Get Smart About Scams: Social Engineering Scams

Welcome to Get Smart About Scams, presented by Educators Credit Union, where we’re dedicated to ensuring the safety of our members’ accounts. This audio series discusses the types of scams you may encounter online and in your daily life, how to spot them, and what to do if you think you may have fallen victim.

We just recently discussed impersonation, but what we didn’t talk about was the ways in which scammers can reach out to their victims. They typically use three mediums, all with their own term: Phish, vish and smish.

Phishing is when a scammer contacts an unsuspecting person via email to convince them to give up their personal information, login details, card numbers, and more. They often impersonate a financial institution or other trusted business.

Vishing is when the fraudster uses a phone call to try to get important information out of a victim such as their social security number, birthdate, account numbers, etc. Skilled scammers can spoof the phone number they are texting or calling from, so you can’t always trust the caller ID.

Finally, smishing attacks are text-based attempts to get people to divulge personal information. A common smish example is the scammer pretending to be your financial and asking you to confirm a large purchase that you didn’t make.

Red flags

Some common red flags you can use to identify a phish, vish, or smish attempt are:

1. They contacted you, instead of you contacting them.
2. There are misspelled words or incorrect grammar.
3. They’re asking you to move money in the form of cash, gift cards, crypto, a Bitcoin ATM, or a courier who will visit your house to pick up cash.
4. They create urgency around the issue and demand you send money immediately.
5. The claim they found information about you on the dark web and want ransom money.
6. They claim your financial institution is involved or is the cause of the issue, and you should lie to them or keep information from them. They may also tell you to keep them on the phone when you purchase gift cards or in case you need to visit your financial for a wire transfer.

Frequently asked questions

How can you avoid falling for a phish, vish or smish attempt? Don’t answer or respond to ANY pop-ups, text messages, emails or phone calls from anyone you do not know. If you are in doubt of a communication, call the business at the number provided on their official website. The number provided by the suspected scam will just connect you to the scammer.

What should you do if you receive a phish, vish or smish? Simply do not reply or act on it. Then, report the communication as spam to your phone service provider and block the number. You can also contact the business the scammer was impersonating and let them know they’re being impersonated. This way, they can warn their members or customers about the recent scam attempts.

What should you do if you gave information to a phish, vish or smish attempt? If you gave information such as your name, address, social security number, you should freeze your credit with all three credit reporting bureaus. Those are: Experian, TransUnion, and Equifax. If you gave any banking information such as your login information or card numbers and security codes, call your financial immediately. They will help you lock down your account and cancel your cards.

Questions?

Do you suspect you may have fallen victim to fraud? We are here to assist you every step of the way. Please give us a call at 262.886.5900. Take care and stay safe.

Insured by NCUA. Membership eligibility required.