two pairs of feet standing on a sidewalk


Protect Yourself from New Forms of Fraud

Protect Yourself from New Forms of Fraud

Technology brings us all kinds of convenience and entertainment. It also creates new ways for criminals to take advantage of consumers. The scams and the lingo change all the time. Here's an abbreviated technology fraud dictionary to keep you in the know:

This type of fraud secretly plants a virus or malicious program in your computer and hijacks your web browser. Pharming crimeware misdirects users to fraudulent sites or proxy servers. When you type in the address of a legitimate website, you're sent to a fake site without knowing it. If you give your password or account information on the fake site, thieves can use your account fraudulently.

In this scam attempt, you receive an e-mail prompting you to reveal personal details – like your Social Security number, passwords, or credit card information – by clicking on a link to a fake webpage mimicking that of a legitimate company. These emails and linked sites are often indistinguishable from the real thing.

If the message contains a generic greeting or has a sense of urgency or alarm, this may indicate a fraudulent message. Delete the message and report it to the credit union or other financial institution immediately.

Sometimes referred to as "social engineering," this occurs when someone tries to get personal information without authority to do so. The scammer may ask for private information while impersonating an account holder by phone, mail, e-mail, or even by phishing – using a fake website or email to collect data.

The term "smishing" comes from SMS plus phishing (SMS stands for "short message service," used for mobile text messaging). You may receive a text message, seemingly from your credit union, stating that your account has been closed. To reactivate it, you're told to call a toll-free number and enter your account number and PIN.

Some messages also warn that you will be charged for an order unless you go to a Web site that then steals credit card numbers and other private data.

Spim is spam – unsolicited bulk email – delivered by IM (instant message). IM can be especially useful for spammers and dangerous for recipients because they may be more likely to click on links, bypassing virus software available on computers. Block messages from anyone not on your contact list as a defense.

A spoof is an attempt to fool. Web spoofing is the act of secretly tricking your web browser into talking to a different web server than you intend. Email spoofing involves forging an email header to make it appear as if it came from somewhere or someone other than the real source. Either can coax you into supplying information to an unintended recipient.

If you hold your mouse over a link, the status line displays the corresponding URL. Be suspicious if the status line URL is different from what you think you should see. If websites you're familiar with suddenly prompt you to fill in private information, think carefully before you comply. If possible, call or send an email to the official source to verify that this change is legitimate. When in doubt, do not enter any information you feel uncomfortable providing.

Vishing uses Voice over Internet Protocol (VoIP) phones instead of a misdirected link to steal your personal information. Instead of an email blast, the thieves use a "war dial" attack over a VoIP system to blanket an area. A recorded message tells you, for example, that your credit card has been breached and asks you to call a number immediately. The number connects to a VoIP phone that can recognize telephone keystrokes. When you dial, another message states "this is account verification; please enter your 16- digit account number."

If you suspect this type of fraud, notify the "vished" entity right away