Dad", so the grandchild won't get in trouble.

Online Sales Pitches for Security Products
You are presented with online offers for protective software (that will supposedly reduce your risk of online fraud).  The fraud may involve illegitimately capturing credit card information, or installing malicious software such as a keystroke logging program.

Phony Virus Warning or "Scareware"
You see a pop-up message on your computer that tells you your computer has a virus. The message may look similar to legitimate anti-virus software messages. In some case, the fraudster is trying to sell you bogus security software that does little or nothing. In other cases, this fraud may involve illegitimately capturing credit card information, or installing malicious software such as a keystroke logging program.  If you click to accept a download, you have likely allowed the installation of malicious software and and given control of your computer to the fraudster.

Purchase Confirmation

You receive an email or phone call whose purpose is supposedly to confirm your recent online purchase of a cell phone, laptop, TV or other product that you did not buy. The communication instructs you to make a contact if you did not make that purchase. From there your credit card information is requested.

Re-shipper or "Mule" Scam
You come across or receive a business proposition or job offer (usually proposing a work-at-home arrangement), where you are asked to be a re-shipper of goods or money orders.  You are asked to cash a check (which is fraudulent) or front the money to obtain merchandise, and then to ship it elsewhere.  The shipping address may even be a second unwitting victim, who re-ships again (inadvertently committing a crime).

Web Browser Infection (also known as “Man-in-the-Browser” Attack or Banking Trojan)
Your web browser may be compromised by a malicious software program (malware.)  When an infected web browser views financial web sites, the malware activates and can perform a number of fraudulent activities such as collecting private information, modifying transactions, and even configuring the way web pages are displayed so that what you see is not what the web site sent.  Common names for various types of man-in-the-browser malware include Zeus, URLzone, and SilentBanker.

Words of Advice

If something sounds too good to be true, it probably is!
Follow these common-sense guidelines:

  • Do not send money to someone you don't know or for something that is supposedly free.
  • Do not respond to an e-mail that asks you to share personal information.
  • Call the known number of a business when responding to instructions to make a call  (not a number given to you by a caller, or in an email).
  • When in doubt about an email, do not click any links.
  • Do not accept checks or money orders from people you do not know.


Identity Theft Resources   
Consumer Protection -  This site helps to distinguish between truth and urban legend!

NEFCUOnline Account Access

  • Can I securely grant access to my account to another user?

    With Shared Access, you can grant access to designated individuals. As the account holder, you determine which accounts your subuser(s) should see and you choose whether you want them to have “View Only” access or whether you want them to perform certain types of transactions such as internal transfers and bill payments. If you opt to grant access to BillPay, you must set a per transaction limit. Any transactions submitted by a subuser that exceed this limit will require your approval before they process.

    To get started, click on “Additional Services” and select “Share Access with Others” from the dropdown menu. This link will take you to the page where you can add subusers, manage their permissions, or revoke access at any time. If you have any pending transaction to approve, they will also be displayed at the top of this page.

  • Can any other member see my account information?

    Your information is kept strictly confidential. NEFCUOnline requires a combination of the correct username and corresponding password to access any confidential information. Plus, login is only allowed from the device(s) that you have designated to have access to your account. Unless you share your login information with others and give them physical access to your devices or you opt to grant access to another user through the Shared Access (entitlements) feature, no one but you will be able to access your account information through NEFCUOnline or over the Internet.

  • Is it safe to access my accounts? Are my accounts secure?

    Your Credit Union has taken many steps to ensure the security of NEFCUOnline. We provide system and transaction security through strong authentication, encryption and digital certification software. Access to your account via NEFCUOnline is only allowed through the devices you have designated to have access to your account. You will be required to use your username and a valid password to access the system. For your protection, your credit union recommends that you memorize your password and do not write it down (just like an ATM PIN). You should never give your password to anyone or let anyone see you enter your password when you are logging in to NEFCUOnline. In addition, you should change your password periodically and do not use easily identified passwords such as birth dates, years, etc. To better protect you, you will have only a limited number of tries to input the password correctly. If you accidentally become locked out of NEFCUOnline, you will need to call NEFCU Contact Center at 800-400-8790 or stop in to one of our branches for assistance.

  • Where is my data stored? Who has access to my data?

    Transaction data that appears in NEFCUOnline is refreshed each time NEFCUOnline is loaded. Consequently, there is no account data storage outside the Credit Union with NEFCUOnline. 

    Turbo Tax and FinanceWorks data is stored within Digital Insight systems. Digital Insight systems are secured with encryption, perimeter and internal firewalls, screening and filtering routers, intrusion detection, strict authentication, virus protection, and application security. Digital Insight network architecture is structured so servers that store member information are not directly connected to the Internet.

    Additionally, Digital Insight employs policies and procedures to ensure the highest level of security throughout their organization including physical controls such as retina eye scan authentication for access to their data centers, administrative controls such as clear personnel policies and background checks, and a team of security specialists who provide 24/7 support. In addition, Ernst & Young performs an SSAE 16 Audit (the latest AICPA standard) of Digital Insight's service controls, and measures their effectiveness. This assessment includes physical facilities as well as Internet operations.

    As always, some Credit Union employees have access to member financial data by virtue of their role at the Credit Union. However, that access is governed by internal policies and by several layers of security safeguards. In addition, the Credit Union's security is examined annually by external auditors and by the National Credit Union Administration (NCUA).

Learn how to safeguard your personal and financial records from fraud and identity theft. Learn more about protecting your financial information: Protecting yourself from identity theft and scams.

Each year, millions of Americans discover that someone has fraudulently assumed their identity. A criminal using a stolen social security number or other personal information can quickly run up thousands of dollars in purchases before a victim becomes aware that their identity has been stolen.

Identity theft has become the fastest-growing crime in America, a crime which usually leaves victims with the responsibility of cleaning up a web of phony purchases, bogus accounts and damaged credit ratings.

Protective Tips When Identity Theft Risk is Elevated

To Help Protect Minors

If you are concerned about potential identity theft for your child or children under 18 years of age, you can use this form to send a letter to the three primary credit bureaus. (You will need to input your information three times, since the form creates letters to all three bureaus.)

Letter to Credit Bureaus for Minor Children

If you think you are a victim, stop into any branch or call us at 802-879-8790 or 800-400-8790.