We take security seriously
If you suspect fraudulent activity on your account, please contact us right away using the following methods:
- Suspicious emails: Letus know by using the Send us a Message form.
- Lost or stolen debit card, or suspicious transactions: call 1-833-933-1681 within the US or 1-812-647-9794 from outside the US, 24 hours a day, 7 days a week. Lock your card in online or mobile banking.
- Lost or stolen credit card, or suspicious charges: call 877-602-9023, 24 hours a day, 7 days a week.
- Lost or stolen checkbook: call the Help Desk at (863) 688-3733 or toll free (866) 913-3733. If after normal business hours, place a stop payment on one or more checks by calling Direct Touch at (863) 904-4896 or toll free (844) TOUCH24 /(844) 868-2424.
- Fight Fraud with Free Alerts
- Account Alerts: When you want to stay on top of your account activity or how your card is used, such as purchases over a certain amount, you can set up alerts to be notified via text message, email, or both. Alerts can be set up in online banking.
- Automated Fraud Alerts: When we suspect fraudulent activity on your debit or credit card, we will send an automated alert by text message or automated call (credit card alerts can also come by email). You can easily verify a transaction with a simple yes or no. For quicker updates, please make sure we have your current phone number.
Please note that stop payments are only processed Monday through Friday, 9:00 am to 5:00 pm and on Saturdays, 9:00 am to 12:30 pm. If the request to stop a payment is outside of the stated processing hours, your payment may clear prior to the stop payment being applied. A fee is assessed for each stop payment— see fee schedule for details.
Stay up-to-date with the latest scams and fraud alerts.
Common types of scams
Email scams (“phishing”)
Email scams, commonly referred to as phishing, lure victims into providing personal information such as account numbers, passwords, and usernames. The emails often appear to come from legitimate sources and often link to doctored versions of the would-be sender’s website. After victims provide their personal information, thieves can access their accounts or even steal their identities. To protect yourself against phishing, never give out personal information—especially debit or credit card information or account numbers—unless you have initiated the request.
Text scams (“smishing”)
Smishing is similar to phishing but victims are contacted by text message rather than email. Victims typically receive text messages asking them to call a phone number because of an issue with their accounts or debit/credit cards. Please remember that MIDFLORIDA will never ask for personal information via text message. If you receive a text and are concerned about your accounts, please call our Help Desk or the number on the back of your card.
Social media scams (“farcing”)
With most people using social media, farcing is becoming more and more common. Fraudsters who attempt to defraud by farcing often send friend requests to victims and their friends and family. Many people blindly accept these requests simply because they appear to have “friends” in common. Once the scammer has access to your social media profile, they can victimize you in a number of ways such as breaking into your home while you’re on vacation or gaining access to financial data by “selling” you something. Protect yourself against this type of scam by only accepting friend requests from people you know and by making posts visible only to friends.
Phone scams (“vishing”)
Vishing is an attempt to defraud victims via telephone, often in the form of recorded messages that direct recipients to call their financial institutions. The phone number they direct victims to call, however, does not belong to a legitimate organization. Please remember that MIDFLORIDA will never contact you and ask for your account information. On occasion, if our card processor notices some transactions on your debit or credit card that seem questionable, they will contact you to confirm the transactions are valid. In this instance, you will be given a case number to refer to the incident. They will already have your card number on file and will not need to request that information from you.
Website scams (“pharming”)
Pharming, sometimes called domain spoofing, is the act of creating a nefarious website that mimics that of a legitimate organization. In reality, the site is duped and intended for fraud. Protect yourself against pharming by reviewing a link before you click on it, especially if the link is in an email from an unknown sender. Shopping sites with the VeriSign network offer an additional layer of authentication and can be more trusted than others.
How to prevent fraud
Follow these tips to help protect yourself against fraud:
- Never download a mobile app or mobile app update from any site other than the device platform’s official store (e.g., Google Play, Apple App Store, etc.).
- Keep your anti-virus/anti-malware software up to date.
- Do not access your banking or other types of secure sites using public/free Wi-Fi.
- Do not click on emails from unfamiliar people, or on links that are texted to you from an unknown source.
- Change your passwords regularly, and enable password-protected locking features on your mobile devices.
- Download software updates regularly, as these updates often provide security enhancements.
- Run an application that can be used to remotely lock, wipe data, or disable your phone if it becomes lost, stolen, or compromised.
- Don’t jailbreak or enable root access on your phone.
- Use strong passwords that avoid personal information (i.e. birthdays), common words, and sequential or repeated numbers or letters (i.e. abc123).
- Do not store financial records, personal information, important passwords, or sensitive e-mails on mobile devices.
- Log off websites and disconnect from networks when you’re finished using them.
- Use the privacy settings on social media websites to manage who can access your profile.
- If you get a friend request from someone you don’t know, do NOT accept it. If you get repeated requests from the same unknown source, report it to the social media site.
- Never share personal details about yourself via social media, even in the direct message feature, and especially not with vague acquaintances.
- If you find that your social media profile has been compromised, report it to the site immediately.