May 22, 2024Phishing, Smishing, and Vishing: How to Protect Yourself

In today’s digital age, where everything from shopping to banking is done online, the threat of scams looms larger than ever. Imagine receiving an email, a text message, or even a phone call that seems legitimate, only to realize later that it was a trap set by cybercriminals. These tactics, known as phishing, smishing, and vishing, are more than just annoyances – they’re sophisticated schemes designed to steal your personal information and drain your financial accounts.  

In this article, we’ll dive into the world of these deceptive practices, unravel their intricacies, and equip you with the knowledge you need to protect yourself. Get ready to outsmart the scammers! 

What is Phishing?  

Phishing is one of the most common types of cyber scams. Fraudsters create a seemingly legitimate email with deceptive links that take you to a website or web form intended to steal your personal or financial information. The site or form may ask for information, including usernames and passwords, social security numbers, credit card numbers, or financial account numbers.   

Example:  

You may receive an email that seems to be from the credit union. The email requests that you click a link to update your digital banking login credentials or account information. However, when you click the link, you are unknowingly redirected to a fake website that steals your credentials and information.  

Methods: 

  • Email 

How to Avoid:  

  • Be wary of unsolicited emails. 
  • Verify the sender’s email address – this is usually the easiest way to spot a phishing attempt, as the email domain will be unrelated to the company they are impersonating, or it will be misspelled – for example, [email protected] instead of [email protected]. 
  • Carefully review the message content for spelling or grammatical errors.  
  • DO NOT click links unless you are 100% sure it is a legitimate email. Try hovering over a link before clicking. You’ll often be able to identify fraud attempts as the URL will be unrelated to the company they claim to represent. 

What is Smishing?  

Smishing scams are like phishing but occur through text messages (SMS) instead of emails. The term “smishing” is a combination of SMS + phishing. In smishing, scammers send a text, often with an urgent request or offer, hoping to trick the recipient into sharing personal or financial information. You may be encouraged to click a link or respond directly to the text message.  

Example:  

You may receive a text message claiming to be from the credit union requiring you to verify a transaction on your account. Usually, the transaction is costly and made to appear urgent to distract you. The message prompts you to click a link to cancel the transaction and verify your account information.  

Methods: 

  • Text messages  

How to Avoid:  

  • Be suspicious of unsolicited text messages. 
  • Check the text for significant spelling or grammatical errors. Although texts with friends are very informal, any communication from a business (even a text) should be professional and free of errors or informalities.   
  • DO NOT click on any links from unknown numbers. Many companies today use URL shorteners within texts and social media. While this reduces the URL characters, it is harder to know if the link is legitimate. If you receive a suspicious link, don’t click it. Instead, contact the company directly or log into your account through the company’s app or website and check for any notifications or alerts. 

What is Vishing?  

Vishing scams involve fraudulent phone calls or voicemails from fraudsters posing as legitimate entities, such as businesses, government agencies, tech support services, or financial institutions like banks or credit unions. The term “vishing” is a combination of voice + phishing. Scammers use these tactics to manipulate people into sharing sensitive data or making financial transactions.  

Example:  

You might receive a phone call from someone claiming to be a representative from the credit union’s fraud department, calling to inform you of suspicious activity on your account. They request your account details, such as your account number or digital banking username and password, to verify your identity.  

Methods: 

  • Phone calls 
  • Voicemails  

How to Avoid:  

  • Be skeptical of unsolicited phone calls, especially from unknown numbers.  
  • NEVER provide personal or financial information over the phone unless you have initiated the call to a trusted and verified phone number.  
  • Remain calm, and don’t allow yourself to feel pressured to act quickly or disclose information you don’t feel comfortable sharing over the phone. If you are ever unsure about a phone call or voicemail you’ve received, hang up and contact the company directly from the phone number listed on their website. 

Tips to Protect Yourself from Phishing, Smishing & Vishing Scams 

  • Stay Updated: 

Keep all software and security systems up to date on your devices, including your phone, tablet, laptop, and computer. Also maintain current updates on your operating systems, antivirus software, and any other security applications or protocols you have enabled to ensure consistent defense against cyber threats.  

  • Verify ID: 

Before responding to any communication requesting personal information, verify the authenticity of the sender or caller’s identity. If you’re unsure, you can contact the company directly using the trusted contact information listed on their website.  

  • Don’t Share Information: 

Avoid sharing personal or financial information online or over the phone. Do not disclose sensitive details unless absolutely necessary and you know the website or caller is legitimate.  

  • Stay Strong: 

Create strong, complex passwords for all your online accounts. Then, enable multi-factor authentication on every application and website when available for an additional layer of protection.  

  • Get Educated: 

Stay informed about the latest scams circulating so you know the red flags to look out for and educate your loved ones. By understanding the common warning signs and preventative measures, you will be much more effective in avoiding scams.  

  • Report Suspicious Activity: 

If you suspect you have been a victim of fraud or identity theft through phone calls, text messages, or emails, report it immediately to your financial institution and the appropriate authorities. Contact your credit union, bank, or credit card company to report suspected fraud so they can take the appropriate action on your account. Report the fraud to local authorities, The Federal Trade Commission, and the FBI’s Internet Crime Complaint Center (IC3).  

We’re Here to Help! 

New scams are born every day, making it crucial that you protect yourself and stay informed about common identity theft practices. As your credit union, your account security is our top priority. However, most fraud attempts are initiated by members accidentally clicking fraudulent links or unknowingly providing personal information to a scammer. Remain vigilant and always safeguard your private data. You can visit PEFCU’s Security Center for updated information about ongoing scams and ways to protect yourself.

If you suspect you were targeted by a scam or if you have been a victim of fraud, contact us immediately. Our team is here to support you and guide you through any issues or concerns. Please stop by any of our branch locations or call 800-226-6673 to speak with a Member Advocate. 

 

 

Each individual’s financial situation is unique and readers are encouraged to contact PEFCU when seeking financial advice on the products and services discussed. This article is for educational purposes only; the authors assume no legal responsibility for the completeness or accuracy of the contents.  

 

 

External links:  

https://reportfraud.ftc.gov/#/  

https://www.ic3.gov/  

Leave a Reply

Your email address will not be published. Required fields are marked *