|
Security
– Phishing Scams
 What
is a phishing scam?
In a phishing (pronounced “fishing”)
scam, an email is drafted to appear
to be from a financial institution
or other trusted service provider.
It is intended to look as close to
being "official" as possible,
usually incorporating the logo, etc.
from the company, and in many cases
including some of the same photos
found on the company’s web site.
A phishing email typically explains
that due to some type of identity
theft attempt, it is important that
customers/members now log in (using
a link provided) and provide information
to confirm their account ownership.
It is usually further accompanied
by a threat that they may lose access
to their account if they do not respond
soon.
| Arizona
Federal will never send
you an unsolicited email asking
you to verify an account
number, card
number, PIN,
or other sensitive information. |
The link, while it may look official
and genuine, is anything but. By clicking
on the link, the recipient is taken
to a phony web site which is also
created to look as close to the company’s
site as possible, with a phony login
button. Once an account number and
password are entered, they are now
captured into a database behind the
scenes (for future fraudulent use).
Further, the next page will ask the
victim to confirm their credit or
check card number, expiration date,
CVV code, ATM PIN, etc. - everything
that a crook would need to make a
counterfeit card. Believe it or not,
thousands of people fall for these.
 What
can I do to avoid being victimized
by phishing scams?
First off, please note that Arizona
Federal will never send you an unsolicited
email asking you to verify an account
number, card number, PIN, or other
sensitive information.
Be suspicious of unsolicited email
that you do receive from other companies.
Phishing emails usually have some
sort of threat of consequence (i.e.,
“act now or else…”)
to encourage victims to act quickly
and without thinking through their
actions. They often also contain spelling
and/or grammar errors as many originate
in foreign countries. They will also
request that you provide sensitive
account information, including password,
account number, PIN, etc. If you’re
ever suspicious of an email you’ve
received from a company you do business
with, call them – using a number
provided on your monthly statement
or from a public source (commercial,
etc.).
If you do receive a phishing attempt
by email, do not
follow the instructions and provide
your account information. Instead,
forward the email to the Federal Trade
Commission at spam@uce.gov. Or, you
can report it by phone by calling
877.IDTHEFT (877-438-4338). Most of
these sites are shut down within days,
but that may be all it takes to gather
a few thousand credit card numbers.
If you receive an attempt that is
portraying Arizona Federal, please
forward it to member.services@azfcu.org
so that we can act quickly to take
their site down. You may also contact
us at 602-683-1088 if you ever receive
anything from us online that you are
suspicious of.
Here
is an actual phishing scam sent recently:
 |
| |
Dear Visa customer,
Before activating your
card, read this important information
for cardholders!
You have been sent this invitation
because the records of Visa
Corporate indicate you are a
current or former Visa card
holder. To ensure your Visa
card's security, it is important
that you protect your Visa card
online with a personal password.
Please take a moment, and activate
for Verified by Visa now.
Verified by Visa protects your
existing Visa card with a password
you create, giving you assurance
that only can use your Visa
card online.
Simply activate your card and
create your personal password.
You'll get added confidence
that your Visa card is safe
when you shop at participating
online stores.
|
For
more information, you may find the
following web sites to be valuable:
Office
of the Comptroller of the Currency
(OCC)
Anti-Phishing
Work Group
Read
another article |
Print
Page
