If you’ve set up two-factor authentication (2FA) on your account—and we highly recommend it—you will receive a code via text or email when you try to log in to verify it’s really you. While you'll need to enter that code on your browser or mobile app to complete your login, Vibrant will never ask you to tell us what the code is.

Unfortunately, yes. Scammers may find your login information through a data breach, on the dark web, or through other phishing tactics.

Two-factor authentication (2FA) offers additional protection, but it's not foolproof. A common scam is to try bypass 2FA by pretending to be a legitimate caller who wants to verify your identity by sending you a security code, which they'll ask you to read back to them. If you tell them the code, unfortunately, they can use it to log in from their device.

Log in to your account and go to Settings, then choose the Security tab. Toggle the on/off switch next to Two-Factor Authentication to ON to require a second security code via email, text, or voice call (you'll have the option to choose the method that works best for you any time you log in).  

Legitimate organizations, including the IRS, your local tax assessor, or your financial institution, will never ask you to provide payment via  a gift card, prepaid debit card, or wire transfer. If you get a a call demanding immediate payment and they want you to use one of these payment methods, it's a scam.

In addition, a legitimate caller will never threaten to alert law enforcement, immigration officials, or other authorities to collect a debt. 

Contact us immediately to report the incident. We’ll place a fraud alert on your account and help you reset your login information. (And no, we won't ask you to tell us your new password.)