Members 1st Security Hub: Member Account Fraud Protection

Member sign-in protection at Members 1st FCU.

Members 1st sign in is protected by a combination of member username, member-set password, and a required second factor. The second factor is delivered as an SMS one-time code, an authenticator app token, or a biometric prompt inside the Members 1st mobile app. New device sign-in is challenged on first use, and Members 1st sign-in attempts from unusual geographies trigger an immediate account-activity alert that shows up in the alert center and as a push notification.

How biometric sign in interacts with MFA.

Biometric sign in on the Members 1st mobile app is treated as a strong factor that satisfies both the password step and the MFA step on a previously enrolled device. The fingerprint or face match is processed inside the device's secure enclave; the credit union never receives the underlying biometric template. Members can disable biometric sign in from the security panel and revert to password-plus-MFA at any time.

Card freeze, alerts, and the in-app security panel.

Card freeze is the fastest member tool against unauthorized use. A the cooperative debit card or credit card can be frozen and unfrozen from the card-controls panel inside the Members 1st mobile app, the freeze takes effect in seconds, and members can configure whether recurring billers and posted credits continue while the card is frozen. The same panel exposes spending limits, geographic controls, and merchant-category restrictions that members can use to harden a card without closing it outright.

Recommended alert configuration for Members 1st members.

The the credit union alert center supports balance-threshold, large-debit, foreign-transaction, sign-in-from-new-device, and password-change alerts. A reasonable default is to enable large-debit alerts above a household-appropriate threshold, all sign-in alerts, all password-change alerts, and all foreign-transaction alerts. Alerts can route to push notification, SMS, email, or any combination, and the routing is editable per alert type.

Members 1st security feature reference.

The table below summarizes which Members 1st security features live in the mobile app, in online banking, on the phone line, or across all three channels.

Recognizing phishing aimed at Members 1st FCU members.

the cooperative phishing campaigns typically copy the cooperative's logo, mimic transactional language, and pressure the recipient with a deadline. A genuine the FCU message will never request a password, a full Social Security number, a one-time code, or a remote-control session. The cooperative will not text a member a link that opens a sign-in page; legitimate links route through the official Members 1st mobile app or through a previously bookmarked online banking address. Members who receive a suspicious message should not click any embedded link, should forward the message to the reported-fraud inbox through the secure-messaging panel inside the Members 1st mobile app, and should call Members 1st member service at (717) 691-3500 if the message references a specific account action.

Red flags that should always trigger a Members 1st member to pause.

Common red flags: unsolicited password-reset emails, text messages with shortened URLs, callers asking for a one-time code, alleged the credit union staff who pressure for immediate action, requests to install remote-access software, or requests to wire money to "verify" an account. Federal background on consumer-side phishing recognition is published openly by the Consumer Financial Protection Bureau at consumerfinance.gov.

NCUA insurance and what it actually covers.

Members 1st member share deposits are insured by the National Credit Union Share Insurance Fund administered by the National Credit Union Administration, up to $250,000 per individual depositor across qualifying account categories. Insurance covers checking, savings, money-market, share certificates, and qualifying retirement-account share balances. NCUA insurance does not cover investment products like mutual funds, annuities, or securities, and members holding those products through any affiliated investment program should verify the underlying coverage with the program provider. The official insurance estimator and federal credit union directory are available at ncua.gov.

Members 1st member action checklist if an account is compromised.

Within ten minutes: freeze affected cards in the Members 1st mobile app; change the the cooperative password and rotate MFA preferences; review recent transactions; call the the credit union 24-hour fraud line. Within twenty-four hours: file written disputes for any unauthorized transactions; request replacement cards; review external alert routing; check email and SMS for unfamiliar password-reset attempts; rotate any reused passwords on other services. Within forty-eight hours: place a fraud alert with the major credit bureaus; review and rotate biometric enrollments on shared devices.