Texting Scams: What You Need to Know

Text messaging has come under attack as one of the most vulnerable mediums for identity theft and more. Here’s what you need to know about an SMS message-based scam called “smishing.”

How it works

Smishing scams use text messages to establish contact with the intended victim to later access their personal information.

The scam begins with a supposedly urgent text appearing to be from the victim’s financial institution. The text may claim that the victim’s checking account is locked, or that there has been an unauthorized purchase charged to the victim’s account. The scammer will warn that immediate action must be taken.

The victim is then instructed to call a specified number and, upon doing so, will be asked to share their financial information. Once they’ve got their hands on this info, the scammer is free to steal the victim’s identity, empty their accounts or go on a shopping spree on the victim’s dime.

Who are the victims?

Smishing scams primarily target people who do their banking online, but fraudsters will use any cellphone number they can find. If you own a checking account and a cellphone, you are a candidate for a smishing scam.

Recognizing smishing scams

Insight Credit Union will not alert you of a possible fraud or account lockdown via text; we prefer more personal means to help you know it’s us.

Also, the phone number the smishing text instructs you to call is not ours. You can reach us at 407.426.6000 or Toll-Free 888.843.8328. If you’re told to contact us at a different number, it’s not us you’re calling!

What to do if you’ve been targeted

If you receive a suspicious-looking text, do not engage the texter! Jot down the scammer’s number and delete the message. Let us know about the smishing attempt, tell all your friends and alert the FTC.

If you’ve fallen for the scam and your accounts have been compromised, alert your credit card companies and be sure to let us know, too.

Protecting yourself

  1. Always use two-factor authentication for banking app and sites.
  2. Use strong and different passwords across your accounts and apps.
  3. Ignore all text messages from unknown numbers.

Don’t let those crooks get their hands on your money!

How to Protect Yourself From Cyber Attacks

iStock_000030693124_Large.jpgOver the past 25 years, technology has truly changed the way we live. We pay bills online, access bank and loan accounts online, and make purchases online. While this has created a convenience we have never experienced until recent years, it’s also opened up a lot of opportunity for identity theft through cybercrime. We want to make sure you’re aware of common cybercrimes and how to protect yourself. Here’s some basic information you should know.

Phishing: Luring victims to click on a link to get sensitive information or plant a virus.

Have you ever received an email that only has a link and no other copy? Perhaps you already knew this was some kind of scam and immediately deleted the email. Great job! Clicking on that link could take you to a fake website where criminals ask for personal information. Clicking on the link could also automatically give criminals access to your computer, where they can look for sensitive information, watch your internet habits or plant a virus on your computer. Phishing can be used alone or with spamming and spoofing to steal your identity.

To avoid falling prey to this type of technique, NEVER click on a link from an unexpected sender that you are unfamiliar with. Check to make sure the URL matches with the content of the email by hovering your mouse over the blue hyperlink. Make sure to look at the details. Does the email say it is from Facebook? Does the link say facebook.com or facebook.net? Little details like this will save you from falling prey to phishers.

Spamming: Sending the same unsolicited email to a large group of people.

Spamming can be hurtful in several ways. A great example of this is a “spam scam,” where a criminal sends an email indicating you have won the lottery and requests that you send a payment to cover taxes in order to get your winnings. Unfortunately, the lotto payment is never received so whatever amount was sent “for taxes” is lost to the victim. Below is an example of this type of email. There are several variations, and this is just one example of how a spam email can turn into fraud. Notice how the crook is using a spam (undisclosed recipients) with phishing (the link)?

spamming-email

To prevent this kind of fraud, never open emails from strangers or click on links in an email like this. If it sounds too good to be true, it probably is!

Spoofing: Using a fake website, email address or other identifier that looks legitimate to trick a victim into responding with an action that may benefit the spoofer.

An example of this is using a fake website that looks legitimate to trick someone into submitting financial, personal or password data into a fake website. To avoid being spoofed, check websites for security measures such as a padlock in the url and https:// rather than http://. The padlock and the s indicate the website is a secure site.

Additionally, use email spam filters and do not click on links that indicate you need to update personal or financial information. Call a verified number from the company’s website and verify the email is legitimate.

Click the following links for more details on the above cybercrimes:

Phishing
Common Scams
Scam Alerts