Stay Alert, Stay Secure

 
Our Security Center is designed to help you be aware of how we’re working hard to keep your personal and financial information safe, and to help you know what to consider suspicious activity to ensure you don’t get caught in a scam.

Top of Mind Topics  
  • Email
  • Phishing
  • Mobile Fraud
  • Malware
  • Vishing
  • Smishing
  • Twishing
 
Email Scams
Some email users have lost money to bogus offers that arrived as spam in their in-box. Con artists are very cunning; they know how to make their claims seem legitimate. Some spam messages ask for your business, others invite you to a website with a detailed pitch.  
Download More Details
 
Phishing
In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.  
Download More Details
 
Mobile Fraud
Mobile Banking has made it easier than ever to check your account balance, view transactions, and pay bills, right from the palm of your hand. By taking the following steps to protect your mobile phone, you can make sure that you're taking steps to keep your information safe and secure.  
Download More Details
 
Malware
Malware, short for malicious software, is software designed to secretly access a computer system without the owner's informed consent.  
Download More Details
 
Vishing
Vishing is the criminal practice of using social engineering over the telephone system, most often using features facilitated by Voice over IP (VoIP), to gain access to private personal and financial information from the public for the purpose of financial reward. The term is a combination of "voice" and phishing.  
Download More Details
 
Smishing
In computing, Smishing is a form of criminal activity using social engineering techniques similar to phishing. The name is derived from "SMS Phishing." SMS (Short Message Service) is the technology used for text messages on cell phones.  
Download More Details
 
Twishing
Twishing is the act of sending a message to a Twitter user in an attempt to obtain his or her name and password. The message may instruct the recipient to visit a website where he or she is asked to log in. The website, however, is bogus and set up only to steal the user's information.  
Download More Details
Email Scams

 

Some email users have lost money to bogus offers that arrived as spam in their in-box. Con artists are very cunning; they know how to make their claims seem legitimate. Some spam messages ask for your business, others invite you to a website with a detailed pitch. The following tips can help you avoid spam scams:

 

  • Protect your personal information. Share credit card or other personal information only when you're buying from a company you know and trust.
  • Know who you're dealing with. Don't do business with any company that won't provide its name, street address, and telephone number.
  • Take your time. Resist any urge to "act now" despite the offer and the terms. Once you turn over your money, you may never get it back.
  • Read the small print. Get all promises in writing and review them carefully before you make a payment or sign a contract.
  • Never pay for a "free" gift. Disregard any offer that asks you to pay for a gift or prize. If it's free or a gift, you shouldn't have to pay for it. Free means free.

 

While some consumers find unsolicited commercial email—also known as "spam"—informative, others find it annoying and time consuming. Still others find it expensive; they're among the people who have lost money to spam that contained bogus offers and fraudulent promotions.

 

Many Internet service providers and computer operating systems offer filtering software to limit the spam in their users' email in-boxes. In addition, some old-fashioned "filter tips" can help you save time and money by avoiding frauds pitched in email. OnGuard Online wants computer users to screen spam for scams, send unwanted spam on to the appropriate enforcement authorities, and then hit delete. 10 common spam scams are:

 

 

Here's how to spot these 10 common spam scams.

 

1. The "Nigerian" Email Scam

 

The Bait: Con artists claim to be officials, business people, or the surviving spouses of former government honchos in Nigeria or another country whose money is somehow tied up for a limited time. They offer to transfer lots of money into your bank account if you will pay a fee or "taxes" to help them access their money. If you respond to the initial offer, you may receive documents that look "official." They then ask you to send money to cover transaction and transfer costs and attorney's fees, as well as a blank letterhead, your bank account numbers, or other information. They may even encourage you to travel to the country in question, or a neighboring country, to complete the transaction. Some fraudsters have even produced trunks of dyed or stamped money to try to verify their claims.

 

The Catch: The emails are from crooks trying to steal your money or your identity. Inevitably, in this scenario, emergencies come up, requiring more of your money and delaying the transfer of funds to your account. In the end, there aren't any profits for you, and the scam artist vanishes with your money. The damage can sometimes be felt even beyond your pocket: according to State Department reports, people who have responded to "pay in advance" solicitations have been beaten, subjected to threats and extortion, and in some cases, murdered.

 

Your Safety Net: If you receive an email from someone claiming to need your help getting money out of a foreign country, don't respond. If you've lost money to one of these schemes, call your local Secret Service field office. Local field offices are listed in the Blue Pages of your telephone directory.

 

Forward "Nigerian" scams—including all the email addressing information—to spam@uce.gov.

 

2. Phishing

 

The Bait: Email or pop-up messages that claim to be from a business or organization you may deal with, such as, an Internet service provider (ISP), bank, online payment service, or even a government agency. The message may ask you to "update," "validate," or "confirm" your account information or face dire consequences.

 

The Catch: Phishing is a scam where Internet fraudsters send spam or pop-up messages to reel in personal and financial information from unsuspecting victims. The messages direct you to a website that looks just like a legitimate organization's site, or to a phone number purporting to be real. But these are bogus and exist simply to trick you into divulging your personal information so the operators can steal it, fake your identity, and run up bills or commit crimes in your name.

 

Your Safety Net: Make it a policy never to respond to emails or pop-ups that ask for your personal or financial information, click on links in the message, or call phone numbers given in the message. Don't cut and paste a link from the message into your Web browser—phishers can make links look like they go one place, but then actually take you to a look-alike site. If you are concerned about your account, contact the organization using a phone number you know to be genuine, or open a new Internet browser session and type in the company's correct Web address yourself. Using antivirus and anti-spyware software and a firewall, and keeping them up-to-date, can help.

 

Forward phishing emails to spam@uce.gov and to the organization that is being spoofed.

 

3. Work-at-Home Scams

 

The Bait: Advertisements that promise steady income for minimal labor—in medical claims processing, envelope-stuffing, craft assembly work, or other jobs. The ads use similar come-ons: Fast cash, minimal work, no risk, and the advantage of working from home when it's convenient for you.

 

The Catch: The ads don't say you may have to work many hours without pay, or pay hidden costs to place newspaper ads, make photocopies, or buy supplies, software, or equipment to do the job. Once you put in your own time and money, you're likely to find promoters who refuse to pay you, claiming that your work isn't up to their "quality standards."

 

Your Safety Net: The Federal Trade Commission (FTC) has yet to find anyone who has become rich stuffing envelopes or assembling magnets at home. Legitimate work-at-home business promoters should tell you—in writing—exactly what's involved in the program they're selling. Before you commit any money, find out what tasks you will have to perform, whether you will be paid a salary or work on commission, who will pay you, when you will get your first paycheck, the total cost of the program—including supplies, equipment, and membership fees—and what you will get for your money. Can you verify information from current workers? Be aware of "shills," people who are paid to lie and give you every reason to pay for work. Get professional advice from a lawyer, an accountant, a financial advisor, or another expert if you need it, and check out the company with your local consumer protection agency, state Attorney General and the Better Business Bureau—not only where the company is located, but also where you live.

 

Forward work-at-home scams to spam@uce.gov.

 

4. Weight Loss Claims

 

The Bait: Emails promising a revolutionary pill, patch, cream, or other product that will result in weight loss without diet or exercise. Some products claim to block the absorption of fat, carbs, or calories; others guarantee permanent weight loss; still others suggest you'll lose lots of weight at lightning speed.

 

The Catch: These are gimmicks, playing on your sense of hopefulness. There's nothing available through email you can wear or apply to your skin that can cause permanent or even significant weight loss.

 

Your Safety Net: Experts agree that the best way to lose weight is to eat fewer calories and increase your physical activity so you burn more energy. A reasonable goal is to lose about a pound a week. For most people, that means cutting about 500 calories a day from your diet, eating a variety of nutritious foods, and exercising regularly. Permanent weight loss happens with permanent lifestyle changes. Talk to your health care provider about a nutrition and exercise program suited to your lifestyle and metabolism.

 

Forward weight loss emails to spam@uce.gov.

 

5. Foreign Lotteries

 

The Bait: Emails boasting enticing odds in foreign lotteries. You may even get a message claiming you've already won! You just have to pay to get your prize or collect your winnings.

 

The Catch: Most promotions for foreign lotteries are phony. The scammers will ask you to pay "taxes," "customs duties," or fees, and then keep any money you send. Scammers sometime ask you to send funds via wire transfer. Don't send cash or use a money-wiring service because you'll have no recourse if something goes wrong. In addition, lottery hustlers use victims' bank account numbers to make unauthorized withdrawals or their credit card numbers to run up additional charges. And one last important note: participating in a foreign lottery violates US law.

 

Your Safety Net: Skip these offers. Don't send money now on the promise of a pay-off later.

 

Forward solicitations for foreign lottery promotions to spam@uce.gov.

 

6. Cure-All Products

 

The Bait: Emails claiming that a product is a "miracle cure," a "scientific breakthrough," an "ancient remedy"—or a quick and effective cure for a wide variety of ailments or diseases. They generally announce limited availability, and require payment in advance, and offer a no-risk "money-back guarantee." Case histories or testimonials by consumers or doctors claiming amazing results are not uncommon.

 

The Catch: There is no product or dietary supplement available via email that can make good on its claims to shrink tumors, cure insomnia, cure impotency, treat Alzheimer's disease, or prevent severe memory loss. These kinds of claims deal with the treatment of diseases; companies that want to make claims like these must follow the FDA's pre-market testing and review process required for new drugs.

 

Your Safety Net: When evaluating health-related claims, be skeptical. Consult a health care professional before buying any "cure-all" that claims to treat a wide range of ailments or offers quick cures and easy solutions to serious illnesses. Generally speaking, a cure-all is a cure none.

 

Forward spam with miracle health claims to spam@uce.gov.

 

7. Check Overpayment Scams

 

The Bait: A response to your ad or online auction posting, offering to pay with a cashier's, personal, or corporate check. At the last minute, the so-called buyer (or the buyer's "agent") comes up with a reason for writing the check for more than the purchase price, and asks you to wire back the difference after you deposit the check.

 

The Catch: If you deposit the check, you lose. Typically, the checks are counterfeit, but they're good enough to fool unsuspecting bank tellers and increase the balance in your bank account—temporarily. But when the check eventually bounces, you are liable for the entire amount.

 

Your Safety Net: Don't accept a check for more than your selling price, no matter how tempting the plea or convincing the story. Ask the buyer to write the check for the purchase price. If the buyer sends the incorrect amount, return the check. Don't send the merchandise. As a seller who accepts payment by check, you may ask for a check drawn on a local bank, or a bank with a local branch. That way, you can visit the bank personally to make sure the check is valid. If that's not possible, call the bank the check was drawn on using the phone number from directory assistance or an Internet site you know and trust, not from the person who gave you the check. Ask if the check is valid.

 

Forward check overpayment scams to spam@uce.gov and your state Attorney General. You can find contact information for your state Attorney General at www.naag.org.

 

8. Pay-in-Advance Credit Offers

 

The Bait: News that you've been "pre-qualified" to get a low-interest loan or credit card, or repair your bad credit even though banks have turned you down. But to take advantage of the offer, you have to pay a processing fee of several hundred dollars.

 

The Catch: A legitimate pre-qualified offer means you've been selected to apply. You still have to complete an application and you can still be turned down. If you paid a fee in advance for the promise of a loan or credit card, you've been hustled. You might get a list of lenders, but there is no loan, and the person you've paid has taken your money and run.

 

Your Safety Net: Don't pay for a promise. Legitimate lenders never "guarantee" a card or loan before you apply. They may require that you pay application, appraisal, or credit report fees, but these fees are seldom required before the lender is identified and the application is completed. In addition, the fees generally are paid to the lender, not to the broker or person who arranged the "guaranteed" loan.

 

Forward unsolicited email containing credit offers to spam@uce.gov.

 

9. Debt Relief

 

The Bait: Emails touting a way you can consolidate your bills into one monthly payment without borrowing; stop credit harassment, foreclosures, repossessions, tax levies and garnishments; or wipe out your debts.

 

The Catch: These offers often involve bankruptcy proceedings, but they rarely say so. While bankruptcy is one way to deal with serious financial problems, it's generally considered the last resort. The reason: it has a long-term negative impact on your creditworthiness. A bankruptcy stays on your credit report for 10 years, and can hurt your ability to get credit, a job, insurance, or even a place to live. To top it off, you will likely be responsible for attorneys' fees for bankruptcy proceedings.

 

Your Safety Net: Read between the lines when looking at these emails. Before resorting to bankruptcy, talk with your creditors about arranging a modified payment plan, contact a credit counseling service to help you develop a debt repayment plan, or carefully consider a second mortgage or home equity line of credit. One caution: While a home loan may allow you to consolidate your debt, it also requires your home as collateral. If you can't make the payments, you could lose your home.

 

Forward debt relief offers to spam@uce.gov.

 

10. Investment Schemes

 

The Bait: Emails touting "investments" that promise high rates of return with little or no risk. One version seeks investors to help form an offshore bank. Others are vague about the nature of the investment, but stress the rates of return. Promoters hype their high-level financial connections; the fact that they're privy to inside information; that they'll guarantee the investment; or that they'll buy it back. To close the deal, they often serve up phony statistics, misrepresent the significance of a current event, or stress the unique quality of their offering. And they'll almost always try to rush you into a decision.

 

The Catch: Many unsolicited schemes are a good investment for the promoters, but not for participants. Promoters of fraudulent investments operate a particular scam for a short time, close down before they can be detected, and quickly spend the money they take in. Often, they reopen under another name, selling another investment scam.

 

Your Safety Net: Take your time in evaluating the legitimacy of an offer—the higher the promised return, the higher the risk. Don't let a promoter pressure you into committing to an investment before you are certain it's legitimate. Hire your own attorney or an accountant to take a look at any investment offer too.

 

Forward spam with investment-related schemes to spam@uce.gov.

 

Fighting Back

 

Con artists are clever and cunning, constantly hatching new variations on age-old scams. Still, skeptical consumers can spot questionable or unsavory promotions in email offers. Should you receive an email that you think may be fraudulent, forward it to the FTC at spam@uce.gov, hit delete, and smile. You'll be doing your part to help put a scam artist out of work.

 

How to Report Spam

 

If you receive an email that you think may be a scam:
  • Forward it to the FTC at spam@uce.gov and to the abuse desk of the sender's ISP. Also, if the email appears to be impersonating a bank or other company or organization, forward the message to the actual organization.
  • If you think you may have responded to an email that may be a scam:
    • File a report with the Federal Trade Commission at www.ftc.gov/complaint.
    • Report it to your state Attorney General, using contact information at www.naag.org.
    • Then visit the FTC's identity theft website at www.ftc.gov/idtheft. While you can't completely control whether you will become a victim of identity theft, you can take some steps to minimize your risk.

 

Supporting Sources: OnGuardOnline.gov
Phishing

 

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social websites, auction sites, online payment processors, or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by email or instant messaging, and it often directs users to enter details at a fake website that has a look and feel almost identical to the legitimate one.

 

Phishing email messages take a number of forms. They might appear to come from a financial institution, a company you regularly do business with, or from a social networking site such as Facebook or LinkedIn. To avoid getting hooked:

 

  • Don't reply to email or pop-up messages that ask for personal or financial information, and don't click on links in the message. Don't cut and paste a link from the message into your Web browser—phishers can make links look like they go one place, but they actually send you to a different site.
  • Some scammers send an email that appears to be from a legitimate business and asks you to call a phone number to update your account or access a "refund." Because they use Voice over Internet Protocol (VoIP) technology, the area code you call does not reflect where the scammers really are. If you need to reach us or any organization you do business with, call the number on your financial statements or on the back of your ATM, Debit, or credit card.
  • Use antivirus and anti-spyware software, as well as a firewall, and update them all regularly.
  • Never email personal or financial information.
  • Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. Signing up for online banking enables you to review your accounts more regularly and for free so you don't have to wait for monthly statements.
  • Be cautious about opening any attachment or downloading any files in emails you receive, regardless of who sent them.

 

If you should ever receive an email that you believe to be a phishing scam using our name and logo, please forward us a copy, as well as emailing a copy to spam@uce.gov and to any company, or organization impersonated in the phishing email. You may also report phishing email to reportphishing@antiphishing.org. The Anti-Phishing Working Group, a consortium of ISPs, security vendors, financial institutions, and law enforcement agencies, uses these reports to fight phishing.

 

Contributing source: OnGuardOnline.gov
Mobile Fraud

 

Mobile Banking has made it easier than ever to check your account balance, view transactions, and pay bills, right from the palm of your hand. By taking the following steps to protect your mobile phone, you can make sure that you're taking the proper steps to keep your personal and financial information safe and secure.

 

Secure your phone Most mobile phones let you set up a password or PIN, requiring that it's entered into your phone prior to use. This ensures that your phone can't be used if it's lost or stolen. Make sure that you always have this feature enabled and that your password or PIN is not shared with anyone.

 

Beware of trojans and spyware Trojans and spyware are viruses and software that are used by fraudsters to steal personal details when installed on your computer or mobile phone. They're usually installed without your knowledge when you follow a link, open an attachment, or download software from a fraudulent email or text message.

 

To protect yourself:
  • Don't download software until you've verified its security and privacy features
  • Install anti-spyware software that's specifically designed for your mobile
  • Be suspicious if you get lots of unsolicited emails or text messages—it could mean you have a spyware program on your phone

 

Install security software Just like your computer, mobile phones are vulnerable to viruses, some of which can give fraudsters access to your personal information.

 

To keep your information safe:
  • Install security software and keep it up-to-date
  • Delete junk emails and text messages
  • Don't follow any website links unless you know that they're genuine
  • Don't download any files or email attachments that you're not sure about

 

Keep your mobile software up-to-date On occasion your mobile phone manufacturer will likely release software updates for your phone. These should be downloaded and installed regularly to ensure your mobile phone has the most current and up-to-date software installed.

 

Avoid sharing your mobile phone If you have to share your mobile or send it off for repairs:
  • Remove the temporary files and cache stored in the memory of your mobile, as they may contain confidential information
  • Clear your browsing history regularly
  • Don't let people use your mobile phone until you've logged out of secure sites such as Mobile Banking
  • Make sure all APPs are logged out of and not set-up to login upon being launched
Malware

 

Malware, short for malicious software, is software designed to secretly access a computer system without the owner's informed consent.

 

The prevalence of malware as a vehicle for organized Internet crime, along with the general inability of traditional anti-malware protection platforms (products) to protect against the continuous stream of unique and newly produced malware, has seen the adoption of a new mindset for businesses operating on the Internet: the acknowledgment that some sizable percentage of Internet customers will always be infected for some reason or another, and that they need to continue doing business with infected customers.

 

Common types of malware delivery mechanisms

 

  • Software updates: Malware posts invitations inside social media sites, inviting users to view a video. The link tries to trick users into believing they need to update their current software to view the video. The software offered is malicious.
  • Banner ads: Sometimes called "malvertising," unsuspecting users click on a banner ad that then attempts to install malicious code on the user's computer. Alternatively, the ad directs users to a website that instructs them to download a PDF with heavily-obscured malicious code, or they are instructed to divulge payment details to download a PDF properly.
  • Downloadable documents: Users are enticed into opening a recognizable program, such as Microsoft Word or Excel, that contains a preinstalled Trojan horse.
  • Man-in-the-middle: Users may think they are communicating with a website they trust. In reality, a cybercriminal is collecting the data users share with the site, such as login and password. Or, a criminal can hijack a session, and keep it open after users think it has been closed. The criminal can then conduct their malicious transactions. If the user was banking, the criminal can transfer funds. If the user was shopping, a criminal can access and steal the credit card number used in the transaction.
  • Keyloggers: Users are tricked into downloading keylogger software using any of the techniques mentioned above. The keylogger then monitors specific actions, such as mouse operations or keyboard strokes, and takes screenshots in order to capture personal banking or credit card information.

 

The anatomy of malware attacks

 

To infect a computer through a Web browser, an attacker must accomplish two tasks.
  1. First, they must find a way to connect with the victim.
  2. Second, the attacker must install malware on the victim's computer.

 

Both of these steps can occur quickly and without the victim's knowledge, depending on the attacker's tactics.

 

One way for an attacker to make a victim's browser execute their malicious code is to simply ask the victim to visit a website that is infected with malware. Of course, most victims will not visit a site if told it is infected, so the attacker must mask the nefarious intent of the website. Sophisticated attackers use the latest delivery mechanisms, and often send malware-infected messages over social networks, such as Facebook, or through instant messaging systems. While these methods have proved successful to a degree, they still rely on tempting a user to visit a particular website.

 

Other attackers choose to target websites that potential victims will visit on their own. To do this, an attacker compromises the targeted website and inserts a small piece of HTML code that links back to their server. This code can be loaded from any location, including a completely different website. Each time a user visits a website compromised in this manner, the attacker's code has the chance to infect their system with malware.

 

Contributing source: OnGuardOnline.gov
Vishing

 

Vishing is the criminal practice of using social engineering over the telephone system, most often using features facilitated by Voice over IP (VoIP), to gain access to private personal and financial information from the public for the purpose of financial reward. The term is a combination of "voice" and phishing.

 

Vishing exploits the public's trust in landline telephone services, which have traditionally terminated in physical locations which are known to the telephone company, and associated with a bill-payer. The victim is often unaware that VoIP makes formerly difficult-to-abuse tools/features of caller ID spoofing, complex automated systems (IVR), low cost, and anonymity for the bill-payer widely available. Vishing is typically used to steal credit card numbers or other information used in identity theft schemes from individuals.

 

We will never call you to request that you update or verify your personal or financial details over the phone. If you ever receive a call requesting this information, please call us using the phone number on your account statement, on the back of your ATM or Debit Card, or local telephone directory to confirm the call is legitimate.

 

Vishing is very hard for legal authorities to monitor or trace. To protect themselves, consumers are advised to be highly suspicious when receiving messages directing them to call and provide credit card or bank numbers. Rather than provide any information, if speaking to a human ask them for an incident number and then hang up. Then place a call to the number printed on your credit card or billing statement from a telephone number the bank has on file, usually your home land line. While consumer caller id is trivial to fake the bank's call center gets much more reliable billing information provided by trunked 1-800 service and thus both parties have high confidence the other party is who they claim to be.

 

Area codes can mislead. Some scammers send emails that appear to be from a legitimate business and ask you to call a phone number to update your account or access a "refund." Because they use Voice over Internet Protocol technology, the area code you call does not reflect where the scammers really are. If you need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card. And delete any emails that ask you to confirm or divulge your financial information.

 

Security. If you use VoIP for your home phone service you should know that VoIP calls are transmitted over the Internet, which raises security risks that are not an issue with regular telephone service. For example, VoIP services can be attacked by computer viruses or worms; you can be subject to SPIT (Spam over Internet Telephony), a different kind of spam, and left with mass voice mail messages in your inbox; and you can be caught in a denial of service attack.

 

Contributing source: OnGuardOnline.gov
Smishing

 

In computing, Smishing is a form of criminal activity using social engineering techniques similar to phishing. The name is derived from "SMS Phishing." SMS (Short Message Service) is the technology used for text messages on cell phones.

 

Similar to phishing, smishing uses cell phone text messages to deliver the "bait" to get you to divulge your personal information. The "hook" (the method used to actually "capture" your information) in the text message may be a website URL, however it has become more common to see a phone number that connects to an automated voice response system.

 

The smishing message usually contains something that wants your "immediate attention", some examples include "We're confirming you've signed up for our dating service. You will be charged $2/day unless you cancel your order on this URL: www.????.com."; "(Name of popular online bank) is confirming that you have purchased a $1,500 computer from (name of popular computer company). Visit www.?????.com if you did not make this online purchase."; and "(Name of a financial institution): Your account has been suspended. Call ###.###.#### immediately to reactivate". The "hook" will be a legitimate looking website that asks you to "confirm" (enter) your personal financial information, such as your credit/debit card number, CVV code (on the back of your credit card), your ATM card PIN, SSN, email address, and other personal information. If the "hook" is a phone number, it normally directs to a legitimate sounding automated voice response system, similar to the voice response systems used by many financial institutions, which will ask for the same personal information.

 

This is an example of a (complete) smishing message in current circulation: "Notice—this is an automated message from (a local credit union), your ATM card has been suspended. To reactivate call urgent at 866-###-####".

 

In many cases, the smishing message will show that it came from "5000" instead of displaying an actual phone number. This usually indicates the SMS message was sent via email to the cell phone, and not sent from another cell phone.

 

This information is then used to create duplicate credit/debit/ATM cards. There are documented cases where information entered on a fraudulent website was used to create a credit or debit card that was used halfway around the world, within 30 minutes.
Twishing

 

Twishing is the act of sending a message to a Twitter user in an attempt to obtain his or her name and password. The message may instruct the recipient to visit a website where he or she is asked to log in. The website, however, is bogus and set up only to steal the user's information.

 

Twishing is a combination of the words Twitter and phishing. The idea is that bait is given out—the concept behind the term phishing—to Twitter users with the hopes that while most will ignore the bait, a small percentage will be tricked into revealing their user names and passwords. Twishing may also be seen written in lowercase as twishing.
Email Samples Content...
Online Samples Content...

 

VIDEOS
Watch videos provided by OnGuardOnline.gov to help you learn about spam and phishing. Keeping you and your kids safe online, while reducing spam, and protecting your computer against unwanted intrusions.

 

Video:Phishy Home

 

Video:Phishy Office

 

Video:Phishy Store

 

Our financial institution is not responsible for the content of external websites linked to or referenced from our web server. We neither endorse the information, content, presentation or accuracy, nor makes any warranty, express or implied, regarding these external websites. We are not liable for any failure of products or services advertised on these external websites. By selecting the link you will be leaving our website and will be taken to a third party site that may offer a different privacy policy and level of security. The third party site is responsible for website content and system availability. We encourage you to read the external website privacy policy and terms of use and that you understand the external website may provide less security than that of our website.

Continue
Our financial institution is not responsible for the content of external websites linked to or referenced from our web server. We neither endorse the information, content, presentation or accuracy, nor makes any warranty, express or implied, regarding these external websites. We are not liable for any failure of products or services advertised on these external websites. By selecting the link you will be leaving our website and will be taken to a third party site that may offer a different privacy policy and level of security. The third party site is responsible for website content and system availability. We encourage you to read the external website privacy policy and terms of use and that you understand the external website may provide less security than that of our website.

Continue