Rest Confident, Your Money is Safe and Secure at Kirtland Credit Union, a message from our President & CEO. Learn More

We have engaged FORVIS, LLP (Attn: Jeff Rosno, 1801 California Street , Ste. 2900, Denver, CO 80202) to perform member verifications. Kindly compare the balance of your accounts on your December 2022 statement WITH YOUR RECORDS. If balances do not agree, please address your discrepancies directly to FORVIS, LLP. Include your name, truncated account number, and an explanation of the difference noted.  A reply is not considered necessary unless a difference is noted.

Friday, March 15: the Kirtland CU branch on KAFB is CLOSED. We apologize for any inconvenience. Please visit our nearest Gibson branch for assistance.

Kirtland Credit Union will never ask you to provide, update, or verify personal or account information through an unsolicited email, phone call, or text message. If you receive an unsolicited email, phone call, or text message, DO NOT RESPOND. Notify us at (505) 254-4369 or 1-800-880-5328.

Online and Mobile Banking are intermittently unavailable. We are working to resolve the issue and apologize for any inconvenience.

Concerned about how a government shutdown may impact you? Call us at 1.800.880.5328 to discuss your needs.

ROUTING NUMBER: 307070050

LOGIN

Welcome To The Insighter!

Explore the latest happenings at Kirtland CU and learn about important topics from around the financial world. Here’s your insight! To learn about retirements, investments and financial planning, check out Invested now.

SMiShing: Double Check That Text!

By Ashleigh, K-Staff

Facebook
Twitter
LinkedIn

Ah, technology.

Our high-tech world moves at lightning speed, with communication and tasks often happening in real-time. In many ways, security has lagged behind innovation. Now, new security measures such as two-factor authentication have emerged to protect the vast amounts of information and money that is exchanged online. But criminals are beginning to exploit those extra security measures and options, and you need to be on the lookout for this latest ploy to access your accounts.

Financial partner CO-OP, which owns and operates credit union ATMs nationwide, recently warned Kirtland FCU of a tactic called ‘SMiShing’—phishing (posing as a legitimate company) via SMS text messaging. And it’s effective because of the popularity of texting. According to the Pew Research Center, 97% of Americans send at least one text every day. 

What The SMish?

SMiShing, according to CO-OP, is a text is designed to look like an automated text communication from a legitimate company. There are two different methods of SMiShing that we’ll discuss: the SMiShed text alert and the SMiShed two-factor. 

SMiShed Text Alert

Criminals in possession your debit card details and other forms of personally identifiable information (PII) are spoofing credit union phone numbers in an effort to fool credit union members into thinking that the text messages are actually from the fraud department of a particular credit union. Fraudsters are sending text messages under the guise of trying to validate recent card activity and are including hyperlinks within some text messages.

Fraudsters are also using text messaging to deceive credit union members into providing card-related data and login credentials. A typical SMiShing occurrence can begin with a member receiving a text message inquiring about a suspicious transaction on an account. In reality, the fraudster is looking to obtain other information from members such as debit card numbers, CV2 codes, expiration dates, PINs and other web login credentials.

Before we go into how to spot one of these texts, you should know that there ARE legitimate texts that can come in from your credit union (especially if you’ve registered for Text Alerts for Online Banking login, transaction alerts for your cards, or use Text Banking. But there are key differences between a SMiShing text and a valid text transaction alert).

SMiShing Text ContainsLegitimate Text Contains
A vague reference to a bank or no reference at allAn abbreviated version of your credit union's name
No specific card informationThe last 4 digits of the card number
No specific transaction informationThe amount of the transaction detail
No merchant informationMerchant details
Hyperlinked phone numbers and/or web addressesNo hyperlinks
Requests for card numbers, CV2 codes, passwords, PINs, expiration datesReply options of: YES, NO or STOP (to opt out)

The SMiShed Two-Factor

Have you opted in to two-factor authentication for your financial accounts? Many companies and financial institutions are now offering two-factor authentication as a way to make logging in faster and safer by requiring not only a username and password but the entry of a one-time code, sent through a different channel (usually e-mail, text, or voice call). Which means that if a fraudster obtained your username and password to a specific account, they would also need to have access to your e-mail account or phone to obtain the one-time code—an unlikely situation. Thieves are now calling members, posing as credit union employees, to get you to turn over the code while you’re on the phone with them!

While on the phone with a member, the fraudster logs into a credit union Online Banking site. When the one-time code is sent to the member’s phone, the fraudster asks the member to provide the code as a means to validate the member. When the information is shared with the person the member believes is a credit union employee, the fraudster uses the code to finalize access to Online Banking, which is typically followed by changing the Online Banking password and transferring funds from member accounts.

How To Miss The SMiSh

  • Be aware! By simply knowing of the possibility of a SMiShing attack, you can keep an eye out for the signs.
  • Never provide information via text. A legitimate credit union employee or alert text will never ask for personal information to be sent over unsecured channels, and you will NEVER be asked for your Online Banking password or two-factor code outside of your login attempt.
  • Never click hyperlinks in texts. Legitimate requests to validate card activity will request a simple response of YES or NO. They will not include hyperlinks to other websites or ask for any personal info.
  • Don’t believe the caller ID. It’s amazingly easy to spoof a phone number—to make it look like a call is coming from a legitimate source.
  • When in doubt, check! You can always call the credit union (Kirtland FCU member, call 1-800-880-5328) to check on the validity of a transaction alert or to report a request for information that seems, well, phishy.
Accounts
Member Services
Help & Support
About
On The Go
Apple
Android

Connect With Us

Facebook Instagram Linkedin Twitter

Routing Number: 307070050

6440 Gibson Blvd. SE, Albuquerque, NM 87108

Copyright. Kirtland Federal Credit Union 2024. All rights reserved

Federally insured by NCUA Equal Opportunity Lender

THIRD PARTY LINK DISCLOSURE: We may provide links to third party sites, independent from Kirtland Federal Credit Union. These links are provided only as a convenience. Kirtland Federal Credit Union does not manage the operation, content or any links contained inside of the website you are about to enter. The privacy and security policies of the site may differ from those of Kirtland Federal Credit Union.

Don't Be a Victim!

You need to know about credit union impersonation scams so you can avoid becoming a victim of these nefarious tactics.

Learn Now

Online, Mobile, and Telephone Banking will be unavailable on Sunday, December 17 from 12:00-5:00 a.m. MST.

Member Login

Credit Card Rewards Points

REDEEM NOW