Privacy & Security Protection

The highest level of protection.

At California Coast Credit Union, we want to assure you that your personal and financial information is safe and secure. One of our top priorities is to keep information about your accounts private. We utilize a multi-layered defense-in-depth security strategy.

We want to help protect you from the threat of identity theft and online fraud. Identity Theft means that your personal information such as your Social Security number or driver's license number is obtained and used by an impostor. Thieves can obtain your information by means of not only stealing your wallet, but also by stealing your mail, phishing, computer scams or viruses, confiscating documents found in your trash, or even a data breach. California Coast Credit Union does not communicate with members through text messaging (other than mobile banking commands and eAlerts) and would never ask for personal information via email.

Alerts and Scams
Fraud & Security Protection Tips
Disruption of Internet Service

Identity Theft

Identity theft which occurs when an identity thief gains access to and uses an individual's personal identifying information without his or her knowledge in order to commit fraud or theft.  These tips can help you minimize your risk of becoming a victim of identity theft.

Counterfeit Check Scams

Counterfeit Check Scams

If you receive a check in the mail with a letter that says you've won the lottery or a sweepstakes or that you've been selected to participate in a secret shopper program, there's a very good chance the check is counterfeit. If you receive a check in the mail because you've sold something on the internet or signed up to work from home, and the check includes an overpayment that you are supposed to return, there is also a likely risk that the check is counterfeit.

Some of these checks look authentic and include the names and addresses of legitimate financial institutions. In addition to checks, counterfeits can also come in the form of official checks, money orders, business checks or personal checks. If you receive a check from an unknown source, contact the financial institution it's written on to help you verify the validity of it. You can find contact information from a public source such as the institution's website or the phone book. Never rely on the contact information on the check or any letter that accompanied the check.

Legitimate California Coast Credit Union's cashier's checks will never be used to fund secret shopper programs, sweepstakes or other similar transactions where you are asked to send money to claim income or winnings. If you are ever in doubt of the validity of a California Coast Credit Union cashier's check you've received, please contact us immediately at (877) 495-1600.

Here are some other tips that will help you avoid becoming the victim of a counterfeit check scam:

  • Shred any offer that asks you to pay for a prize or a gift.
  • Know who you're dealing with, and never wire money or send a check to strangers.
  • If you're selling something, don't accept a check for more than the selling price, no matter how tempting the offer or how convincing the story. Ask the buyer to write the check for the exact amount. If the buyer refuses to send the exact amount, don't send the merchandise or a refund.
  • Resist pressure to act immediately. Any legitimate offer should still be good after the check clears.
  • It's best not to rely on money from any type of check unless you know and trust the person you're dealing with or, better yet until your financial institution confirms that the check has cleared. Forgeries can take weeks to be returned through the banking system, and until you have confirmation that the funds from a check have cleared your account, you are responsible for any funds you withdraw against that check, whether or not the financial institution places a hold on them.
  • Resist the urge to enter foreign lotteries. If you are notified that you are a winner of a lottery that you didn't enter chances are you are being scammed.

Citadel Virus

Citadel Virus

Online banking users should be aware of a new variation of a 'social engineering' attack. Criminals are using a computer virus, called Citadel, to launch this attack in an attempt to steal personal and/or account information, including online banking login passwords. The latest version uses social engineering tools to create fake pop-ups, even on legitimate banking sites. This could trick online users into re-entering their bank and credit union account logins and passwords. That could confuse members making online transactions at their credit union's site. See below example below.

Security advice:

  • Avoid using out-of-date software versions that have vulnerabilities easy to exploit. Software companies issue patches and updates; use them. Out of date Java software in particular has been a gateway for the Trojan infection, say researchers;
  • Run full-system virus scans at least once a week;
  • Use caution when entering user names and passwords and enter these slowly to give time to back out if something seems odd;
  • Regularly visit the FBI's Internet Crime Complaint Center for updates about Citadel;
  • Have a computer expert remove any malware. Even if you succeed in unfreezing the computer, keyloggers and other malware may still be operating in the background; and
  • Never pay money or provide personal information to a suspicious online entity.

A pop-up requesting information could look like this:

What to do if you think your computer has been infected.
If you suspect your computer is infected, or if you see a screen similar to the one above, do not enter your personal information. Call our Member Service Center immediately, at (877) 495-1600. We suggest that you also contact a qualified computer technician to assist you.

For more information you can go to this website.    

National Credit Union Administration (NCUA) “Survey”

National Credit Union Administration (NCUA) “Survey”

The National Credit Union Administration (NCUA) has issued an alert about a new scam targeting credit unions members. Follow this link for more information: Click here!

The agency warned of fraudulent emails pretending to come from the NCUA and asking credit union member participation in an "Online Survey" or "Member Survey." The emails promise a $40 compensation as an inducement to respond to the email.

The emails are fraudulent, the NCUA warns, and may be an attempt to obtain confidential member information. The agency does not solicit such information from credit union members.

This is a phishing activity with no NCUA activity or approval. If you have received these emails please do not respond. If you have any questions or concerns please email NCUA at pacamail@ncua.gov, or call California Coast Credit Union at (877) 495-1600.

Phishing & ZeusBot

Phishing & ZeusBot

Phishing (pronounced "fishing") attempts are on the rise. Beware of people requesting information over the phone, by text message or by email. Phishing scams involve criminals who try to trick people into providing personal information (such as credit card numbers, PINs, financial account or other sensitive information).

California Coast Credit Union will never send you an email or text message requesting account verification or personal information. If you are ever in doubt of the validity of someone requesting personal account information, please contact California Coast Credit Union immediately at (877) 495-1600.

The criminals who "phish" get more creative all the time! It's important to be aware of the common traits of phishing attempts so you'll recognize them as they evolve. Here are a few to consider:

  • They usually involve requests using the name of business or a person who you would trust.
  • Using a scenario that is intriguing and/or creates a sense of urgency to respond (i.e. will be asked to help solve a crime or win a prize).
  • They often involve consequences such as losing access to your financial accounts, your eBay account or getting arrested because you failed to show up for jury duty.
  • Many phishing attempts have misspellings or grammatical errors, but may look and sound professional. They may even illegally use a company's logo.


Phishing emails are designed to load malicious software on your computer
to gather information or just to do damage to your hard drive. The best ways to avoid compromising your computer's security is to ensure that you keep updated anti-virus software on your computer and avoid opening emails unless you know the sender. Be particularly careful of emails that contain attachments.

Zeusbot - Recent Scam (ZeusBot)

Online banking users should be aware of a new variation of a 'phishing' attack. Criminals are using a computer virus, called ZeusBot or Zbot, to launch this attack in an attempt to steal personal and/or account information, including online banking login passwords. This virus is widespread, but at this time does not affect Mac (Apple) computers.

This virus operates by opening a tab or window in your browser that will appear to be part of the login process for online banking or e-commerce sites (such as eBay, Amazon, etc.). This window will ask for login passwords or credit card information, as if confirming the users' identity. If such an unsolicited window appears on your PC, especially during an online banking session,
do not enter information into that window.

  • The only way to log into Cal Coast Online, California Coast's online banking system, is using the login fields on the www.calcoastcu.org home page. California Coast will not present an additional screen to enter your password into Cal Coast Online.
  • Please note that after you have entered your password into the home screen of www.calcoastcu.org, you may be presented with questions to verify your identity. This is normal, but the questions will only be the ones that you set up yourself during the enrollment process and will never ask for credit card information or PIN numbers.

This virus can infect your PC by visiting an infected website, not related to your online banking provider. Once a PC has been infected, it will continue to collect personal information such as passwords and card numbers, even if you are entering them into legitimate sites. You do not have to enter this info into the virus' pop-up window to be affected. The only way to know if your PC is infected is if your anti-virus detects the virus, or if you see one of the unsolicited pop-up windows. Please be aware that not all anti-virus programs have yet been updated to detect or clean this virus.

The fraudulent screens may appear similar to the one below, which may ask for your login information (user name and password) or other personal information.

 

Vishing

Vishing

Vishing is the criminal practice of using social engineering (using the phone) and/or Voice IP (calling through a computer) to gain access to private personal and financial information for the purpose of committing fraud.

These are disguised as legitimate calls from fraud prevention departments requesting or verifying your personal or financial information. Do not give out your information. Instead, if you have questions, please call California Coast Credit Union or the financial institution that issued the card.

What to do if you think your computer has been infected.
If you suspect your computer is infected, or if you see a screen similar to the one above, do not enter your personal information. Call our Member Service Center immediately, at (877) 495-1600. We suggest that you also contact a qualified computer technician to assist you.

If you see similar screens on other financial institutions or secured websites where you might make online purchases, do not proceed and report the issue to the owners of those sites.

Bank Account and Credit Card Statements

Bank Account and Credit Card Statements

  • Contact your financial institution immediately if a bank account or credit card statement does not arrive on time.
  • Review your bank account and credit card statements promptly and immediately report any discrepancy or unauthorized transaction.

Checking Account

Checking Account

  • Store your checks, deposit slips and credit union statements in a secure and locked location. Never leave your checkbook in your vehicle.
  • Never give your account number to individuals you do not know, especially over the telephone, through email or on the Internet. Be particularly aware of unsolicited phone sales. Fraud artists can use your account without your authorization and you could be held responsible.
  • When you receive your check order, ensure that all checks are present and that none are missing. If you believe your checks are missing, report it to the credit union immediately. If you fail to receive your order by mail, notify the credit union because checks could have been stolen or lost in transit.
  • If your home is burglarized, check your supply of checks to determine if any have been stolen. Look closely, because thieves will sometimes take only one or two checks from the middle or back of the checkbook. The longer it takes to realize that your checks have been stolen, the more time the criminal has to use them.
  • Limit the amount of personal information on your checks. For example, do not include your social security number or drivers' license number. A criminal can easily use this type of information to steal your identity.
  • Do not leave blank spaces on the payee and amount lines. Draw a line or line through any empty spaces.
  • Use dark ink that cannot be easily erased or written over. Based on recent studies, the ink found in gel pens, has been the only ink found to be counterfeit proof.
  • It's safest to purchase your supply of checks from the credit union or from a reputable check reorder company.
  • At California Coast Credit Union our e-Statements allow you to view your confidential California Coast Credit Union financial records without the paper trail so you won't have to worry about identity theft or financial fraud. When you sign up for our e-Statements, you can view all your transactions from the privacy of your home or work computer, no more waiting for your statement to arrive in the mail. And best of all, it's FREE!

 

Computer Security

Computer Security

  • Maintaining your computer with the latest updates is one of the most effective security precautions that you can take. As vulnerabilities in software are discovered, the software companies release updates, or patches, to address these issues. Many of these programs can be configured to automatically check for updates over the Internet.
  • Microsoft releases updates for their Windows operating systems and their MS-Office suite on a weekly basis. It is highly recommended that your home PC is maintained with these updates on a regular basis. Your home PC should also have an anti-virus program installed. This program requires daily or weekly updates to be effective. Adobe has recently released several updates to their products.
  • The latest Microsoft updates are available at: http://update.microsoft.com
  • Adobe home page: http://www.adobe.com
  • Adobe Reader updates are available at: http://get.adobe.com/reader/
  • Adobe Flash Player updates are available at: http://www.adobe.com/go/flashplayer
  • Adobe Shockwave Player updates are available here.  

Credit, Debit and ATM Cards

Credit, Debit and ATM Cards

  • Protect your card(s) by activating them immediately upon receipt by calling the phone number indicated on your card. If you fail to receive your new card(s) in the mail within 10 business days, notify the credit union immediately. The card(s) may have been stolen from your mailbox or lost in transit.
  • Keep your card(s) in a secure and locked location when not in use. Do not leave your card(s) in your vehicle.
  • Retain copies of all sales receipts, merchant and ATM receipts until you receive your monthly statement, at which time you should verify that the transactions/charges are accurate. If you discover any errors, unauthorized transactions, payments or alterations, notify the credit union immediately.
  • Cancel all cards that you do not use.
  • Sign new cards as soon as you receive them.
  • Report lost or stolen cards immediately.
  • If you notice anything suspicious when approaching an ATM, return later or use another ATM. Consider having another person accompany you to the ATM.
  • Have your ATM card ready to avoid searching through your purse/wallet at the ATM site.
  • Stand close to the ATM and block it with your hand to avoid detection of your PIN and other account information, and ensure doors are locked and keep the engine running when using drive-up ATMs.
  • Put your cash away as soon as the transaction is complete. Count the cash later in the safety of your vehicle or home.
  • If you notice anything suspicious while you are transacting business, immediately cancel your transaction, put your ATM card away and leave.
  • Be aware of individuals who pose as credit union staff trying to get information from you. Never give information to strangers at the ATM, over the phone or on the Internet.
  • The credit union strives to ensure ATM facilities are safe and convenient. Please tell us if you are aware of any problems with a California Coast Credit Union ATM, such as a light that is not working or there is any damage to an ATM facility.
  • Limit the number of credit, debit and ATM cards that you carry.
  • Memorize your Personal Identification Number (PIN). Do not write the number on your card or keep it in your wallet.
  • Never give your PIN to anyone, not even your financial institution.
  • Always be aware of your surroundings and look for well-lit, visible ATMs, especially when transacting at night.

Credit Reports

Credit Reports

  • Order a copy of your credit report annually and review it for accuracy.
  • Check your credit report for unauthorized bank accounts, credit cards and purchases.
  • Look for anything suspicious in the section of your credit report that lists who has received a copy of your credit history.

Home Security

Home Security

  • Store extra checks, credit cards, documents that list your Social Security number, and similar items in a safe place.
  • Shred all credit card receipts and solicitations, ATM receipts, bank account and credit card statements, canceled checks, and other financial documents before you throw them away.

Mail

Mail

  • Promptly remove mail from your mailbox.
  • Deposit outgoing mail in a post office collection box, hand it to a postal carrier, or take it to a post office instead of leaving it in your doorway or home mailbox, where it can be stolen.

Password Security

Password Security

  • Never use the same password on multiple systems. If your password is compromised on one system, this will grant access to other systems.
  • Never share your password with anyone else.
  • Select strong passwords, which means:
  • Use a password that is easy to remember yet complex enough that it cannot be easily guessed.
  • Avoid using dictionary words in your password that may be subject to dictionary attacks.
  • Use a combination of upper and lower case characters from the alphabet plus numbers and special keyboard characters such as !#$%.
  • Some computer systems have limitations to the allowed length, number of characters, or types of special characters allowed. Use the strongest password that the system will allow.
  • Generally, the longer and more complex a password is, the harder it is to compromise.
  • Avoid writing down your passwords. If a password is written down, always keep it in a secure location.
  • Never store a PIN in the same place as the associated credit or debit card.
  • Never write your password on a post-it note on your computer monitor or under your keyboard.
  • Multifactor authentication is based on "what you have" (a card or device) and "what you know" (a password). If the card or device is compromised, the second factor of a strong password becomes even more important.
  • If a system does not require period password changes, it is a good practice to periodically change your password anyway.
  • If you suspect that your password to a credit union system has been compromised, immediately contact the credit union.

Personal Identifying Information

Personal Identifying Information

  • Always protect personal identifying information, such as your date of birth, Social Security number, credit card numbers, bank account numbers, Personal Identification Numbers (PINs) and passwords.
  • Do not give any of your personal identifying information to any person who is not permitted to have access to your accounts.
  • Do not give any of your personal identifying information over the telephone, through the mail or online unless you have initiated the contact or know and trust the person or company to whom it is given.

PINS and Passwords

PINS and Passwords

  • Memorize your PINs and passwords and keep them confidential.
  • Change your passwords periodically.
  • Avoid selecting PINs and passwords that will be easy for an identity thief to figure out.
  • Do not carry PINs and passwords in your wallet or purse or keep them near your checkbook, credit cards, debit cards or ATM cards.

Telephone and Internet Solicitations

Telephone and Internet Solicitations

  • Be suspicious of any offer made by telephone, on a Web site or in an email that seems too good to be true.
  • Before responding to a telephone or Internet offer, determine if the person or business making the offer is legitimate.
  • Do not respond to an unsolicited email that promises some benefit but requests personal identifying information.
  • California Coast Credit Union never requests a customer’s bank card number, account number, Social Security number, Personal Identification Number (PIN) or password through email. If you should receive an email requesting such information that appears to be from California Coast Credit Union, do not respond to the email and contact California Coast Credit Union immediately at 1-877-495-1600.

Wallets and Purses

Wallets and Purses

  • Do not carry more checks, credit cards, debit cards, ATM cards and other bank items in your wallet or purse than you really expect to need.
  • Do not carry your Social Security number in your wallet or purse.

 

Disruption of Internet Service

Cyber attacks, identified as a Distributed Denial of Service (DDoS), have recently been in the news. The intent of such an attack is to prevent Internet access. What this could mean for our members would be the inability to access the credit union's website and services such as online banking.

We cannot know if or when these this event will actually occur. However, aside from the inconvenience of a potential disruption of online service, be assured that your member information will remain secure and protected.

Internet down? We’re still here for you.
  • Member Service Center at (877) 495-1600 is available Monday - Friday, 7:30 am - 6 pm, and Saturday 9 am - 2 pm
  • Deposit your checks with our free Cal Coast mobile deposit application using your iPhone®, iPad® iPod® or AndroidTM phone*
  • Visit our network of over 20 branches and 60 additional shared branching locations in San Diego and Southern Riverside counties
  • Access accounts through 30,000 fee-free CO-OP® ATMs nationwide, including many in 7-Eleven locations, with nearly 70 ATMs locally

We always have your best interest in mind. It shows in everything we do.

Our members are our most valuable asset. That’s why everything we do — from the accounts, loans and rates we offer, to the personalized caring attention we provide — is designed to help you to achieve your goals.

Message from California Coast Webpage

Notice: Because there is a risk that information transmitted via Internet email could fall into the wrong hands, California Coast Credit Union suggests that confidential information, such as account numbers or social security numbers, not be transmitted via email. If this information must be stated please contact CCCU by phone or at your nearest office. Thank you. If you "Continue", the link will open a new email message in your default email program.

Continue

×

Message from California Coast Webpage

By continuing, you will be leaving the California Coast Credit Union website. Please note that we are not responsible for the accuracy, security, or content of other websites. We encourage you to review the privacy and security disclosures of all websites you visit.

Continue

×