What is SMiShing?

“SMiShing” is really just another form of Phishing, and occurs when a fraudster sends you a SMS/text message asking you to provide sensitive, personal, and/or financial information via a web link and false website, or a telephone number. The messages could appear to be from your wireless provider, financial institution or from some another entity you do business with. Please note that West Branch Valley Federal Credit Union will never ask you to “confirm” or “verify” your sensitive personal information in an unsolicited SMS text message.

The most common examples of SmiShing occur when fraudsters send text messages posing as a customer’s financial institution or other business that might have access to sensitive personal information. The messages often attempt to alarm the customer. It may threaten dire consequence if you don't respond immediately. The message may direct you to a toll-free number or website that looks just like a legitimate institution’s number, but in fact it is not. Once you have called the number or clicked on the email link, they may ask you to “verify” your sensitive information such as credit card number account number and expiration date; your Social Security Number, Bank Account Number and pass code, etc.

Examples of fraudulent SMiShing messages:

Ø      Credit Union N.A. Please call us immediately at 1-888-xxx-xxxx regarding a recent restriction placed on your account. Thank you.

Ø      Alert!! Honolulu City & County Employees has limited your account pending verifications. Contact us NOW at 213-xxx-xxxx.

Steps to take if you receive a text message that asks for sensitive information:

Ø      Do not reply to the message.

Ø      Do not click on any of the links that may be embedded in the message.

Ø      Contact your financial institution, or other entity you do business with directly to determine if they sent you a legitimate request.

Ø      Contact your wireless provider’s fraud department to report the fraudulent text message.

If you believe that you have been a victim of a SMiShing scam, you should file a complaint at http://www.ftc.gov, and then visit the FTC Identity Theft Web site at http://www.ftc.gov/idtheft to learn how to minimize your risk of damage from identity theft.

 

ID Fraud Information - for more information visit OnGuardOnline.gov, OnGuardOnline.gov provides practical tips from the federal government and the technology industry to help you be on guard against Internet fraud, secure your computer, and protect your personal information. Below are some helpful tips as recommended by our government.

It is important to protect your personal information, and to take certain steps quickly to minimize the potential damage from identity theft if your information is accidentally disclosed or deliberately stolen:

• Close compromised credit card accounts immediately.
• If someone steals your social security number (SSN), contact one of the three nationwide consumer reporting agencies — Equifax, Experian, or TransUnion — and place an initial fraud alert on your credit reports.
• Monitor your credit report. Keep in mind that fraudulent activity may not show up right away.
• Consult with your financial institution about handling the effects on bank or brokerage accounts.
• Contact relevant government agencies to cancel and replace any stolen driver's licenses or other identification documents, and to “flag” your file.
• Watch for signs of identity theft: late or missing bills, receiving credit cards that you did not apply for, being denied credit or offered less favorable terms for no apparent reason, or getting contacted by debt collectors or others about purchases you did not make.

Identity Theft: What To Do If Your Personal Information Has Been Compromised

The bottom line for online threats like phishing, spyware, and hackers is identity theft. ID theft occurs when someone uses your name, Social Security number, credit card number or other personal information without your permission to commit fraud or other crimes. That is why it is important to protect your personal information.

If your personal information is accidentally disclosed or deliberately stolen, taking certain steps quickly can minimize the potential for the theft of your identity.

If the Stolen Information Includes Your Financial Accounts

Close compromised credit card accounts immediately. Consult with your financial institution about whether to close bank or brokerage accounts immediately or change your passwords and have the institution monitor for possible fraud. Place all passwords on any account in a secure location. Avoid using your mother's maiden name, your birth date, the last four digits of your Social Security number (SSN) or your phone number, or a series of consecutive numbers.

If the Stolen Information Includes Your Social Security Number

Call the toll-free fraud number of any one of the three nationwide consumer reporting companies and place an initial fraud alert on your credit reports. This alert can help stop someone from opening new credit accounts in your name.

Equifax: 1-800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241

Experian: 1-888-EXPERIAN (397-3742); www.experian.com; P.O. Box 2002, Allen, TX 75013

TransUnion: 1-800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790

An initial fraud alert stays on your credit report for 90 days. When you place this alert on your credit report with one nationwide consumer reporting company, you will receive information about ordering one free credit report from each of the companies. It is prudent to wait about a month after your information was stolen before you order your report. That is because suspicious activity may not show up right away. Once you get your reports, review them for suspicious activity, like inquiries from companies you did not contact, accounts you did not open, and debts on your accounts that you cannot explain. Verify that information — such as your SSN, address(es), name or initials, and employers — is correct.

If the Stolen Information Includes Your Driver's License or Other Government-Issued Identification contact the agencies that issued the documents and follow their procedures to cancel a document and get a replacement. Ask the agency to “flag” your file to keep anyone else from getting a license or another identification document in your name.

Once you have taken these precautions, watch for signs that your information is being misused. For example, you may not get certain bills or other mail on time. Follow up with creditors if your bills do not arrive on time. A missing bill could mean an identity thief has taken over your account and changed your billing address to cover his tracks. Other signs include:

• receiving credit cards that you did not apply for;
• being denied credit, or being offered less favorable credit terms, like a high interest rate, for no apparent reason; and
• getting calls or letters from debt collectors or businesses about merchandise or services you did not buy.

Continue to read your financial account statements promptly and carefully, and to monitor your credit reports every few months in the first year of the theft, and once a year thereafter. For more information on getting your credit reports free once a year or buying additional reports, read Your Access to Free Credit Reports.

If your information has been misused, file a report about your identity theft with the police, and file a complaint with the Federal Trade Commission at www.consumer.gov/idtheft. Read Take Charge: Fighting Back Against Identity Theft for detailed information on other steps to take in the wake of identity theft.