Skip to main content

Phishing for Funds

Phishing

Every day our Call Center Agents speak with hundreds of our members about anything from balance inquiries to mortgage loan questions. Recently, there have been an increase of calls answered regarding suspicious emails or strange phone calls from a person or entity claiming to be the individual’s credit union. Unfortunately, we have also heard from members that have had funds stolen from their personal accounts because they were tricked into providing personal information to a fraudster. It’s important to know about the different ‘phishing’ methods scammers use to victimize innocent people out of their hard earned money. Here are the most common forms of phishing: 

 

Email

Phishing emails usually look like they are from reputable companies or financial institutions. It is very common for phishers to try to obtain banking or credit card information since that is, after all, where the money is! These scams will often use threats or try to create a sense of urgency for the recipient to provide information, or else something bad will happen.

“Submit your online banking password or all of your accounts will be closed immediately.”

The fraudsters are hoping these tactics instill fear and cause the recipient to do whatever they are told to do in order to fix the problem.

 

Websites

Chances are, you visit your financial institution’s website fairly often, or at least once a month, and are familiar with the look and feel of the website. Fake websites are built specifically by fraudsters to look as similar to the legitimate website as possible. However, since these sites are produced quickly and by not-so-professional designers and copywriters, they are usually full of spelling and grammatical errors. Scammers are hoping the site visitors do not take the time to read what is on the page, just that they submit online banking information or other personal information.

Typically users type the website domain directly into the browser, do a quick search in Google or Bing, or have it bookmarked for easy reference. If you land on a suspicious website because you received a suspicious email, close your browser and contact your financial institution directly!

Can you spot the fake website?

 

fake website

 

real website

  

Phone Calls

Phone calls to try to solicit personal banking information are also very common – this method is sometimes referred to as Voice Phishing or ‘Vishing’. Fraudsters can even make it look like the phone call is coming from your financial institution – yes, they are that good and that is exactly why many people become victims.

“Hello, I’m calling from your bank/credit union. What is your social security number and credit card number,” said no legitimate financial institution ever.

Your financial institution or Credit Card Company should never call you directly to “verify information on your account”. We have that information already! The only time they should ask for that information is if you contact them directly and they have to verify your identity over the phone. There are some things that are off limits to representatives, such as your debit card PIN and Online Banking password. Therefore, you should not share those with anyone. Those credentials are completely confidential – we will never ask for that information over the phone or in person.

 

Some simple ways to protect yourself

Now that you know about a few ways to identify a scam when you see (or hear) one, here are just a few ways you can protect yourself from becoming a phishing victim:

  • Make sure you are on the legitimate website – look at the URL in the browser to make sure it looks accurate.
  • Copy and paste any hyperlinks that you receive in an email. This gives you the opportunity to review the URL before you actually go to the website. If it does not look right, do not proceed!
  • Do not give anyone your PIN or password….not even your financial institution.
  • Most financial institutions have a secure website, which is indicated by the HTTPS prefix in the website URL (as opposed to HTTP only).

  


By Campus USA at 10 Aug 2018, 13:07 PM

Related Tags