Scammers always try to stay one step ahead of security measures when it comes to accessing your personal information. Actions that seem to be ordinary — like talking about a purchase on social media, or announcing a long-awaited vacation —
are now being used by fraudsters to gather your personal information and compromise your accounts.
This scam is called “social engineering.” Hackers use information posted online in public areas, such as social media accounts, to find home addresses, phone numbers, and other information from an unknowing source. What about that dream destination
hotel you shared on Facebook, or the home improvement project you showcased on Pinterest? Using psychological manipulation during what would be a seemingly logical situation, scammers will call your hotel or your contractor to gain additional personal
information.
From there, scammers can use that acquired information to deceive you and others. For example, by posing as bank employees, customer service representatives, or a credit card company, they can gain access to your account and credit card numbers, security
PINs, CVV numbers, or other sensitive information.
There are many types of social engineering, the most common form being email phishing. This is the fraudulent practice of sending emails claiming to be from reputable companies in order to reveal personal information, such as passwords and credit card numbers.
These types of scams are rising at a record pace. According to the Anti-Phishing Working Group, an international coalition focused on cybercrime across industry, government, and law-enforcement sectors:
- The number of phishing attacks rose in the third quarter of 2019, to a high level not seen since late 2016.
- Forty percent of business email compromise (BEC) attacks use domain names registered by criminals, a strategy used to fool victims.
- More than two-thirds of all phishing sites used secure socket layer (SSL) protection, which is when a website URL begins with “https://”, typically seen as an indicator of website safety. This is the highest percentage since tracking begin
in early 2015, and is a clear indicator that users can’t rely on SSL alone to understand whether a website is safe.
Here are some tips to remember when sharing your personal information:
- Avoid using the same password across multiple accounts and change passwords frequently.
- Practice discretion when sharing information on social media channels. Keep your vacation plans private, don’t showcase large purchases, and think twice before sharing any information that would reveal your location or finances.
- If you get a call from a government agency or your financial institution, don’t share any personal identifying information. Typically, they don’t use a phone call, a text, or social media as a way to contact you. If in doubt, hang up and
call the agency or institution directly.
- Never share your personal information, such as account numbers, PINs, and security codes with someone who calls, texts, or reaches out to you online.
- Avoid using the same password across multiple accounts and change passwords frequently.
- Do not open attachments in unexpected emails, texts, or other communications. Be particularly wary of those that warn of dire consequences unless you take action immediately.
- If you feel you may be a victim of identity theft, contact law enforcement and your financial institution immediately to secure your information.
If you suspect anything unusual or that you are a victim of identity theft, call Nusenda Credit Union immediately at 505-889-7755 (800-347-2838 outside the Albuquerque area).
You can also visit our Account Security page for important security tips and additional information on how Nusenda Credit Union protects its members from fraud and identity theft.