Texting Scam Using One-Time Passcodes

Please be advised of a recent scam targeting credit union members through texting. This scam attempts to defeat 2-step authentication using one-time passcodes.

How the scam works:

  • Fraudsters send text alerts to members appearing to come from the credit union, warning members of suspicious debit card transactions.
  • Fraudsters then call members who respond to the text by spoofing the credit union's phone number and claiming to be from the credit union's fraud department.
  • To verify the member's identity, the fraudster asks for the member's online banking username and tells them they will receive a passcode via text or email and the member must provide it to the fraudster. The fraudster initiates the forgot passcode feature using the member's username and generates a 2-step authentication passcode which is sent to the member.
  • The member provides the passcode prompted by the fraudster to the fraudster who uses it to access the member's account through a device not recognized by the host system.
  • After logging into the accounts, fraudsters can change the online banking passcodes and use person-to-person payments to transfer the funds to others.

Although Florida Credit Union continuously monitors for suspicious activity, we recommend taking precautionary measures to protect yourself:

  • Florida Credit Union will never text, call or email asking you for your login information for online or mobile banking, or for any passcodes. Please do not provide this sensitive information to anyone.
  • Be wary of texts or calls appearing to come from us. If you receive a questionable text purporting to be from Florida Credit Union, please call us directly at 800-284-1144. Should anyone ask you for questionable data, you may also email us at fraud@flcu.org.

For additional resources on how to spot fraud, visit our Account Security page.