Unfortunately, anyone can be targeted by fraudulent emails, calls or text messages. We want our members to be informed, alert and protect themselves from these various scams.
Phishing Scams Explained
Phishing is when a scammer sends an email to an unsuspecting consumer. That fraudulent email might look just like a legitimate credit union or bank email (right down to the company logo), but in fact it’s a forgery. If the consumer falls for the bait (thus the “fishing” reference), the thief could get credit card numbers, PINs, expiration dates, credit union/bank account numbers and even Social Security numbers.
With enough information, a con artist can run up fraudulent bills or even steal a person’s identity. Be on the lookout for any financial institution email that requests your personal or financial information. No financial institution will make that kind of request online.TVFCU will never send you an email requesting information, personal or financial. If you receive an email asking for this type of information, contact the financial institution directly for verification.
If you receive a phishing e-mail claiming to be from the credit union, be aware that these phishing e-mails are not from TVFCU and do not affect the credit union’s actual data system. At no time has that information ever been compromised. These scams are aimed squarely at consumers in an effort to trick them into providing their own personal information for use in criminal or fraudulent activities.
Vishing Scams Explained
Vishing is similar to phishing, except by phone — either in person or by an automated phone system. These criminals will claim to be from the financial institution whose customers are being targeted. They will request the same type of personal and account information.
The criminals behind these scams simply blast a large number of emails (or automated calls) out to the public hoping to hook unsuspecting consumers. Of course they are hoping someone will actually respond with their personal account information.
Smishing Scams Explained
Smishing is just like phishing and vishing. It is text-message fraud that occurs when criminals, posing as financial institutions, attempt to dupe mobile-phone users into giving personal information through text messages, calling a telephone number or visiting a fraudulent website. Education and diligence are among the best ways to protect yourself against such fraudulent activities.
Ways to Avoid Being Phished, Vished, Smished or Scammed
Phishing scams are prevalent and growing rapidly. Here are a few tips to help you avoid getting hooked by one.
- Do not respond to any unsolicited e-mail that asks for personal or account information. Don’t reply to it or click on any links contained in the message.
- Never give out personal information if you have not initiated the transaction or call.
- No legitimate financial institution will ever e-mail or call to verify personal and/or account information, because if they do business with you, they already possess it.
- Consumers are advised to be highly suspicious when receiving messages directing them to call and provide credit card or bank numbers. Rather than provide any information, the consumer is advised to contact their financial institution or credit card company directly to verify the validity of the message.
- Always verify e-mail/website addresses and phone numbers with a legitimate source such as your account statement. Do not rely on information contained in an e-mail or phone message.
- If a credit/debit card company actually calls to notify you of suspicious charges, they will not ask for your personal information. Instead they will verify that they have reached the cardholder and ask for them by name. Then they may ask the cardholder to verify the last 4-digits of their Social Security number (Note: They will not ask for your entire Social Security number, account number, expiration date or PIN). They will then verify if you made that particular charge or not. If anything sounds suspicious, hang up and call your financial institution directly.
- Avoid bogus sites by entering web addresses directly into the browser yourself or by using bookmarks you create.
- If you’re an Online24 user, double check the URL that is in the address bar before entering your login credentials. It should read: https://ol24.tvfcu.com.
- When prompted for a password, supply an incorrect one first. A bogus web site will accept it, but a legitimate one won’t.
- If you have fallen victim to such a scam and given out your personal account information, contact your financial institution immediately to protect your accounts, block your cards, fill out a fraud affidavit and take other protective measures as necessary.
For more information on Phishing, Vishing and other fraudulent scams please visit the Security Resources page.