Phishing, SMishing & Vishing
Phishing is when Internet fraudsters impersonate a business to trick you into giving them your personal information, such as usernames, passwords, and credit card details. Legitimate companies don’t ask you to send sensitive information through insecure channels.
For example, a fraudulent e-mail may state that Beacon FCU will add money to the member's account for participating in a survey. The link in the message directs members to a counterfeit version of Beacon FCU's website with an illicit survey soliciting credit card account numbers and confidential personal information. Beacon FCU will never ask credit union members or the general public for personal account or personally identifiable information as part of a survey.
- Don’t select links in e-mails that ask for personal information.
- Never open unexpected attachments.
- Delete suspicious messages, even if you know the source.
Phishing via SMS, or SMishing, uses cell phone text messages or SMS (Short Message Service) to trick you into providing personal and financial information. Smishers may use URLs or an automated voice response system to try and collect your information.
Tip: In some instances, criminals have used malicious software in their text message solicitations. To prevent further security issues, completely remove unsolicited text messages from your phone. This may take two steps: deleting the text and then completely removing it from your device.
Phishing by voice, or vishing, exploits a general trust in landline telephone services. The victim is often unaware that voice-over Internet Protocol (VoIP) allows for caller ID spoofing, thus providing anonymity for the criminal caller. Rather than providing any information to the caller, the consumer should verify the call by contacting the financial institution or credit card company directly, being sure to use the institution’s accurate contact information (i.e., do not use contact information the caller provides).