Welcome to Zia Credit Union

Tips > How To Avoid Fraud

Phishing, Vishing and Smishing: some helpful information

PHISHING is criminal fraud that uses the internet to steal information such as usernames, passwords, and credit card numbers by luring unsuspecting users to enter their information at an illegitimate website, which is designed to appear genuine. Phishing is typically carried out by email or instant messaging and often contains: subject lines that are worded to create anxiety, come from companies with which you have no account, contain spelling errors, misspelled URLs, and will almost always direct users to click on a link that navigates to the false website where information can be stolen. In order for internet criminals to successfully "phish" any personal information, they must get the user to go from an email to the fraudulent website and then enter the information they hope to steal. For further information on phishing, you can visit: http://www.phishtank.com/ VISHING is a variation of phishing; phone lines are used instead of the internet to steal private information (account numbers, security PIN, expiration dates, date of birth, etc.) The "v" in vishing stands for voice. Vishers commonly use an automated dialing system and leave automated messages directing the listener to call back concerning "fraudulent activity" on their card or "unusual" account activity. When the victim calls the number, it is answered by automated instructions to enter a credit card number or bank account number. Once this information is entered, the visher can use the card or account for fraudulent activity. Many vishers use the technology known as "masking," which creates a false telephone number to appear on Caller ID devices, tricking consumers into thinking the call is coming from a legitimate business or person, when it is actually coming from the visher. One of the newest information websites that reports on vishing is: http://phonephishing.info/ . SMISHING is a term used for fraudulent text messages on cell phones. Smishing uses cell phone text messages to trick victims into giving out their private information (card numbers, CVV codes, security PIN, etc.) As with phishing and vishing, smishing messages commonly use words and phrases to create anxiety. For example, the text message might say that something needs your "immediate attention!" Another common ploy is to text a "warning" to you that your card has been suspended and that to reactivate it, you must call the number immediately. Smishing messages might show "5000" instead of displaying an actual phone number, which means that the SMS message was sent through email to the cell phone and not sent from another cell phone. Smishers count on emotional reactions, speed, and lack of attention for their success. If a victim doesn't stop to think or call their financial institution before responding to the fraudulent text, they end up giving away the information that criminals need to create duplicate plastic cards. For more information on smishing visit: http://www.getsafeonlineblog.org/?p=118 .