Phishing Schemes

Phishing is a form of social engineering, characterized by attempts to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication, such as an email or an instant message. The term phishing arises from the use of increasingly sophisticated lures to "fish" for users' financial information and passwords.

How to spot a phony Email

Some of the phony or bogus e-mails can look very official. Fraudsters are getting very good at stealing logos and graphics from a company site to make their own phony or spoof website. However, you can usually still spot the fakes by the following characteristics:

  • Verify your Account - Phishing e-mails normally ask you to go to a website. to "verify" personal information, such as an account number, credit card number, password, PIN, etc.
  • Warnings or Urgency - You will often see a sense of urgency or warnings in a phishing email, such as your account will expire in 48 hours if you don't enter the requested information.
  • "Dear Valued Customer" - Usually, you will not see your name or anything identifying you (such as the last 4 digits of an account) in a phishing email. They usually always have a generic heading.
  • "Click Here" - Fraudulent e-mails usually have a link taking you to a phony or spoofed website. If you do see a web address, it may be an IP address or suspicious looking domain names - including meaningless number or text before or after a legitimate website. address.

If you get an email with any of these characteristics, be extremely leery. It is most likely a phishing email. If you receive an email similar to those described above and it is representing itself as being sent from First Capital, please forward it immediately to: suspectemail@firstcapitalfcu.com.

Smishing Schemes

Credit unions across the country are now reporting their members are receiving unsolicited text messages. It's an attempt at Smishing, the latest form of phishing. In Smishing, an email tries to lure a recipient into giving personal information via SMS, the communications protocol used to send text messages to a wireless device. The recent scam is targeting credit union and other financial institution members.

In smishing, the members receive a text message via cell phone warning that their bank account has been closed due to suspicious activity. It then tells them they need to call a certain phone number to reactivate the account.

Unsuspecting callers who dial the number provided in the text message will be taken to an automated voice mail box that prompts them to key in their credit card or debit card number, expiration date, and PIN to verify their information.

If you receive a text similar to those described above and it is representing itself from First Capital, please forward it immediately to: suspectemail@firstcapitalfcu.com.