Security Tips:

Heartbleed Bug Update:

The Heartbleed Bug is a vulnerability in OpenSSL, an open-source encryption technology used by two-thirds of web servers.  However, Pima Federal does not utilize OpenSSL on either our website or our home banking (including Bill Pay).  For this reason, both our website and home banking sites are safe and secure. Pima Federal considers data security a top priority and will remain ever-vigilant of potential and actual threats and take appropriate action.



Warning about debit/credit card phishing scheme:

· Cardholders may receive what appear to be automated phone calls or texts, telling them that their ATM/Debit cards are locked.

· The automated message requests call recipients to "Press 1" where they are to enter their 16-digit card number into their telephone key pad. Once this is entered, the scammers are then requesting the card's Personal Identification Number (PIN). The scam artists are attempting to obtain customer card numbers and PINs in order to gain access to customer accounts via ATMs or POS (point of sale) purchases.


Pima Federal will not request card, account information or PIN numbers from cardholders over the phone. In many cases, phishing scams, whether by phone or through emails, attempt to gain personal information from the call or email recipients. Please do not provide your information and call your credit union if you feel you have fallen victim of the scam.


Additional tips from Pima Federal:

Pima will never call and ask for your information. If we call you, we have your account information. On the other hand, if you call the credit union we will ask you for your information to verify your identity.

It is not recommended that you use the same password for all your logins. If a criminal discovers your password to one site they will try the same password on other sites. Use different passwords for different sites.

Additionally, use hard to guess passwords. Use a mix of upper case, lower case, numbers and special characters to make it difficult to guess your password.Never provide confidential information to anyone without doing research (or already knowing) their company first. Fraudsters may create fictitious company information to trick you into providing them with yours.

Do not open emails or attachments from unknown sources and be suspicious of any unexpected email attachments or unknown links within emails.

Memorize your PIN and do not write it down. If you choose your own PIN do not use anything that could be found in your wallet such as your birthday or street address.

Regularly review your statements to ensure you are familiar with all activity on your account. Call us immediately if you see anything suspicious on your statement. 






Back to Top