Welcome to Global Credit Union

Mon - Fri

8 am - 6 pm

Fraud Prevention

Phraud Takes New Phorms

Technology brings us all kinds of convenience and entertainment. It also creates new ways for crooks to take advantage of consumers. The scams and the lingo change all the time. Here's an abbreviated technology fraud dictionary to keep you in the know:


This secretly plants a virus or malicious program in your computer and hijacks your web browser. Pharming crimeware misdirects users to fraudulent sites or proxy servers. When you type in the address of a legitimate Web site, you're sent to a fake site without knowing it. If you give your password or account information on the fake site, thieves will use your account fraudulently.


In this scam attempt, you receive an e-mail prompting you to reveal personal details--say, your Social Security number, passwords, or credit card information--by clicking on a link to a bogus Web page mimicking that of a legitimate company. These e-mails and linked sites used to have an amateurish look that was easy to spot; now, they often are indistinguishable from the real thing.

A clear tip-off that it's a fake--typically the greeting will be generic and not addressed to you by name. Another characteristic is a sense of urgency or alarm, say, that your account is about to be closed. Delete the message and report it to the credit union or other financial institution immediately.


This isn't new, but another scam aided by technology. Sometimes referred to as "social engineering," it occurs when someone tries to get personal private information without authority to do so. The scammer may ask for private information while impersonating an accountholder by phone, mail, e-mail, or even by phishing--using a phony Web site or e-mail to collect data.


The term "smishing" comes from SMS plus phishing (SMS stands for "short message service," used for mobile text messaging). You may receive a text message, seemingly from your credit union, stating that your account has been closed. To reactivate it, you're told to call a toll-free number and enter your account number and PIN.

Some messages also warn that you will be charged for an order unless you go to a Web site that then steals credit card numbers and other private data.


Spim is spam--unsolicited bulk e-mail--delivered by IM, instant messaging. Not yet as common as spam, it reaches more people all the time. IM can be especially useful for spammers and dangerous for recipients because they may be more likely to click on links, bypassing virus software available on computers. Block messages from anyone not on your buddy list as a defense.


A spoof is an attempt to fool. Web spoofing is the act of secretly tricking your Web browser into talking to a different Web server than you intend. E-mail spoofing involves forging an e-mail header to make it appear as if it came from somewhere or someone other than the real source. Either can seduce you into supplying information to an unintended recipient.

If you hold your mouse over a link, the status line displays the corresponding URL. Be suspicious if the status line URL is different from what you think you should see. If Web pages you're familiar with suddenly prompt you to fill in private information, think carefully before you comply. If possible, call or send mail to the official source to verify that this change is legitimate. As always, when in doubt, do not enter any information you feel uncomfortable providing.


Vishing uses Voice over Internet Protocol (VoIP) phones instead of a misdirected Web link to steal your personal information. Instead of an e-mail blast, the thieves use a "war dial" attack over a VoIP system to blanket an area. A recorded message tells you, for example, that your credit card has been breached and tells you to call a number immediately. The number connects to a VoIP phone that can recognize telephone keystrokes. When you dial, another message states "this is account verification; please enter your 16- digit account number."

The same rules apply--don't bite, and notify the "vished" entity right away. Even caller ID can be spoofed, so don't think you're secure if you believe the number looks legitimate. A similar telephone message can arrive by e-mail--again, don't bite.