Phishing, Vishing and Smishing
The term “Phishing" – as in fishing for confidential information - refers to a socially engineered scam that encompasses fraudulently obtaining and using an individual's personal or financial information through an electronic mean. This is how it works:
- A consumer receives an e-mail which appears to originate from a financial institution, government agency, or other well-known/reputable entity.
- The message describes an urgent reason you must "verify" or "re-submit" personal or confidential information by clicking on a link embedded in the message.
- The provided link appears to be the Web site of the financial institution, government agency or other well-known/reputable entity, but in "phishing" scams, the Web site belongs to the fraudster/scammer.
- Once inside the fraudulent Web site, the consumer may be asked to provide Social Security numbers, account numbers, passwords or other information used to identify the consumer, such as the maiden name of the consumer's mother or the consumer's place of birth.
The term "vishing" is a socially engineered technique to gain access to private and personal financial information from consumers using the telephone network. The term comes from combining "voice" with
"phishing," which are online scams that get people to give up personal information. Vishing is typically used with Caller ID spoofing. Spoofing is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage. The number on the caller ID is a spoofed ID, which means the fraudster is using someone else’s ID for this scam.
While consumers have learned to be suspicious of phishing scams that involve solicitations for personal financial information directly over the internet, they are still easily persuaded to divulge that information when called directly or when an email instructs them to call a specific number.
Smishing is a form of criminal activity using social engineering techniques similar to phishing. The name is derived from "SMs pHISHING". SMS (Short Message Service) is the technology used for text messages on cell phones.
Similar to phishing, smishing uses cell phone text messages to deliver the "bait" to get you to divulge your personal information. The "hook" (the method used to actually "capture" your information) in the text message may be a web site URL, however it has become more common to see a phone number that connects to automated voice response system.
Text messaging is the most common non-voice use of a mobile phone. There are trillions of text messages received around the world each day, and an increasing number of them are spam, or phishing attacks of some sort.
Report Suspicious Activity…….
If you encounter a suspicious email, website, phone call or text message, do not respond to it or click on any links. Report suspicious activity or forward suspicious emails to