Their names may sound funny, but their financial consequences are not: â€œPhishing,â€ â€œsmishingâ€ and â€œvishingâ€ are just a few of the ways criminals can gain access to your financial or personal information via your computer or smartphone.Â
These attacks rely on the same basic strategy: To trick you into providing your financial or personal information â€“ often by masquerading as a trusted source such as your bank, credit card company, friend, relative, or even a government agency. If youâ€™re not careful, scam artists can use such ill-begotten information to make unauthorized purchases, access your bank account, or potentially commit identity theft.
Unfortunately, every time the authorities plug one hole, crafty criminals figure out new ways to trick unsuspecting victims. And they seem to have no boundaries: As I reported in Protect Your Kids from Identity Thieves, some now even steal childrenâ€™s Social Security numbers, ruining their credit long before theyâ€™ve opened a single account.
Beware of these phishing scam tactics:Â
Email phishing: This is where you receive an email, purportedly from a trusted source, that asks you to supply or confirm account information, log-in IDs, or passwords. These imposters are attempting to trick you into divulging your information, often by trying to create a sense of urgency and panic; for example, saying your account will be frozen if you donâ€™t respond.
Legitimate organizations rarely, if ever, ask you to verify sensitive information through a non-secure means like email. When in doubt, look up the organizationâ€™s phone number separately and call to verify the legitimacy of the request. And avoid clicking on links in unsolicited emails, which could install malicious software on your computer. Similarly, never open any attachments unless you can confirm their legitimacy.Â
SMiShing (for â€œShort Message Serviceâ€ phishing): Like phishing, only it uses text messages sent to your cellphone. Even if you donâ€™t click on any links or share information, just by responding youâ€™re verifying that your phone number is valid, which means it could be sold to others who will try to trick you into their own scams.
Vishing (for voice phishing): Here a live or automated caller claiming to contact you on behalf of a trusted source will ask you to provide personal, payment, or account information under the pretext of clearing up a problem (like theft or overdrawn accounts). If you receive such a call, proceed with caution.
Donâ€™t rely on what youâ€™re told or the name displayed on caller I.D.Â Instead, hang up, look up the organizationâ€™s number separately and verify the legitimacy of the request. I program important customer service phone numbers â€“ but not account numbers â€“ into my cell phone in case Iâ€™m traveling.
Forewarned is forearmed.Â Know what to watch and listen for when scrolling through your email, reading your text messages or answering the phone:
- Consider all requests for personal or financial information to be suspicious.
- Be cautious about clicking on links in unsolicited emails or text messages.
- Check the legitimacy of any inquiry requesting your personal or payment information by looking up the companyâ€™s phone number separately and calling to verify the request. (Just because an email bears a companyâ€™s logo or a caller claims to represent an organization you trust, it doesnâ€™t guarantee legitimacy.) Â
- Watch for typos and bad grammar. These are warning signals that an email or text message may be fraudulent.
- Use spam blockers and keep your anti-virus software up to date.
- Watch for pushy tactics. If youâ€™re asked to verify or provide information immediately or urgently, be suspicious.
For more tips on protecting personal and account information and preventing online fraud, visit:
- The National Cyber Security Allianceâ€™s StaySafeOnline.org.
- The FBIâ€™s Be Crime Smart page, which highlights the latest scams and tells you how to report crime and fraud.
- The Federal Trade Commissionâ€™s ID Theft, Privacy and Security page, which contains extensive information about identity theft, privacy and information security.Â
- My employer, Visa Inc., has developed an interactive graphic showing what an email phish can look like and offering tips on how to catch a phish. VisaSecuritySense.com also features fraud prevention tips and news on the latest scams.
Phishing, smishing, and vishing scams come in many disguises. Always exercise extreme caution when providing personal or payment information and only do so after youâ€™ve confirmed the legitimacy of the request. Scam artist preys on the goodwill, trust and â€“ sometimes â€“ carelessness of consumers to get the valuable information they need.
ThisÂ article is intended to provide general information and should not be considered legal, taxÂ or financial advice. It’sÂ always a good idea to consult a legal, taxÂ or financial advisor for specific information on how certain laws apply to you and about your individual financial situation.
Â Follow Jason Alderman on Twitter: http://twitter.com/PracticalMoney
Jason Alderman is Senior Director, Global Financial Education, with Visa, Inc.
Views expressed are the personal views of the author, and do not represent the views of the National Foundation for Credit Counseling, its employees, its members, or its clients.