Money Minutes | General Electric Credit Union Blog | Financial Resources

 

Phishing and How to Recognize It

Jun 25, 2018 | 4 minute read

Phishing and how to recognize it image

What is Phishing?

Phishing is a cyber attack used to obtain personal or financial information, including login credentials and credit card numbers. It occurs when an attacker, disguised as a trusted entity, tricks their victim into opening an email, phone call, text message, or even a direct message through social media. These emails or messages typically include a malicious link, and when clicked, the victim unknowingly installs a virus or malware on their computer or device.

How to Spot a Phishing Scam:

  • You receive an email, text, or phone call claiming to be your financial institution or other business you regularly deal with, asking you to update or verify your contact information.
  • An email or text you receive does not address you by your proper name or includes spelling errors and grammatical mistakes.
  • The website address, or URL, appears to be different from what you’re used to.
  • There are strange icons on your computer screen or you notice your system is significantly slower than usual.
  • An email, text message, or phone call is received from an unusual sender.
  • You receive an email or offer asking you to act fast to take advantage of a prize or giveaway.

 To Protect Yourself:

  • Do not click on links or open attachments from emails claiming to be from your financial institution or other trusted organization that ask about your personal information – just delete!
  • Limit the information you share on your social media profiles (birthdate, phone number, address, etc.); the more information you share, the more information available to scammers.
  • If an email seems suspicious, search the internet for similar messages; enter the exact verbiage you received in email or message to see if anyone else has reported similar scams.
  • Ensure you see a secure symbol when browsing websites online. Secure websites can be identified by ‘https’ rather than ‘http’ and you’ll notice a closed padlock in the address bar. Legitimate, secure websites that ask you to enter your information are generally encrypted to secure your personal information.
  • Never provide your personal, credit card, or online account details if you receive a phone call, email, or text message claiming to be your financial institution or other organization. Instead, ask for their name and phone number, hang up, and call back to ensure you reach the proper business.

If You Fall Victim:

  • If you downloaded an attachment, turn off Wi-Fi and disconnect your computer from the internet. This will remove the attackers access to your computer.
  • Take the time to change your passwords and security questions for your online accounts. You can also review accounts for any unauthorized account activity.
  • Report the scam to the company in which attacker impersonated.
  • Scan your computer for viruses or malicious malware; these programs will check and alert you about files that may have been infected.
  • Watch for signs of identity theft. For instance, if you provided your financial information or other personal data (social security number or credit card number), keep a close eye on your bank and credit card accounts online or by reviewing your statements. You’ll want to watch for unusual withdrawals or purchases. You may also want to notify each of the three major credit bureaus.
  • Immediately contact your financial institution or credit card company of any associated accounts you believe may have been affected by a phishing scam or fraud.
  • Report any phishing attempts to the Anti-Phishing Working Group at: reportphishing@apwg.org or the Federal Trade Commission (FTC) at: ftc.gov.

Falling for a phishing scam can happen to anyone, especially as attackers become more sophisticated in their tactics. The key is to be vigilant and practice good computer, device, and internet use.

As a reminder, General Electric Credit Union (GECU) will never initiate a phone call, email, or a text asking you to update, validate, or provide us with your personal information. Don't give out personal information over the phone or website, unless you know it is secure and you initiated the contact.

With anything, always think safety first!

Additional Resources: