4th Avenue Bridge, Olympia

4th Avenue Bridge, Olympia.

Online Security Center

Security & Fraud Resources

Security and Fraud Resources Please take some time to read the tips and alerts in our Security Center. You’ll learn what measures we’ve taken to protect you, as well as ways you can protect your personal account information. If you ever have a security concern, please contact our Customer Service (360) 754-3400 or 1-800-865-3470 toll-free Monday - Friday, 8:30 AM to 5:30 PM

Fraud Monitoring for Your ATM / Debit Card 

We recently enhanced our ATM and debit card fraud detection monitoring. This enhanced card protection service now:

  • Monitors transactions 24/7 to look for purchases outside of the area and not in your normal spending pattern;
  • Automatically calls you to confirm a recent purchase when unusual spending occurs;
  • Allows you to confirm the activity and continue to use your card, or specify the activity as fraudulent and lock out your card to additional fraud;
  • And provides email and text notifications.*

When calling, our fraud detection system will identify you by your name, and ask that you verify your mailing zip code. We will never ask for your account or card information.

*Please call us at (360) 754-3400 or visit your nearest branch to enroll in email or text message alerts.

TLS 1.2 Enhanced Online Security

To provide better protection for our customers, we are following industry security standards by updating our minimum computer and internet browser requirements from Transport Layer Security (TLS) 1.0 and 1.1 to 1.2. For your convenience, a TLS 1.2 compatibility chart is listed below.

 TLS 1.2 Compatibility Chart

Traveling? Contact Us Prior To Your Departure

Please contact us with your location and dates of travel, and we’ll work to ensure your Debit Card purchases are not blocked by our fraud protection service, which may block usage of your Debit Card when transactions outside your normal spending habits are identified. Simply contact us at one of the above phone numbers, or Send us a secure message.

Don't Be an Online Victim:

How to Guard Against Internet Thieves and Electronic Scams

Practical tips

From the federal government and the technology industry to help you be on guard against Internet fraud, secure your computer, and protect your personal information

Internet Crime Complaint Center (IC3)

ATM Security and Safety (PDF)

Electronic Banking & Online Authentication (PDF)

Checking Account Fraud (PDF)

Online Banking & Internet Safety (PDF)

Fake Check Scams (PDF)

Tools to Prevent Identity Theft (PDF)

Social Media Use Guidelines (PDF)

Fraud Alerts - As of 9.01.2016

Fraud Alerts At Olympia Federal Savings we work hard to protect you and your accounts from identity theft and fraud. There are safeguards in place to protect your accounts and it is important that you continue to keep your personal information private. One of the first lines of defense is you and by working together we can reduce the impact of fraud. If you ever have a security concern, please contact our Customer Service (360) 754-3400 or 1-800-865-3470 toll-free Monday - Friday 8:30 AM to 5:30 PM.

Latest Fraud Information:

Automated Phone Call Scam - 8.11.2014

Oly Fed customers have been receiving automated phone calls informing them that their accounts have been flagged and that they must enter their card information to re-activate.
Please be aware that these calls are not from Olympia Federal, nor would we ask our customers to enter their information, as we have that information at our disposal.
If you have accidentaly disclosed personal information about your account, please contact Customer Service at the phone numbers listed above.

Target Data Breach - 2.14.2014

Sadly, the reality of the world we live in now includes scams and fraud, but the good news is you can always rely on Oly Fed to take care of you in these situations. If your card becomes compromised and is at risk, it is our policy to personally take care of you–calling and offering options to keep you safe. In light of the recent Target security breach, Oly Fed would like to thank our customers for your patience as we continue to be proactive with issuing new debit cards for those affected.

Heartbleed Bug - 5.01.2014

We have thoroughly reviewed our systems and can assure our customers that neither olyfed.com, nor your personal information or accounts have been compromised by the Heartbleed Bug. Here are a few measures you can take to protect your computer and personal information, and This helpful live link updates the status of the top 100 sites across the internet.

• Heartbleed: Change passwords after site has been patched
• General: Change passwords often, never reuse old passwords
• Store passwords safely, and keep them private
• Install a firewall
• Don't neglect system critical security updates
• Install Anti-virus software

Callback Scheme - 2.13.2014

Telephone companies in the United States are seeing missed calls used to enable International Revenue Share Fraud (IRSF). Fraudsters are using call generators with automated spoofing capabilities to place calls to a large volume of US cell phone numbers. The calls typically ring once. The number displayed on the recipient’s caller ID is a high cost international number, usually located in the Caribbean. The recipient calls the number back and is greeted with a message designed to keep them on the line, such as “Hello, you have reached the operator, please hold.” The longer the caller stays on the line, the more revenue fraudsters generate.

Recipients do not realize they are calling an international number and that they will be billed for an international call. Businesses are also victims because recipients often use their work telephone to make the return call.

Telephone companies in the United States are charged when a return call is made because they are required to pay a fee to transfer calls to foreign countries. The payment is then shared with the fraudster who spoofed the calls. This is referred to as IRSF.

Area codes used in the spoofed numbers are from Anguilla, Antigua, Barbados, British Virgin Islands, the Commonwealth of Dominica, Grenada, Montserrat, and the Turks and Caicos Islands. These countries’ numbers are part of the North American Numbering Plan and do not require 011 to be dialed as with other international calls.

Recipients should not answer calls from numbers they do not recognize or initiate a return call. Recipients will not be charged for receiving the calls, however.

Companies that do not conduct business with companies in the above-mentioned countries may want to consider blocking these area codes to avoid this type of charge.

Fraudulent E-mail claims to be from FDIC - January 30, 2013

The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being sent from the FDIC. While the e-mails exhibit variations in the "From" and "Subject" lines, the messages are similar. The fraudulent e-mails are addressed to the attention of the "Accounting Department" and meant to notify recipients that that that "ACH and WIRE transactions" are being blocked until "a special security software" is installed. They then instruct recipients to go to a Web site for instructions on how to download the necessary files by clicking on a hyper-link provided (Note: the Web site addresses (URL) vary widely).

This e-mail and link are fraudulent. Recipients should consider the intent of this e-mail as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers. Recipients should not click on the link provided. The FDIC does not issue unsolicited e-mails to consumers or business account holders.

Security Statement - Powerful Safeguard's In Place

This Internet Banking System brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry, a VeriSign-issued Digital ID for the bank's server, Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.

Secure Access and Verifying User Authenticity

To begin a session with the bank's server the user must key in a Log-in ID and a password. Our system, the Internet Banking System, uses a "3 strikes and you're out" lock-out mechanism to deter users from repeated login attempts. After three unsuccessful login attempts, the system locks the user out, requiring either a designated wait period or a phone call to the bank to verify the password before re-entry into the system. Upon successful login, the Digital ID from VeriSign, the experts in digital identification certificates, authenticates the user's identity and establishes a secure session with that visitor.

Secure Data Transfer

Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank's server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.

Router and Firewall

Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank.

Confidentiality, Security and Integrity of Your Nonpublic Personal Information

We restrict access to nonpublic personal information about you to those employees who need to know that information to provide products or services to you. We maintain physical, electronic, and procedural safeguards that comply with federal standards to guard your nonpublic personal information.


Using the above technologies, your Internet banking transactions are secure.

Security Statement



Report A Lost Card - Don't delay, contact us any time

Report a Lost CardTo report a lost or stolen debit or ATM card during regular business hours, please call Oly Fed at (360) 754-3400 or report it at any branch. You may also send us a secure message.

After hours, to report a lost/stolen debit card call 1-800-472-3272. 

Activate Card / Change PIN 

To activate a new debit card or to change your pin number, please call 1-800-992-3808.

Secure Messaging - Safe Way to Send Sensitive Information

Oly Fed's Secure Messaging service is a trusted method using advanced encryption so you can send and receive private account and personal data with complete peace of mind. If you have any questions or concerns about our secure email, call us at (360) 754-3400.

(For account specific inquiries): Login to the Message Center using your email and password.

Secure Messaging

Privacy Policy - Oly Fed and Your Personal Information


Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.


The types of personal information we collect and share depend on the product or service you have with us. This information can include:

  • Social Security number
  • Credit history
  • Account balances
  • Credit scores
  • Payment history
  • Employment information

When you are no longer our customer, we continue to share your information as described in this notice as permitted by law. 


All financial companies need to share customers' personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers' personal information; the reasons Olympia Federal Savings chooses to share; and whether you can limit this sharing. 

Resons we can share your personal informationDoes Oly Fed share?Can you limit this sharing?
For our everyday business purposes - such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus Yes No 
For our marketing purposes - to offer our products and services to you  No We don't share 
For joint marketing with other financial companies  No  We don't share  
For our affiliates' everyday business purposes - information about your transactions and experiences  No  We don't share  
For our affiliates' everyday business purposes - information about your creditworthiness  No  We don't share  
For our affiliates to market to you  No  We don't share  

Call toll-free 1-800-865-3470

Who We Are 

Who is providing this notice?

Olympia Federal Savings means Olympia Federal Savings and Loan Association.

 What We Do 
How does Olympia Federal Savings protect my personal information?  To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings. We also maintain other physical, electronic and procedural safeguards to protect this information and we limit access to information to those employees for whom access is appropriate. 
How does Olympia Federal Savings collect my personal information? 

We collect your personal information, for example, when you

  • Open an account
  • Give us your contact information
  • Apply for a loan
  • Show your driver's license 
  • Make deposits or withdrawals from your account 

We also collect your personal information from others, such as credit bureaus, affiliates, or other companies. 

Why can't I limit all sharing? 

Federal law gives you the right to limit only

  • sharing for affiliates' everyday business purposes - information about your creditworthiness
  • affiliates from using your information to market to you
  • sharing for nonaffiliates to market to you State laws and individual companies may give you additional rights to limit sharing.

See below for more on your rights under state law. 


Companies related by common ownership or control. They can be financial and non-financial companies.

  • Olympia Federal Savings has no affiliates.

Companies not related by common ownership or control. They can be financial and non-financial companies.

  • Olympia Federal Savings does not share with nonaffiliates so they can market to you. 
Joint Marketing 

A formal agreement between nonaffiliated financial companies that together market financial products or services to you.

  • Olympia Federal Savings doesn't jointly market. 
Other Important Information  

For Alaska, Illinois, Maryland and North Dakota Customers. We will not share personal information with nonaffiliates either for them to market to you or for joint marketing - without your authorization.

For California Customers. We will not share personal information with nonaffiliates either for them to market to you or for joint marketing - without your authorization. We will also limit our sharing of personal information about you with our affiliates to comply with all California privacy laws that apply to us.

For Massachusetts, Mississippi and New Jersey Customers. We will not share personal information from deposit or share relationships with nonaffiliates either for them to market to you or for joint marketing - without your authorization.

For Vermont Customers. We will not share personal information with nonaffiliates for them to market to you without your authorization and we will not share personal information with affiliates or for joint marketing about your creditworthiness without your authorization.

Privacy Model Disclosure
VMP® Bankers Systems™
PRIV-MODEL 8-1-2010
Wolters Kluwer Financial Services © 2010
 2010.3/0652 2600334-010 Custom EPRV0652