Skip to main content
Routing # 307075259
SmartStuff Blog

Don't Give Away the Key: Protect Your MFA Codes

Posted in Protect Yourself
July 17, 2025
Don't Give Away the Key: Protect Your MFA Codes

Recently the cyber security world has seen a surge in fraud cases where scammers trick individuals into sharing their Multi-Factor Authentication (MFA) codes. These codes are a critical line of defense—like a digital key to your account. When scammers get that key, they can unlock everything, including access to your funds!

How the Scam Works

While these scams can variate, they often begin with a fake alert. You might receive a text, email, or phone call claiming there’s been suspicious activity on your account. The message may look legitimate—it might even include your name or partial account info.

Here’s what usually happens next:

  1. A scammer follows up, pretending to be from your Credit Union.
  2. They tell you they need your MFA code to "verify your identity," "stop fraudulent charges," or "recover stolen funds."
  3. Once you provide that code, the fraudster immediately logs into your account and initiates unauthorized transactions—often transferring money out in minutes.

⚠️ Red Flag: In some cases, the scammer will urge you to act quickly, creating a sense of panic to get you to bypass your instincts.

Entering a MFA code to log in

What You Need to Know

  • We will NEVER ask for your MFA code. Not by phone. Not by email. Not by text.
  • If someone is asking for your MFA code, it’s a scam!
  • Your MFA code is like a house key—giving it away means someone else can walk right in.

How to Stay Safe

  • Never share your MFA code with anyone—even if the request seems to come from a trusted source.
  • Hang up and call us directly if you’re ever unsure. Don’t use a number from a text or email—use the one on our website.
  • Enable account alerts in your online banking. These real-time notifications can help you spot suspicious activity right away.
  • Use strong, unique passwords for both your email and online banking. Email is often the first target in fraud attempts.
  • Report suspicious calls, texts, or emails to us immediately. Quick reporting helps us protect your account and others.

You’re Not in This Alone

Members have reported an increase in MFA fraud attempts. Scammers are getting more creative and sophisticated, but you don’t have to fall for it. Stay informed, stay alert, and remember: if someone asks for your MFA code, it’s a scam!

Have questions or need help? Call us directly at 303.234.1700 and visit our Security Center.

Your security is our top priority.

View All Blog Posts