While there are an endless number of ways thieves may try to get your information
almost all scams involve some type social engineering. Social engineering is when
thieves use something you are comfortable with or trust in order to get you to act
without thinking your actions through. A few of the common scams seen today include:
Phishing - Thieves will send out bogus messages that appear to be from a company or
government agency you may or may not do business with. These messages will attempt
to convince you to either click on a link or call a number in order to get you to
reveal information that can be used to steal your identity and/or access your accounts.
Phishing messages may come through email, instant messages, and even text messages.
The best thing to do if you believe a message may be legitimate is to contact the company
using contact information that you know is valid such as a number from the phone book or
by typing the company’s web address into your browsers address bar.
Vishing - is the use of social engineering tactics over the telephone system in an
attempt to gain personal information for fraudulent uses. Vishing is successful because
it is hard for law enforcement to track and because the phone system is very trusted by the
general public. Features like caller ID can now be forged and faked using modern tools to make
the calls more believable. Customers should be very suspicious when receiving calls asking for
personal information and should call the bank directly using a number they know is good if they
question the validity of a request.
Spoofing - A “spoofed” site is one that appears to belong to a legitimate company. The
site may even look like the legitimate company’s site utilizing their colors and, perhaps, their logo.
Typically a bogus email is received that asks you to supply, confirm or update sensitive personal
information by clicking on a link in the email. The goal of the criminal is to get you to enter
the requested information so that they can steal it for their purposes.