The Texas Credit Union League (TCUL) has been advised of a new phishing attack that targets credit union members. The attacks come in as an email urging members to update their data online. When members access the fraudulent site, their user credentials and account details are requested. Phishing is a high-tech scam that uses spam or pop-up messages to deceive unsuspecting consumers into disclosing their credit card numbers, bank account information, Social Security number, passwords, and other sensitive information. Phishers send an email or pop-up message that claims to be from a legitimate business or organization, and the message usually asks that the recipient update or validate his/her account information.
Scam Red Flags & Prevention Tips Scams are often hard to detect at a quick glance; however, these common red flags can help. Keep in mind…it is not uncommon for fraudsters to use intimidation tactics and urgent requests.
• Don’t always trust the display name - criminals will spoof the email name to appear to be a legitimate sender
• Check for misspelled words, bad grammar, and/or typos within the content
• Be cautious of clicking links and opening attachments – Don’t click unless you are confident of the sender or expecting the attachment
• Do not provide personal or account information when asked. Openly sharing information on social media can provide an identity thief with the necessary information to impersonate you or answer certain challenge questions.
• Do not share a one-time passcode sent via text or email to your device
• Check email salutations - many legitimate businesses will use a personal salutation
• Be suspicious of “urgent” or “immediate” response needed or “unauthorized login attempt” of your account
• Know that the IRS or Social Security Administration will never contact you by phone, email, text or social media
• Don’t believe everything you see. Brand logos, names and addresses may appear legitimate
• Be suspicious if the recipient group seems random or unusual (e.g., all last names begin with the same letter)
• Watch for emails or texts that appear to be a reply to a message that you didn’t actually send
• Monitor the sender’s email address for suspicious URLs & domains – often using similar letters and numbers
• If something seems suspicious; contact that source with a new email or phone call, rather than just hitting reply
• Be wary of offers that appear too good to be true, require fast action, or instill a sense of fear.
• Keep social media accounts private and be cautious who you’re connecting with. Never share anything related to your credit union account, transactional history, or identifying information in unprotected public forums
OnGuardOnline.gov provides practical tips from the federal government and the technology industry to help you be on guard against Internet fraud, secure your computer and protect your personal information.