We have received calls, members and non-members about a text message from "Madison Credit Union"…
Phishing Scams: Not Your Typical Catch and Release
Phishing scams are deceitful attempts by cyber criminals to acquire sensitive information, including but not limited to, passwords, credit card details, and personal data.
Phishing scams come in many communication forms. They are typically disguised as legitimate emails, text messages, phone calls, websites etc. Scammers create authentic looking content to exploit users. By posing as trusted entities, like banks, social media platforms, and government agencies, or even popular brands/companies like PayPal, consumers are deceived into believing what they are seeing (or hearing).
According to the 2023 FBI Internet Crime Report, phishing scams were the number one crime type with 298,878 complaints1. The report also states that citizens aged 60+ submitted the most complaints followed by citizens aged 30-39 and citizens aged 60+ incurred the most financial loss with a staggering $3.4 Billion1.
Recently, one of our members informed us of an attempted scam involving PayPal. PayPal has been a popular company that scammers use to disguise themselves. In this instance, a realistic looking email from “PayPal” was sent to the member stating that a payment was processing on their account and if they didn’t recognize the transaction, they should click the log-in button or call the customer support number listed. Once called, the “support specialist” then sent them a link to download an app.
Even confronted by the questions from the member, “How do I know you’re not the hacker?”, the scammer was quick to reply that he hadn’t asked for any personal information. Of course, what the scammer didn’t mention was that the app could hack the member’s phone and any information on it. Luckily our member was smart enough to not download the app and end the conversation.
Recognize the Signs and Stay Vigilant
Recognizing the signs and staying vigilant is key in safeguarding against these malicious tactics and protecting oneself from falling victim to identity theft or financial fraud.
Phishing is a job, and scammers are always looking for ways to be better at it. They will attempt to manipulate their victims by using false reassurance and quick responses. They will continue to improve their methods to trick their victims into divulging personal information or gaining access to someone’s personal accounts.
When dealing with unverified emails, texts, or phone calls, you should always proceed with caution. If you receive a message or phone call that you are unsure about, the best practice is to take a moment to think about it. Does it make sense? Do you use PayPal? Are you expecting a package from UPS (another popular scam)?
If you doubt a phone call, hang up. If you doubt an email or text, go to the company’s website directly and call them using the phone number provided on their official website to inquire about a message you received.
Never, EVER download an app, file, or other document provided by a “help desk personnel” that you aren’t 100% sure is legitimate. In fact, we recommend not clicking on any log-in buttons, before knowing if the email is authentic.
Furthermore, never EVER send money before confirming the contact message is legitimate. Common phishing scams encourage consumers to send money via wire transfer, bitcoin, gift cards, or Cash App. This is a HUGE red flag. Do not send money this way, as there is no way to get the money back once it’s sent.
According to the FTC’s Consumer Sentinel Network Data Book for 2023, about 1 in 5 people lost money due to imposter scams2.
Phishing scams can be hard to detect, but here are some things to look out for:
- Spelling and/or grammatical errors
- Fuzzy logos and images
- Disguised or suspicious links
- Urgent demands and time frames or threats
- Unknown phone numbers or weird zip code
Again, if you’re ever unsure, the best thing to do is hang up and block the number or delete the email so you don’t accidentally click on something that could put you at risk of leaking personal data. If you’re concerned about whether a transaction was posted on your account, feel free to give us a call.
PayPal has an informational post on phishing scams and what to look out for to determine if the message was from them or not. Click here to view their blog post.
To Recap
Scammers are smart and are always finding new ways to scam. They prey on emotions and are masters of manipulation. Watch out for red flags and think before you act. We are committed to educating our members and keeping your finances safe. If you are ever unsure, hang up, block, delete and feel free to give us a call (608-266-4750).
Continued Awareness
There are many other types of phishing scams happening. Scammers are smart. They pay attention to current events and the latest technology. With the continual conversation of student loan forgiveness, scammers are posing as debt relief companies to prey on hopeful students. Additionally, scammers are using AI to impersonate family, friends, or acquaintances to trick people. To learn more about the different types of scams out there, here are other great articles by trusted sources:
- The Latest Scams You Need to Be Aware of in 2024- Experian – Experian
- What are some common types of scams? | Consumer Financial Protection Bureau (consumerfinance.gov)
- 20 types of phishing attacks + phishing examples – Norton
- How to Recognize and Avoid Phishing Scams | Consumer Advice (ftc.gov)
1 2023_IC3Report.pdf
2 CSN Annual Data Book 2023 (ftc.gov)
How to Detect Phishing Scams | PayPal US