Latest Scam Uses Fraudulent Texts and Phone Calls
We are aware of a national multilevel attack where fraudsters are using a combination of tactics like Smishing, and Vishing to trick you out of your money. SMS Phishing or “Smishing” is done through text messaging, while Vishing, or voice phishing, uses the phone to further perpetrate the fraud.
The scam starts with a text message that appears to be from your financial institution’s “fraud department”, prompting you to verify recent transactions that appear to be fraudulent. If you reply to the prompts, the scammers will call you almost immediately pretending to help you walk through disputing the transactions. What makes this believable is that scammers use another technique called phone number spoofing, which causes your Caller ID to display the phone number and other information so it appears to be from your financial institution.
Once the scammer has you on the phone, they will ask you to verify information about yourself so they can “properly identify you”. What they are really doing is gathering all of your private information so they can take over your accounts online and start transferring money out!
Fraudsters are asking their victims to provide the following information:
- Account Number
- Social Security Number
- Date of Birth
- Mother’s Maiden Name
- Email Address
- Online/Mobile Banking Login Credentials
- Verification Codes from Online/Mobile Banking
How to Protect Yourself
With a little bit of caution, you can take steps to avoid becoming a victim of theft. If you are unsure if a text or call is legitimate, follow these dos and don’ts.
- Do contact the supposed text sender or caller directly. Locate a number for the financial institution that you know to be legitimate, such as the number on their website or the back of your card.
- Then contact the financial institution directly to determine if they are the ones contacting you.
- Do block scam phone numbers. If you are re not sure how, reach out to your wireless carrier for help.
- Don’t be fooled by a familiar phone numbers or names displayed in your Caller ID. Smishers and Vishers can use tools to make it look as though the text is from a trusted financial institution.
- Don’t click links in text messages. Links are often used to install malware or key loggers—software that tracks what you type.
- Don’t respond to a suspicious text message. Text responses can be used to verify your phone number and gain access to your personal information. Some financial institutions, like 360FCU, do use text messages to verify suspicious purchases. However, those texts will never request personal information.
If you receive a suspicious call from our “fraud team”, hang up! Call us back at 800.544.4728 to assist you directly.
360FCU will never reach out to members asking for personal information – especially login credentials. If you think you may have been a victim of the scam, contact us immediately at 800.544.4728 for assistance in shutting down the scammer.