Advice & Planning


POSTED: Dec 06, 2017
Holiday Scams to Avoid this Season

To many, the holidays mean gift giving and family. Unfortunately, this time of year is also a time when fraud and identity theft affect consumers at alarming rates. While consumers are getting smarter, identity thieves are using new tricks and schemes to get their hands on financial and personal information. In fact, according to ACI Worldwide, fraud attempts are expected to increase by 30 percent this peak holiday season, compared to last year!

From gift card scams to fake charities, check out the common holiday scams consumers will need to watch out for this year!

1. Charity Cons

The holidays are a great time to give back to your community and donate to charitable organizations. However, an intended good deed could put leave you a victim of scammers or identity thieves. Recently, scammers have been found to send emails posing as popular or seemingly legitimate charities and asking for you to make a donation via your credit card. Once you make a payment, thieves will have access to your personal and financial information.

If you receive an email asking for a donation, it’s best to be skeptical and to go straight to the charity’s website and make a donation there. If you’re unsure if the charity is legitimate, check out charities at before donating, or contact the charity directly to make sure they sent the donation request.

2. Gift Card Fraud

Gift cards can be great gifts for loved ones during the holidays. However, consumers should be aware of the following gift card schemes that could sour the Season of Giving. For example, scammers are increasingly selling counterfeit and fraudulent gift cards on auction websites and sellers have been found to overstate the value of real gift cards they are selling so buyers will overpay.

To make sure you’re getting a fair deal on your purchase, avoid purchasing gift cards from third-party vendors.

3. Holiday eCard Phishing Scams

It’s not uncommon to receive a holiday eCard but don’t let a subject line like “Merry Christmas” distract you from always being alert and cautious before opening an email. Fake notifications for eCards have become an increasingly common and an often-successful way for scammers to trick you into letting down your defenses. You click on a link that will supposedly take you to a greeting, but instead the link unleashes a malicious program that will give cyber-crooks remote access to your online bank accounts and passwords.

To help combat this scam, always check to see if you recognize the email address from which the e-card was sent and keep an eye out for grammatical or spelling errors within the email’s content. If it seems suspicious, do not click on any links within the email and delete it immediately.

4. Fraudulent Shopping Apps

Shopping on your smartphone or tablet? You’re definitely not alone. eCommerce statistics show that in 2017, 62 percent of smartphone users have made a purchase online using their mobile device in the last 6 months.

To help protect your information this holiday season, look twice before you download a shopping app. In 2016 alone, hundreds of fake retail and product apps were reported in the Apple App Store in the weeks leading up to the holidays. Oftentimes, these counterfeit apps look strikingly similar to those belonging to popular retail chain stores and luxury-goods makers.

While many of them may be relatively harmless knockoff apps that serve for popup ads, accidentally entering any card or personal information can lead to potential fraud.

POSTED: Nov 07, 2017
Cyber Monday Shopping Safety Tips

With bigger and better deals every year and the convenience of avoiding the holiday mayhem at the shops, it’s no wonder why nearly 70 percent of consumers are expected to jump online to take advantage of Cyber Monday deals this year.

While Cyber Monday may mean saving big, it’s important for consumers to stay savvy when it comes to shopping online all holiday season. And with a reported more than 50 percent of Cyber Monday shoppers planning to make purchases from their mobile devices, protecting your financial and personal security will mean taking extra precautions.

Check out our tips below!

1. Stick to Secure Websites

Only submit your card details or sensitive information to secure websites. These websites ensure a safe, encrypted channel for a website to transfer data to a browser, and vice versa. They also verify the identity of each party — the vendor and consumer – and guarantee that your data will not be intercepted.

To be sure you are using a secure website, check for a small padlock symbol in the address bar. The web address will also begin with “https://:” (the s stands for 'secure').

2. Don’t Shop on Unsecured Wi-Fi Hotspots

Free public Wi-Fi networks can often be found in coffee shops, restaurants and airports. While these hotspots are handy, they should be used cautiously, especially when it comes to accessing personal information. Unsecured Wi-Fi networks don’t require passwords and can be easily hacked by thieves who can gather all of the sites you accessed while on the network and all of the personal information you entered there.

Stick to shopping on a secure Wi-Fi hotspot that requires a password or use your phone’s network data.

3. Don’t Fall for “Too-Good-To-Be-True” Offers

You may be on the prowl for great Cyber Monday deals but if it looks too good to be true, it’s best to assume it is. Identity thieves and cybercriminals are known to prey on bargain hunters this time of year. Watch out especially for email and text messages promising unreal deals. By clicking on links within these messages, you could be leaving your device vulnerable phishing software or malware.

4. Update Your Anti-Virus Software

Keeping Anti-virus and anti-phishing tools on all computers can help you to detect and remove viruses and keyloggers that can steal your personal and financial information. Updating these systems regularly will help you to protect your devices from the latest viruses and will help to cover any upgrades you may have made within your operating system.

5. Check for Fraudulent Apps

Shopping on your phone or tablet? Look twice before you download an app. In 2016 alone, hundreds of fake retail and product apps were reported in the Apple App Store in the weeks leading up to the holidays. Oftentimes, these counterfeit apps look strikingly similar to those belonging to popular retail chain stores and luxury-goods makers.

While many of them may be relatively harmless knockoff apps that serve for popup ads, accidentally entering any card or personal information can lead to potential fraud.

6. Set Up MCU Account Alerts

While there may always be some risk to shopping online, keeping an eye on your accounts is one of the best ways to spot and report potential fraud as early as possible, potentially saving you time and money.

One of the easiest ways for members to monitor their MCU accounts for suspicious activity is to enroll in MCU Account Alerts through NYMCU® Online Banking. These email or text message* notifications will be automatically sent to your cell phone or email when certain activity occurs within your account. If you do receive a notification regarding your account that looks out of the ordinary or suspicious, be sure to let us know immediately!

* Standard text message rates apply according to your plan. Delivery of alerts may be delayed for various reasons..

POSTED: Oct 27, 2017
An MCU Scam Roundup - Fall 2017

You may be working hard to protect your personal and financial information but criminals are still defrauding many victims by combining new technology with old tricks. Staying informed is key in avoiding being victimized by these new and advanced scams. Check out these recent scams reported by the Better Business Bureau that are currently affecting hardworking people everywhere.

1. Stay Smart and Steer Clear of the College Fund Scam

The New York Department of State, Division of Consumer Protection is warning consumers of a phishing scam targeting college students. Identity thieves are posing as representatives of government agencies and contacting students, claiming they are eligible for state government funds available for higher education. Victims of this scam are then told they will need to provide their financial information in order for said funds to be deposited into their checking account directly. They’re then asked to click on a link for more information. These links will expose your computer and personal information to scammers.

If you receive an email like this or one of a similar suspicious nature, it’s important to know the following:

• Do not click on links or open attachments in any email that is from an unknown source.

• Know that the only financial aid information you can trust will come directly from the federal government or the college itself, unless you have requested information from private financial institutions. Solicitation offers are highly suspicious.

• Pay attention to the details within messages you received. Phishing emails often include grammatical errors and may address the recipient incorrectly.

• Only use built-in spam filters from your mailbox to report spams. Do not click on any link from the message you received even though it says “report as spam”. Do not click on any “unsubscribe” link from unknown senders.

• Never share your personal information, such as bank account number, full name, home address or social security number.

2. No, Equifax isn’t Calling

Scammers are reportedly taking advantage of nervous consumers in the wake of the highly publicized Equifax data breach. Most notably, identity thieves are posing as the credit reporting agency and asking consumers to verify account information and provide additional details. It’s important to know that Equifax or similar organizations like financial institutions will never contact you by phone requesting information like this for any reason. If you receive a phone call like this, the following steps can help protect your personal and financial information:

• Never provide any personal or financial information unless you’ve initiated the call and it’s to a phone number you know is correct

• Don’t trust caller ID. Scammers can spoof their numbers so it looks like they are calling from a particular company, even when they’re not.

• If you get an automated call, hang up. Don't press any number on your keypad in attempt to speak with a representative or take your phone number off the list. This will likely just lead to more calls.

According to the Better Business Bureau, If you’ve already received a call that you think is fake, report it to the FTC. If you gave your personal information to an imposter, you’ll need to change compromised passwords, account numbers or security questions.

3. Phony Employment Offers

Employment scams may be little known to many consumers but are becoming increasingly common. Victims may see an ad on a poster or even be contacted directly through a job or employment website by an identity thief posing as head hunters or potential employers.

These scammers may offer their victims a brief interview over the phone, web chat, or through email before offering the job to their victims. The victim is then told that before they can begin working, they’ll have to provide personal information like their bank account information and even pay money up front for work provisions, supplies or certificates.

Once the scammers have what they want, they’ll be sure to disappear.

Luckily, employment scams can be easy to recognize and avoid. Here are some things to watch out for:

• Some listed job opportunities are more likely to be scams than others. Work-from-home; secret shopper positions or any job with a generic job title, such as caregiver, can be a red flag for fraud. Because these positions often don't require special training or licensing, they appeal to a wide range of applicants, bringing in more potential victims for the scammers.

• Search the web for similar job postings. If identical job listings appear in other cities with the exact same job post, it is likely a scam. Also, check the real company's job page to make sure the position is listed there.

• Beware of on-the-spot job offers. You may be an excellent candidate for the job, but know that offers made without an interview uncommon and suspicious. A real company will want to talk to a candidate before hiring him or her.

• Don't fall for an overpayment scam. No legitimate job would ever overpay an employee and ask him/her wire the money elsewhere. This is a common trick used by scammers.

• Avoid any job that asks you to share personal information or hand over money. Scammers will often use the guise of running a credit check, setting up direct deposit or paying for training. This information can then be used for identity theft, so be absolutely certain before you share.

POSTED: Oct 18, 2017
ATM and Debit Card Fraud PreventionTips

Your debit card is a convenient and smart way to make purchases, manage your money and keep a budget. However, a recent increase in fraudulent schemes and theft means that card and ATM safety is more important than ever when it comes to protecting your money and personal information. To help safeguard your account and personal information, check out these useful ATM and Debit fraud prevention tips.

1.Location, location, location

Protecting yourself from ATM fraud can be as easy as avoiding certain remote ATMs and point of sale devices. These free-standing ATMs, which are often found in low-trafficked and poorly lit areas outside of grocery stores and bodegas, are most vulnerable to being tampered with by thieves. Similarly, self-serve gas pumps that accept credit cards at stations are known to have high instances of tampering.

It may be a bit out of the way when you’re out and about, but the safest ATMs you can use are always the ones located in the vestibules of a financial institutions that require a card to gain access.

2. Check the ATM for tampering

ATM skimming has become an increasing threat to cardholders. According to, theft from ATM skimming is approaching $1 billion annually and Javelin estimates that one in five people have been hit by an ATM skimmer.

Before using an ATM or point-of-sale terminal, take a good look at the keypad and card slot and check to see if anything is loose or out of place. The New York City Department of Consumer Affairs additionally recommends checking for keypads that appear raised or have an unusual color. A thief could have placed an overlay on the keypad to record the personal identification number you punch in.

It’s important to also note that some gas pumps have security tape that forms a seal around the card reader. If the seal is broken, it could mean the reader has been compromised.

When in doubt, don’t use the device.

3. Protect your PIN

Always shield the screen and keypad when entering your PIN or transaction amount. In addition to threat of “shoulder surfers”, or individuals trying to get a glimpse of your personal information from over your shoulder, thieves are increasingly installing pinhole cameras on or near ATMs and point-of-sale devices to record the information input.

Cardholders can also easily protect their PIN information by memorizing it so that they never have to write it down. When selecting a PIN, it’s strongly recommended to avoid numbers and letters that relate to your personal information and can be easily guessed. For example, don't use your initials, birthday, telephone or Social Security number.

4. Stay vigilant to those around you

It’s important to stay mindful of the people around you before beginning an ATM transaction. In addition to traditional thieves, shoulder surfers may hang around ATMs with the intention of stealing your personal information. If you see anyone or anything suspicious, cancel your transaction and leave immediately. As an extra precaution when using an enclosed ATM that requires your card to open the door, avoid letting strangers follow you inside.

If anyone does follow you after you’ve completed a transaction, go to a crowded, well-lit area and call the police.

5. Check your transactions

Take time to regularly examine your bank account activity online to see whether funds have been withdrawn that you didn't authorize. As an additional precaution, you should hold on to your ATM receipts and check them against your monthly statement. You can also set up alerts so that you're notified when funds are withdrawn.

6. Immediately report a lost or stolen card to your financial institution

If your ATM or debit card is lost or stolen, be sure to contact your financial institution and report it immediately. Acting fast limits your liability for charges you didn’t authorize. Once you report the loss of your ATM or debit card, federal law says you cannot be held liable for unauthorized transfers that occur after that time.

POSTED: Sep 21, 2017
MCU’s Tips for Consumers Affected by Identity Theft

While you may be taking active steps to protect your personal and account information, new scams and recent data breaches have left millions of Americans vulnerable. To stay proactive in protecting your information, consumers can stay vigilant by keeping an eye out for the following warning signs:

  • Receiving a credit card that you didn’t apply for
  • Being denied credit or being offered less favorable credit terms like a high interest rate, for no apparent reason
  • Getting calls or letters from debt collectors or businesses about merchandise or services you didn’t buy

1. Notify Financial Institutions and Credit Card Companies

If an account or existing credit line has been affected, notifying your financial institution or credit card company should be your first priority and can save you money and a lot of trouble down the road. For example, the Fair Credit Billing Act specifies that your maximum liability for unauthorized charges is $50. However because most credit cards have zero-liability policies, consumers are often protected from having to take on any liability at all.

Consumers can then work with their financial institution or card company to determine the best course of action. This may be as easy as changing login information, passwords or PINs or may require closing accounts or placing a freeze on accounts so changes or charges cannot be made until you agree to them.

2. Monitor all Statements for Suspicious Activity

If you’ve noticed fraud or suspicious activity on one account, it’s very important to check other statements and financial records for other charges or activity you don’t recognize. This includes dormant or infrequently used accounts.

If you find unknown charges, call the financial institutions to alert them of the problem and request the account be locked or closed.

3. Place a Fraud Alert on Your Credit Report

As a consumer, you’re entitled to at least one free credit report from each agency each year, which you can receive through one of the three credit reporting agencies, Experian, Equifax or TransUnion.

In addition to this report, consumers who believe they may be as risk of fraud can place a fraud alert on their credit report. Placing an alert is not only free but will also make it more difficult for new accounts to be opened in your name. To place an alert you’ll only have to contact one of the three reporting agencies (Experian, Equifax or TransUnion). That company will alert the other two.

A fraud alert can be extended for up to seven years if a consumer provides proof to the credit reporting agencies that they are a victim of identity theft. A fraud alert will notify any institution that pulls your credit report to the fact your identity may be compromised. This will also prompt creditors to take additional steps in verifying your identity should you open any new accounts.

4. Consider Freezing Your Credit

For an extra layer of protection, consumers can also initiate a credit freeze. Like a fraud alert, a credit freeze also typically free for victims of identity theft. And while a credit freeze can be a good way to prevent ongoing fraud, it will likely also make it difficult receive approval for loans or credit cards.

It’s important to note that consumers will have to reach out to credit reporting agency individually to place the freeze.

5. File a report with the Federal Trade Commission

Once you have determined the extent of the fraud, consumers should file a report with the Federal Trade Commission (FTC).

Simply visit, create an account and Include as many details as possible. Based on the information provided, the FTC will create an identity theft report and recovery and track your progress, and pre-fill forms and letters for you. Your Identity Theft Report is important because it provides evidence of fraud, making it easier to correct discrepancies.

6. File a Police Report

Filing a police report helps identity theft victims gain access to the legal benefits. As a victim of identity theft, you should obtain a detailed police report about your situation. It is important to file detailed reports both locally as well as in the jurisdiction where the fraud occurred.

To file a police report it’s important to provide a copy of your FTC Identity Theft Report, a government-issued ID with a photo, proof of your address (mortgage statement, rental agreement, or utilities bill) and any other proof of theft ( bills, Internal Revenue Service (IRS) notices, etc.).

POSTED: Dec 29, 2016
An MCU Scam Alert Update

An estimated 11 percent of adults in the United States lose money each year because of criminal activity – that’s 25.6 million people! Consumers are getting smarter about fraud, but unfortunately thieves are too. Criminals are defrauding many victims by combining new technology with old tricks to gain access to their money and personal information.

Being informed is the first step to keeping your money and personal information safe. Check out these recent scams plaguing hardworking people everywhere.

1. Don’t Get Hooked by Text Phishing

Consumers have become accustomed to phishing scams via email so thieves have switched it up by using text messages or SMS. Usually posing as a government agency or financial institution, identity thieves and scam artists will panic victims with a message that implies a sense of urgency and a immediate response in order for them to quickly turn over personal and account information. Text phishing – or smishing – scams typically ask consumers to provide usernames and passwords, credit and debit card numbers, PINs, or other sensitive information that scam artists can use to commit fraud. However, it is important to remember that credit unions, banks and government agencies will never reach out for sensitive information through these means.

Never open links in unsolicited text messages, as they may infect your mobile device with malware that will steal the financial information stored on the device. It is also important to not call any phone numbers provided in suspicious text messages. Instead, be sure to contact any financial information, government, agency, or company identified in the text message by using the information in your records or listed on the official website.

2. Download Apps with Caution

Because of the recent holiday season, new phony retail apps have popped up in both Apple and Android app stores. It’s important to keep an eye out for these apps, which typically have names and logos very similar to those of legitimate companies and popular digital shopping platforms.

It’s good practice to always be careful when downloading any new apps. While most fake apps are fairly harmless and are used to simply delivery spam-like advertising, others may require the user to enter their credit card information or personal information. If this information is shared, it could leave users at risk of fraud.

To help ensure that an app is secure and user-friendly, check to see how often and well the app has been reviewed.

3. There’s a New Tax Bill Scam on the Block

While consumers are becoming increasingly savvy in recognizing tax bills scams, fraudsters aren’t giving up. The IRS has recently reported that fake documents designed to look like real CP2000 notices have come into circulation. CP2000 notices are typically sent out by the IRS to notify a person that information it receives about their income doesn’t match the information reported on their tax return. In this instance, the counterfeit document are targeting victims be claiming that taxpayers owe money for the previous tax year under the Affordable Care Act.

The idea of getting a letter from the IRS can cause people to panic and act quickly without realizing they they’ve been scammed. Luckily, there are some easy to spot warnings that can help you avoid becoming a victim.

For example, the IRS will never:

• Initiate contact with you by email or through social media.

• Ask you to pay using a gift card, pre-paid debit card, or wire transfer.

• Request personal or financial information by email, texts, or social media.

• Threaten to immediately have you arrested or deported for not paying.

POSTED: Oct 25, 2016
MCU’s Identity Protection Tips for Online Holiday Shopping

With crowded stores and long lines, it’s no secret why millions of Americans are ditching their shopping carts in favor of the internet during the holidays. In fact, according to the National Retail Federation, nearly half of all holiday shopping was done online in 2015 – and more people are expected to take to their laptops and smartphones to check off items on their shopping lists this year.

While online shopping is a great way to save time and find great deals, it can also make your personal and card information more vulnerable to hackers and identity thieves. To help keep the happy in “Happy Holidays,” check out these easy ways to stay safe while online shopping this season.

1. Stick to Just One Credit Card

When it comes to shopping online, your credit card can be a safer way to make online purchases, compared to other means of payment. Credit Cards provide valuable protection when doing holiday shopping since they have systems in place to handle fraud issues more expediently and don't leave you waiting for lost funds to be reclaimed.

Additionally, sticking to just one credit card can be beneficial while shopping during the holiday season both on and offline. Doing this will not only help you to stay on budget but will also help you to more easily keep an eye out for potential identity theft or fraud.

2. Be Wary of Public WiFi hotspots

Saving your data is great but think twice before logging into a public WiFi hotspot to shop online –your information may not be safe. These networks are unsecured connections that hackers can easily access and steal any personal information you may be putting out during the time you are connected.

3. Stick to Secure Sites

When visiting a website that asks for sensitive information such as credit card numbers, it’s important to make sure that the website is encrypted over a secure connection. Otherwise, your information could easily fall into the hands of hackers.

To ensure that you’re using a secured website, check out the URL – it should begin with “https” rather than “http”. The “s” at the end of “http” stands for secure and is using an SSL (Secure Sockets Layer) connection. You can also check for the “Lock” icon that is displayed somewhere in the window of your web browser.

POSTED: Jul 05, 2016
MCU’s Tips for Recognizing Identity Theft

If you’re not concerned about being at risk for identity theft, it’s time to think again. According to a recent study conducted by the Harris Poll, nearly 60 million American have been affected by identity theft. And as consumers become more sophisticated about protecting themselves, criminals have learned to adapt.

Once stolen, an identity thief can use your personal information to empty your bank accounts, make purchases online, use your medical insurance and open new credit card and utility accounts. While consumers are exposed to a lot of great information about the steps they should take to protect themselves against identity theft, it’s equally important to know the signs that you’ve become a victim. This will help you to take the necessary steps as soon as possible.

Your security is important to MCU and your other financial institutions. As we continue to monitor your accounts for fraud, you should keep an eye out as well. According to the Federal Trade Commission, key warning signs of identity theft include:

  • • Unexplained withdrawals from your bank account
  • • Missing bills or other pieces of sensitive mail
  • • Bounced checks
  • • Calls from debt collectors about debts that aren’t yours
  • • Unfamiliar accounts or charges on your credit report.
  • • Medical bills for services you didn’t use
  • • Your health plan rejects a legitimate medical claim because the records show you’ve reached your benefits limit
  • • A health plan won’t cover you because your medical records show a condition you don’t have
  • • The IRS notifies you that more than one tax return was filed in your name, or that you have income from an employer you don’t work for
  • • You get a notice that your information was compromised by a data breach at a company where you do business or have an account

If you notice any of these warning signs and believe that you’ve been affected by identity theft, learn more about the steps you can take here.

POSTED: Nov 06, 2014
Five Things to Know: Protecting Your Online Security

According to a 2018 online survey conducted by the Harris Poll, approximately 60 million Americans have been affected by identity theft – that’s nearly one in five people living in the United States!

Protecting your personal and financial information on the web is one of the most important steps any consumer can take to prevent identity theft.

Check out our tips below to get started today.

1. Frequently change and diversify your passwords. This is one of the easiest ways to keep hackers from accessing your online banking accounts and other important web portals with information stolen from less secure sites, such as social media platforms. As you frequently update your passwords, it’s also important to avoid using sensitive information, including your Social Security number, birthdate, user ID or personal identification number (PIN). If someone gains access to this information, it may be among the first things used to try to get into your account.

2. Install and maintain antivirus software. Failing to download antivirus software will almost certainly leave your device vulnerable to cyber attacks and malicious software that can be accidentally installed while trying to download an attachment or open a new link. These programs can corrupt your device and steal sensitive information.

Antivirus software acts as a gatekeeper for these attacks and protects the device from both incoming potential threats. New viruses are coming out all the time. Because of this, it’s important for users to update their antivirus software as often as possible and to make sure not to let annual subscriptions lapse.

3. Beware of unsecured Wi-Fi networks. Free public Wi-Fi networks found in coffee shops, restaurants and airports can be convenient when you’re out and about but they should be used cautiously. While these hotspots are handy, they should be used cautiously, especially when it comes to accessing personal information. Unsecured Wi-Fi networks don’t require passwords and can be easily hacked by thieves who can gather all of the sites you accessed and all of the personal information you entered while on the network.

4. Secure your email account by using a two-step verification process. If you use your email to store sensitive information, enabling a two-step verification process will help you to feel confident that your financial and personal information is safe. This process means you need to pass another layer of authentication, not just a username and password, to get into your accounts. You might be asked to enter a code sent via text, or tap a confirmation button on a mobile app. It may feel like a bit of an inconvenience at times, but enabling a two-step verification process will help to secure your email account even if your password has been discovered or compromised.

5. Think before you click. . Be sure to check for an encrypted connection, especially for emails, banking and online payments. A secure website is indicated by 'https' before the URL, rather than 'http'. A padlock symbol on the top or bottom of the screen is also a good sign.

And if you’re shopping on your smartphone or tablet, you can help protect your personal information by double-checking the apps that your download to your device. Oftentimes, counterfeit apps look strikingly similar to those belonging to popular retail chain stores and luxury-goods makers. While many of them may be relatively harmless knockoff apps that serve for popup ads, accidentally entering any card or personal information can lead to potential fraud.

Today’s Rates

Auto Loan1.95%
Personal Loan5.95%
30 Year Fixed4.434%
IRA 18-Month Variable0.30%
Share Certificate 36-Month0.60%
  • ncua
  • home
  • verified
  • norton
  • youtube facebook twitter

Routing Transit Number: 226078036

  • youtube facebook twitter instagram

Routing Transit Number: 226078036