Online Fraud Prevention | Metro Credit Union

Online Fraud Prevention

Prevent online fraud from happening to you.

Learn how to spot online threats and what to do when you come across one.

What is "phishing"?


A thief sends out an e-mail which looks just like it came from a company you know or another type of enterprise with which you are familiar. It may include the company's name, logo, and even wording from the company's website. It also includes a convincing message explaining why you need to log in and verify your account information. Don't do it!

This e-mail is a fake, meant to lure you to a website that doesn't belong to that company at all. It's simply a vehicle used by the thief to steal personal identifying information about you. "Identifying information" is any information that can be used to identify you, including your user name, password, debit and credit card numbers, and account number.

If you fall into the trap and enter your login name and password on this fake webpage, the thief will be able to use your login information and make transactions on your account! If you know how to identify a phishing attack e-mail, you won't fall into the trap and your money will stay safe. The attacker can't get your identifying information through a phishing e-mail unless you give it to them.

What do I look for?


Be aware of any e-mail that asks you to log in to your account, verify your account, or provide any other identity information. Be wary no matter what reason is given, and no matter how convincing the e-mail may be.

Follow these simple rules and you should be safe:

  • Don't click on any links within an e-mail asking you to access your account or to verify PIN numbers, passwords, or other sensitive information.
  • If you get an e-mail that appears to be from your financial institution asking you to log in or for other information, immediately contact them and report the incident. Be prepared to forward a copy of the message to them for review if requested to do so.
  • If you or someone in your family mistakenly follows a link and provides sensitive information, immediately call your financial institution so they can monitor your account or change your account number.
  • Remember, the thief copies text and images from banking websites to make the e-mails look authentic and fool people into divulging sensitive information.
  • Never give out your personal or account login information after following a link from an e-mail, even as "identity verification" for a contest. Attackers frequently use such tactics to lure you into giving up identifying information.