As our members increasingly turn to digital banking, fraudsters have sought to take advantage of this trend by victimizing them through social engineering.
In one common instance of social engineering, bad actors will send text messages and emails to you pretending to be from Orlando Credit Union's fraud department. The text/email will provide a phone number for you to call to resolve an attempted fraud on your account. When you call this number, the bad actors will request login credentials to your online banking profile. If access is given, the bad actors will then have the ability to transfer funds out of your accounts through various products.
To protect yourself against this type of social engineering, as we’ve seen an uptick in this type of fraud, we strongly recommend you follow these best practices.
- Only call Orlando Credit Union via the phone numbers available on our website.
- You should not share your credentials or provide one-time passcodes to anyone who is not authorized to have access to your account. Remember, we will NEVER ask you to provide us your online banking credentials.
- NEVER click on links in unsolicited emails or texts.
- If you receive a text, call or email for a one-time passcode authorization that you did not request, you should not respond to the text, call or email to validate the login.
- You should NEVER trust caller ID as caller ID may be modified to show Orlando Credit Union.