Privacy and Security

Washington Federal is committed to protecting the privacy and security of your personal and financial information.  We want to serve you as effectively and conveniently as possible and to ensure that the information you share with us remains confidential. 

Protecting Your Privacy

Consumer Privacy Notice: What Does Washington Federal Do With Your Personal Information?
Understand how we collect, share and protect your personal information.

FACTS

WHAT DOES WASHINGTON FEDERAL DO WITH YOUR PERSONAL INFORMATION?

Why?

Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.

What?

 

 

The types of information we collect and share depend on the product or service you have with us. This information can include:

  • Social security number and income
  • accounts balances and transaction history
  • credit history and payment history

When you are no longer our customer, we continue to share your information as described in this notice.

How?

 

All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information, the reasons Washington Federal chooses to share, and whether you can limit the sharing.

 

 

Reasons we can share your personal information.

Does Washington Federal share?

Can you limit this sharing?

For our everyday business purposes—such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus

 

Yes

 

No

For our marketing purposes—

to offer our products and services to you

Yes

No

For joint marketing with other financial companies

 

No

We don’t share

For our affiliates’ everyday business purposes—

Information about your transactions and experiences

Yes

No

For our affiliates’ everyday business purposes

Information about your creditworthiness

No

We don’t share

For our affiliates to market to you

 

No

We don’t share

For non-affiliates to market to you

 

No

We don’t share

 

 

Questions?

 

Call 1-800-324-9375 or visit our website at www.washingtonfederal.com.

 

 

Who we are

Who is providing this notice?

 

Washington Federal and its affiliated insurance company, WAFD Insurance

What we do

How does Washington Federal protect my personal information?

To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings. We authorize our employees to obtain your information only when they need it to do their work and we require companies that work for us to protect your information.

How does Washington Federal collect my personal information?

We collect your personal information, for example, when you:

  • Open an account or deposit money
  • Pay your bills or apply for a loan
  • Use your credit or debit card

We also collect your personal information from others, such as credit bureaus, affiliates, or other companies.

Why can’t I limit all sharing?

Federal law gives you the right to limit only:

  • sharing for affiliates’ everyday business purposes—information about your creditworthiness
  • affiliates from using your information to market to you
  • sharing for nonaffiliates to market to you

State law and individual companies may give you additional rights to limit sharing. See below for more on your rights under state law.

 

Definitions

Affiliates

 

Companies related by common ownership or control. They can be financial and nonfinancial companies.

  • Our affiliates include financial companies such as WAFD Insurance.

Non-affiliates

 

Companies not related by common ownership or control. They can be financial and nonfinancial companies.

Joint marketing

 

A format agreement between nonaffiliated financial companies that together market financial products or services to you.

 

Other important information

For Nevada residents only: We are providing you this notice pursuant to Nevada law. If you prefer not to receive marketing calls from us, you may be placed on our internal Do Not Call List by calling 1-800-324-9375, or by writing to us at Washington Federal, Client Care Center, 9929 Evergreen Way, Everett, WA 98204. For more information, contact us at the address above, or email info@wafd.com with “Nevada Annual Notice” in the subject line. You may also contact the Nevada Attorney General’s office: Bureau of Consumer Protection, Office of the Nevada Attorney General, 555 E. Washington St., Suite 3900, Las Vegas, NV 89101; telephone number: 1-702-486-3132; email BCPINFO@ag.state.nv.us.

 

Online Privacy Policy
Learn how we manage the privacy and security of personally identifiable and other information obtained through your online activity on our website and mobile application.

Privacy Frequently Asked Questions
This FAQ explains our privacy practices and how we maintain the confidentiality of your personal information.

Security

The security and safety of your account are top priorities of Washington Federal. We use firewalls, virus protection and secure sockets layer technology (SSL) to protect your confidential account information as it is transmitted across the Internet and to help prevent unauthorized access to your personal and financial data. We also use intelligence software to help prevent unauthorized access. You share a responsibility to keep your information safe. When you register for online access, you will be asked to create your own username and password to access your accounts. You may also be asked to provide additional personal information which we use to verify your identity. Please help us by doing everything you can to keep your login name and password private. Do not share them with anyone. If you ever feel your account has been compromised, please contact us immediately.

Fraud Prevention

To protect our customers’ accounts, we follow best practices for online banking, which usually rely on the customer providing us with identification or verifiable signature/information in order to establish his/her authority to transact on an account with us.Beware of “phishing,” when you receive an email asking you to verify your account information or passwords by clicking on a web link. Phishers can set up websites that appear identical to our existing site, but with links taking you to fraudulent websites that collect information in order to steal your identity. Be sure to always type out our web address (www.washingtonfederal.com) in your browser window to initiate online banking.

Washington Federal will never ask you to verify or provide personal or account information in an unsolicited email, and we will never include confidential information in email correspondence we initiate. If you are not contacting us through the Washington Federal online banking services contact form, e-mail may not be a secure method to transmit confidential data. Please do not send confidential information by unsecure email.  If you’re ever in doubt about online activity or email you have received which appears to be from Washington Federal, please contact us at 800-324-9375 or visit your local branch promptly for verification and/or to report suspected identify theft or fraud. 

Identity Theft Protection
View recommendations for protecting yourself against identity theft on our blog.

Security Frequently Asked Questions
This FAQ explains our security practices and provides recommendations for protecting your security and preventing fraud.

Online Privacy Policy

Revision date June 23, 2015

We value your trust and want to be sure that you understand how we collect, use and share your personal and non-personal information. This Online Privacy Policy (this “Policy”) applies when you visit or use our website, mobile applications and any other online services offered by Washington Federal, N.A. (“Washington Federal”, “we” or “us”) that link to or reference this Policy (collectively, our “online services”). This Policy also describes certain information collection, use and sharing practices applicable to emails that we may send you and our advertisements that are displayed through third-party online services.

By visiting or using any of our online services or interacting with one of our advertisements displayed through third-party online services, you accept and consent to the data collection, use and sharing practices described in this Policy. If you do not accept and consent to the data collection, use and sharing practices described in this Policy, please do not use our online services.

Information We Collect

Personal Information
When you visit or use our online services, we may collect information that can be directly identified with you, which we refer to in this Policy as “personal information.” Any information that we collect through our online services, or those offered by third parties, which does not by itself reveal your specific identity or relate directly to you, such as aggregated, de-identified or demographic statistical data, is “non-personal information.”

We may collect personal information directly from you through our online services, such as online forms, data entry fields, cookies or mobile applications. Additional personal information from or about you may also be collected and used in other ways, including your communications with us or through reference to information from third party sources.  For example:

  • When you register for an online account or online access to an existing account, we may collect your name, your mailing address, phone number and email address (collectively, your “contact information”), your existing account number (if applicable), Social Security number (SSN) and other information that we believe is reasonably required for ordinary business purposes. We may also collect any of this information when we otherwise communicate with you. We may use your name and contact information to contact you about our services or about marketing offers that may be of interest to you (subject to applicable law and any marketing preferences that we offer and you have registered with us), or to permit you to complete a consumer survey.
  • When you elect to receive electronic statements, notices or disclosures (go paperless) or change your contact preferences, we may ask you to provide additional contact or other information to facilitate these actions.
  • When you log into one of our online services, we collect your user ID and password to identify you and permit you access to our online services. If you forget your user ID or need to reset your password, we may ask for your email address, user ID, the last four digits of your SSN, answers to your security questions, and other account information to verify your identity before executing your request.
  • When you respond to an online survey question, we may use your answer or any opinions or information that you volunteer to improve our products or services. We may also use your response to develop, publish, share or otherwise disclose statistical or aggregated survey results. Based upon your response, we may provide you with information about products or services that may be of interest to you.
  • When you visit or use our online services, we may collect information from your computer, or your smartphone, tablet or other mobile device (collectively, “devices”), and associate it with a visitor identifier, or a customer identifier that identifies you as our customer. (For a discussion about this information, see Cookies, Tags & Other Tracking Technologies below.)

If you have a financial product or service with us, we will use any personal information that we collect from or about you in accordance with our privacy notice (What Does Washington Federal Do With Your Personal Information?).

Non-Personal Information
When you visit or use our online services, or those offered by third parties, we and third parties may collect non-personal information from your computer or mobile device. These third parties include our affiliates and non-affiliated third parties that provide services on our behalf, including our non-affiliated advertising partners (collectively, our “service providers”). For example:

  • When you visit or use our online services, non-personal information may be collected from your computer or mobile device. (See Cookies, Tags & Other Tracking Technologies section below.)
  • Non-personal information may be aggregated in our server logs for various purposes, including collection of device event information such as browser crashes, system activity and referral website URL.

We and our service providers may use and disclose non-personal information to other service providers to help us understand how you navigate and which parts of our online services are of most interest to you, provide you the features and functionality of our online services, improve the way that our online services interact with you, and for other purposes described in the Cookies, Tags & Other Tracking Technologies and Online Marketing sections below.

Mobile Applications
When you use one of our mobile applications, we and our service providers may collect, use and share personal and non-personal information as described in the sections above.  We and our service providers may also collect, use and share other non-personal information from your mobile device for various purposes, such as to enable application functionality.

To enable locator tools within our mobile applications, we and our service providers collect, use and share the location of your mobile device (GPS coordinates), unique device identifier, operating system and settings. When you use our mobile applications, we or our service providers collect and use this information to enable you to locate our retail branches and ATMs. If you have a financial product or service with us, we associate this information with an internal identifier that identifies you as our customer. When you request directions through one of these mobile applications, we or our service providers may share this information with third party map applications on your mobile device.

How We Use the Information We Collect

Information Sharing
All financial companies need to share customer information for their everyday business purposes. We may share personal information that we collect about you, and non-personal information that we collect from your computer(s) and mobile device(s), including information relating to your web-browsing activities and other online behavior, for such purposes with:

  • Our affiliates (i.e., companies related to us by common ownership or control).
  • Our service providers for purposes such as servicing accounts or conducting transactions, surveys, research, marketing, data analysis and enrichment.
  • Other financial institutions that jointly offer, endorse or sponsor financial products or services with us.
  • Other individuals or entities, when we believe that disclosure is necessary to report suspicious activities, prevent physical harm, financial loss, or violations of our agreements and policies.
  • Regulators and other organizations or individuals who are legally entitled to receive such information.

If you have a financial product or service with us, we will share any personal information that we collect from or about you in accordance with the notice What Does Washington Federal Do With Your Personal Information?

Cookies, Tags and Other Tracking Technologies

We and our service providers may collect non-personal information relating to your visit or use of our online services through various means, such as cookies and tags.

Cookies
A cookie is a small text file containing information (data) that is created and downloaded to your computer or mobile device when you visit a website.  Cookies can be helpful in several ways, including allowing a website to recognize your device when you visit, keep track of the pages you visit, and remember your preference choices. 

We and our service providers use three common types of cookies: session cookies, persistent cookies and flash cookies:

  • Session cookies expire at the end of your browser session and are not written onto your hard drive. 
  • Persistent cookies are more permanent and store information on your hard drive. They can be re-read when you return to the website that created them.
  • Flash cookies (also called locally shared objects) are data files stored on your device by a website using Adobe’s Flash Player technology and are most often used to enhance your browsing experience. For more information about flash cookies or to learn how to remove them, please visit:  helpx.adobe.com/flash-player/kb/disable-local- shared-objects-flash.html.

Session cookies are used on our websites to help determine, among other things:

  • What pages you visit and actions you take.
  • The address of websites and advertisements that you use to link to one of our websites and that you visit after leaving one of our websites.
  • Keywords used for searches that brought you to one of our websites.
  • Your browser version, hardware and operating system.
  • Your Internet Protocol (IP) address.
  • Your internet service provider (ISP) and the region from which you connect to our site.

Session cookies are also used on our websites as a type of digital signature to identify your current session to our website servers. On secure pages on our websites, session cookies may also be used temporarily to store your account number in order to identify multiple user IDs associated with one account number. Cookies containing account numbers are protected through encryption and are used to enable you to load a new secure page on our websites during the same session without having to enter your password.

Our websites use persistent cookies to collect information about you, your computer or mobile device and/or your web browser. For example:

  • When you visit one of our websites, we may ask you to select your city, state and country of residence. We may store this information in persistent cookies on your computer or mobile device to ensure that appropriate regional information and rates are displayed when you visit the website in the future.
  • When you visit one of our websites, we or our service providers associate your browser with a unique visitor identifier.
  • When you log into a secure page on one of our websites (as a customer), we or our service providers associate you with an internal identifier that identifies you as our customer. Although this customer identifier allows us or our service providers to know who you are, the cookie will never contain information that would tell a third party who you are, such as your name, address, social security number, account number, telephone number or email address.

Persistent cookies (and visitor identifiers and customer identifiers contained in the cookies) may be used on our websites to:

  • Remember your language preferences and city, state and country selection to enable optimization of our websites and a more personalized experience.
  • Input your user (log-in) ID automatically, if you choose that option.
  • Assist us in authenticating you and your computer or mobile device.
  • Analyze products and services you have used to enable optimization of our websites and a more personalized experience.
  • Monitor your browsing habits on our websites and deliver online marketing offers and advertisements on our websites that may be of interest to you. (See the Online Marketing section below.)
  • Contact you with marketing offers that may be of interest to you (subject to applicable law and any marketing preferences that we offer and you have registered with us).
  • Collect information about your computer or mobile device, such as location information, so that we can present content specific to your region.

Both session and persistent cookies are used on our websites to:

  • Aid in identifying and addressing application support issues and to aid in fraud prevention and investigations.
  • Determine how many people visit our websites, and which sections of our websites are visited most frequently. This helps us to understand what type of information is most useful to our website visitors so that we can improve our websites and make them easier for our website visitors to access information.

Our websites may use cookies and JavaScript associated with analytics services provided by our service providers, including Adobe and Google, to help compile aggregated usage statistics to monitor usage patterns and monitor inbound traffic to our websites. For more information about these analytics services, including any opt out rights offered by Adobe and Google, please visit their websites.

You may be able to control your acceptance of cookies and similar technologies on a website, and most devices and browsers offer their own privacy settings for cookies.  You will need to manage your cookie settings for each device and browser you use. If you do not accept cookies, you may experience some inconvenience in your use of some sites and online products.  For example, a website may not be able to recognize your device and you may need to answer challenge questions or provide additional information each time you log on.  Deleting cookies does not delete Flash objects.  You can learn more about Flash objects including how to control and disable them on the Adobe website. 

Please be aware that if you buy a new device, change browsers or access one of our websites from a different device, you may need to set your cookie preferences again. Please also note that our websites may not function properly or optimally if you block or delete cookies. For example, you will not be able to access secure pages on our websites that use cookies for layered security, fraud prevention or investigative purposes.

Tags and Other Tracking Technologies
We and our service providers may also use small images encoded with tags (known as tags or web beacons) and other tracking technologies through our online services for various purposes, including the following:

  • To deliver cookies, to count users who have visited certain pages on our websites, and to help us compile aggregated usage statistics to monitor usage patterns and monitor inbound traffic to our websites.
  • In email messages to you or on one of our websites to determine whether you have opened an email message from us, clicked on an embedded website link, acted in response to the email message, or otherwise visited one of our websites.
  • To help us or our service providers identify your interests, deliver advertisements tailored to your interests, determine the effectiveness of our online advertising, track what happens after you view or click on one of our advertisements on one of our websites or a third party website and measure how many people respond to our advertisements. (See the Online Marketing section below.)
  • If we send you an email for marketing purposes, the email may contain one or more weblinks to our website or a third party website operated by one of our service providers. Such weblinks may be encoded with reference information which allows us to identify you online, but will never contain information that would tell a third party who you are, such as your name, address, social security number, account number, telephone number or email address.

Online Marketing

We advertise our products and services through online services offered by us and third parties that are not affiliated with us. Our advertisements may take the form of banner ads, splash ads that appear as you sign on or off, or other formats. Products and services advertised through our online services may include pre-screened offers of credit.

We use information about your location, your computer or mobile device, your visits to or use of our online services, your relationship or transactions with us (if you are a customer), and other information described above to present advertisements that may be of interest to you through our online services. We may also use this information to reduce the likelihood that an online offer you have already responded to is presented to you again.

We use service providers to present our advertisements through third party online services. We also use service providers to help determine which advertisements may be of interest to you. Information collected by our service providers through cookies, tags and other technologies includes the number of people who look at websites and advertisements, the sources of online referrals, website browsing patterns, and responses to our advertisements and promotions.

Interest-based Advertising
Some of our advertisements displayed through third party online services use behavioral targeting or retargeting technology (interest-based advertising). If you click on one of these advertisements, a cookie or tag may be stored on your computer or device and later used to display tailored advertisements for our products or services.

Opt-out Options
We do not respond to “do not track” signals transmitted by web browsers or similar mechanisms. However, you may opt out of the use of non-personal information in interest-based advertising of our products or services displayed on third party websites by us, and our service providers.

When one of our advertisements is displayed on a third party website through interest-based advertising, an AdChoices (also known as Advertising Option) icon is also displayed on that website. To opt out of the use of non-personal information in interest-based advertising of our products or services on third party websites, click the AdChoices icon and follow the instructions. If you choose to opt out of interest-based advertising, a cookie will be placed on your browser indicating your opt out decision.

Please keep the following things in mind as you consider whether to opt out of interest-based advertising:

  • Your opt out decision is only stored in a cookie in the browser that you are using when you opt out, so you should separately set your preferences for other browsers on other computers or devices that you may use.
  • Blocking or deleting cookies in your browser may block or remove your opt out preferences.
  • Even if you opt out, you may still receive advertisements for our products or services through websites or other online services offered by us or third parties. However, these advertisements will no longer be customized based upon your web browsing activities on third party websites.
  • We and our service providers may still collect non-personal information relating to your web-browsing activities and other online behavior for other purposes, including web analytics.
  • The AdChoices icon is part of the cross-industry Self-Regulatory Program for Online Behavioral Advertising, which is managed by the Digital Advertising Alliance. For more information on this program, go to www.aboutads.info.

Third-Party Sites and Services
Our online services may contain links to third-party websites and other online services, which are not governed by this Policy. As such, we encourage you to learn about the privacy and security practices of those third parties. We are not responsible for the privacy or security of such websites and other online services, nor the online collection, use or sharing of personal or non-personal information by third parties.

Online Authentication
When you obtain one of our products or services online, or register for or use one of our online services, you may be required to perform an online authentication process. Some of these processes utilize third party information services to verify your identity. For example, you may be asked to confirm details about a previous financial transaction (e.g., the amount of your monthly payment to a third party). The information that you provide in response to such questions will be used for the sole purpose of verifying your identity, and will not affect your credit rating or credit file. Our online authentication processes may collect a unique device identifier, IP address, and related data associated with your mobile device, and/or use cookies, tags and JavaScript, to identify the computer or mobile device or browser that you are using to access our site. These processes are used to protect both you and us from fraud and unauthorized transactions.

Accuracy of Your Information
The accuracy of your account and other personal information is important. If you have a financial product or service with us and you find that any personal information we have or have reported to another party does not appear to be accurate, please contact us as follows:

Washington Federal
Attn:  Client Care Center
9929 Evergreen Way
Everett, WA  98204

Please include your account number, if available.

Social Media
Washington Federal participates in social media platforms, such as Facebook®, Twitter® and LinkedIn®, which enable online sharing and collaboration among their users. Any information or other content you post on these platforms, such as pictures, opinions or personal information, is subject to the platforms’ terms of use and privacy and security policies; please refer to their policies to better understand your rights and obligations with regard to such content.

Protecting Children’s Online Privacy
In accordance with the Children’s Online Privacy Protection Act, we do not knowingly collect personal information from children (i.e., persons under age 13). We do not knowingly collect, store, use or share personal information about children, unless the information has been provided by an adult in connection with the opening of a deposit account for or with the child. We do not accept applications directly from children, and will not send unsolicited promotions to users who indicate they are less than 13 years of age except in connection with an account opened by an adult. This does not prevent parents from opening deposit accounts on behalf of their children. We will obtain parental consent prior to the creation of an account on behalf of a child.

Visitors Residing Outside the United States

If you visit or use our online services, your personal and non-personal information may be collected, stored, used and processed in and transferred to, from and within the United States. In such instances, applicable U.S. federal and state laws shall govern. If you are a non-U.S. resident, such laws may not provide the same level of protection as the laws of the country of your residence.

Changes to Our Online Privacy Policy

We reserve the right to update this Policy from time to time to comply with applicable laws and to reflect changes in our online services. For this reason, we encourage you to periodically review this Policy. If we make changes to this Policy, we will revise the “Effective/Revised” date shown at the top of the Policy and post the revised Policy on www.WashingtonFederal.com and through our other online services. The changes will become effective when we post the revised Policy. Your visit or use of any of our websites or other online services following such posting means that you accept the revised Policy.

Contact Us

If you have any questions or comments on our Online Privacy Policy, please contact us at:

Washington Federal
Attention: Legal Department
425 Pike Street
Seattle, WA 98101

Privacy Frequently Asked Questions

What is the Consumer Privacy Notice?
The Washington Federal Consumer Privacy Notice is one way to let you know how we collect and use information about you.  The Gramm-Leach-Bliley Act requires financial institutions to provide an annual notice to customers outlining their privacy practices and depending on the institution’s privacy practices, offer customers the opportunity to express their preference (opt out) to limit certain information sharing.

The Consumer Privacy Notice says that Federal law gives consumers the right to limit some, but not all, sharing.  What are other ways you share under the law?
Under the Gramm-Leach-Bliley Act we are permitted to share with third parties, without regard to customer choice, when we are required by to disclose the information (such as when responding to subpoenas or tax reporting), and for typical business activities (such as sharing to prevent fraud, resolve consumer disputes and enforce our rights).

Does the Consumer Privacy Notice apply to all transactions and other activities I perform while I’m banking online at Washington Federal?
Yes. The Consumer Privacy Notice protects you when you are online at any Washington Federal website. Your online activities are also covered by the Online Privacy Notice, which explains how we may collect information from you online when you visit a Washington Federal site. The Online Privacy Notice also explains how we manage the privacy and security of your personal and account information online. To learn more, we encourage you to read our Online Privacy Notice.

How do I opt out of promotional email messages from Washington Federal?
Email offers you receive from Washington Federal or on behalf of Washington Federal contain instructions about how to decline further promotional email messages. These instructions are generally located at the bottom of the original email solicitation. If you receive email messages from a third party sender, you will need to follow the opt-out instructions provided in the third party email, or you’ll need to contact the third party directly. Before you provide personal information, we encourage you to read the privacy policies and terms and conditions of the websites you visit to ensure you agree with their policies and email practices.

How do I know my personal information stored at Washington Federal is secure?
We value the trust you have placed in us and are committed to protecting your personal information.  Only our employees with a business reason for knowing a customer's financial information are authorized to have access to it.  Washington Federal employees adhere to a code of ethics that requires the confidential treatment of customer information and receive annual training in the protection of customer information.  We also maintain physical, electronic and procedural safeguards to protect against unauthorized access to customer information.

Our information security policy has been designed to protect the security of our customers’ personal information.  Our Board of Directors has approved the policy and is kept informed of the status of the program.  In addition, our information security program is subject to oversight and examination by federal regulators. 

How do I know that Washington Federal third party vendors keep my information secure?
We are committed to providing customers with cost-effective and high-quality products and services.  One way we do that is to use other companies with expertise and demonstrated efficiencies.  We use great care in choosing these third-party vendors and have a vendor management policy that has been approved by our Board of Directors.  Providers with access to customer information must meet strict requirements with respect to information security, are bound by contract to maintain the confidentiality of your confidential information, and are subject to audit and review.

Security Frequently Asked Questions

How do I report suspicious activity?
In your email:  to report a suspicious email, phone call or text that uses Washington Federal’s name, forward it to us immediately at: information.security@wafd.com.

On your statement:  to report fraudulent activity on your Washington Federal account, call your local branch or the Client Care Center at 800-324-9375.

Is the email that I send to Washington Federal secure?
The message you send to us using the Messaging form in the upper-right corner of  online banking is encrypted and secure.  If you send email to us through other sources, including from our website, it may not be secure.  We ask that you not send us confidential information, such as Social Security or account numbers, through unsecured email.  Please send communication with confidential information through postal mail, by calling the Client Care Center or by visiting your local branch.

What is email fraud?
Email fraud is a form of criminal activity that employs email to acquire sensitive personal information.  There are many types of email fraud. Phishing and spoofing email looks like official email (such as email from Washington Federal).  The purpose of the email can be to try to trick you into supplying personal account information in a return email, in a separate form attached to the email or by visiting a phony website using a link contained in the email message. The people attempting to get this information may use it to access your accounts directly in order to withdraw money or to open new accounts in your name using your information.

How can I identify email fraud (phishing and spoofing email)?
Recognizing email fraud is not always easy. The criminals who use email and online fraud to try and get your personal, financial or account information are adopting increasingly sophisticated techniques. Use caution when receiving unsolicited email containing urgent appeals for security or personal information and confirm the validity of email messages that appear to come from trusted sources. We will never ask you provide your Social Security number, ATM or debit card PIN or any other sensitive information in response to an email. If you receive an email from Washington Federal and you're not sure if it's real, don't click on any links in the email.

Ways to identify phishing and spoofing (fraudulent) emails include:

  • Links that appear to be Washington Federal links but aren’t. If you place your cursor over a link in a suspicious email, your email program most likely shows you the destination URL. Do not click the link, but look closely at the URL: A URL that is formatted washingtonfederal.anotherwebsitename.com is taking you to a location on anotherwebsitename.com. Just because “WashingtonFederal” is part of the URL does not guarantee that the site is an official Washington Federal site.
  • Requests for personal information. Washington Federal emails will never ask you to reply in an email with any personal information such as your Social Security number, ATM or PIN.
  • Urgent appeals. We will never claim your account may be closed if you fail to confirm, verify or authenticate your personal information via email.
  • A warning that someone has accessed your account without your permission or a notice that someone has used your account to conduct fraud.
  • Messages about system and security updates. We will never claim the need to confirm important information via email due to system upgrades.
  • Offers that sound too good to be true. We will never ask you to fill out a customer service survey in exchange for money, then ask you to provide your account number so you can receive the money.
  • Obvious typos and other errors. These are often the mark of fraudulent emails and websites. Be on the lookout for typos or grammatical errors, awkward writing and poor visual design.

If you receive a suspicious email that uses Washington Federal’s name, forward it to us immediately at information.security@wafd.com.

How do the criminals doing the phishing know I have an account with Washington Federal?
They may not know anything about you specifically, but they do know that Washington Federal has thousands of customers.  They send out emails to a large number of people and hope that some of them are actually Washington Federal customers. 

How do criminals obtain my email address?
Criminals obtain email addresses through various means, including purchasing email lists from reputable companies.  Often, they have no idea where you bank or who issues your credit card.  They just know that if they phish enough people, they will eventually get lucky.

How to I recognize fraudulent SMS text messages?
With the increase in SMS text messages for commercial communication, criminals are now using text message fraud. This is typically known as SMiShing—phishing that happens through SMS text messages. A criminal sends a text message intended to trick you into replying with financial or personal information or clicking on a link that will sneak a virus onto your mobile device. Follow these tips to be on guard against SMiShing:

  • Don’t respond to a text message that requests personal or financial information. Washington Federal often sends messages from SMS short numbers for alerts, but we will never ask you for personal or financial information in a text message.
  • Verify any phone number that appears in a text message. If you’re in doubt, call the Client Care Center at 800-324-9375.

If you receive what appears to be a fraudulent text message, we urge you to report it immediately:

  • Forward any Washington Federal-related messages to information.security@wafd.com. (Mobile carrier text and data charges may apply.) Include the number the message came from and a copy of the message itself.
  • Many carriers allow you to report spam by forwarding unsolicited text messages to 7726 (which spells SPAM). (Mobile carrier text and data charges may apply.) As with many other spam-reporting systems, this will help eliminate spam messages for everyone.

How do I recognize fraudulent phone calls?
One type of phone fraud is known “vishing”—phishing that happens through a phone call. A criminal calls and poses as a legitimate bank or trusted financial service and tries to trick you into providing your financial or personal information. Often the caller notifies you of a non-existent alert or some sort of urgent matter as a way to trick you.  Unfortunately, caller ID is not always a reliable way to confirm the identity of the caller.  Caller ID can be manipulated to make a call from one number appear to be from another number. Do not share any personal or financial information with anyone unless you are absolutely certain whom you’re speaking with.

If you have any doubt about the legitimacy of the call, hang up immediately and call our Client Care Center at 800-324-9375.

If you receive what appears to be a fraudulent phone call, we urge you to report it immediately by sending the phone number and any pertinent information to information.security@wafd.com. Be sure to include any relevant details, such as whether the suspicious caller attempted to impersonate Washington Federal and whether any personal or financial information was provided to the suspicious caller.