Protect yourself and your money. Be aware of how your money is insured and how to avoid fraudulent scams and attempts to obtain your personal and financial information. If you suspect ID theft, contact Tower for steps to take.
Always be on the alert for fraudulent e-mail and phone calls asking you to enter account numbers or PINs to unlock accounts or renew services. Delete or hang up immediately. Tower never requests account information through unsolicited e-mail, phone calls or on Tower's Web site.
Obtain your FREE credit report annually from each of the three major credit bureaus. TIP: Stagger review of your credit report from the three bureaus, getting one every few months. This keeps you up-to-date on the content and allows you to compare reports.
Additional services and resources to help manage and protect your credit are available from Equifax.
Resources to Keep You Informed
- Protect Yourself from Data Breaches and Identity Theft
- More Protection for Your Money by NCUA Insurance
- It's Time for a Credit Report Checkup
- Put a Freeze on ID Theft
- ID Theft: How It Can Hit Home
- Phishing—A Form of Identity Theft
- Protect Yourself From the Latest Scams
- How Not to Get Hooked by Phishing Scams
- Phishing Moves to Pharming
- Be On Guard for Fake Checks and Other Scams
- Avoiding Fraud by Cashier's Check
- Beware of Internet Risks
- Internet Security and Safety Tips
- ATM Security and You
- Protect Yourself and Your Money When Using an ATM (PDF)
- How to Boost Your Credit Score
- Comparing Credit Card Offers
- Be Ready with a Financial Disaster Plan
- Identity Theft—Don't let it happen to you (PDF)
- Understanding your credit report (PDF)
Frequently Asked Questions about Phishing
- What is phishing?
- What protection do I have if I responded to a phishing attempt?
- Why can't Tower stop these e-mails and calls from coming to me?
- How do criminals doing the phishing know that I have an account with Tower?
- I am not a member of Tower, but I received an e-mail (or phone call) about my Tower account. How does this happen?
- How do other people get my e-mail address or telephone number?
- Should I ever provide my User ID or password or any personal information in an e-mail or give it out over the telephone?
- What do fraudulent e-mails look like?
- What should I do if I'm suspicious of e-mail bearing the Tower logo or looks like the Web site, or the telephone message says its from Tower Federal Credit Union?
- What do I do if I entered information about one of my Tower accounts?
- How can an e-mail be fake when it says it's from Tower, addresses me by name or has my correct e-mail address or phone number?
- Why can't you stop them?
- Does Tower send out marketing e-mails?
Phishing (pronounced "fishing") is when criminals send e-mail by the thousands or millions in hopes of tricking unsuspecting members/consumers into sharing confidential information. These messages often include a link to a fraudulent Web site. By masquerading as a trustworthy person or business, criminals "fish" for online users' financial information and passwords.
There's also "vishing" where criminals use a telephone number instead of e-mail. When you call an 800 number they give you, often in a recorded message, the person or another automated response tells you, for example, your account is closed and to reactive it, please enter your personal and/or account information on the phone keypad.
Each situation is different. If you suspect that you responded to a phishing e-mail or telephone call, report your suspicions by e-mail to firstname.lastname@example.org or by calling the Member Service Center at 301-497-7000 or 800-787-8328. Tower will work with you to make the best decisions on what to do based on what data you shared.
We don't know you're getting them because we aren't sending them. When you report the attack to us at email@example.com, we will begin immediately to contact authorities and investigate the source so the senders can be apprehended. We work with law enforcement to shut down sites and, as importantly, work to provide you information and resources so you can become more aware of fraud schemes and can protect yourself.
They often do not know and, in fact, don't know anything about you specifically. They do know that Tower has thousands of members. They cast a broad net in hopes of catching some unsuspecting members.
I am not a member of Tower, but I received an e-mail (or phone call) about my Tower account. How does this happen?
Phishers send out scams to victimize the general public. Tower is not the only financial institution that is experiencing these phishing attacks. Tower and our members are not being targeted. These scams are being directed to members of the general public with the scammers knowing, that with the law of averages, a small percentage of recipients will be members or customers of the financial institution that is being phished.
Criminals obtain e-mail addresses and telephone numbers from a variety of sources, including purchasing mailing lists from reputable companies. Often, they have no idea what financial institution you use or what credit cards you have. They just know that Tower has thousands of members and if they phish enough people, they may get lucky.
Should I ever provide my User ID or password or any personal information in an e-mail or give it out over the telephone?
No. You should not enter your User ID or password in an e-mail or on a telephone keypad if you did not initiate the contact—even if the caller has some of your personal information.
They take many forms. Some contain the recognizable name, logo and Web page design of a financial institution. But most are similar in tone—often short, choppy, harsh, demanding, containing grammatical errors.
What should I do if I'm suspicious of e-mail bearing the Tower logo or looks like the Web site, or the telephone message says it is from Tower Federal Credit Union?
If you are suspicious, don't reply to, click on, or enter any information on a linked Web site or a phone keypad. DELETE THE MESSAGE OR HANG UP IMMEDIATELY.
You should contact Tower immediately. Report your suspicions to us immediately at firstname.lastname@example.org or call the Member Service Center at 301-497-7000 or 800-787-8328.
How can an e-mail be fake when it says it's from Tower, addresses me by name or has my correct e-mail address or phone number?
Criminal groups collect data from multiple sources and combine it to create authentic-looking e-mails designed to convince you to share information that should be confidential between you and the credit union. Criminals target many financial institutions all the time. Often they have no idea where members have their financial relationships or what credit cards they have. Criminals are hoping that if they keep "phishing", they will hook someone.
When we hear of a scam in progress, we immediately begin working on shutting down the servers and contacting the appropriate law enforcement agencies. But the criminals go to another server and begin all over again. This can happen over and over.
Yes. We use e-mail and our Web site (and send letters) to inform members about the products and services we offer that may be of good value to them. But we never ask for personal or financial information.