Nothing's more valuable than peace of mind.
You trust us with your money and we take that responsibility to heart. We use a variety of security tools to keep your information safe. Find out more about:
What we do
To ensure that your data is protected, we have implemented multiple safeguards that meet or exceed required regulations in order to not only protect your money, but your personal information as well.
When you sign in for the first time or with a device we don’t recognize, or if your tracking cookie has expired or you’ve recently changed your password, we’ll ask you for your username, password, and a temporary identification code will be sent to you via phone, email, or text message. Once you enter the temporary identification code on the login screen, we’ll sign you securely into your accounts. An LMCU representative will never ask you for this temporary code.
The mobile authenticator sends a unique, time-based, one-time passcode to your LMCU mobile app. This passcode takes the place of your usual password when logging into LMCU’s Online Banking. Since the authenticator passcode is randomly generated on the spot and expires after a short period, it’s an added security layer.
To learn more click here.
Suspicious activity monitoring
Your account activity is regularly monitored for potential fraud. If something doesn’t match your normal spending pattern, it is flagged and may be followed up with a phone call to make sure the transaction is legitimate. If you do have fraud on your account, or if you have compromised any confidential account information, please notify us immediately at (800) 242-9790.
Remember, we’ll never ask you for personal information over the phone, such as your mother’s maiden name or Social Security Number.
We monitor your accounts to help detect fraud as early as possible. We might call you if we notice a change in activity but we'll never ask you for personal information over the phone, such as your mother's maiden name or Social Security Number. If that happens, call us right away at (800) 242-9790.
If we can't reach you, we might place a temporary hold on your online activity to make sure it's you and not someone else using your account. If that happens, call us right away to confirm your account activity and you can start using your online and mobile access again.
Secure Sockets Layer (SSL) encryption technology emerged as the industry standard for securing data while it travels across the Internet. SSL is used worldwide in online stores, credit unions, banks, and on all other websites where information from an individual needs to be kept confidential.
We use 128-bit encryption technology to protect your username, password, and other personal account information when you're using our site or apps. You'll know your information is encrypted when the LMCU.org page you're on starts with "https://" and you see a lock symbol in your web browser.
- Confidentiality: your information is confidential through the encryption or scrambling process.
- Integrity: if someone were to intercept your LMCU account information, it would not decrypt properly.
- Authentication: Lake Michigan Credit Union has been certified with one or more secure certificates from Entrust to communicate with you, the member, with SSL technology. Digital certificates act as a digital ID that users or computers are authentic. These certificates are utilized to add security to our Home Banking and our Online Membership Application.
Your data is protected by numerous firewalls to help prevent unauthorized access to our network, and LMCU monitors these firewalls to prevent security breaches.
We use the CloudFlare framework for monitoring the flow of traffic into our websites to detect/deter unwanted traffic from our systems and detour malicious bot attacks.
If your account has no activity for 20 minutes, the system will log itself off and will require you to reenter your User ID and Password to access the account again.
Every time you sign in to online or mobile banking, we display the date and time of your last successful sign in.
Our secure message center within online and mobile banking allows you to have your account-related questions answered securely and privately.
You can also send a secure message directly through our website.
The National Credit Union Administration (NCUA) provides insurance so that credit union members will recoup up to $250,000 per qualifying account if a federally insured credit union goes under.
To learn more click here.
Our corporate code of conduct is our commitment to supporting the integrity and ethical standards we expect from our employees. The code includes specific guidelines about how we expect employees to protect confidential information (including your account and personal information), as well as guidelines to limit our employees access to your confidential information and restrict how we use and share information for certain processes and transactions.
Our business practices
What you can do
We want to protect your identity and your bank account. At LMCU we take many steps to safeguard your information, but here are a few things you can do.
Set strong passwords
The best way to secure your personal information is by creating unique usernames and strong passwords. A strong password is at least 8 characters long with a mixture of upper and lower case letters, numbers, and special characters.
You should avoid using your pet's name, your child's name, or anything else that a fraudster could easily find out, like your address, phone number, or birth date. For added security, remember to change your password regularly and avoid using the same password for multiple sites.
Sign up to use our mobile authenticator
The mobile authenticator sends a unique, one-time passcode to your LMCU mobile app. This passcode takes the place of your usual password when logging into LMCU’s Online Banking. Since the authenticator passcode is randomly generated on the spot and expires after a short period, it’s an added security layer.
To learn more click here.
Use biometrics when possible
Biometrics are a way to measure a person’s physical characteristics to verify their identity. Common biometrics used for passcodes include fingerprints and facial recognition.
Biometrics are powerful because while they’re not “secret” like passwords, they can’t simply be ‘typed’ by a fraudster, and they are extremely difficult to recreate.
Want to enable fingerprint and facial recognition? Log into your account via the LMCU mobile app and navigate to Settings > Login Options > Biometric ID.
Protect your ATM card and personal identification number (PIN)
Always protect your card by keeping it in a safe place. If your card is lost or stolen, contact us immediately. Carefully review your account statements and report any fraudulent transactions immediately.
Memorize your PIN. Do not write it on your card, keep it in your wallet, or give it to anyone. If you choose your own PIN, avoid using numbers for your PIN that are easily identified (for example, birthdates, telephone numbers, and addresses).
Never give your PIN to anyone or information about your card over the telephone, email, or the internet unless to a trusted merchant in a call or transaction you initiated. If someone asks for this information, refuse and immediately contact us.
Use caution at ATMs
Be aware of your surroundings at the ATM. Make sure others cannot see the keypad while you’re entering your PIN. Shield the keypad with your hand or body when entering your PIN at an ATM.
Put your card, cash, and receipt away immediately after completing your transaction. Do not display or count your cash at the ATM. If you print a receipt, take it with you and keep it in a safe place. The receipt may contain information about your account balance and a partial account number, which may be used for fraud. When you’re done with your receipts, shred them.
If you must use an ATM at night, take someone with you. Be aware of people and your surroundings before, during, and after you use an ATM, particularly at night. If you feel unsafe, press Cancel and visit another ATM.
If you notice anything suspicious about the ATM or surrounding area, cancel your transaction and notify LMCU or law enforcement immediately. The activity around LMCU ATMs may be monitored or recorded by surveillance cameras.
Protect your mobile device
Mobile devices that are used to access financial information should be locked with a secure passcode. If your device is lost/stolen, report it immediately to your carrier so it can be deactivated.
Don't access financial accounts from free, public networks. Public Wi-Fi hotspots are prime targets for hackers, who obtain direct access to your mobile device.
Delete messages received from the credit union on a regular basis.
Do not respond to text messages from unknown sources that request your personal information such as social security number, account numbers, etc. LMCU will never contact you and request any personal information.
Protect your computer
Install anti-virus and firewall software on your computer and keep it up to date.
Be cautious about offers for free anti-virus software; make sure you get your software from a reputable company. Look for anti-virus software that scans incoming communications and files for viruses, removes or quarantines viruses, and updates automatically.
A firewall is software or hardware designed to block unauthorized access to your computer. It's especially important to run a firewall if you have a cable modem or DSL line or other broadband connection, because they’re targeted often. Many current operating systems come with a built-in firewall, which you have to turn on.
Make sure you’re on LMCU.org
Before you enter any of your login credentials, make sure you’re on the authentic LMCU.org website by checking your browser address bar to see if it has:
- A lock icon
- The LMCU logo
Think before you click
A malicious email can look just like it comes from a financial institution, an e-commerce site, a government agency, or any other service or business. It often urges you to act quickly because your account has been compromised, your order cannot be fulfilled, or there is another urgent matter to address.
Don't open the email or any attachments, even if it appears to be from a friend or co-worker, unless you're expecting it or you’re absolutely sure you know what it contains.
Watch out for email subject lines or emails with a generic message like, "check this out" or "thought you'd be interested in this". Make sure you know who sent the email before you open an attachment or click any links.
Freeze your debit card
If you temporarily misplace your debit card or suspect fraudulent activity on your account, you can freeze it to prevent new purchases and ATM transactions. It’s easy to freeze or unfreeze your debit card in seconds via the mobile app or online banking.
Please keep in mind that while your debit card is frozen, other account activity will continue as normal.
Enroll in eAlerts
Early detection is a key component in stopping fraud quickly. eAlerts are a great way to keep track of your finances to detect withdrawals you didn’t authorize or other suspicious account activity, and to get notice about them quickly. You can sign up to get all types of alerts by text, phone, or email.
Learn how to set up eAlerts here.
Enroll in eStatements
Opting for eStatements is not only convenient, it also helps protect your personal information. When you enroll in eStatements, you keep a record of your transactions behind a secure login and will be notified by email when a new statement is available.
Learn how to enroll in eStatements here.
Always log off
When you are ready to leave a site to which you have logged in, log off rather than just closing the page or browser.
Look over your credit reports
At least once a year, read through your credit reports carefully. You can request a free annual credit report from each of the 3 national credit reporting agencies, even if you don’t suspect any unauthorized activity on your account.
For your free annual report, go to AnnualCreditReport.com or call 877-FACTACT (1-877-322-8228). Or, request the reports directly from each agency:
Equifax: (800) 525-6285
Experian: (888) 397-3742
TransUnion: (800) 680-7289
Look out for credit inquiries from unfamiliar companies, accounts you never opened, and unexplained debts. This can be a warning sign of fraud or identity theft.
What to watch out for
LMCU is committed to ensuring the safety of our members’ information. However, dishonest individuals are continually working hard to find new ways to scam. One of the best defenses against fraud is to remain educated. Once you know how to identify threats to your personal and financial information, you'll know how to minimize the risks of becoming an identity theft victim.
Phishing is a scam to collect valuable information such as credit card, social security numbers, usernames and passwords. These emails will claim to be from a company you know and trust. They usually ask you to ‘update’ or ‘validate’ your account information. It often threatens some type of consequence such as ‘your debit card will be deactivated’. The message directs you to a website that looks legitimate, but is not.
Never reply to an email you receive that is requesting your personal information, never open an attachment or click on the link provided in the email. It is best to type the URL address directly in to your browser.
Vishing is the voice counterpart to phishing. Instead of being directed by email to a website, an email asks the user to make a telephone call. The call triggers a voice response system that asks for personal or financial information. The initial contact can also be a telephone call with a recording that instructs the user to phone an 800-number or another area code within or outside of the United States.
If the message appears to be from a legitimate source, contact that sources main phone number - not the number provided in the email or phone message – and verify.
Additionally, you could receive a call that says LMCU on your Caller ID, but it is really from a fraudster pretending to be us. For more information on Caller ID spoofing, visit: https://www.fcc.gov/spoofing.
Smishing is the mobile phone counterpart to phishing. Instead of being directed by email to a website, a text message is sent to the user’s cell phone or other mobile device with some ploy to click on a link. The link causes a Trojan to be installed on the cell phone or other mobile device.
If a text message looks suspicious, delete it right away without reading it. Never reply to or follow the instructions of a text message that asks you for personal information. A legitimate business will never ask you to reveal your personal information over the phone or online.
Skimming is when thieves use devices to collect — or skim — private data from debit, credit, and ATM cards. Skimmers often target gas stations, retail stores, and ATMs. Handheld skimming devices can be used at restaurants, like when you hand your card to a server to pay for a meal.
At Gas Pumps, be sure to check the pump for any loose or tampered card slots, choose credit over debit to avoid entering your PIN, and if you’re ever suspicious, go into the station and pay the attendant.
At ATMs, be aware of your surrounding and check the ATM for any loose parts like the card slot, money dispenser, or ATM screen. Cover the keypad with your hand when entering your PIN.
At restaurants and retail stores, choose credit over debit to protect your PIN from being detected by a skimming device.
Pay attention to the web address (URL) of websites. A website may look legitimate, but the URL may have a variation in spelling or use a different address. If you are suspicious of a website, close your browser and contact the company directly by phone. Do not click links on social networking sites, pop- up windows, or non-trusted websites. Links can take you to a different website than their labels indicate. Typing an address into your browser is a safer alternative. Only give sensitive information to websites using a secure connection. Verify the web address begins with https:// (the “s” is for secure) rather than just HTTP:// with no “s”.
You are notified that you have won a lottery or sweepstakes in a foreign country and are asked to send funds back to pay for fees and taxes on the winnings. Do not deposit any checks that are supposed winnings from a lottery or sweepstakes that you don’t remember entering. Take time to research any offers you receive over the internet.
Spot the scam tips
- The subject line uses an urgent or aggressive tone.
- The sender the email came from is one letter off from what they should be (e.g., “netftix” instead of “netflix”) so that, at a glance, everything appears official.
- The greeting is generic or awkwardly phrased.
- Spelling and grammar errors are always a red flag.
- Buttons and links are easy for scammers to format and disguise. Get in the habit of accessing your accounts by typing the official URL in a new browser window. Avoid clicking on direct links in email messages.
- The contact info looks sketchy. Cross-reference it with a separate web search.
- Malicious attachments can be easily disguised as innocent Word documents, spreadsheets, and presentations. Be deliberate about which attachments you choose to open or download.
Additional identity theft protection
Your identity is unique and LMCU will help you keep it that way!
LMCU and LifeLock are pleased to partner and offer our members a discount on additional Identity Protection. LifeLock is an identity theft protection service. Identity theft affects millions of consumers every year. Take steps to prevent it from harming you. Protect yourself with identity theft protection services including prevention, detection, and restoration.
You can sign up and learn more about LifeLock here.
For the most up-to-date information relating to scams, including common scams, how to avoid scams, what to do if you believe you have been scammed, and how to report a complaint please visit the Federal Trade Commission’s (FTC) Consumer Information page at www.consumer.ftc.gov/features/scam-alerts where you can browse scams by topic.
An individual’s personal information is an incredibly important asset to protect. Knowing how to protect both your financial identity and your online identity is a must in this day and age. The Federal Trade Commission has very valuable tips to do this effectively. Please visit www.consumer.ftc.gov/topics/privacy-identity-online-security to learn more about the following topics:
If you suspect that someone may be using your personal information to open accounts, file taxes, or make purchases, please visit www.identitytheft.gov to report that you believe you are a victim of identity theft. Once you have made your report, you can create a personal recovery plan and put that plan into action. The FTC will walk you through each recovery step. For more identity theft resources, please visit ftc.gov/idtheft.
Who to contact
LMCU is here to help you keep your accounts secure. Whether you lost your card, encountered suspicious activity, or have had unauthorized access to your Online Banking Profile, we are here to help you.
Lost or stolen debit or credit card
If your debit or credit card is lost or stolen, please report it immediately to prevent unauthorized use.
Contact our 24/7 Toll-Free Lost/Stolen number: (866) 304-8684.
A new card and new PIN will be ordered and should arrive by mail in about 7-10 business days.
Debit or credit card transaction dispute
You can start a dispute by logging in to Online Banking, clicking on your Checking account, and choosing 'Debit/Credit Card Dispute' on the right-hand side.
To dispute a debit card transaction, we need your signature on a Dispute form. This form can be filled out at any of our branch locations. You may also contact our Member Services Department at (800) 242-9790 or send an email to [email protected] to have it mailed or emailed to you.
If you have questions, or need to dispute any unauthorized transactions, you may also contact our Member Services Department at (800) 242-9790.
Report suspicious activity
Online banking login issues
If you are entering the correct username and/or password but are unable to login:
- Make sure your CAPS lock or NUM lock are not on. Passwords are case sensitive.
- If your browser has saved your username or password, try deleting the saved information and enter it manually.
- Your account may be locked due to too many invalid login attempts.
For assistance, please contact our Member Services Department at (800) 242-9790.
What to do if you become a victim
Follow these steps immediately if your purse or wallet has been stolen, your home was burglarized, or you think you may have become a victim of identity theft:
- Call LMCU Member Services Department at (800) 242-9790.
- If you are a LifeLock member, they will provide resolution services – you will be assigned an identity restoration specialist who will be ready to help and take charge
- Place a “fraud alert” on your credit reports by calling one of the major credit reporting agencies. Contact information is listed below:
Equifax: (800) 525-6285
Experian: (888) 397-3742
TransUnion: (800) 680-7289
- Check your credit report every 30 days.
- Monitor your banking, retirement, all credit card and debit card activity for anything suspicious.
- Close any accounts that have been tampered with or opened without your approval.
- File a report with your local law enforcement agency, as well as with the Federal Trade Commission by calling (877) IDTHEFT or online at ftc.gov/idtheft.
- Monitor your credit report once a year to check for any inaccuracies or suspicious activity by visiting www.annualcreditreport.com to obtain your free copy.