Scammers are always finding new ways to trick people into giving up their personal or financial information. As your financial partner, we employ a full-time, specially trained staff that helps us protect your accounts. And because safeguarding your information takes teamwork, we need you to do your part, too. Remember to take advantage of the security updates and financial wellness resources we offer to keep security top of mind.
What is Phishing?
Phishing is a type of online scam where fraudsters impersonate legitimate organizations to trick you into providing sensitive information like passwords, checking account numbers, or Social Security numbers. They may use this information to commit fraud, steal your identity, or gain access to your financial accounts.
Phishing can occur through different channels, such as:
- Email: Scammers will send fake emails that look like they’re from trusted companies or organizations, asking you to click on links or provide personal information.
- Text messages: Scammers send text messages urging you to click on a link or respond with personal information.
- Phone calls: Fraudsters pretend to be from a reputable organization to convince you to share sensitive information.
Read below about a common scam on the rise to learn more about what you can do to help keep you and your wallet safe.
Phishing for Verification Codes
If you have a smartphone, you’re likely well aware of how you can use your device to pay. Simply link a financial account or card to the digital wallet and tap away when you’re checking out at a store or even shopping online.
These digital payment methods make purchasing quick and easy, which makes them the perfect target for scammers. Because of this, it’s important to utilize all the security features these digital tools offer and stay informed about how to protect yourself.
Below is an outline of a common scam we’ve seen related to these payment tools:
- A scammer gets ahold of your financial account or card information.
- They use the information to set up a digital wallet, like Google Pay™ or Apple Pay®.
- Because these digital wallets typically require a verification code to finalize the setup of a new card, the scammer needs to get that code.
- The scammer contacts you, pretending to be your financial institution. They say they’re contacting you to verify account activity or provide important account information, but first you need to confirm your identity.
- You agree to confirm your identity and the scammer says they’ll send you a verification code via text. They then request the verification code from the digital wallet, knowing that it’ll likely send a text to the legitimate cardholder or accountholder – you.
- You receive the text and provide it to the scammer, thinking that they’re a representative from your financial institution.
- The scammer uses the code to finalize the setup of your card as a payment method in their digital wallet and begins to make fraudulent purchases with the card.
Learn the Red Flags
While individual incidents may vary, there are certain red flags that appear in many types of fraud. Warning signs include:
- A sense of urgency: The person calling you may pressure you to act quickly and hurry through their communication with you, growing annoyed and impatient with any questions you ask.
- A suspiciously familiar phone number or email address: It’s easy to spoof a phone number or email address, making it look like the call or email is coming from a different individual. If not an exact match, scammers may create numbers or addresses that are just slightly different than the one you’re used to seeing from your financial institution.
- A threat of legal action: Scammers apply pressure to act by threatening legal action or implying that you’ll be in trouble if you don’t provide the requested information.
Steps to Keep Yourself Safe
- Don’t give out personal or financial information. Whether by phone or email, don’t provide sensitive information like a Social Security number, financial account information, or the verification codes mentioned above to anyone who contacts you. At PSECU, we won’t request this information from you in a call that we initiate. If you receive a communication from someone stating they represent PSECU and requesting this information, do not engage. Call PSECU directly at the number(s) published on our website and let us know about the call. We’ll work with you to ensure your account is secured.
- Utilize security features. From mobile apps to debit card transactions and everything in between, make use of the security features available to you to help safeguard your information. Use strong passwords that aren’t easy to guess, don’t use the same password for every account, and change your password regularly. If you’re a PSECU member, you can also get regular updates on your account activity by signing up for free account alerts that will notify you via email or text when deposits, withdrawals, and more occur on your account.
- Trust your instincts. If something seems off, trust your gut. Don’t let someone convince you to provide them with sensitive information. Contact your financial institution and other vendors directly if you receive any communications claiming to represent them. They’ll be able to check their records to see if a legitimate representative reached out.
Stay on Top of Account Security
The world of fraud is constantly evolving, so it’s important that you stay informed about how to keep your personal and financial information safe. To learn more about what to watch for and steps you can take to stay secure, visit the Fraud section in our Resource Center.
Google is a trademark of Google Inc.
Apple is a trademark of Apple Inc., registered in the U.S. and other countries.