Your financial security is our priority – Help us help you in prevention of financial fraud

Member Alerts and
Financial Security

Be aware of a recent uptick in spoofing, one of many scams fraudsters try to use to obtain your information. Spoofing is when fraudsters try to impersonate a trusted source’s identity. If you receive any notification “seemingly” from us requesting personal information, please treat it as highly suspicious and DO NOT give any personal information out.

Fraudsters are bombarding people with scams, scams and more scams. These scams are getting increasingly sophisticated and can pop up on your phone, email, social media or in your mailbox.

Please note, Gold Coast will NEVER contact you to ask for any information like the following:
  • User ID or password

  • Authentication codes sent to you via text/email

  • Digital banking username or password

  • Secure access codes

  • All 16 digits of your debit or credit card number

  • Credit or debit card PINs

  • The CVV code on the back of debit or credit cards

If you receive any notification that seems to come from us requesting this information, please treat it as highly suspicious. DO NOT provide any important information and DO NOT click on any links. We always strive to protect our members from fraudsters. When in doubt, please do not respond: Hang up or disconnect and contact us directly. Together, we can prevent financial fraud!

Other Resources:

How to spot a phishing scam

Phishing scams occur when a scam artist tries to convince you to give them your sensitive information. This could be your password, username, credit union account information, credit card details, etc. These phishing scams usually come in the form of an email. They lure you into clicking on a malicious link. Read the tips below for spotting a phishing scam.

Appealing to emotion

Phishing scams will attempt to elicit specific emotions such as:
  • Greed: A phishing scam may tempt you with a monetary reward in return for clicking on a link or providing your personal information. If the offer seems too good to be true, it probably is.
  • Curiosity: Phishing emails will take advantage of your natural curiosity by promising to show you something exciting in exchange for clicking on a link or entering your personal information. This is often referred to as click-bait and is very common on social networking sites.
  • Urgency: A phishing scam may also try to place a sense of urgency on you to complete a certain action. This is a major red flag.
  • Fear: Phishing scams will often use threats as a way to get you to act. Don’t fall for this.

Strange email elements

Many phishing scams are carried out via email. Some signs of a suspicious email include:
  • Odd Sender Address: If the sender’s email address does not match the sender’s name in his or her signature, or if the sender’s email address includes many random letters and symbols, approach with caution.
  • Strange Tone: If the email content does not read well and contains multiple misspellings and grammatical errors, do not click any links, open any attachments, or provide the sender with any personal information.

Unexpected attachments and requests for action:

Always be mindful of the actions you take online. Be highly skeptical of:
  • Attachments: If you receive an attachment from someone you do not know or from someone you were not expecting an attachment from, proceed with caution. If you’re unsure about the validity of an attachment, do not open it, as doing so could infect your device if the attachment is malicious.
  • Login Pages: Be highly skeptical of any email that asks you to click on a link and log in to one of your accounts. If you click the link in the email and enter your credentials, the scammer could gain access to your account.
  • Links: Be careful of the links you click from an email. Malicious links could infect your computer or mobile device. Before you click a link, place your cursor over it to inspect it. If you are unsure if it is valid, it’s better not to click and be safe rather than sorry.

7 ways to protect your identity

Taking proactive measures to protect your identity is crucial. Identities are stolen every day and people don't even know when it’s happened to them. Scammers know hundreds of ways to steal your identity. It's important to know how to protect yourself, so you don't lose yours.

Know when and who you’re sharing any kind of personal information with. Whether it’s account information, a Social Security Number, or hobbies/interests, make sure you’re sharing with the appropriate people. For instance, be careful of the information you’re sharing on social media. Things like your favorite pet’s name or a family member’s name can give scammers information they can use to hack your accounts.

  • Stop oversharing on social media.
  • Don’t answer calls/text messages from unknown numbers.
  • Don’t sign up for services with personal information unless absolutely necessary.

Scams pop up everywhere from phones to social media, emails and websites. Learn about what scams are popular and how to spot them.

  • Visit the FTC website for scam alerts.
  • Register your phone number on the National Do Not Call Registry.
  • Avoid opening emails or text messages from unsolicited senders.

Passwords are the key to unlocking your personal information, so it’s important you take the time to create a strong and unique one. We recommend that you use all four types of characters including: capital letters, lowercase letters, numbers and punctuation marks/special characters.

  • Don’t use the same password for all accounts.
  • Use a password manager to store your passwords.
  • Utilize multifactor authentication.

Your credit report contains important information you can use to monitor all types of accounts and loans you have opened and any fraudulent activity that may occur. If someone has stolen your identity, you may see a loan on your report that you definitely did not apply for. This can be an initial indicator that something isn’t right.

  • Check your credit report quarterly.
  • Use annualcreditreport.com for a FREE copy.

A lot of us LIVE on our devices, including phones, tablets and laptops, making them a prime target for hackers. This is why it’s important to keep your devices updated with the latest software whether it’s Microsoft or Apple.

  • Turn on automatic updates in your settings.
  • Check to see which of your mobile apps have access to information on your phone. You can find this in your settings.
  • Clear your browser history.
  • Only visit sites with an https address.
  • Don’t use unsecured WIFI networks.

Card skimming is another sneaky way scammers are stealing people’s money. A card skimmer is a device that steals card information by reading your debit or credit card’s magnetic strip.

  • Cover the keypad when you’re inputting your PIN.
  • If you’re at a gas station, pay inside.
  • Monitor your debit and credit card accounts regularly.

Fraudsters attack on all fronts and scavenge for your information digitally and physically. If you have important physical documents, make sure to keep them locked up and out of sight. Fraudsters will even resort to taking mail from your mailbox so make sure you’re not leaving anything inside.

  • Shred personal documents.
  • Check your mailbox daily.

What is card skimming/shimming and how to avoid it

Card skimming is another sneaky way scammers are stealing people’s money. A card skimmer is a device that steals card information by reading your debit or credit card’s magnetic strip. Along similar lines, a card shimmer is used to capture information from chip-enabled cards and is much harder to detect because it is located inside of card readers. Card skimming/shimming is popular at places like gas stations, ATMs, parking meters and other points of sale. These devices are attached to keypads, card readers, etc. Once your card is skimmed, scammers can access your card number, expiration date and cardholder name.

While card skimming devices can be hard to spot, there are a few things you can watch for.

  • Try to tug/jiggle the gas station card reader. If it’s loose, there could potentially be a card skimmer installed.
  • Look for tampering such as different coloring on the machine or keypad numbers not aligning.
  • Check the feel of the keypad. If it feels too thick there may be a pin-snatching overlay on it.

Scammers go back to the places they’ve installed the card skimmers and retrieve them to gather your information. From there, they can duplicate your card, use your information to make online purchases, or sell your information on the dark web.

  • Especially for shimming, wiggle your card as you slide it into the ATM slot. This will shield your information from the shimming device.
  • Cover the keypad when you’re entering your PIN.
  • If you’re at a gas station, pay inside.
  • Monitor your debit and credit card accounts regularly.
  • Use contactless payment (tap) when available.

  • Notify us right away.
  • Check your charges and record which ones are fraudulent
  • Set up fraud alerts on your account so you’re notified right away.

What Is SIM Swapping/Hijacking and How to Avoid It

SIM swapping, also known as SIM hijacking, occurs when a fraudster transfers a victim’s phone number to a new SIM card. Using personal information gathered through phishing or social media, the fraudster impersonates the victim and convinces the mobile provider to make the switch.

Once in control, the attacker can intercept messages and calls, including security codes, allowing access to online accounts, password resets, and financial information.

If an accountholder reports account takeover fraud but insists they didn’t share their information, they may be a SIM swap victim. Warning signs include:

  • Inability to place calls, send texts, or access certain accounts
  • Alerts about changed login credentials for banking, email, or social media
  • Loss of signal or phones stuck in “roaming” mode
  • Unexpected PIN messages from their mobile carrier

  • Financial Access
    • Online banking and investment accounts
    • Payment apps linked to the device
  • Digital Identity & Online Assets
    • Social media accounts
    • Domain names and digital handles
  • Device Access & Stored Data
    • Apps and locally stored information
    • Contacts
    • Security codes and messages
  • Personal Information
    • Name, address, date of birth, and other PII

  • Strengthen Authentication
    • Avoid SMS-based 2FA: Opt for more secure methods:
      • Authenticator apps (e.g., Google Authenticator, Authy)
      • Biometric authentication (fingerprint or facial recognition)
      • Hardware security keys
    • Risk-based authentication: Use tools that monitor behavior and trigger extra verification when activity seems suspicious.
  • Enhance Verification Processes
    • Account changes: Require multi-channel identity checks and out-of-band verification for changes to addresses or phone numbers.
    • Transaction monitoring: Flag unusual activity for further review.
    • SIM swap detection:
      • Use mobile carrier APIs to detect recent SIM swaps
      • Automatically flag affected accounts for added scrutiny
  • Educate and Empower Customers
    • Raise awareness: Help customers understand SIM swapping risks and prevention.
    • Promote SIM protections: Encourage enabling SIM lock features from major carriers.
    • Encourage strong security habits:
      • Use unique, complex passwords
      • Enable MFA on all accounts
      • Stay alert for phishing attempts
    • Freeze credit reports: Recommend placing a freeze to prevent fraudulent loans or new accounts