Member Security and Awareness

Fraud Alert: IRS Scams

Tax identity theft and fraud continues to be on the rise, unfortunately the burden falls on you to protect yourself.  Please be aware that the IRS doesn’t initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information.  

For more information, please visit the IRS’s “How to know if it’s really the IRS” site for more information. 

If you receive a text or call from DOCFCU asking for secure account information or your online banking login information, please do not reply or respond. DOCFCU WILL NEVER ASK YOU FOR YOUR ONLINE PASSWORDS. If you suspect your account information has been compromised, please give us a call at 202-808-3600.

Photo of person at computer with spam mail graphic

Beware of phishing calls, emails and texts

Avoid phishing scams that call, text or email pretending to be DOCFCU then asking you to share personal information. Never click links in unsolicited emails or texts or give personal financial              information to callers. A DOCFCU representative will NEVER ask for your full Social Security Number or your account username,        password or PIN. If you’re unsure if a call is legitimate, hang up and call us back to confirm.

What You Can Do

Person using phone, happy

Review Your Social Media

Social media sites are treasure troves of personal data. In fact, we often share more than we realize on these sites. With constant changes and updates, it can be hard to manage your security settings and know who can view what                information you share.

Yet there are things you can do to keep yourself safe while staying connected. Here are some best practices for protecting your personal security on social    networking sites:

  • Only add people you know to your social media accounts
  • Use a unique password for each social media site and change it regularly 
  • Enable two-factor authentication for your social media accounts. This adds an extra layer of security by requiring a second form of verification, such as a unique code sent to your phone, in addition to your password.
  • Limit the amount of fact-based personal information you share (such as your birthday, address, hometown, graduation dates, and phone number or email address)
  • Use a password instead of a real answer for security verification questions
  • Be cautious when granting permissions to third-party apps that request        access to your social media accounts. Only authorize apps from trusted sources and review the permissions they require.

By following these tips, you can enhance the security of your social media          accounts and protect your personal information from unauthorized access or misuse.

Couple reviewing budget

Review Your Credit Report

You’re entitled to one free credit report every year from each of the major credit bureaus. Viewing these reports can help you catch signs of     identity theft or misinformation that could affect your ability to open new lines of credit. 

If you notice suspicious activity, you may also choose to freeze or lock your credit for added protection. Another option is to subscribe to a dark web monitoring service that will alert you if your personal data shows up on the dark web.

DOCFCU members have access to their credit reports online for FREE through home banking. Contact us for more information. 

Photo of two factor verification code on a mobile pone

Enable Multi-factor Authentication (MFA)

What is MFA?

Multi-factor authentication (also known as two-factor authentication or 2FA) is a common practice that you might already be doing! Have you ever logged into a website and then were prompted to enter a security code sent to your phone or email to gain access? That’s a form of MFA.

Examples of multi-factor authentication can be:

  • Knowledge – something only you know (such as a PIN).
  • Possession – this can be a USB device, your cell phone, or even a          security token.
  • Inherence – something only you have, such as a fingerprint or facial recognition.
  • Location – some devices might only allow access in authorized              geographic locations.
  • Time – some authentication methods restrict users’ access to                 information within specific timeframes.
Photo of person at computer entering password

Protect Your Passwords

Create strong, unique usernames and passwords. 

Good usernames and passwords are key to preventing unauthorized account access. Create unique usernames for your financial accounts, use a different password for each site, and never reuse the same username or password on multiple financial sites. That way, if a hacker gains access to one account, the same login info won’t give them access to others. 

The strongest passwords are:

  • Unique and used for only one website or app
  • 12 or more characters long
  • Made up of uppercase and lowercase letters, numbers, and special characters 
Photo of woman at a computer with "Protected" on the screen

Secure Your Computer

Set up screen-lock passwords on all phones, tablets and computers you use. Equip your computers with virus and spyware protection software and keep your computer operating systems and browsers updated. And avoid        modifying your operating system (commonly called “jailbreaking”), which will void the warranty and could expose your device to potential threats. 

Updates aren’t just for your computer either. Internet browsers also need   security updates from time to time. Clearing cookies and your browsing   history also enhances your security by clearing personal information that could be stolen. (This goes for the browser on your smartphone, too!)

Safeguard Your Credit & Debit Card

  1. Keep your cards safe: Always keep your credit and debit cards in a secure place, such as a wallet or a cardholder. Avoid leaving them unattended or in easily accessible areas.
  2. Memorize your PIN: Memorize your Personal Identification Number (PIN) and avoid writing it down or sharing it with anyone. This will help prevent        unauthorized access to your accounts.
  3. Be cautious with your card information: Never share your card details, such as the card number, expiration date, or CVV, with anyone unless it is a trusted and secure website or merchant. Be wary of phishing attempts or suspicious emails asking for your card information. 
  4. Regularly review your statements: Take the time to review your credit and debit card statements regularly. Look for any unauthorized transactions or suspicious activity. If you notice anything unusual, report it to DOCFCU immediately.
  5. Use secure online shopping practices: When making online purchases, ensure that you are using a secure website with encryption technology. Look for the padlock symbol in the browser address bar and use trusted payment methods. 
  6. Enable transaction alerts: We offer transaction alerts via email or text message via online banking. Enable these alerts to receive notifications for any  transactions made with your card. This can help you quickly identify and report any fraudulent activity.
  7. Be cautious at ATMs and point-of-sale (POS) terminals: When using ATMs or point-of-sale terminals, be aware of your surroundings. Look for any suspicious devices or cameras that may be used to capture your card information. If something seems off, find another machine or notify the merchant. 
  8. Report lost or stolen cards immediately: If your credit or debit card is lost or stolen, report it to DOCFCU immediately. We can block the card and prevent any unauthorized transactions.

Remember, being proactive and vigilant is key to protecting your credit and debit cards. By following these tips, you can reduce the risk of fraud and ensure the security of your financial information. Click here to learn more about Card Safety


Person using phone

Reporting Identity Theft

Notify DOCFCU immediately if you believe your account has been            compromised. 

Our 24/7 call center can be reached at 202.808.3600 or 888.626.9845.        If you locate accounts that were opened without your permission, please close them immediately. Also, make sure you communicate with businesses in writing so that you have a record of your correspondences. Finally, inform the following organizations and authorities:

Credit Bureaus:  

Equifax (1.800.685.1111)

Experian (1.888.397.3742

TransUnion (1.800.888.4213)

Request a fraud alert be placed on your credit report. Once one credit agency confirms your fraud alert, the others will be automatically notified.

If you are a victim of identity theft, you may file a report with the FTC by clicking here.

To learn more about how to avoid scams and the latest scam alerts please visit:

Scam Gram! Keep the sharks at bay
Consumer Action’s new monthly newsletter alerting you to the dirtiest players in the world of tech fraud, credit card scams, ID theft and general con-artistry.

AARP BankSafe Initiative

Financial exploitation hurts us all. DOCFCU is proud to have earned the AARP BankSafe Trained Seal in recognition of the training we have undergone and policies we have in place to better protect the assets of older Americans. Learn more: 

AARP Bank Safe Trained badge