GFA Federal Credit Union

Fraud Prevention

Fraud Support

If you suspect you have fraudulent charges on any of your GFA accounts please call our fraud department at 866-948-3403.

Using our CardValet® app with your GFA debit MasterCard® is another quick and easy way to safeguard your money. You can make changes with just a few swipes, and you remain in control of and informed about your money at all times. You'll receive updates about your card quickly, protecting your money and your name.

With CardValet®, you can set up:

  • Real-time alerts to keep you informed when your card is used.
  • Transaction controls that you can use to ensure your card works only in specific locations or geographic areas.
  • The ability to turn your card "off" so no withdrawals or purchases will be approved.
Start using CardValet® today through your GFA mobile banking app or download the app now:
.

google_play2.png​​ app_store2.png

CardValet® is a registered trademark of Fiserv, Inc. Data rates may apply for downloading/utilizing the app. Apple, App Store, and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. Google Play, and the Android Logo are trademarks of Google Inc.

Fraud and Information Protection Center

GFA will never solicit confidential information such as account numbers, credit or debit card numbers, personal identification numbers, social security numbers, or any other personal information via an outgoing call, text, email, social media message, or voicemail, and we will never ask that this information be entered through a generic web link.

If you receive any message from someone claiming to be from GFA or GFA's Fraud Team asking you for these types of personal information, please do not respond. These are fraudsters attempting to collect your personal information. If you have concerns about the validity of such requests, please contact us immediately by calling 978-632-2542.

Latest Scam Alerts

Phishing Scams
Phishing attacks are usually emails that appear to be sent from a reputable source. Fraudulent emails often contain links or attachments that direct users to malicious websites. Users should exercise caution in handling and opening any email with suspicious subject lines, attachments, or hyperlinks, even if it appears legitimate and to originate from a trusted source.

Fixing Computer Using RDP
Have you received a call to fix your computer or update its software by providing the caller with access using RDP or Remote Desktop Protocol?  STOP!  Do not give access to anyone you don't know. Malicious cyber actors have developed methods of identifying and exploiting vulnerable RDP sessions over the Internet to compromise identities, steal login credentials, and ransom other sensitive information. They can install ransomware on your computer or steal valuable information.

  • Scams

    There are various ways that fraudsters can steal information from you. Below is a listing of scams to watch out for.

    • Phishing & Spear Phishing - When a fraudster attempts to obtain sensitive information by posing as someone else. Have you ever received an email from "Amazon" asking about your recent payment activity and you need to update your account immediately? You later find out that Amazon never contacted you, that's phishing. The identity thief is looking for you personal information like, password, username, credit card information.
      Spear Phishing is similar, you receive an email from an individual or business you know and trust. These are targeted attacks specific to organizations. If you receive an email from your CEO asking to transfer money immediately, but don't contact him because he is busy and will get back to you later, pause it may be hackers. Take the time to contact the person in the email to confirm before you react.
    • Vishing - This is a telephone version of Phishing when you receive a phone call from a person posing as a business in an attempt to gain personal information. Be sure to verify the caller and never provide personal or payment information over the phone. Your bank or credit union will not contact you looking for this type of information.
    • Smishing - Have you ever received an email notifying you that you won a free trip, just click here for details? That's not a prize waiting for you, it's a fake link that captures your personal information. If you don't know who sent you a link within a text or email the best practice is to delete the message and do not open the link.
    • Social engineering - This is when a thief gains access to your personal social media passwords and poses as you. They will impersonate you asking your friends and family for money due to an emergency. To avoid this type of fraud make sure your social media privacy settings are secure.
    • Ransomware - Malicious software that locks up all the files on your computer so you cannot access them. You then receive a message on your computer demanding money for the return of your files. Most times your computer becomes infected by clicking on a link within an email. Be sure your system's antivirus software is up-to-date.
  • Debit and Credit Card Fraud Prevention

    How to protect yourself from credit and debit card fraud.

    Card fraud happens many ways, online scams, data breaches, stolen property, mail theft. GFA monitors for threats and suspicious activity. There are ways to make sure you don't fall victim to credit or debit card fraud.

    Guard your information

    • Never give your personal identification, credit card, or account number to anyone over the phone unless you have initiated the call to the business you trust.
    • Carry only the cards you need so there is less potential for a thief to steal.
    • Shred your documents before disposing papers containing your personal information.
    • Write your card and account numbers down along with expiration dates at a safe area at home. Include the phone numbers for each card company in case you need to report fraud.

    Be careful how you use your card 

    • After each transaction be sure you take your card back.
    • Be aware of those around you when you enter your PIN number at a point of sale. Cover the keypad so those behind you cannot see your debit card Personal Identification Number.
    • Look for irregularities at the ATM before using it. A skimmer may have been placed to capture your debit card information, if you notice something odd after you have inserted your card, alert the business immediately.
    • Be careful when using your card online. Always make sure it is a trusted site that is secure. Only enter information on website's you are positive are legitimate.

    Will you be traveling?
    If you are traveling outside of MA and NH; please review our Debit Card Restrictions.

    • If you are planning a trip overseas, please contact the Member Resource Department at 978-632-2542 to ensure that your debit card is not restricted in the area where you are traveling.
    • To activate your new GFA Debit Card, you need to conduct an inquiry or other transaction at any ATM.
    • You can change your PIN (Personal Identification Number) at any GFA ATM or by calling 800-992-3808.
    • Surcharge-free use of GFA ATMs and SUM ATMs.
    • Who is EnFact? The cards we issue are protected by EnFact, which is an Electronic Neural Fraud Analysis and Card Tracking software that uses a predictive model to score the likelihood of fraudulent transactions. You may be contacted by text, phone call, or email to verify suspicious transactions. Depending on the severity of the case your card may be temporarily frozen until the transaction can be confirmed. They can be reached at 1-877-253-8964 to confirm or deny transactions.

    What do I do if I become a victim of fraud?

    If your debit card is lost or stolen you can immediately freeze it using online banking. The next step is to contact a Better Banking Representative at 978-632-2542 so we can put a hold on your account.

    If your credit card is lost or stolen call your credit card provider immediately and report the fraud.

    Contact the credit bureaus immediately so they can put a fraud alert on your account.
    Experian
    Equifax
    TransUnion

  • Online and Mobile Banking Security

    Online Banking Safety

    • Keep your passwords and Personal Identification Number (PIN) confidential. Don't share your Online Banking password or PIN number with anyone. By providing your password or PIN number to another person or company, you are placing your finances and personal information at risk.
    • Changing your password - Don't use a public computer or a computer on public W-iFi to change your password. Choose a password that is not easily guessed. Choose a password 6-12 characters using a combination of numbers and special characters. Be sure that your password is not your date of birth, phone number or address, these can be easily guessed.
    • Look for the lock icon - Before entering personal information on a website, look for the "lock" icon in your browser. Also look to be sure the site has HTTPS in the beginning of the URL address.
    • If you share a computer, be sure to log off of your online banking account so no one else can access your account information.

    Mobile Banking Safety

    • Be sure your mobile device has a security option such as fingerprint authentication or a passcode.
    • Do not use unsecured an unsecured Wi-Fi network, fraudsters may be able to access the information being transmitted from your device.
    • Research apps before you download them, the app may look like the name of your financial institution, but it may not be.
    • Be aware of Phishing messages via text, GFA will not text you asking for any personal information. If you should receive a message like this, contact GFA immediately.
  • ATM Security

    ATM's and even gas pumps are vulnerable to "skimming". This is when someone steals your account information by adding a magnetic strip called a card "skimmer" over the slot where you insert your debit card. Here are some ways to protect yourself from skimming:

    • Avoid standalone ATMs; choose one in a well lit area or well known establishment.
    • Be ready to immediately use your debit card at the ATM and leave once your transaction is complete.
    • Notify the business if you feel there is something wrong with the ATM's keyboard or card slot.
    • Cover the keyboard with your hand when entering the PIN, and be aware of others around you standing too close.
    • If your card is not returned from the ATM notify the business/financial institution immediately.
    • Do not let others use your debit card or know your PIN number.
    • Do not write your PIN number on the sleeve of your debit/ATM card, memorize the number.
    • Keep your car doors locked and other windows closed when at a drive-thru ATM.

    What to do if you are a victim of a skimming device?

    If you suspect that you have used a device with a skimmer on a GFA ATM, please contact us immediately at 978-632-2542. Contact the local police in your area to file a report. Monitor your accounts regularly, if you notice suspicious transactions report them to GFA immediately.

Financial Protection Services

Identity Protection

Identity Protection

Identity protection is an optional, additional insurance to help you safeguard your finances. 

Learn More

Debt Defense

Debt Defense

Get protection on your loan from death, disability, or involuntary unemployment. 

Learn More

Guaranteed Asset Protection

Guaranteed Asset Protection

Get the added coverage you need for your new vehicle. 

Learn More

Personal-Icon.jpgBusiness-Icon.jpgInvestments-Icon.jpgInsurance-Icon.jpg

Close