Recently members of an Arlington, Texas credit union came under attack by phishing and vishing scams. What is phishing and vishing you ask? No, it doesn’t involve a fishing pole. It involves someone e-mailing, texting or calling you trying to steal your personal information.
It all started on May 29 with an email stating the credit union was conducting a short online survey. As an incentive to take the five-question survey, the “customer” would receive $20. In order to receive the $20, the survey participant must provide personal identifying information, as well as a credit card number. – CREDIT UNION’S DON’T NEED YOUR CREDIT CARD NUMBERS! Don’t give it out unless you initiated the contact such as shopping on-line, then proceed with caution.
Of course, the email was not actually from the credit union. It was a phishing attack. Phishing is the act of sending a deceptive email to look like an authentic email from a well established firm in an attempt to scam the user into surrendering private information that could be used in an identity theft.
Unfortunately for the credit union, the attack didn’t stop with the one email. The following day, another email began circulating. This time, recipients were warned, “due to the recent increase in phishing scams, your account has been temporarily suspended.” In order to re-activate their account, the e-mail recipient was told they must call an (800) number provided in the email and follow the instructions. Again, the recipient was asked to divulge personal identifying information and provide a credit card number. – DON’T CALL PHONE NUMBERS LISTED IN UNSOLICITED EMAILS. CALL THE CREDIT UNION DIRECTLY AT 817-834-9777.
This type of scam is known as vishing, which operates like phishing by persuading consumers to divulge sensitive information, claiming their account was suspended, deactivated or terminated. Recipients are directed to contact their financial institution via telephone number provided in the e-mail or by an automated recording. Upon calling the telephone number, the recipient is greeted with “Welcome to the…” and then requested to enter their card number in order to resolve a pending security issue.
Those that did not respond to the email received a text message the following day! The content of the text message was similar to the e-mail…”in order to re-activate your account, you must call…” This tactic, according to the Internet Crime Complaint Center (IC3), is a newer version of vishing. AGAIN – CALL THE CREDIT UNION DIRECTLY. DON’T RELY ON PHONE NUMBERS PROVIDED BY AN UNSOLICITED EMAIL OR TEXT.
In addition to awareness, following are other tips to avoid falling victim to phishing and vishing scams:
- Never give any personal information on phone or via email. All the popular online companies like PayPal, eBay and other institutions, like credit unions etc., clearly warn users through their websites or other ways that they never ask for any personal information on email or automated phone calls. This should make it a lot easier to tell phishing attacks out.
- When in doubt, delete. Delete any email you have doubts about, especially one that requests you to give up your personal, private information.
- Be cognizant and protect your identity. Beware of e-mails, telephone calls, or text messages requesting your personal identifying information.
- If you feel the email looks suspicious, report the email to the ‘real’ company.
For additional tips and helpful information, visit the IC3 web site at www.ic3.gov or Anti-Phishing Working Group’s web site at www.antiphishing.org.
Filed under: Uncategorized | Tagged: credit union, Ft. Worth, identity theft, phishing, Texas, vishing
