How We Protect You
The highest level of encryption
Whether you access your accounts in Online Banking or the Mobile Banking App, feel secure that your information is encrypted to the highest degree: 256-Bit TSL/SSL encryption and 128-Bit SSL encryption.
When you sign in to Online Banking for the first time or when your device is not recognized, we employ multi-factor security authentication by sending you a one-time verification code by phone or text message. Once you receive the identification code, you can securely log in to your account.
Secure Mobile Biometrics
Use your fingerprint on Android or Apple devices, Face ID on Apple, or use your preferred password vault to securely log in.
Protected if your device is lost or stolen
Your secure account information (such as account number, etc.) is not stored on the Mobile Banking App, so you don’t have to worry if your phone is lost or stolen.
Visa’s Zero Liability
With Visa’s Zero Liability Policy, your liability for eligible unauthorized transactions is $0.
Enhanced Fraud Protection
With Enhanced Fraud Protection, you’ll receive text messages¹skip to disclosure, emails, and/or phone alerts if potentially suspicious activity occurs. DuPage Credit Union will never ask you for your card number, PINs, CVV/CV2 codes, expiration dates, or other personal information via text message. Learn more.
How to Protect Yourself
Create strong passwords
Create passwords with a minimum of 10 characters that use a combination of letters (upper and lower case), numbers, and symbols. A good way to create a strong password is to think of a memorable phrase or use the first letter of each word as your password, converting some letters into numbers that resemble letters. For example, “I love DCU” into “!l0v3DCU!!”
Rather than storing your usernames and passwords on a piece of paper or document on your computer which can be compromised by hackers, we recommend using a password manager. Password managers are online tools that keep your list of usernames and passwords encrypted.
Control when, where, and how your debit and credit cards are used with the DuPage Card Controls app. Turn your card off if it’s lost or stolen, get alerts, set spending limits, and more. Learn more.
Activate your credit and debit cards as soon as you receive them.
For your security, please activate your card by calling the number on the activation sticker on the letter you received in the mail. You can also activate your credit card by logging into Online Banking, selecting your card type, and following the prompts provided.
Shred or tear up any credit card applications or documents that have your card information.
Then, sign up for paperless statements to protect yourself from mail theft.
Never respond to emails, texts, or phone calls that request your personal information.
Remember: DuPage Credit Union will never contact you by unsolicited phone call, email, or text and ask for your account number; credit or debit card number; your PIN, CVV/CV2 or expiration date; your Online Banking User ID; your password; or other sensitive information. If you receive an email asking for any of these, it is most likely a scam. If you’re unsure, do not click on any links or open any attachments. Contact us immediately.
Set up travel notifications
Traveling out of state or abroad? In order to avoid possible interrupted service to your credit and/or debit card(s), let us know about your travels.
Gift Card Scams
Beware of any person claiming to be associated with a business or organization (such as the IRS, Amazon, Apple, etc.) that requests a refund or payment by gift card. Legitimate businesses will not ask you to purchase gift cards or provide gift card numbers as payment or a method of correcting a refund. If you are asked to purchase gift cards, especially in large dollar amounts, hang up and contact us and your local authorities.
Keep your contact information up to date and secure.
Conveniently add alerts to your account(s) and update your profile by simply signing into Online Banking, and then clicking Settings in the upper right.
Create strong, unique passwords.
Create passwords (the longer the better) that include a combination of numbers, symbols and upper- and lowercase letters. Learn more about creating strong passwords.
Be careful on social media.
Don’t post personal information to your profile like your birthdate, city of birth or mother’s maiden name.
Keep your devices updated with the latest operating systems, software, and patches.
Protect yourself from mail theft by signing up for paperless Online Statements. If you choose to receive mailed statements, be sure to follow these guidelines by the United States Postal Inspection Service. In addition, shred all documents that contain personal information.
Check your credit reports at least once per year at AnnualCreditReport.com. Or, request the reports directly from each agency:
Phishing is when criminals pretend to be representatives of legitimate businesses in order to induce individuals to reveal personal or account information such as passwords or credit card numbers. No matter how you are contacted, phishing scams have one thing in common: They create a sense of urgency to get you to respond with information they, as a legitimate organization, should already have.
Remember: DuPage Credit Union will never contact you by unsolicited phone call, email, or text and ask for your member number; credit or debit card number; your PIN, CVV/CV2 or expiration date; your Online Banking User ID; your password; or other sensitive information. If you receive an email asking for any of these, it is most likely a scam. If you’re unsure, do not click on any links or open any attachments. Contact us immediately.
With the increasing number of phishing scams and fraudulent messages being sent via email, text, and via phone calls, it’s important to know how to spot them:
Phishing emails are designed to look like they are coming from either an organization or a person within that organization. These emails imply urgency and sometimes have misspellings and poor grammar. They may ask you to click a malicious link or open an attachment. Here are some of the most common email phishing tactics to look out for:
- Ask you to provide or confirm personal information
- State there’s an issue with your account or payment
- Request confirmation for a contest or to obtain winnings
- Request action under threat of cancelling insurance or accounts
- Provide or confirm bills or invoices
- Ask you to complete an application for products or services
Text SMS Phishing (Smishing)
Criminals in possession of card details and other forms of personally identifiable information try to spoof bank phone numbers in an effort to fool you into thinking that text messages are actually from the fraud department. Criminals may send text messages pretending to need to validate recent card activity. Similar to emails, they may include hyperlinks and ask that you change or provide contact information by clicking that link or texting back.
With DuPage Credit Union’s Enhanced Fraud Protection, you’ll receive text messages, emails, and/or phone alerts when potentially suspicious activity occurs on your credit or debit card. Below is a summary of what SMS/text information from DuPage Credit Union will and will not include:
SMS/Text will include:
- DuPage Credit Union abbreviated name
- Last 4 of Card #
- $ Amount in question (with dollar sign)
- Merchant Name
- Reply Options: YES, NO, STOP (to opt out)
SMS/Text will NOT include:
- Requests for cardholder data, such as card numbers, PINs, CVV/CV2 Codes, Expiration Dates
- Vague reference of “Merchant” transaction details
- Hyperlinks to unknown websites
- Phone numbers as hyperlinks
Remember: Never provide personal information in response to SMS text messages and phone calls purportedly from the Credit Union. Legitimate requests to validate card activity will request a simple response of YES or NO. They will not include hyperlinks to other websites or ask for any personal info. If you are ever in doubt, contact us directly.
Phone/Voice Phishing (Vishing)
Telephone phishing attempts may come from real people or robocalls. They may even threaten jail time or lawsuits if you don’t take action and provide information or pay them.
Fraudsters may pose as employees in order to obtain One Time Passcodes (OTP). While on the phone with a member, the fraudster logs into an online banking site. When the One Time Passcode is sent to the member’s phone, the fraudster then asks the member to provide the passcode as a means to validate. When the information is shared with the person the member believes is an employee, the fraudster uses the passcode to finalize access to online banking, which is typically followed by changing the online banking password and transferring funds from member accounts.
Increasingly, criminals are using COVID-19 as a means to take advantage of people via charity scams, fake checks from the government, and testing scams. For a list of the latest coronavirus scams and banking scams, visit the US Government’s Common Scams and Frauds webpage.
Before you sign in, make sure you’re on the authentic dupagecu.com website by checking your browser address bar to see if it has a lock icon. Whichever browser you use, you should be able to click on the lock icon and see “Connection secure.”
Report Fraud, Lost, or Stolen Cards
Debit and credit card fraud can happen to anyone at anytime. The good news is with Visa’s Zero Liability Policy, your liability for eligible unauthorized transactions is $0. You’re protected if your Visa credit or debit card is lost, stolen or has unauthorized use, online or offline.
If you detect suspicious or fraudulent activity on your debit or credit card, or if your card has been lost or stolen, please call us immediately.
You can also report your debit or credit card lost or stolen in the Card Controls app:
1. From the transaction screen, tap the “Lost or Stolen” icon on the bottom right.
2. Follow the prompts to complete the report.
3. Upon submission, your card will be inactive and a new card will be mailed to you.
Being effected by a security breach can cause a lot of worry about how to best protect yourself. We take your security seriously. If you have been affected by a security breach or believe your personal information (for example: address, date of birth, social security number) may have been compromised, we want to work with you to protect yourself.
- Safeguard your account. Review your account history for any suspicious activity, and make sure that your contact information (address, phone numbers and email address) are accurate. You can verify and update your contact information via Online Banking under Settings > Profile. If you see anything suspicious, contact us immediately so we can help you determine the next action needed.
- Notify us: Report the breach so we can notate your account:
- Log in to Online Banking
- Select Messages (top right)
- Select subject Security
- If known, please include the source of breach and what types of personally identifying information may have been compromised (Example: My social security number and date of birth may have been compromised in the ABC Business breach. I do not see any suspicious activity on my account at this time. Please notate my account accordingly).