Phishing and smishing are two of the most common cybersecurity attacks used by cybercriminals. Both scams involve sending text messages or emails with fraudulent links or attachments in an attempt to steal personal information from unsuspecting victims.
The links used often lead to fake websites where you will be asked to provide personal information. These websites can look exactly like sites you've visited before and trust, easily getting you to lower your guard and enter the information they've requested. These webpages may also contain malware that can infect your device and allow hackers to track your activity and gain access to your personal information.
How to Avoid Becoming a Victim
One of the best ways to protect yourself from phishing and smishing attacks is to be aware of the signs that these scams typically have. For example, many phishing emails or texts will contain grammatical errors in the message or sender's email address. They may also include high pressure, urgent requests for personal information or financial assistance – many times acting as or on behalf of a family member If you receive an email or text message that contains any of these red flags, do not respond and delete it immediately.
It is also important to never click on links or attachments from unknown senders. Even if the sender appears to be someone you know, always verify their identity before clicking on anything they've sent you. Cybercriminals are very good at impersonating people, so it's always better to err on the side of caution.
|Instead of responding to a message or clicking on a link, go to the source. If you've received something that is suspicious or just doesn’t seem quite right reach out to the sender via their official phone number or webpage.|
Common Smishing Attacks
Smishing, which stands for SMS (short message service, in other words, a text message) Phishing, has risen in popularity in recent years. These attacks mimic some of the common text messages that many of us regularly receive. Be aware of these common scams to avoid compromising your personal information.
Hackers can spoof numbers for government agencies, like the IRS, debt collectors, your local bank or even people you know, asking for sensitive information like your social security number, account number, PIN and other identifying information.
Civista and other reputable organizations will never ask for your social security number, PIN, one-time access code or other sensitive information over the phone, email or text message. If you receive one of these scam messages, delete it – do not reply or click on any links.
Scammers may send text messages asking you to reactivate your account by clicking on a link or calling a number. They might say that your debit or credit card is about to expire, or that there has been suspicious activity on your account.
These scams can be difficult to spot. However, remember Civista will never ask you for your sensitive information via text or phone call or to visit an unfamiliar website. If something seems suspicious, do not click on any links and contact us directly by calling our official number listed on our website or your card.
Delivery Notification Scams
Cybercriminals have also taken advantage of our increased use of online shopping and delivery services. You may receive a text message or email saying that you have a package waiting for you and to click on the link to track it. Once you do, you will be taken to a website where you will be asked to enter personal information in order to track the package.
Again, go to the source. If you’re waiting on a package go to the mailing service’s official webpage directly and track your package from there instead of clicking on an unverified link.
What To Do If You're a Victim of a Phishing or
If you believe you may have been the victim of a phishing or smishing attack, it is important to act quickly. Contact Civista immediately and let them know what happened. You should also change any passwords that may have been compromised and run a virus scan on your computer to check for any malicious software that may have been installed.
You can also protect yourself from scammers trying to open fraudulent accounts by freezing your credit. This is a free service offered by the credit bureaus – Equifax, Experian, TransUnion. Learn more in this Federal Trade Commission (FTC) article.
If you believe your identity has been stolen you can begin the identity theft reporting process, by using the universal ID Theft Affidavit at https://www.identitytheft.gov. This will have a fraud alert placed on your credit file. You may also call the Federal Trade Commission’s (FTC) toll-free ID Theft Hotline at 1-877-IDTHEFT (1-877-438-4338) for more information.
Reporting Phishing and Smishing Scams
According to the FTC, you can report instances of phishing at ftc.gov/complaint or report smishing by copying the message and forwarding it to 7726 (SPAM) or at reportfraud.ftc.org.
By following these simple tips, you can help protect yourself from becoming a victim of these cybersecurity attacks.