Forgot your Username or Password ?
Enroll NowForgot your Username or Password ?
Enroll NowForgot your Username or Password ?
Enroll NowBy continuing, you will be leaving the California Coast Credit Union website. Please note that we are not responsible for the accuracy, security or content of other websites. We encourage you to review the privacy and security disclosures of all websites you visit. California Coast Credit Union does not guarantee or assume liability for any third-party product, or service obtained through our website.
ContinueWe use cookies to make the site navigation easier, analyze site use and to assist our marketing, as explained in our privacy policy. By selecting accept, you agree to cookies being stored on your device.
The safety and security of our member's identity and personal information is our top priority. Our security center will provide you with alerts on the latest fraud and scam attempts we've detected, tips and resources on how to keep your information safe and what to do if you think you are a victim, and so much more!
December 2022
At California Coast Credit Union, your financial well-being and the security of your funds are top priorities.
With continued media reports about cyber-attacks and security breaches, we want to remind our members about important steps you can take to protect your personal information.
If you have any questions, please visit your nearest branch, or contact our Member Service Center at (877) 495-1600 during regular business hours.
We want to help protect you from the threat of identity theft and online fraud. Identity theft means that your personal information, such as your Social Security number or driver's license number, is obtained and used by an impostor. Thieves can obtain your information various ways including: stealing your wallet or mail, phishing, computer scams and viruses, confiscating documents found in your trash, or even data breach. California Coast Credit Union does not communicate with members through text messaging (other than mobile banking commands and alerts) and would never ask for personal information via email or text.
Keeping our members' accounts and personal information safe is a top priority. Robust defenses with 24/7 monitoring are in place so our members can feel confident and worry free. Our systems have multiple security layers in place to prevent outsiders from gaining access to sensitive information.
Regular audits from industry experts give high marks to our approach. In addition, all member deposit accounts are insured by the National Credit Union Association (NCUA) for up to $250,000.1 Our net worth ratio exceeds the 7% threshold for being defined as well-capitalized by the NCUA.
Cal Coast's Extra Value Checking includes all of the perks of a Free Checking account, but with added security, identity theft protection and monitoring, monthly ATM fee rebates, loan discounts, and so much more. There's no cost to having peace of mind. Simply let us know you're interested in upgrading or opening an account today and get your first two billing cycles fee-free!
The holidays are a time of year to celebrate with family and friends. For those loved ones that are not near, many of us take advantage of sending gifts through the mail. Unfortunately, this also means an uptick in mail theft.
Here are some tips to avoid becoming victims of mail theft and to help you continue to have a stress-free holiday:
Sources:
California Coast Credit Union has recently been made aware of a phone scam targeting customers and members of financial institutions. Fraudsters are contacting consumers over the phone pretending to be their bank or credit union, making false claims that their debit card is experiencing fraud or is being blocked due to suspicious transactions.
The fraudsters then may state that there has been a breach of your card or account information and ask for your account login credentials, One-Time-Passwords, or other Personally Identifiable Information.
We would like to remind members that California Coast Credit Union will never ask you to provide your login credentials, One-Time-Passwords, or your Personally Identifiable Information over the phone.
If you believe that you have been a target of this or any other scam related to your account, we advise you to please contact us immediately.
We've been alerted of an increase in scammers attempting to utilize remote access software, such as AnyDesk, to connect to people's computers in order to steal sensitive information or install malware.
Here are the steps you should take if you think you've been targeted or fallen victim to a remote access scam:
Spoofing scams are when fraudsters mask the number from which they are calling from. We've been alerted of an increase in spoofing attempts where cybercriminals spoof our main line in an effort to fool members into thinking that these calls are actually from California Coast Credit Union. An easy way to identify the fraud is if you're ever asked to provide sensitive information that is not standard in a normal verification, such as online banking sign in credentials. We will never ask you for this information over the phone. If you are ever skeptical about who you are speaking with, hang up and call the main line directly: (877) 495-1600.
The FBI published a PSA earlier this month, alerting the public about cybercriminals tricking victims into making instant payments. Below is an example of the recent spoofing attempt. We have not been made aware of any Cal Coast members falling victim to this specific scam, but want to keep you aware and alert as scams become more advanced with new technology.
Remember that Cal Coast will never call you to initiate any type of instant payment transaction and will never ask for your personal Online Banking sign in credentials. These credentials should never be shared with anybody. If you ever have concerns that the person who called you is not a representative of Cal Coast, hang up and contact our Member Service Center directly: (877) 495-1600.
The Federal Trade Commission reported that more than 95,000 people were victimized by scams on social media last year. Scammers like social media because it's an inexpensive way to reach billions of potential victims from anywhere in the world and it's easy to create fake personas.
These fraud attempts come in many forms, such as: fake investment offers, online shopping, romance and dating app scams, or hacking your account and holding it ransom if you don't pay a fee. Scammers will even try to trick your friends into falling for the same scam, targeting your connections on social media.
Tips on how to avoid these scams:
Additional Resources:
Grandparent scams are increasing in the San Diego area. These scams target vulnerable seniors who receive calls from individuals who are impersonating their grandchildren, or other family members, with the intent to pressure you into urgently sending money.
According to the United States Attorney’s Office Southern District of California in a news release dated August 25, 2021, eight people were charged by a federal grand jury for participating in a criminal enterprise that stole over $2 million from more than 70 elderly victims in San Diego County and around the nation.
According to the FCC, the best advice for avoiding Grandparent Scams, or any suspicious phone call, is to hang up immediately. If you don’t recognize the phone number, let it go to voicemail. If you do recognize the number, you could be spoofed, so if you feel the caller is suspicious, hang up and call the person directly. Always use caution if you are being pressured for personal information or bullied to send money quickly, often through a cash app, purchasing gift cards or wiring funds. If you receive a call like this, make sure to report it online by visiting the FCC Consumer Complaint Center.
There is a fake Venmo website that may appear as a top result in Google search result pages when searching for “venmo login” or a similar phrase. Be alert that this might not be the official Venmo website and could be fraudulent. The fake site has a login screen that says your account has been locked and asks you to call a fraudulent number. This may also capture any login credentials being attempted by the user as well.
As a best practice, we recommend you use the Venmo mobile app and keep all of your cash apps updated to the latest version. If you use your computer, ensure that you are on the correct Venmo website and have the correct phone number. If you have been a victim of fraud, please report it through the FBI website.
Scammers are constantly finding new ways to scam people using cryptocurrency. Never trust people or businesses that say you must pay by cryptocurrency as the only method for payment. Scammers may reach out to you via blackmail emails, social media, group messaging apps, text message, etc. For more information on what to look out for to avoid cryptocurrency scams, visit the FTC website.
Be wary of any email requests to send money via wire to fund your crypto currency account. Ensure that you contact the company directly to your account information before sending any funds.
The latest scam we've been made aware of in our area involves fraudsters pretending to be calling from your financial institution, stating there has been a breach to your account. This is a fraud tactic called spoofing, where the caller ID information is manipulated to trick you. You can read more on phone spoofing on the Federal Communications Commission (FCC) Website. This is not related to an internal breach within the credit union, rather, a common scam that has targeted some members and we want to make you aware so you do not fall victim.
These fraudsters are asking for Personal Identification Information (PII), such as your banking login credentials, in an effort to commit identity theft or gain access to your account.
California Coast Credit Union will never ask for this type of PII over the phone when contacting you to validate potential fraudulent activity on your account. If you receive a call from someone claiming to be from California Coast Credit Union and requesting PPI, please hang up and call us directly.
If you believe you have been a target of this scam, please contact us immediately.
We have recently been alerted of an increase of wire transfer scams where con artists try to take advantage of their victims by convincing them to wire money to a stranger, often someone in a foreign country. The hook can come in many forms, but it's important to never wire money to anyone you haven't known for a very long time. The following red flags from the Washington State Office of the Attorney General, should signal a scam:
Want to learn more? Download the Beware of Wire Fraud Scams: Five Tips for Consumers from the California Department of Justice.
California Coast Credit Union has been made aware of a new phone scam impacting residents of the San Diego area as of mid December 2020. Fraudsters target customers of financial institutions, contacting them over the phone pretending to be their bank or credit union by spoofing the telephone numbers of financial institutions. Please be aware that these calls may appear to be coming from official Financial Institution phone numbers, but they could be spoofed. The fraudsters then may state that there has been a breach to your account and ask for your customer/member's login credentials or other Personally Identifiable Information (PII).
We would like to remind members that California Coast Credit Union will never contact you and ask you to provide your login credentials, One-Time-Passwords, or your Personally Identifiable Information.
If you believe that you have been a target of this scam, we advise members to contact the credit union immediately.
The IRS issued a warning about a new phishing scheme involving the impersonation of the FBI or IRS in order to take your computer hostage. This ransomware scam is sent via email using IRS or FBI logos, and asks you to download a fake questionnaire. Clicking on the link will download a form of malware called ransomware, which locks your device unless money is paid to the scammers.
The IRS does not use email, text messages, or social media to discuss personal tax issues, including bills or refunds. If you receive such an email, please do not click on any of the links. Instead, immediately report the email to the FBI at the Internet Crime Complaint Center, and forward IRS-themed scams to phishing@irs.gov.
Please visit the IRS website for more information.
There is a new variation on the classic overpayment scam which is disguised as a job opportunity with stipulations. People may answer an ad posted in the newspaper (including college papers) or post their resume on job sites and fall victim of this newer overpayment scam.
In these scenarios, people receive a job offer from legitimate companies and are then sent a check and/or money order. They are told that they can deposit the check and keep a certain portion of the amount but are then instructed to wire the remainder.
Keep in mind that it doesn’t matter why you are supposed to send money back. Scammers give many different excuses that seem reasonable. It is best to avoid all overpayment scams by never agreeing to handle financial transactions for people you don’t know or who offer you a job. As a rule, never accept a check or money order and turn around and send part or all of the money to anyone.
If you receive a check in the mail with a letter that says you've won the lottery or a sweepstakes or that you've been selected to participate in a secret shopper program, there's a very good chance the check is counterfeit. If you receive a check in the mail because you've sold something on the internet or signed up to work from home, and the check includes an overpayment that you are supposed to return, there is also a likely risk that the check is counterfeit.
Some of these checks look authentic and include the names and addresses of legitimate financial institutions. In addition to checks, counterfeits can also come in the form of official checks, money orders, business checks or personal checks. If you receive a check from an unknown source, contact the financial institution it's written on to help you verify the validity of it. You can find contact information from a public source such as the institution's website or the phone book. Never rely on the contact information on the check or any letter that accompanied the check.
Legitimate California Coast Credit Union's cashier's checks will never be used to fund secret shopper programs, sweepstakes or other similar transactions where you are asked to send money to claim income or winnings. If you are ever in doubt of the validity of a California Coast Credit Union cashier's check you've received, please contact us immediately at (877) 495-1600.
Here are some other tips that will help you avoid becoming the victim of a counterfeit check scam:
Online banking users should be aware of a new variation of a 'social engineering' attack. Criminals are using a computer virus, called Citadel, to launch this attack in an attempt to steal personal and/or account information, including online banking login passwords. The latest version uses social engineering tools to create fake pop-ups, even on legitimate banking sites. This could trick online users into re-entering their bank and credit union account logins and passwords. That could confuse members making online transactions at their credit union's site. See below example below.
If you suspect your computer is infected, or if you see a screen similar to the one above, do not enter your personal information. Call our Member Service Center immediately, at (877) 495-1600. We suggest that you also contact a qualified computer technician to assist you.
For more information you can go to this website.
The National Credit Union Administration (NCUA) has issued an alert about a new scam targeting credit unions members.
The agency warned of fraudulent emails pretending to come from the NCUA and asking credit union member participation in an "Online Survey" or "Member Survey." The emails promise a $40 compensation as an inducement to respond to the email.
The emails are fraudulent, the NCUA warns, and may be an attempt to obtain confidential member information. The agency does not solicit such information from credit union members.
This is a phishing activity with no NCUA activity or approval. If you have received these emails please do not respond. If you have any questions or concerns please email NCUA at pacamail@ncua.gov, or call California Coast Credit Union at (877) 495-1600.
Phishing (pronounced "fishing") attempts are on the rise. Beware of people requesting information over the phone, by text message or by email. Phishing scams involve criminals who try to trick people into providing personal information (such as credit card numbers, PINs, financial account or other sensitive information).
California Coast Credit Union will never send you an email or text message requesting account verification or personal information. If you are ever in doubt of the validity of someone requesting personal account information, please contact California Coast Credit Union immediately at (877) 495-1600.
The criminals who "phish" get more creative all the time! It's important to be aware of the common traits of phishing attempts so you'll recognize them as they evolve. Here are a few to consider:
Phishing emails are designed to load malicious software on your computer to gather information or just to do damage to your hard drive. The best ways to avoid compromising your computer's security is to ensure that you keep updated anti-virus software on your computer and avoid opening emails unless you know the sender. Be particularly careful of emails that contain attachments.
Online banking users should be aware of a new variation of a 'phishing' attack. Criminals are using a computer virus, called ZeusBot or Zbot, to launch this attack in an attempt to steal personal and/or account information, including online banking login passwords. This virus is widespread, but at this time does not affect Mac (Apple) computers.
This virus operates by opening a tab or window in your browser that will appear to be part of the login process for online banking or e-commerce sites (such as eBay, Amazon, etc.). This window will ask for login passwords or credit card information, as if confirming the users' identity. If such an unsolicited window appears on your PC, especially during an online banking session, do not enter information into that window.
The only way to log into Cal Coast Online, California Coast's online banking system, is using the login fields on the www.calcoastcu.org home page. California Coast will not present an additional screen to enter your password into Cal Coast Online.
Please note that after you have entered your password into the home screen of www.calcoastcu.org, you may be presented with questions to verify your identity. This is normal, but the questions will only be the ones that you set up yourself during the enrollment process and will never ask for credit card information or PIN numbers.
This virus can infect your PC by visiting an infected website, not related to your online banking provider. Once a PC has been infected, it will continue to collect personal information such as passwords and card numbers, even if you are entering them into legitimate sites. You do not have to enter this info into the virus' pop-up window to be affected. The only way to know if your PC is infected is if your anti-virus detects the virus, or if you see one of the unsolicited pop-up windows. Please be aware that not all anti-virus programs have yet been updated to detect or clean this virus.
The fraudulent screens may appear similar to the one below, which may ask for your login information (user name and password) or other personal information.
Vishing is the criminal practice of using social engineering (using the phone) and/or Voice IP (calling through a computer) to gain access to private personal and financial information for the purpose of committing fraud.
These are disguised as legitimate calls from fraud prevention departments requesting or verifying your personal or financial information. Do not give out your information. Instead, if you have questions, please call California Coast Credit Union or the financial institution that issued the card.
If you suspect your computer is infected, or if you see a screen similar to the one above, do not enter your personal information. Call our Member Service Center immediately, at (877) 495-1600. We suggest that you also contact a qualified computer technician to assist you.
If you see similar screens on other financial institutions or secured websites where you might make online purchases, do not proceed and report the issue to the owners of those sites.
Maintaining your computer with the latest updates is one of the most effective security precautions that you can take. As vulnerabilities in software are discovered, the software companies release updates, or patches, to address these issues. Many of these programs can be configured to automatically check for updates over the Internet.
Adobe has recently released several updates to their products.
Microsoft releases updates for their Windows operating systems and their MS-Office suite on a weekly basis. It is highly recommended that your home PC is maintained with these updates on a regular basis. Your home PC should also have an anti-virus program installed. This program requires daily or weekly updates to be effective.
The latest Microsoft updates are available at: http://update.microsoft.com
A home internet router should have the administrator password changed from the default password that comes from the factory. Routers have firmware that may be updated as released by the manufacturer of the device. These firmware updates may contain security updates.
Avoid Android malware using these precautions:
Apple releases updates for their iOS operating system on a periodic basis. These updates odten contain fixes for security vulnerabilities. It is highly recommended that your iPad and iPhone are maintained with the latest iOS version.
The update screen can be found under: Settings > General > Software Update.
Each year scam artists and identity thieves steal billions of dollars from unsuspecting consumers. These criminals use the phone, email, text messaging, postal mail and the internet to steal your information or trick you into handing over your money. Learn how to recognize common scams, take action if you think you are a victim of fraud, and what you can do to protect your finances from fraud.
It’s a high-tech spin on an old-fashioned scamming scheme, yet social engineering is a powerful technique that can be used to trick you into cooperating with scam artists and identity thieves. These fraudsters can use various scare tactics to trick you into providing your financial institution’s login credentials and card data or paying for unnecessary technical support services or other items.
This can be done through a phone call, where a scam artist pretends to represent a credit union, a fraud department, a software company like Microsoft, or a popular anti-virus company. They may spoof the caller ID so that it displays a legitimate phone number from a company, and then ask you to install an application and provide them with the code that gives them remote access to your computer.
Text messaging is another method that scam artists will use to fool you. These attacks can occur as SMishing (SMS text phishing) and Vishing (Voice phishing). SMishing and Vishing occurrences usually involve a member receiving a text message or phone call that is asking about suspicious transactions. However, the real information the fraudster is looking for is your card number, CV2 code, PIN number, or other information that could compromise your account.
Below are a few red flags that can help you identify if the text you received might be a SMishing attempt. Be wary if you receive a text about a suspicious transaction that contains any of these:
A fraudster may also display a fake message on a website, or a pop-up message that won't go away. Messages like this, known as “scareware”, may indicate a virus or other malware. These messages are fake, and are designed to trick you into calling a phone number staffed with fake technical support.
When you engage with these fraudsters, they will offer fake solutions and ask for payment in the form of a one-time fee, subscription service, or gift card.
Cyber attacks, identified as a Distributed Denial of Service (DDoS), have recently been in the news. The intent of such an attack is to prevent Internet access. What this could mean for our members would be the inability to access the credit union's website and services such as online banking.
We cannot know if or when these this event will actually occur. However, aside from the inconvenience of a potential disruption of online service, be assured that your member information will remain secure and protected.
ABA/Routing No: 322281578
NMLS ID# 407951