Phishing / SMiShing / Vishing
Caution! Thieves are “phishing” for your information...
Phishing attacks use ‘spoofed’ emails and fraudulent Web sites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, Social Security numbers, etc. By hijacking the trusted brands of well-known financial institutions, online retailers and credit card companies, phishers are able to convince many recipients to provide personal and financial information.
SMiShing is a form of phishing that uses mobile phone text messages to attract users into visiting fraudulent websites, call a phone number or download malicious content via phone or web.
Vishing is the criminal practice of using social engineering and Voice over IP (VoIP) to gain access to private personal and financial information from the public for the purpose of financial reward.
No matter how you are contacted - phone, e-mail, text message, or web - be wary of urgent appeals or outright demands that you provide personal data.
REMEMBER: We will never contact you and ask for personal information or account data.
How You Can Avoid Phishing Scams
The number and sophistication of phishing scams sent out to consumers is continuing to increase dramatically. While online banking and e-commerce is very safe as a general rule, you should be careful about giving out your personal financial information over the Internet.
The Anti-Phishing Working Group (www.antiphishing.org) has compiled a list of recommendations that you can use to avoid becoming a victim of these scams.
- Be suspicious of any email / text message / phone call with urgent requests for personal financial information.
- Don’t use the links in an email / text message to get to any web page, if you suspect the message might not be authentic. Don't use the contact information in a suspect phone call requesting information - instead initiate the call yourself using known contact information.
- Avoid filling out forms in email messages that ask for personal financial information.
- Always ensure that you’re using a secure web site when submitting credit card or other sensitive information via your Web browser.
- Regularly log into your online accounts and check your financial, credit and debit card statements to ensure that all transactions are legitimate.
Always report phishing or spoofed emails by forwarding them to:
When forwarding spoofed messages, always include the entire original email with its original header information intact.
Forward the email to the “abuse” email address at the company that is being spoofed (e.g. “firstname.lastname@example.org”)
Notify the Internet Fraud Complaint Center of the FBI by filing a complaint on their web site: HERE
The Anti-Phishing Working Group (APWG) is an industry association focused on eliminating the identity theft and fraud that result from the growing problem of phishing and email spoofing. For up to date information and the latest phishing scams, visit their site at www.apwg.org.