Main Blog Article Content
It has come to our attention that scammers, representing themselves as Power Financial Credit Union, have attempted to use “spoofed” text messages and calls from the credit union to get members to share sensitive information to gain access to their account.
Unfortunately, there are many types of common scams, but these are two that our members have been targeted with recently.
Typical Phishing and SMishing scenario:
Posing as a credit union fraud department employee, the scammer sends a spoofed email or text message to a member alerting them to suspicious debit card activity. Instructions urge the member to reply to the original message with account details, such as card numbers, CV2 codes, PINs, or other online account credentials. Phishing and SMishing gives the scammer valuable data they can use to make unauthorized charges or access the member’s account.
Example of a Smishing Text Sent to a Member
Typical Vishing scenario:
Posing as a credit union representative, the scammer contacts the member using a spoofed phone number. The caller claims they need to discuss an important matter, but they must first confirm the member’s identity. The scammer is already on the credit union’s online banking website and informs the member they need them to provide the PIN or One-Time Passcode (OTP) sent to the member’s phone or answer security questions.
Vishing allows the scammer to use the information provided by the member to complete the login. They proceed to lock the member out of their account by changing the online banking password. The fraudster then transfers funds from the member’s account, using Zelle for example, before vanishing without a trace.
Tips to protect yourself from credit union impersonation scams:
Unfortunately, there are many types of common scams, but these are two that our members have been targeted with recently.
Typical Phishing and SMishing scenario:
Posing as a credit union fraud department employee, the scammer sends a spoofed email or text message to a member alerting them to suspicious debit card activity. Instructions urge the member to reply to the original message with account details, such as card numbers, CV2 codes, PINs, or other online account credentials. Phishing and SMishing gives the scammer valuable data they can use to make unauthorized charges or access the member’s account.
Example of a Smishing Text Sent to a Member
Typical Vishing scenario:
Posing as a credit union representative, the scammer contacts the member using a spoofed phone number. The caller claims they need to discuss an important matter, but they must first confirm the member’s identity. The scammer is already on the credit union’s online banking website and informs the member they need them to provide the PIN or One-Time Passcode (OTP) sent to the member’s phone or answer security questions.
Vishing allows the scammer to use the information provided by the member to complete the login. They proceed to lock the member out of their account by changing the online banking password. The fraudster then transfers funds from the member’s account, using Zelle for example, before vanishing without a trace.
Tips to protect yourself from credit union impersonation scams:
- If a situation feels off, it probably is. Trust your instincts and investigate.
- Never trust caller ID as caller ID may be modified to show your financial institution’s name.
- Never click on links in or respond to unsolicited emails or texts.
- Contact us at 800-548-5465 to verify the legitimacy of a request.
- Never share account passwords, PINs, one-time passcodes, Social Security numbers, or credit and debit card numbers. PFCU will NEVER call you and ask for your sensitive information.