Phishing & Smishing: Cute Names, Ugly Scams

While many are dreaming of warmer weather and fishing our lakes and rivers this spring, cyber crooks are busy “phishing” for new victims. “Phishers” use false e-mails to trick people into visiting fake Web sites. The e-mails contain authentic-looking logos, graphics and language. Another popular scam is known as “smishing.” Smishing is similar to phishing, except instead of e-mails the crooks send fraudulent text messages.

phishing-smishingThe e-mails and texts often appear to come from your financial institution saying there is something wrong with your account. You’re asked to call a number to verify your account information. When you call, the person on the other end is actually a crook looking to capture your bank account information, password, credit card or Social Security number. Similarly, links in the e-mail or text often direct you to imposter Web sites where you’re asked to give personal and financial information. Often the links download viruses and malware when you click on them.

It’s hard to keep up with all of the schemes and malware, as new ones seem to surface daily. And since some of the fake e-mails and texts look like the real deal, it’s sometimes hard to tell if they are legitimate. But there are some common signs to look for.

Beware of these red flags
Always be wary of any e-mail or text that asks for personal or financial information. Legitimate businesses and financial institutions will not ask for this information through an unsolicited e-mail or text. Also be wary of e-mails with hundreds of addresses in the recipient or cc: field, especially if the message text seems to be directed toward only one person. Do not click on any links in the e-mail or text. If you wish to visit a Web site, open a new browser window and type the URL (ex. towerfcu.org) in the address bar.

Another red flag is an e-mail or text in ALL CAPS or full of grammatical errors and typos. If the content states an urgent or emergency need, delete it. If it truly was a matter of life or death, the sender wouldn’t target a stranger for help. Don’t open e-mails from unrecognizable addresses or senders or ones with no subject line.

Tower’s promise to you
Sometimes we will need to reach out to you if there is an issue with your Tower account. However, we would never ask for personal or financial information (we already have it), especially via an unsolicited phone call, e-mail or text. If you receive a phone call, e-mail or text from Tower and you are unsure whether it’s legitimate, contact the Member Service Center.

Click here for more cybersafety tips.