Beware of Phishing and Vishing Scams
Scammers never take a break! Just when you think they’ve run out of steam, another scam surfaces in which fraudsters try to quietly take both your money and information.
The Federal Trade Commission (FTC) has warned of a recent upsurge in phishing and vishing scams involving credit unions. With just a bit of online digging, scammers impersonating the credit union lure victims into forking over thousands of dollars or divulging confidential information.
Like all phishing scams, the scammer contacts the victim, posing as a legitimate business or service provider that the victim is familiar with. In this case, the scammers claim to be a representative of your credit union.
The fraudsters use social engineering to trap their victims. This means they take advantage of social norms to inspire trust and manipulate people into clicking on their links or answering their emails. It’s almost impulsive for people to download attachments that look like they’re from friends or a familiar business.
The scammers most commonly reach out via email, but they may also use tactics like phone calls, text messages or social media sites. They convince the victims of their legitimacy by providing some personal details about the victim — which they easily pull off the internet.
Victims are lured into providing information by claiming something is wrong with their account. Once the scammer has the information, they can empty the victim’s accounts, track their online activity and/or steal their identity.
Alternatively, the scammer may lead a victim to click on links that are embedded with spyware. The links lead to a website that may look just like the credit union’s site, but is actually bogus. In such instances, the victim is probably certain they’re browsing their credit union’s website, and won’t hesitate to share information or input usernames and passwords.
The biggest clue that these transactions are scams is their means of communication. Your credit union will never ask for sensitive information through insecure channels. We also won’t ask you to verify your account number — we already have that information!
Despite this red flag, hundreds of people are falling prey to phishing scams. Don’t be the next victim! Here are four tips to help you protect yourself from phishing scams:
1. Ignore suspicious emails
When online, be on guard. If you receive an email from an unidentifiable source, ignore it. Don’t reply to the email, click on any embedded links or open attachments. If you suspect an email is from a scammer, delete it and add the domain and email address to your spam filter to prevent a recurrence.
Similarly, never “friend” or otherwise accept communications from a stranger via social media. Facebook and Instagram are for real buddies only!
As a general rule, it’s best not to share any personal information over the internet. If you do need to provide financial information over the web for completing a transaction, only use a secured site. You can verify a site’s security by looking for a lock icon on the browser’s status bar or by finding a URL that begins with “https.” The “s” signifies that this is a secure site. Remember, though, that these indicators are not foolproof in any way. Even a secure site can be hacked.
The best way to stop scammers in their tracks is to report every attempt they make. If you have reason to believe you’ve been contacted by a scammer impersonating the credit union, let us know! Send us an email with all the details of the scam attempt so we can catch those crooks. It’s best to forward the exact email you received. If you’ve already deleted the email, report the date, time of day and all other details you can recall. The more we have to work with, the easier our hunt will be.
3. Report all suspicious activity
While we will do all we can to stop these phishing scams, we can use all the help we can get. That’s why it’s important to file your complaint at www.ftc.gov. You can also visit the FTC’s Identity Theft website at www.consumer.gov/idtheft to learn how to minimize the fallout of a possible identity theft.
4. Strengthen your computer’s protection
It’s always a good idea to beef up your computer’s border control. Equipping yourself with sufficient antivirus software will protect it from accepting these emails in the first place. If your software doesn’t update automatically, be sure to update it manually on a frequent basis so it will recognize and reject the most current viruses and scams.
A strong firewall will prevent scams and viruses by making you invisible on the internet and blocking all communication from foreign, unauthorized sources. It’s especially prudent to run a firewall if you use a broadband connection.
If you’re a genuine social media junkie, be sure to make your settings as private as possible. Don’t lay out your life for just anyone to see. Having another few hundred “friends” or “likes” is not worth the risk of a stolen identity!
Finally, as mentioned above, all suspicious email addresses should be added to your email’s blacklist as quickly as possible. Remember: Your spam filter is only as strong as you allow it to be.
AgFed will never contact you directly to request any of our account information, including:
- Social Security Number
- Credit or Debit Card Numbers
- Security Codes or CVV
- PIN numbers
- Date of Birth
- Online Banking Information
- Verification Codes
If you believe you have been the victim of a scam please contact us immediately.