Routing #: 325183233
Routing #: 325183233
Online Banking

Fraud & Security

Fighting fraud is a team effort. You have a trusted partner in TAPCO. 

There's no shortage of scams or criminals perpetrating them. This page serves as a guide to explain what we do to protect your accounts and what you can do to protect yourself. 

On The Lookout

Learn how to spot and stop scammers, hackers and identity thieves

Simple Steps

You can take action to combat crime 

Card Compromises

Learn more about card compromises and how best to protect yourself. We're here to help explain all the details. 

A compromised card is an ATM/debit/credit card that is at risk of fraudulent activity because an unauthorized individual or individuals may have obtained the card information. By notifying members when we discover a potential compromised card, we take every precaution to ensure your account is handled with the highest level of safety and security. Receiving a compromised card letter does not mean fraudulent activity has occurred on your account.

Card skimming can occur when a skimming device is inserted or attached to an ATM or card reader. The device records the information from cards until it is removed. The data is used to produce counterfeit cards.

Not necessarily. If you receive a compromised card letter it does not mean that fraudulent activity has occurred on your account. It could mean that your card information could have been compromised. Be sure to review your monthly statements and verify your daily transactions using Online Banking or the Mobile App.to make sure there is no fraudulent activity.

Call immediately at 1.866.622.6112 (Debit Cards) or 1.877.285.6251 (Credit Cards). You will need to submit a fraud form to report any unauthorized transactions.

Yes, your card will be replaced for precautionary measures to prevent potential fraudulent usage.

Fraudulent activity may occur if the card is not blocked. While many members do not experience fraud when a compromised card is reported, the risk of exposure still exists if the cards are not blocked. Although it is an inconvenience to have your compromised card blocked, to protect our members and avoid losses it is still necessary.

Visa Credit Cards will be mailed to you in 7-10 business day. Debit Cards can be mailed or instant issued in-branch. Stop by your local branch or call 253.565.9895 to inquire about availability of instant issue debit-cards.

Please contact TAPCO at 1.800.345.7183 so that we can check on the card status immediately.

Please destroy (shred/cut up) the old, compromised card. Activate your new card by calling the phone number on the sticker on the front of the card.

If you have preauthorized charges that are made to your current card, contact the merchant(s) immediately upon receipt of your replacement card, and provide them with your new card number and expiration date.

For every account, each cardholder has a different card number, so it will not impact joint/authorized users unless their individual card has also been compromised. If their card has also been compromised, they will receive a similar notification.

As a courtesy to our members, under these circumstances, we do not charge the normal card replacement fee.

The information encoded on the compromised card pertains strictly to the card, potentially including the name, card number, and expiration date. Confidential information such as Social Security Numbers, driver’s license numbers, addresses and dates of birth are not stored on the card.

While some compromises are unavoidable, it is important to always know where your card is. If lost or stolen, please call TAPCO immediately at 1.800.345.7183. Never write your PIN on the card or carry the written PIN with you. Use Online Banking or the Mobile App to monitor your account activity on a regular basis and call TAPCO if you see anything suspicious.

Once TAPCO is aware of a potential card compromise, an investigation begins immediately. TAPCO works with the card processor, Visa, merchants and law enforcement to limit exposure. It is imperative details remain confidential in order to not impact the investigation.

You may set your PIN once your new debit card is received by calling 1.888.886.0083. You will be able to use the same PIN as your old card but it is recommended to set a new PIN if your card was compromised.

Online Payments

We've added a new layer of security to our credit and debit cards to help prevent fraud in online transactions. 

How it works: TAPCO has implemented additional security measures to monitor fraud. When you make an online purchase, you may be asked to verify your identity by entering a One Time Verification Code at checkout. The One-time Verification Code will be texted to your registered mobile phone number. Once you enter the code your identity will be confirmed, and your purchase will be approved.

One-time Verification Codes may not apply to all transactions. Do not be alarmed if you do not receive a One Time Verification Code alert.

Register Phone Number

To ensure you receive the One Time Verification Code, we must have your correct mobile phone number on file.

If you have any questions regarding this new security feature or need to update your mobile phone number on file, please contact us at 253.565.9895.

Yes. This service was designed for both Visa credit and debit cards when shopping online. When you use your Visa debit card, your online transaction experience will be similar to a credit transaction—no need to enter your PIN.

No. Your current TAPCO Visa credit or debit card will work.

This service automatically works at checkout with participating merchants. Remember, there is no need to download anything, install software or register your account to get this added layer of protection. When using this service, you may occasionally be prompted at checkout to verify your identity.

As you complete the transaction, you may be prompted to verify your identity if additional authentication is required. This One-time Verification Code helps ensure the person using your card is you.

TAPCO will use a One Time Verification Code sent via text message. If you encounter this extra step, simply follow the instructions on your screen to verify your identity.

If you do encounter this extra verification step, Visa helps route information to TAPCO so we can verify your identity. The Visa logo is there to give you peace of mind that the transmission is secure and reliable.

TAPCO is here to help – if you have questions, don’t hesitate to reach out to the Member Contact Center at 253-565-9895 (or 1-800-345-7183).

Passwords

Remember to frequently change your account password to ensure maximum security. 

Tips

TAPCO Credit Union will NEVER ask you to reveal your online banking password. You should not reveal this password to any one.

Create a unique password for all the different systems you use. If you don’t, then one breach leaves all your accounts vulnerable.

Never share your password over the phone, in texts, by email, or in person. If you are asked for your password, it’s probably a scam.

Use unpredictable passwords with a combination of lowercase letters, capital letters, numbers, and special characters.

The longer the password, the tougher it is to crack. Use a password with at least eight characters. Aim for a password that is both complex and long. A six-character, lowercase password takes five minutes to break; one with eight characters takes two months. A six-character password with numbers and symbols takes less than nine days to break; one with eight characters takes nearly 20,000 years. You get the idea!

Avoid using obvious passwords such as:

  • your name
  • your business name
  • family member names
  • your user name
  • birthdates
  • dictionary words

Obey these password commandments:

  • Don't use your Social Security number, phone number, birth date, first and last names or your user ID when creating a strong password.
  • Don't use the same password on multiple sites, reuse passwords, or use variations of the same password.
  • Ideally, each of your passwords should be unique.
  • Avoid storing your passwords in unencrypted electronic files, like the notes app on your phone. Instead, write them down and store them in a safe place.

Choose a password you can remember without writing it down. A strong password should be based on something you can remember but that would be difficult for a hacker to guess. Stay away from well-known phrases, quotes or song lyrics. Start with a sentence such as "I live for boating!" and transform it to "ILv4Btng!" Or string a series of random words together to create a strong password like this: "wizardboWLingchicKeN."

Following these tips can help you create stronger passwords that are tough for hackers to break—and help protect your identity.

Mobile Device Security

Many of us are connected to mobile devices, which we use to access a variety of accounts. Follow these tips to keep your device and accounts secure.

  • Configure your device to require a passcode to gain access if this feature is supported in your device.
  • Avoid storing sensitive information on your mobile device. Devices are easily stolen. If sensitive data is stored then encryption should be used.
  • Keep your mobile device’s software up-to-date. Mobile devices are small computers running software that needs to be updated just as you would update your PC. Use the automatic update option if one is available.
  • Review the privacy policy and data access of any applications (apps) before installing them.
  • Disable features not actively in use such as Bluetooth, Wi-Fi, and infrared. Set Bluetooth-enabled devices to “non-discoverable” when Bluetooth is enabled.
  • Delete all information stored on a device before the device changes ownership. Use a “hard factory reset” to permanently erase all content and settings stored on the device.
  • “Sign out” or “Log off” when finished with an app rather than just closing it.

Online Security

Online security continues to be a challenge. Cyber criminals continue to change how they gather information. We need to be conscious of the links we click in emails as well as websites that can lead to insecure webpages. If we remain vigilant, we can prevent a lot of this. Learn more about online security best practices below.

  • Never click on suspicious links in emails, tweets, posts, nor online advertising. Links can take you to a different website than their labels indicate. Typing an address in your browser instead of clicking a link in an email is a safer alternative.
  • Only give sensitive information to websites using encryption so your information is protected as it travels across the Internet. Verify the web address begins with “https://” (the “s” is for secure) rather than just “http://”. Some browsers also display a closed padlock.
  • Do not trust sites with certificate warnings or errors. These messages could be caused by your connection being intercepted or the web server misrepresenting its identity.
  • Avoid using public computers or public wireless access points for online banking and other activities involving sensitive information when possible.
  • Always “sign out” or “log off” of password protected websites when finished to prevent unauthorized access. Simply closing the browser window may not actually end your session,
  • Be cautious of unsolicited phone calls, emails, or texts directing you to a website or requesting information.

PC Security

Viruses and Malware are becoming more common online. We have to protect our computers from those that could steal our passwords and sensitive information. There are simple steps we can all take to protect ourselves. Learn more about Malware and PC security below.

Scam artists try to trick people into clicking on links that will download malware and spyware to their computers, especially computers that don't use adequate security software. To reduce your risk of downloading unwanted malware and spyware:

  • Keep your security software updated. At a minimum, your computer should have anti-virus and anti-spyware software, and a firewall. Set your security software, internet browser, and operating system (like Windows or Mac OS) to update automatically.
  • Instead of clicking on a link in an email, type the URL of the site you want directly into your browser. Criminals send emails that appear to be from companies you know and trust. The links may look legitimate, but clicking on them could download malware or send you to a spoof site designed to steal your personal information.
  • Don’t open attachments in emails unless you know who sent it and what it is. Opening attachments—even in emails that seem to be from friends or family—can install malware on your computer.
  • Download and install software only from websites you know and trust. Downloading free games, file-sharing programs, and customized toolbars may sound appealing, but free software can come with malware.
  • Minimize "drive-by" downloads. Make sure your browser security setting is high enough to detect unauthorized downloads. For Internet Explorer, for example, use the "medium" setting at a minimum.
  • Use a pop-up blocker and don't click on any links within pop-ups. If you do, you may install malware on your computer. Close pop-up windows by clicking on the "X" in the title bar.
  • Resist buying software in response to unexpected pop-up messages or emails. especially ads that claim to have scanned your computer and detected malware. That's a tactic scammers use to spread malware.
  • Talk about safe computing. Tell your kids that some online actions can put the computer at risk: clicking on pop-ups, downloading "free" games or programs, opening chain emails, or posting personal information.
  • Back up your data regularly. Whether it's text files or photos that are important to you, back up any data that you'd want to keep in case your computer crashes.

Monitor your computer for unusual behavior. Your computer may be infected with malware if it:

  • slows down, crashes, or displays repeated error messages
  • won't shut down or restart
  • serves up a barrage of pop-ups
  • displays web pages you didn't intend to visit, or sends emails you didn't write

Other warning signs of malware include:

  • New and unexpected toolbars
  • New and unexpected icons in your shortcuts or on your desktop
  • A sudden or repeated change in your computer's internet homepage
  • A laptop battery that drains more quickly than it should

If you suspect there is malware is on your computer, take these steps:

  • Stop shopping, banking, and doing other online activities that involve usernames, passwords, or other sensitive information.
  • Update your security software and then run it to scan your computer for viruses and spyware. Delete anything it identifies as a problem. You may have to restart your computer for the changes to take effect.
  • If your computer is covered by a warranty that offers free tech support, contact the manufacturer. Before you call, write down the model and serial number of your computer, the name of any software you've installed, and a short description of the problem.
  • Many companies—including some affiliated with retail stores—offer tech support on the phone, online, at their store, and in your home. Decide which is most convenient for you. Telephone and online help generally are the least expensive, but you may have to do some of the work yourself. Taking your computer to a store usually is less expensive than hiring a repair person to come into your home.
  • Once your computer is back up and running, think about how malware could have been downloaded to your machine, and what you could do differently to avoid it in the future.

If you think your computer has malware, report it to the Federal Trade Commission. File a complaint at www.ftc.gov/complaint

Maintain active and up-to-date antivirus protection provided by a reputable vendor. Schedule regular scans of your computer in addition to real-time scanning.

Update your software frequently to ensure you have the latest security patches. This includes your computer’s operating system and other installed software (e.g. Web Browsers, Adobe Flash Player, Adobe Reader, Java, Microsoft Office, etc.).

Automate software updates, when the software supports it, to ensure it’s not overlooked. If you suspect your computer is infected with malware, discontinue using it for banking, shopping, or other activities involving sensitive information. Use security software and/or professional help to find and remove malware.

Use firewalls on your computer or local network to add another layer of protection for all the devices that connect through the firewall (e.g. PCs, smart phones, and tablets).

Require a password to gain access. Log off or lock your computer when not in use.

Use a cable lock to physically secure laptops, when the device is stored in an untrusted location.

Identity Theft Protection

Identity theft is the use of someone else's identity, most often as a way to get access to your financial accounts or open credit cards or other loans in your name. As the victim of identity theft, you could suffer the consequences of being held responsible for the activity. Identity theft occurs when someone uses another's personally identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes.

Cybersecurity Links

These links lead to valuable resources that explain more about cybersecurity:

TAPCO Credit Union is a full-service financial institution in Pierce County, Washington, serving the Tacoma, Puyallup, Frederickson, Bonney Lake and Gig Harbor areas. Visit a branch.