Don’t be a catch for phishers

Phishing attacks – attempts by criminals to obtain other people’s personal and financial information through electronic means – surged in the country last year. Many phishing schemes take place through email or social media posts where the perpetrator tries to pry the information from a link to a legitimate-looking website.

Variations of this fraud are vishing (attacks through phone calls) and SMiShing (text message scams).

Some common tactics of phishing schemes include:

  • Pretending to be a financial institution or government agency to gain trust of the victim.
  • Lying about needing personal information to give away a prize.
  • Threatening a victim that his or her security could be on the line if he/she does not give up vital information.

Phishing attacks often come unsolicited, so if you see an email from a random unknown account, the best course of action is to delete it immediately. Also, these attacks may address you as “Account Holder” or “Sir” or “Madam” instead of by your actual name. Do not click on attachments in a suspicious email, as they may contain a malicious executable file that looks like a PDF that infects your computer with malware. Arsenal and other legitimate institutions will never ask for pertinent information through email, automated phone calls or text messaging.

Some of the most important information you should never share includes:

  • Account, debit and credit card numbers
  • Social Security and driver’s license numbers
  • Passwords/PINs/Access codes
  • Date of birth
  • Mother’s maiden name

If you have any questions about phishing, fraud or identity theft, we offer a comprehensive list of educational materials at ArsenalCU.org and in the member resource centers located in our branches.