It is SCU's responsibility to protect your personal and financial information on our systems and programs. To protect your information at SCU, we have state-of-the-art systems to secure our computers, servers, and networks, plus several additional layers of security to ensure your personal account information remains safe.
It is your responsibility to keep your information secure on the computers, devices, and networks you use. Here are our online security tips to help you protect your accounts and information.
Access and Manage Your Money Securely
We ensure all payments are performed as securely as possible. To understand the protections SCU provides, and does not provide, on the movement of funds electronically, please see the "Electronic Funds Transfers Agreement and Disclosures" in the Consolidated Agreement (396 KB PDF) booklet. The first few pages of this section outline the protections SCU provides and your responsibilities.
Communicate With Us Securely
From time to time, your online experience with SCU may not be enough, or you may just want to actually communicate with a person. Our SCU staff members are happy to help you!
Important Note: Please be aware that an SCU employee will NEVER contact you on an unsolicited basis and request your SCU Online or MySCU Mobile password. We may call you if we notice something odd or to resolve an issue, but we won't ask for your SCU Online password.
We also won't ask you for your password if you reach out to us to resolve an issue.
If you are contacted by someone asking for this information, hang up immediately and call SCU's Member Relations Center at 1-800-868-8740, option 5; if you have it, please provide the MSR with the phone number and any other details about the caller.
Resolve an issue with SCU Online or MySCU Mobile:
Questions, concerns, or inquiries about products and services:
To send sensitive information to an SCU staff member*.
- Please go to the SCU Secure Message Center.
* Do not be alarmed by the URL. This service is contracted through ZixCorp and managed and maintained by SCU staff. It is safe to use this service.
Go Online Securely
Keep your computer safe:
- Install anti-virus software and set it to update automatically.
- Install anti-spyware software and set it to update automatically.
- Use a firewall, either one that's pre-installed or one that you purchase.
- Set the updates to your OS (Windows or Mac OS) and programs (Adobe, Java, etc.) to download and install automatically.
Keep your browser (Internet Explorer, Chrome, Firefox, Safari, etc.) safe:
- Use the most current browser.
- Beware of plugins and add-ons as these can potentially contain malware.
- Use the Trusted Sites list, pop-up blocker, and warnings in the settings area.
- Don't let the browser store your password for banking or eCommerce sites.
- Use encryption (https://) wherever possible.
Use a strong and unique password:
- Create strong passwords for your accounts, using a combination of upper and lower case letters, numbers, and special characters.
- Don't share passwords between sites, especially your email or SCU Online login and eBay or Amazon accounts. Use different passwords for your Online Banking, debit, or ATM card, and other electronic programs.
- Change your most sensitive passwords periodically.
- Don't share passwords with other people.
- Don't login to accounts on shared or public computers, like at hotels, public WiFi, or at the library.
- Use caution when setting the answers to personal questions that the answers can't be discovered on social media sites like Facebook, Twitter, or LinkedIn.
Secure your email:
- Criminals can make the malicious emails appear to come from someone else, like a family member or your bank. Verify the sender of the email by hovering your mouse pointer over the address in the From: line.
- Don't click on links in emails unless you are absolutely sure of the sender and were expecting the email. If you weren't expecting the email, call or text the sender to verify they really did send you the link.
- In the same way an email can appear to come from someone else, the link in an email can actually go someplace different. To verify links in emails, hover your mouse cursor over the link and check the pop-up window for the actual destination. Look really close at the spelling and don't follow the link if it's going someplace different.
- Don't open attachments unless you are absolutely sure of the sender and were expecting the email. If you weren't expecting the email, call or text the sender to verify they really did send you the attachment.
- Use the spam filter to automatically filter out potentially malicious spam emails.
- Use your instinct:
- If the offer seems too good to be true or like it's trying to trick you, it probably is.
- If there is a sense of urgency or emergency in the email, don't respond.
- If the email is threatening or coercive, don't respond. Just delete it.
- Be cautious of emails addressed to "Customer" as businesses you deal with will use your name.
- Watch for poor punctuation, bad grammar, fuzzy images or logos; most phishing emails these days look legitimate, but these are still good warning signs.
Use SCU Online Securely
More and more SCU members are using SCU Online to manage and grow their financial lives, and we are proud of the features and tools offered through our online product. However, due to certain risks inherent with banking over the Internet, below are some additional tips for securely using SCU Online.
Note that you may change some of these security options mentioned below by going to "My Settings" in the top right corner and checking the Login & Security section.
- SCU Online uses the TLS (Transport Layer Security) protocol to prevent unauthorized access to member account data. This prevents other computers from eavesdropping by encrypting all data transmitted between the SCU Online server and the client.
- Set your username and password to be uncommon and not easily guessed. Do not make your SCU Online password the same as another site's password. Do not write your password down or share it with anyone else.
- SCU Online now utilizes two-factor authentication for login. If you attempt to login from a computer or device that is unrecognized, a one-time passcode will be delivered via phone, SMS text, or email. Please note that telling us to remember your computer or device is essentially turning off two-factor authentication.
- If you suspect someone else has accessed your account, check the last login date in the top right corner of the screen upon login.
- Please note that SCU Online will automatically log you out after 10 minutes of inactivity or when the session is idle. Upon logout, you will be required to log on again.
- If you feel your SCU Online account has been compromised, immediately report the suspected abuse to SCU's Member Relations Center at 1-800-868-8740, option 5.
- You may send a secure chat or email message to SCU staff by clicking the "Support" option in the menu in the top-right corner of all pages. Click the firstname.lastname@example.org link to send a secure email; when our team responds to your email, they will either remove any sensitive information from your original email or they will use the SCU Secure Message Center. Or, click the "Secure Support" link to open a secure chat; secure chat is only available during business hours. All communication within SCU Online is transmitted across an encrypted channel and is 100% secured.
- SCU regularly reviews the security practices of third-party service providers and vendors whose products or services are used in SCU Online. When new vulnerabilities are revealed, SCU staff and vendors work together to research the vulnerability, locate vulnerable systems, and mitigate the risk as quickly as possible.