Phishing is a specific type of fraud that uses email or text messages to steal passwords, account numbers, or personal information. If they get that information, they could access your email, bank, and other accounts. Or they could sell your information to other scammers and steal your identity.

Remember, no legitimate representative of Kirtland Credit Union will ever ask you for your PIN, password, or passcode.

How do I know if an email or text message is a scam?

• Look for misspelled words and other grammatical errors, although this clue is less common as scammers become more sophisticated.
• Take a name or some text from the message and put it into a search engine to see if any known phishing attacks using the same methods exist.
• Mouse over the link to see if it’s legitimate, or navigate to the provided link manually by entering the legitimate website address into your browser.
• Before logging in to any secure site, check to ensure the Lock or Key icon is displayed in your browser. These symbols indicate that the page you are using will protect and keep confidential any data sent from your computer.
• Sometimes, the return address on Phishing messages is ” spoofed” or made to appear as an address different from the sender’s actual address. Never rely on the return address to identify the sender, even if it seems the message came from a trusted source. Remember, Kirtland CU will never call or email you to ask for account information.

Bogus websites that look legitimate and ask you to provide personal information.

This can happen when you enter a legitimate website, but your browser is redirected to a bogus location that resembles it to collect your personal information.

There are many techniques thieves use to install malicious programs on your devices. The programs capture your keystrokes and network traffic to steal personal information, including user IDs and passwords.

If they get your laptop, smartphone, or another device, thieves can use any unsecured data to discover passwords and access accounts.

Skimming is a type of payment card fraud.  It’s a way of stealing PINs and other information from credit and debit cards using a device where people insert or swipe their cards to complete a transaction.  ATM machines, gas pumps, and point-of-sale (POS) terminals are the most common.

Old Approach:

• Lost or stolen possessions: Thieves could break into your home and vehicle or opportunistically pick up your wallet, phone, mail, and other documents or possessions that have your personal information.

• Dig through mail and trash in search of bank and credit card statements, preapproved credit card offers, tax information, and other documents that may contain personal details.

• Fill out change-of-address forms to forward mail, which generally contain personal and financial information;

New Approach

• Filling out an application for a fake job listed on a legitimate platform like ZipRecruiter, Indeed, and Craigslist.
• “Card Skim”  Skimming devices can be attached to card readers to steal information from debit and credit cards and make copies of your card.
• Unsecured browsing: If you use an unsecured Wi-Fi network or enter information into an unsecured or scam website, attackers could snoop on your activity or try to install malware onto your device.
• Data breaches could expose your personal information, which the attackers might use or sell on the dark web.
• “Phish” for electronic information with phony emails, text messages, and websites that are solely designed to steal sensitive information.
• Pose as a home buyer during open houses or a handyperson to gain access to sensitive information casually stored in unlocked drawers.
• Vulnerability.  Personally, providing personal information to an untrustworthy caregiver, roommate, friend, family member, or someone you just met.