Financial institutions, including the STCU, are seeing a surge in scammers trying to trick consumers into revealing account numbers and other sensitive information.
The attacks take the form of fake emails and fake texts designed to look like they come from your bank and credit union. In some cases, scammers have gone a step further by linking to fake websites that may look remarkably similar to a financial institution’s website.
Attached are three examples of pHishing texts sent to us in recent days by attentive members of the STCU. Consumers who use other banks and credit unions receive similar attempts.
While many banks and credit unions communicate with their members and customers via text and email, there are often whistleblowers that a communication is inauthentic. Consumers are warned to avoid unknown web addresses and to beware of illogical word choices or misspelled words. Above all: remember that your financial institution will never contact you to ask you for sensitive information. If you already have an account, your financial institution knows your account number.
An SMS can be fraudulent even if it comes from a phone number with an area code. Phone numbers can be masked to appear local.
Consumers who receive unexpected text messages or emails that seem suspicious should not click on any links or respond in any way. Instead, if they are concerned that their account has been compromised, they should check with their bank or credit union using the contact information found on its website (not one that might have been provided in the suspect Communication). Many members have contacted the STCU in recent days, and while this has resulted in longer than usual wait times to speak to an STCU representative, it has kept their accounts safe.
If you’ve ever replied to a text message and provided sensitive information, contact your bank or credit union. They will likely suggest that you change the username and online banking login, and may take other actions if necessary, such as issuing new accounts or debit cards.