Dear Credit Union Member:
Some members have received phone calls, text messages and e-mails requesting information about their Credit Card or Debit Card. See the copy below. GASCU does not request verification of Credit Card or Debit Card information via phone calls, text messages or e-mail.
If you receive calls about this e-mail, it is not from GASCU. This is an attempt at Identity Theft to fraudulently steal your financial information.
SAMPLE FRAUD EMAIL
SAMPLE FRAUD TEXT-MESSAGE:
Your card has been deactivated
For your security, we have disabled your card and PIN.
To activate your card and PIN please call our “Card Activation Line” at 1-800-xxx-xxxxx
If you have any questions, we are available 24 hours a day, 7 days a week at 1-800-xxx-xxxx.
Please do not reply to this email.
Sincerely, Customer Service
NEVER click on any link in such an e-mail. Any e-mail link will subject you to Identity Theft. GASCU will never e-mail or text message a link to you. When in doubt refer to the GASCU website. The GASCU phone number is on the back of your Debit Card and Credit Card.
Sincerely,
Glendale Area Schools Credit Union
CON ARTISTS SWITCH FROM PHISHING TO VISHING
There’s a new scam on the block, dubbed “vishing,” and it’s coming to a telephone near you, according to Networkworld.com.
Vishing mimics phishing by trying to trap you into divulging your account numbers. (Phishing is the act of sending an e-mail to a user, falsely claiming to be a legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.) But instead of being phished in an e-mail message, you may receive a telephone call from an automated random dialer, and the voice on the other end of the line may tell you your credit card has been used illegally. You’re then asked to dial a fake 800 number with another voice that asks you to confirm your account details and credit card number.
If you give the information, you can count on your accounts being drained. All this is possible because of Voice over Internet Protocol (VoIP), the new technology that makes possible inexpensive and anonymous Internet calling. And industry analysts are concerned that it’s becoming more difficult to tell phish and vish from actual attempts to contact customers.
One attack imitated PayPal with a fraudulent message urging victims to call a California-based phone number to update credit card account information “to prevent any fraudulent activity from occurring.” The number was traced to an Internet-phone service and shut down.
TAKE STEPS TO AVOID BEING VISHED:
- If you get a phone call and someone asks you to give or confirm credit card or personal information, hang up. Then call your credit union or the financial institution that issued the card by using the phone number on the back of the card or on your statement and report the attempt. If the call was legitimate, the provider will know it.
- If you get a call from someone who claims to be from a financial institution you do business with, and who knows your credit card account number but wants the three-digit code on the back of the card, immediately hang up.
- If you get an e-mail message asking you to call a toll-free number to verify account information, delete the e-mail. Never provide personal information or account information based on an e-mail request.
- Don’t be fooled that the caller’s phone number appears to be a regional telephone number–it could have been spoofed, which is easy to do using VoIP.
- Be suspicious of any phone or e-mail contact that doesn’t use your first name or surname.
- Never dial a call return number–or reply to an e-mail–regarding any financial matter.