Member Account Login Sign In
Kohler Credit Union
Good People To Turn To
About Kohler Credit Union
Image: gears

Protect...

 

Your Information  

Monitor Your Accounts

  • Login to your KCU online account(s) at least once a week to review your account information. If you notice any activity that was not made by you, contact us immediately at 888.528.2595.
  • Set up alerts on your account that will keep you posted on your account activity.
  • Check your credit report regularly to ensure that all accounts listed are ones you've created, so you can minimize damage to your credit score. View a copy of your credit report at Annual Credit Report.
  • Consider using electronic alternatives when making purchases or paying bills. By eliminating the use of a check, you reduce the possibility of fraud.

Passwords & Personal Identification Numbers (PIN)

  • Create strong PIN’s that are a minimum of 8 characters, alphanumeric and have no consecutive characters that are the same.
  • Do not create passwords that are similar to your real name, nickname, birth date or online screen name.
  • Protect your PIN and password, and do not disclose them to anyone (including KCU employees).
  • Memorize your PIN. Do not write it on your ATM/debit card.
  • Use a different password for each of your accounts, and change them regularly.
  • Do not store your passwords near your computer or on your desk where others might easily find them.

Safe Social Networking

KCU has a presence in several social networking sites that help us keep in touch with you, including the following:

  • Facebook/KohlerCU – Like us on Facebook and stay up-to-date on events, receive special offers and learn financial tips.
  • YouTube/KohlerCU – The KCU YouTube page showcases our latest commercials, seminars and more.
  • Twitter/KohlerCU – Follow us on Twitter to stay in the know with what’s happening at KCU.
  • Twitter/KCUMortgages – Follow us on Twitter for updated information on our mortgage rates.

With more and more people joining the social network world, there is an increased danger of social engineering, a form of identity theft where thieves use the information you share on social network sites to prey on you.

  • Use legitimate sites that have safety precautions.
  • Post only information that you are comfortable with others seeing; regard this information as public and permanent.
  • Do not use the same username and password to log in to social networking accounts that you use on other online accounts.
  • Be careful when clicking links and using applications connected with the site. Even if a friend sends you a message with a link, make sure it is authentic first. Most social network applications are not governed and collect personal information.
  • Use privacy settings to limit access to your information.
  • Do not “friend,” “follow” or “connect” with anyone or organization you do not know.
  • KCU will never ask you for personal account information or account access through social media.

Go Paperless

  • Signing up for eStatements will ensure that no one else receives your account statements but you, and eliminates your paper trail that is susceptible to fraud.
  • Save time and clutter by accessing your statements from anywhere 24/7.
  • If you have old checks or statements lying around, shred them before throwing away.
  • Do not carry your checkbook around with you unnecessarily.
  • Pay your bills online to reduce the risk of having checks in the mail.
  • Report lost or stolen checks/checkbooks immediately by calling 888.528.2595.

Safe Banking Etiquette

  • Do not email personal or financial information unless it is encrypted on a secure website.
  • Log off from KCU online account access after you are finished and then close your browser.
  • Clear your browser cache regularly so that your browser does not store any data.
  • Be careful when accessing your financial information online from a public/shared computer. If using a shared computer, it is a good idea to clear your browser's cache and history after each session.
  • Disable the AutoComplete option for online financial companies or secured sites. The convenience of saving user details and passwords when logging into websites makes it very easy for those accessing an unprotected device to do the same.
  • Never fill in an email with input fields that ask you for sensitive data such as username, password, social security number and account number information.
  • Look for the padlock symbol and https:// in the URL to confirm that the site is secure before you enter sensitive information.
  • Beware of pop-up windows that ask for your account number and password. KCU login pages are always on a web page and never in a pop-up window.
  • If you suspect a website is fraudulent, leave the site immediately.
  • Add or bookmark the URL – www.kohlercu.com to your favorites.

 

Image: secure phone

Your Phone  

Pin / Keylock Code

  • Use a pin/keylock code; otherwise if your phone is lost, stolen or left unattended, anyone that picks it up will have unrestricted access.
  • Avoid using a password that is easy to guess such as "1234" and other common phrases.
  • Screen locks are good to prevent unwanted calls, sharing data or unwanted downloads, but they won't stop someone from removing your SIM card and using it on another phone. To prevent this from happening, set up a SIM card lock in the form of a PIN number that will need to be entered when a phone is turned on in order to connect to a network.
  • Another way to retrieve data is by simply plugging the phone into a computer. Most Smartphone platforms offer software that can encrypt files or folders on a device with industry-standard protection. This means a code must be entered before a file can be viewed or copied to prevent accessing personal information.

Wireless Connections

  • On most Smartphone’s or tablets you have the ability to connect to wireless networks. Turn off the wireless connection when not in use. Apart from helping you save on battery power, it ensures that other parties can't connect to a device without your knowledge.
  • If your device has Bluetooth capability, set it to “non-discoverable” and turn off when not in use. This will help prevent hackers from remotely accessing your device and using it to make calls, access data or listen in on your conversation.
  • If you get a request to “pair” your device with an unknown user, ignore or decline the offer.
  • Be careful when logging into wireless hotspots and unknown networks, they are also hotspots for hackers to get your information. A malicious party may have set up a free wireless connection that looks similar to a legitimate hotspot from a large company, so be sure that you are connecting to a trusted network.
  • You should not receive requests for passwords, login details and other information at a hotspot location. Any request for information that does not seem legitimate should be ignored.

Applications & Tips

  • When downloading applications, purchase them from a trusted source such as the App Store or Android Market. Do not download apps from third party sources, low rated or poorly reviewed companies.
  • Do not root or jailbreak your device to get around limitations set by your carrier or manufacturer. It may remove any protection to defend against threats. While you may benefit from more flexibility, writers of malicious code can also benefit from access to your device if it becomes infected.
  • Disable the AutoComplete option for online financial companies or secured sites. The convenience of saving user details and passwords when logging into websites makes it very easy for those accessing an unprotected device to do the same.
  • Pay attention to any security warnings before downloading documents or visiting sites.
  • Look for the padlock symbol and https:// in the URL to confirm that the site is secure before you enter sensitive information.
  • Regularly back-up your device. Most devices allow users to "synchronize" information with a computer or website for productivity, backup purposes or in the event of loss.

 

Image:Secure Computer

Your Computer  

Firewalls & Browsers

  • Install a personal firewall to control the information that goes to and from your computer, therefore preventing unauthorized access to your information.
  • Use an Internet browser that supports 128-bit encryption.
  • Disable the AutoComplete option for online financial companies or secured sites. The convenience of saving user details and passwords when logging into websites makes it very easy for those accessing an unprotected device to do the same.
  • Keep your operating system and browser up-to-date. Software updates often include security enhancements that you can usually download free from the particular software provider.
  • Save or "bookmark" frequently visited and trusted websites to your list of favorites, then access those sites through your saved links.

Anit-Virus Protection

  • Install anti-virus software on your computer to minimize the risk of your computer getting infected.
  • Configure the anti-virus software to automatically notify you when new updates are available for download and to scan all in-coming and out-going emails.
  • Daily, or at least once a week, perform a complete scan of your computer for viruses.  These scans can usually be scheduled to run when you are asleep. 

Anit-Spyware Protection

  • To protect your computer against spying or Trojan horse programs, ad/spyware scanner software is recommended.
  • Make sure that the anti-spy software is updated on a regular basis and that it is scanning to detect any ad/spyware.

 

Image: fish bowl

Against Online Fraud  

Emails

  • Check the sender email address to verify that it is from a valid email account.
  • Make sure that the URL provided in the email leads to a valid website.
  • Open emails only when you know the sender.
  • Attachments that look questionable or unknown may have viruses, so be careful opening or downloading files, even from friends.
  • Stay up-to-date on email fraud trends.
  • Be careful before clicking on links contained in an unknown email. Even if you don't supply it, just clicking can enable thieves to access your computer, record your keystrokes and capture passwords you use to access various websites.
  • Never fill in an email with input fields that ask you for sensitive data such as username, passwords, ATM PIN’s and account number information.
  • Do not open or follow instructions in any email asking you to verify information.

As a provider of online banking services, KCU will occasionally communicate with its members via email.

  • If you use a link in an email from KCU, you can make sure that you are on a Kohler Credit Union page by comparing it against the known URL (www.kohlercu.com) you use to access your account.
  • KCU will ask you to enter your username and password ONLY when you are on our site.
  • KCU will NEVER ask you to send sensitive account information such as your credit card number, account number, password, username, etc. through email.

Websites

Fraudulent websites are created to look identical to those of a legitimate company. Phony websites, also known as spoofed websites, use an organization's website graphics and logos, but are created in an attempt to steal sensitive personal and financial information. Once at a phony site, you might unknowingly enter personal information that will be transmitted directly to the fraudulent party who created the site, giving them access to purchase goods, apply for a new credit card or even steal your identity.

  • A phony website will not contain the padlock symbol or https:// in the URL.
  • Most commonly, phony websites will lure customers through spam email(see above).
  • Inspect a URL for the presence of an "@" symbol, e.g., kohlercu@statements.com. This is a common sign of a fraudulent website. Even if the URL contains the phrase "kohlercu" it does not ensure that it is our website.
  • Be suspicious of sites that display an IP Address, or numerical address, e.g., http://190.192.100.255 in the address bar instead of a domain name.

Phishing

Phishing is a way of attempting to acquire sensitive information by pretending to be a legitimate company. Victims are lured in by phony websites, email spoofing or instant messaging where they are then susceptible to giving out or verifying private information that can be used to hack into your finances and more.

Vishing

Vishing is a combination of “voice” and phishing because it is the criminal practice of social engineering over the telephone. If you use a Voice over Internet Protocol (VoIP) phone service, you are particularly vulnerable to this scam. Vishing is very hard for authorities to trace and monitor, so it is important that you are alert to such a behavior.

  • Be highly suspicious when receiving calls or messages asking for or verifying sensitive financial information.
  • Be leery of any automated recordings posing as a credit card company or financial institution.
  • Never give suspicious parties your information. Even if you use your telephone keypad or keyboard to type in your details, if you are on the line, the scammer can record them.
  • Do not use a contact number provided by the caller.
  • Directly call the organization to check the legitimacy of the request.

Dumpster Diving

Not only can dumpster diving help criminals gather information for fraud purposes, it can also be used for spying on companies and neighbors. Once you throw something in the trash for pickup, your privacy is thrown to the curb too.

  • Shred mail that has personal information such as account statements, utility bills, credit card pre-approvals, expired credit cards, canceled checks, etc.
  • Destroy electronic items that may have data stored on them including laptops, USB devices, iPods, phones, etc. before throwing them away.
  • Consider when you place your trash bins outside for pick up. The less time between pickup and when you put the trash outside, the less time a thief has to grab information.
  • The less paper trail, the better. Sign up for eStatements and online bill pay.

Re-routing and stealing mail are the top two offline identity theft methods.

  • Watch your mailbox. Drop mail off at the post office instead leaving it in your mailbox.
  • If you’re going out of town, put a hold on your mail.
  • Not getting mail? Contact the post office immediately.

Trends in Fraud

Foreign Business Offers. They pretend to be business people or government officials from various countries with business propositions that will make you money.

Warning signs:

  • They ask you to transfer money from their country to your bank account.
  • They ask you to invest in a partnership that will make you rich.
  • They say they will send you a check or money order as an advance on the millions you will receive. In return they ask you to send cash for legal services, bonding or other expenses.
  • They ask you to set up a domestic bank account because they can’t from out of country.
  • A soldier is trying to ship home money to help his struggling family and needs your help.

Overpayments. They offer overpayments on items you advertised in the classifieds or an online auction such as Craigslist.

Warning signs:

  • They claim they want to buy the item you have for sale and will overpay for it to receive it sooner…they just need some information from you.
  • They send or give you a check or money order for more than the purchase price and ask you to return the excess to them or someone else.
  • They say a check or money order payment will come from someone who owes them money, then tell you to deduct your share and send them the rest.

Rental Schemes. They want to rent your property, but have some suspicious requirements.

Warning signs:

  • They claim to be moving from outside the area or another country and will send a check or money order for rent, plus extra for the shipping of their items. They ask that you forward the extra cost to someone else.
  • They have unexpected expenses and ask you to cash a check or money order, then send some of the money back as a favor.
  • Their check or money order for rent includes extra to rent a car, asking you to send the money to someone who will make the car arrangements.

Sudden Riches. You won a foreign lottery, sweepstakes or a cash grant!

Warning Signs:

  • They send you a check or money order as an advance and ask you to send money to get the rest of your payment to cover fees or shipping costs.
  • To gain your trust, they pose as a well-known sweepstakes company. If you feel you may have won, call that company directly—not from the information you received—and verify.
  • They say you won a foreign lottery or sweepstakes. That’s impossible unless you traveled to that country to enter. It is illegal to buy or sell tickets across the U.S. border.
  • They say you’ve been selected for a cash grant that you did not apply for.

Work-at-Home. They promise easy money and the ability to work from home.

Warning Signs:

  • They will hire you on the basis of an email or phone call without any formal interview or background check.
  • They ask you to help process payments by depositing checks or money orders intended for their company into your bank account.
  • They ask you to be a “mystery shopper” and for you to send funds from a check or money order to test a service.

Love Losses. You think you’ve found that special someone online.

Warning Signs:

  • They promise to come to the U.S. to be with you, but they need you to send money to help get them there.
  • They live in a foreign country and they have a check or money order that need help to cash.
  • They claim to have a medical emergency or some other problem and ask that you cash a check or money order and send it to them.

Exploitation through Education. Targets education-seeking and unemployed individuals looking for a fast, easy way to change careers and make more money.

Warning Signs:

  • They offer a secret system that promises easy success and riches.
  • They promise streamlined schooling to a high-paying job.
  • If you pass a test you could get a nice government job.

Trumped Up Diagnoses of Problems. Scammers exploit consumers’ lack of expertise, their trust in authority and any critical need.

Warning Signs:

  • They know something about a product or procedure you’ve had before you do.
  • They scare you with an undetected problem in a product or medicine.

 

Image: Safe

How KCU Protects You  

 

Protecting you and providing a secure environment is our top priority. At Kohler Credit Union, we take the security and insurance of your funds very seriously. The information below is to help you understand the steps Kohler Credit Union takes to secure your funds and to provide information to help guard against identity theft.

Login

  • Our 128-bit Encryption protects all data that is transferred between your KCU account, Internet and your personal computer. This is an advanced level of encryption, which secures your information online and keeps hackers away.
  • Multi Factor Authentication is a strong authentication mechanism relying on more than one type of authentication. This security feature requires members to take additional steps when logging in to their online account access.
  • You should always log out from your online banking sessions when you have finished. However, if you forget to log out, or if you are inactive for more than 20 minutes within online banking, a "time out" session will automatically log you off from the website. This protects you so that no one else will gain access or view your account information.
  • If your login password has been entered incorrectly three consecutive times, KCU will lock any further online access to the account. This is to protect you from someone trying to incorrectly access your account. If you have been locked out of your account, contact us at 888.528.2595.

Transactions

  • Digital Certificates help identify unauthorized sites and give you evidence of trusted site. The KCU website has been authenticated by the VeriSign Certification Authority to ensure that your online transactions are secure.
  • Our website has firewalls that protect the computer servers, thereby preventing unauthorized access to our network. This makes your online banking transactions safe and secure.
  • eStatements are a convenient, safe and secure way to review your account transactions. eStatements ensure that no one else receives your account statements except you. Save time in retrieving your statements, and have an online archive to locate any of your earlier statements right at your desktop.

Alerts

  • e-Lerts can be set up on your account to help keep a track of your online account. Through this feature, you can be alerted of any changes or discrepancies to your account.
  • Every time you sign in to KCU’s online banking, your last login date and time will be displayed on the top of the page. You can also view login history through this feature. This will help you notice any unauthorized logins and alert you if someone other than you has accessed your account.

Insurance of Funds

The National Credit Union Administration (NCUA) operates and manages the National Credit Union Share Insurance Fund (NCUSIF). Backed by the full faith and credit of the U.S. government, NCUSIF insures the accounts of millions of account holders in all federal credit unions and the majority of state-chartered credit unions, including Kohler Credit Union.

  • Shared insurance coverage, offered through the NCUSIF, protects members against losses if an insured credit union should fail.
  • The NCUSIF provides all members of federally insured credit unions up to a maximum of $250,000 in coverage for their regular shares, share drafts/checking accounts, money market accounts and share certificates. (If a member has more than one account in the same credit union of the same ownership, those accounts are added together and insured in the aggregate.)
  • Individuals with account balances totaling $250,000 or less at the same insured credit union have full NCUSIF coverage.
  • If a person has more than $250,000 at any single credit union, several options are available for additional coverage because the NCUSIF provides separate insurance for other types of accounts (such as Individual Retirement Accounts).
  • To learn more about the additional coverage and how the NCUSIF insures your funds, visit the NCUA website.