Bayport Credit Union: A Smarter Way to Bank
Mobile Menu

BayportCU

Online Banking Enrollment is easy - here's how:

  • In the Username box, enter your Account #.
  • In the Password box, enter your numeric STAR PIN.

If you do not have a STAR PIN or need assistance,
please contact us.

Fraud Alerts

We will keep you updated on the latest online scams and threats on this page while also posting alerts on our homepage. Remember, if you believe you have been the victim of any fraudulent activity, please contact us immediately.

Wendy's Breach (July 2016)

The recent security breach at Wendy’s has caused great concern for many consumers. The breach has an estimated exposure window from late fall 2015 through June 2016. BayPort Credit Union is watching the situation closely and we have systems in place to monitor accounts for fraudulent activity. Rest assured our primary focus is keeping your information secure.

Important Information

BayPort debit and credit cards have a Zero Liability policy. This means that you're not responsible for any unauthorized purchases made on BayPort Credit Union debit or credit cards.

  • If you've shopped at Wendy’s recently, review your debit and credit accounts frequently, using our mobile app or online banking. Report any unauthorized transactions immediately to 757-928-8850 or 800-928-8801
  • We monitor your accounts 24/7, and if we detect suspicious activity, we'll notify you via phone call or mailed letter.
  • For BayPort to ensure the best possible fraud monitoring service,  please check that your contact information is up-to-date. You can ensure your contact information is up-to-date within online banking under the “My Settings” link located in the upper right hand corner of the online banking screen.

 For updates on the situation please visit Wendy’s Official Press Release. As always BayPort is here to support our members. Again, we are actively monitoring our card transactions.  To learn more on how BayPort monitors card activity please visit the following links.

 Debit and Credit Card Protection

 eNFACT Debit Card Security

Phishing Texts Posing as BayPort (March 2016)

If you receive a suspicious text message that appears to be from BayPort Credit Union please do not click on any links, and do not forward the text. Delete the text. Below are example fraudulent text messages - messaging and links may vary. Please be aware that these are not from BayPort Credit Union.

Example 1:

(BayPort Credit Union) Technical services are carrying out a planned software upgrade. To get started please follow http://witherslack-hosting.co.uk/bayport#/.

(A new version of this text is currently circulating using the link above as well as “Software Upgrade with the link: wither.host.cu.uk\bayport”)

Example 2:

(BayPort Credit Union) SECURITY ALERT! Verify your details http://witherslack-hosting.co.uk/bayport#

Example 3:

(BayPort Credit Union) ALERT! We had detected an unauthorized sign-in to you BayPort online account. Please follow this link: http:goo.gl/L1nav5

Example 4:

(BayPort Credit Union) Dear BayPort Credit Union customer, we have detected unauthorized transactions on your account. Update right now. http://ow.ly/TzVhm

Example 5:

(BayPort CU) SECURITY ALERT! Your account has been accessed from different devices. Please confirm your account details http://valledeifiori.com/bay.html

Your account security is of the utmost importance to us. If you have any questions about the validity of an email you have received from BayPort, please Chat with us online or call us at 757.928.8850.

Phishing Calls Posing as BayPort (February 2016)

BayPort has been notified of members and non-members receiving phone calls requesting account information, i.e.: debit card information and Online Banking login credentials being the two most common. Callers may also state your account is locked. Please note: these calls are being generated from multiple areas around the country.

These calls are not from BayPort Credit Union.

Please remember if you are contacted by BayPort Credit Union, we will NEVER request your account number, PIN information, or Online Banking credentials over the phone, email, or text.

Your account security is of the utmost importance to us. If you have any questions about the validity of a phone call, email, or text you have received from BayPort, please Chat with us online or call us at 757.928.8850.

Phishing Emails Posing as BayPort (July 2015)

If you receive emails that appear to be from BayPort Credit Union with a subject line such as "Account Management" or "Customer Service" with a message stating that "Your account was accessed by a third party" or "Your account was accessed from a different location" please be aware that these are not from BayPort Credit Union. Please do not open any attachments, click on any links, and please do not forward the email. Delete the email.

Below are example fraudulent emails - From email addresses, email messaging, and attachment names may vary.


From: BayPort Credit Union <tnyoil@outlook.com> <-- From email addresses vary
Sent: July 3, 2015 9:21:38 AM EDT
To: <receiver's email address here>
Subject: Customer Service <-- Subject lines vary

Dear BayPort Credit Union Customer,

You have received this email because you or someone had used your BayPort Credit Union account from a different locations. As a precaution, we have locked your BayPort Credit Union account in order to protect against future unauthorized transactions. In order to safeguard your account, we require that you confirm your account BayPort Credit Union information.

https://www.bayportcu.org <--this would be a hyperlink but has been removed for security

Thank you,

BayPort Credit Union


From: BayPort Credit Union <fyqycn@bayportcu.com> <-- From email addresses vary
Date: Jun 19, 2015 6:46 AM
Subject: Account Management <-- Subject lines vary
To: <receiver's email address here> 
Attached: BayPortCU.html <-- Attachment names and file types vary

Dear BayPort Credit Union Customer,

We have reasons to believe that your account was accessed by a third party and different computers have been logged in to your BayPort Credit Union account and multiple password failures were presented before the logons.

We have locked your online BayPort Credit Union account until you update your profile.

Please open the file you have received in this email and follow instructions.

Thank you,

BayPort Credit Union.


Your account security is of the utmost importance to us. If you have any questions about the validity of an email you have received from BayPort, please Chat with us online or call us at 757.928.8850.

NCUA Warning of Scammers (March 2015)

NCUA warns of scammers using similar website logo, design

Last week, the National Credit Union Administration reported scammers using a website with a logo similar to that of the NCUA in an effort to trick consumers into providing sensitive information or sending money.

“According to the NCUA, consumers have received emails from the National Credit Union website, which is not affiliated in any way with the NCUA, a federal agency, and the emails are not from the agency.”

Please be advised, the NCUA, nor BayPort Credit Union, would ask for personal information in this manner.

Please view the full article.

Staples Breach (January 2015)

The recent security breach at Staples, Inc. has caused concern for many consumers across the US. The breach has an estimated exposure window from July 2014 to September 2014. BayPort Credit Union is watching the situation closely and we have systems in place to monitor accounts for fraudulent activity. Rest assured our primary focus is keeping your information secure.

Important Information

  • BayPort debit and credit cards have a Zero Liability policy. This means that you're not responsible for any unauthorized purchases made on BayPort Credit Union debit or credit cards.
  • If you've shopped at Staples recently, review your debit and credit accounts frequently, using our mobile app or online banking. Report any unauthorized transactions immediately to 757-928-8850 or 800-928-8801
  • We monitor your accounts 24/7, and if we detect suspicious activity, we'll notify you via phone call or mailed letter.
  • For BayPort to ensure the best possible fraud monitoring service,  please check that your contact information is up-to-date. You can ensure your contact information is up-to-date within online banking under the “My Settings” link located in the upper right hand corner of the online banking screen.

As always BayPort is here to support our members. Again, we are actively monitoring our card transactions. To learn more on how BayPort monitors card activity please visit the following links.

Debit and Credit Card Protection 

eNFACT Debit Card Security

Jimmy John's Breach (September 2014)

The recent security breach at Jimmy John's has caused great concern for many consumers across the US. The breach has an estimated exposure window from June 16, 2014 to September 5, 2014. BayPort Credit Union is watching the situation closely and we have systems in place to monitor accounts for fraudulent activity. Rest assured our primary focus is keeping your information secure.

Important Information

  • BayPort debit and credit cards have a Zero Liability policy. This means that you're not responsible for any unauthorized purchases made on BayPort Credit Union debit or credit cards.
  • If you've dined at Jimmy John's recently, review your debit and credit accounts frequently, using our mobile app or online banking. Report any unauthorized transactions immediately to 757-928-8850 or 800-928-8801
  • We monitor your accounts 24/7, and if we detect suspicious activity, we'll notify you via phone call or mailed letter.
  • For BayPort to ensure the best possible fraud monitoring service,  please check that your contact information is up-to-date. You can ensure your contact information is up-to-date within online banking under the “My Settings” link located in the upper right hand corner of the online banking screen.

As always BayPort is here to support our members. Again, we are actively monitoring our card transactions.  To learn more on how BayPort monitors card activity please visit the following links.

Debit and Credit Card Protection 

eNFACT Debit Card Security

Home Depot Breach (September 2014)

The recent security breach at Home Depot has caused great concern for many consumers across the US, Canada, and Mexico. The breach has an estimated exposure window from April 2014 on. BayPort Credit Union is watching the situation closely and we have systems in place to monitor accounts for fraudulent activity. Rest assured our primary focus is keeping your information secure.

Important Information

  • BayPort debit and credit cards have a Zero Liability policy. This means that you're not responsible for any unauthorized purchases made on BayPort Credit Union debit or credit cards.
  • If you've shopped at Home Depot recently, review your debit and credit accounts frequently, using our mobile app or online banking. Report any unauthorized transactions immediately to 757-928-8850 or 800-928-8801
  • We monitor your accounts 24/7, and if we detect suspicious activity, we'll notify you via phone call or mailed letter.
  • For BayPort to ensure the best possible fraud monitoring service,  please check that your contact information is up-to-date. You can ensure your contact information is up-to-date within online banking under the “My Settings” link located in the upper right hand corner of the online banking screen.

For updates on the situation please visit Home Depot Official Press Release. As always BayPort is here to support our members. Again, we are actively monitoring our card transactions.  To learn more on how BayPort monitors card activity please visit the following links.

Debit and Credit Card Protection 

eNFACT Debit Card Security

Svpeng and Dyreza Malware (June 2014)

Recently new online security threats have been discovered known as Svpeng and Dyreza. As with any security issue, your security is our top priority. We do not believe our applications are vulnerable to Svpeng or Dyreza at this time and are working with our vendors to understand scope and impact of these new threats.

What is Svpeng?

Svpeng is a new malicious malware, ransomware app for Android devices. Svpeng searches for specific mobile banking apps on the device, then locks the device and demands money to unlock it. In the U.S., Svpeng breaks into a mobile device through a social engineering campaign using text messages.

Svpeng capabilities include:

  • Spoofing legitimate banking applications
  • Stealing personal banking information
  • Capturing user input, including passwords
  • Sending SMS messages to premium numbers without user's knowledge resulting in charges
  • Stealing SMS messages
  • Stealing contact information and pictures
  • Tracking user location

What is Dyreza?

Dyreza or "Dyre" is a new family of banking malware that redirects traffic to malicious servers, while users think they have a secure connection with their legitimate online banking site.

Dyreza is spread through spam e-mail messages such as "Your FED TAX payment ID [random number]" and "RE: Invoice #[random number]." These messages contain a ".zip" file often hosted on legitimate domains, to minimize suspicion.

Opening the zip file infects the computer with malware. Using a technique called "browser hooking" Dyreza views unencrypted web traffic in the Internet Explorer, Chrome and Firefox browsers and captures credentials by sending the user to malicious servers, while the user thinks they are securely connected to their financial institution's legitimate website.

Is my phone vulnerable to Svpeng and Dyreza?

iPhones and Android devices use different operating systems. Svpeng specifically targets the Android operating system. Dyreza does not target mobile devices; it exploits Internet Explorer, Google Chrome and Mozilla Firefox browsers.

How can I protect myself against threats like Svpeng and Dyreza?

  • Install an antivirus app and keep it updated
  • Avoid installing apps from unreliable sources
  • Read the permissions requested by every app before installing
  • Perform regular backups
  • Protect devices with a password
  • Don't view or share personal information over a public WIFI network
  • Don't respond to or click on unknown text messages and emails 

Credit Report Pop-Up (May 2014)

If you receive a pop-up regarding checking your credit score online please beware that the pop-up is not sponsored by BayPort Credit Union. BayPort always recommends closing such pop-ups and going to reputable sources directly such as www.annualcreditreport.com. If you receive suspicious pop-ups while online never provide personal information and consider running a security software scan to ensure you're protected.

Heartbleed Bug (April 2014)

BayPort has kept a close eye on the Heartbleed bug you may have heard about. The vendor we use for online banking has completed assessments and has not discovered any vulnerability. In addition, all secondary services accessed through BayPort's online banking or website have been verified as not vulnerable.

Phishing Calls for Card Information (April 2014)

BayPort has received reports of phishing calls trying to obtain debit/credit card numbers and PINs.

  • BayPort Credit Union uses eNFACT to monitor debit card transactions. If suspicious activity is detected you will receive a call from (800) 262-2024.
  • Please contact (757) 928-8850 or (800) 928-8801 to report any compromised cards.
  • Report any Phishing attempts to the Federal Trade Commission at (877) 382-4357.

Fraudulent Pop-Up Messages (March 2014)

BayPort has learned that some of our web site visitors have reported receiving a pop-up message that asks for personal information such as credit card numbers in regards to a credit report and a data breach at Epsilon Corporation. This is a fraudulent attempt to steal personal information and does not come from BayPort Credit Union.

Here is an example

Attention Bayportcu.Org Visitor,

Data Security Breach Information

We want to make you aware of a situation that has occurred that could be related to your personal information. Recently, there was a massive system breach at Epsilon, a third party vendor that supplies marketing services to a number of companies, including Best Buy, Chase, Citi, Disney, US Bank, Marriott, Home Shopping Network and many others. Files containing personal information were compromised.

Names, email addresses and some personal information was exposed. Because of the increased risk of identity theft, we are urging you to check your credit report for any activity that you did not authorize.

We want to help protect you against this data breach, by offering you access to your credit score for free. This offer is available on Monday, March 24, 2014. Please be aware that although your credit score is free, a credit card will be required to validate your identity.

If you see such a message, do not click any links or give any personal information. What you should do:

  • Run an updated anti-virus program and remove any threats found.
  • Clear your browser's temporary internet files and cookies.
  • Change your username and passwords to any accounts accessed on the device.

Remember that BayPort Credit Union will never ask you for information that we already have on file. If you have any concerns or suspicions about a message from BayPort Credit Union, please contact us.

Apple's Critical Security Advisory (February 2014)

On Friday, February 21, 2014 Apple posted a Critical Security Advisory regarding a bug and resulting vulnerability in its iOS platform (the operating system used on its mobile platforms iPad, iPod and iPhone). This vulnerability could allow a malicious third party to capture and manipulate otherwise secure Web, email and application traffic on the device.

Apple has recommended that users of the Apple iOS platform immediately take steps to reduce this risk by applying a software patch made available by Apple for those users running iOS7. A patch was also available for the legacy iOS6 platform and OSX desktop platforms.

Further information on this vulnerability and the steps required to mitigate the associated risk can be found at http://support.apple.com/kb/HT6147.

Social Media and Mobile Deposit Fraud Scheme (February 2014)

A new bank fraud scheme involving mobile deposits of kited and counterfeit checks to victim/accomplice accounts has begun to circulate on social media sites such as Facebook and Instagram. Suspects are soliciting witting accomplices locally in Norfolk, VA and on Facebook, with the promise of $3,000-$6,000 profits for providing their bank card, PIN and account access information. Once witting victims/accomplices provide bank cards and account information, suspects use mobile banking apps from financial institutions to deposit the checks. Currently, withdrawals are made in the Chicago, IL area at banks, ATMs and Garfield Dan Ryan currency exchange among other locations. Currently, suspects are utilizing a Chicago PO Box as a mail drop for bank cards and often make an address change to the accounts. An unidentified co-conspirator has utilized an Instagram account to solicit individuals.

Fraud Scheme Facebook

Target Card Data Accessed (December 2013)

Target announced a card data compromise at its US stores occurring November 27 through December 15, 2013. To learn more, please visit Target's Announcement and Guidance. As always BayPort is here to support our members. We are actively monitoring our card transactions. To learn more on how BayPort monitors card activity please visit the following links.

Phishing eMails Posing as TurboTax (February 2013)

If you receive emails that appear to be from TurboTax stating that "Your State Return Has Been Rejected," please be aware that these are not from TurboTax. Please do not open the attachment and do not forward the email. Delete the email. Below is a copy of the fraudulent email - the attachment is named "TAX_610717852.zip" but may vary.

TurboTax Phishing

Malware Pop-Up Screen Asking for Your Personal Information

If you receive a pop-up screen asking you to enter your personal information during or after logging into online banking, please do not continue. Your computer may have malware targeting to gain access to your personal information. Please call BayPort immediately.

Please be advised that the below pop up image is a malware scheme targeting personal information such as social security numbers, credit card information, and more. The scam involves a request for information related to CashEdge, with a message that appears during the log-in process of online banking asking that members enter their information for verification purposes.

CashEdge Malware Popup

If you should receive this message, do not continue and do not enter your personal information. The message and the accompanying request is from neither BayPort nor CashEdge, our partner on offering Popmoney™. Rather, it is likely that malware was installed on your computer when you downloaded something from the Internet.

Members who see this message are advised to run a malware remover program immediately and report the incident to our Member Information Center.