One relatively new area of fraud is social engineering, which refers to techniques that cyber criminals use to trick people into revealing personal information. The information below will help you recognize potential scams and steps to take if you become victim to one.
Phishing: A type of social engineering scam in the form of a letter or email, which directs you to click a fraudulent link or provide personal information. Fraudulent websites used in phishing scams are commonly disguised as widely known businesses or financial institutions.
Potential phishing scam indicators:
Generic greetings such as "Dear Valued Bank Customer"
Masked links which make fraudulent website links appear legitimate
Requests for personal information
Urgent requests and limited-time offers
Vishing: A type of social engineering scam performed over the telephone or voice mail. Fraudsters pretend to be associated with a financial institution or well-known business and leave an "urgent" voice mail message. This message will request you call another number to provide your account or personal information. Criminals using vishing scams prefer to leave a voice mail message rather than talk directly to you. They can pretend to be from a company you are familiar with and have “urgent” information regarding your account or computer being compromised.
If you answer a vishing call:
Do not give the caller any information.
Do not go to a link in an email they provide.
Ask for their name and the name of the organization they are representing.
Tell them you’ll call them back and hang up. Do not use the number they provided.
Look up the phone number for the organization they identified and call that number.
Explain to their representative why you are calling.
SMiShing (SMS phishing): A type of social engineering scam sent through a mobile device, usually in the form of a mass text message. This type of message may look as if it's from your bank or other business, which would have customer account information. It will usually state your account has been temporarily locked; then direct you to call a telephone number or visit a website to unlock the account with your personal information.