Account Security

Your Online and Mobile Security

We care about your financial security and well-being. To ensure your online and financial safety, here are a few tips:

  1. Any time you are finished using online banking, whether at home or on a public computer, you should logout.
  2. No matter how enticing it may seem, never share your passwords. You should never send your password(s) electronically over the unprotected internet, such as via email or unsecure websites.
  3. Use passphrases. The longer your password, the better. Long passwords are harder for hackers to figure out.
  4. Change your passwords routinely. We recommend updating your passwords several times each year.
  5. Be wary of suspicious texts and emails. These attacks will try to trick you into revealing private information, such as Social Security numbers, credit account numbers, personal identification numbers (PINs), and passwords. The best strategy is to not respond and give Kitsap Credit Union a call. We will never call you for personal information over the phone, through text, or by e-mail.

How would you rate this information?  


"Phishing" is defined as the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail usually directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user's information.

How to Spot A Phishing Scam. At first glance, it may not be obvious to the you that what is in your inbox is not a legitimate e-mail from a company with whom you do business. The "From" field of the e-mail may have the .com address of the company mentioned in the e-mail, and the clickable link may also appear to be taking you to the company's Web site, but will in fact take you to a spoof Web site. Looks can be deceiving, but with phishing scams the e-mail is never from who is appears to be!

Common Phish Sense:

  • If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don't ask for this information via email. If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company's correct Web address. In any case, don't cut and paste the link in the message.

  • Don't email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization's Web site, look for indicators that the site is secure, like a lock icon on the browser's status bar or a URL for a website that begins "https:" (the "s" stands for "secure"). Unfortunately, no indicator is foolproof; some phishers have forged security icons.

  • Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.

  • Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.

  • Report suspicious activity to the FTC. If you get spam that is phishing for information, forward it to If you believe you've been scammed, file your complaint at, and then visit the FTC's Identity Theft Web site at to learn how to minimize your risk of damage from ID theft. Visit to learn other ways to avoid email scams and deal with deceptive spam.

How would you rate this information?  

Spyware Information

What is Spyware? defines spyware as, "Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes." Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that the majority of shareware and freeware applications do not come with spyware. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers.

Is Spyware bad?

In general, spyware is not designed to be harmful to you - except for violating your privacy. Spyware can be as benign as cookies that simply track sites you've visited on the Web and market to you based on that information. Or, spyware can be so sophisticated as to track your keystrokes when you're logging into online banking. By the time spyware is doing things like logging keystrokes, however, it's entering the realm of being a virus. Spyware programs tend to be badly written. As a result, they may make your computer perform badly or even crash.

Is spyware illegal?

Even though the name may indicate so, Spyware is not an illegal type of software in any way. However there are certain issues that a privacy oriented user may object to and therefore prefer not to use the product. This usually involves the tracking and sending of data and statistics via a server installed on the user's PC and the use of your Internet connection in the background.

What else can spyware do?

"Browser Helper Objects" are the holes in Internet Explorer that spyware exploits. A lot of spyware creates a BHO that can take over the browser. It might change the home page or redirect you to a page other than the one you chose in the address line. The BHO might tell your computer, "If Sam asks to go to, send him to"

What's the hype about?

While legitimate adware companies will disclose the nature of data that is collected and transmitted in their privacy statement. There is almost no way for the user to actually control what data is being sent. The fact is that the technology is in theory capable of sending much more than just banner statistics - and this is why many people feel uncomfortable with the idea.

On the other hand...

Millions of people are using advertising supported "spyware" products and could not care less about the privacy hype..., in fact some "Spyware" programs are among the most popular downloads on the Internet.

Real spyware...

There are also many PC surveillance tools that allow a user to monitor all kinds of activity on a computer, ranging from keystroke capture, snapshots, email logging, chat logging and just about everything else. These tools are often designed for parents, businesses and similar environments, but can be easily abused if they are installed on your computer without your knowledge. These tools are perfectly legal in most places, but, just like an ordinary tape recorder, if they are abused, they can seriously violate your privacy.

So what can be done about spyware?

Software exists for detecting and eliminating spyware. These programs work like virus software, except that they are not in real time. Computer users actually need to run them to have them scan your machine. Spyware is an issue that's getting the attention of Congress because it exploits people's privacy.

How would you rate this information?  

ATM Safety Information

Be Aware
  • Always observe your surroundings before conducting an ATM transaction or using a night depository.
  • Park as close to the ATM or night depository as possible.
  • Consider having someone go with you if it is dark or if the machine is located in an unfamiliar area.
  • If you notice any suspicious activity, do not use the ATM or night depository.
  • If someone follows you after you make an ATM transaction, or you use a night depository, go to a well-lit, crowded area and call for police if necessary.

Use Caution
  • Minimize your transaction time at the ATM.
  • Have your card and forms ready before you approach the ATM.
  • Put cash and receipts out of sight as soon as your transaction is complete. You can count and verify it once you've reached the safety of your locked vehicle or safe building.
  • When approaching a drive up ATM, observe the entire surrounding. If anyone or anything appears suspicious, drive away immediately.
  • When using a drive up ATM, keep your engine running, all doors locked, and all passenger windows closed.

How would you rate this information?