Phishing, Vishing and Smishing
Phishing, vishing and smishing are all scams that involve fraudsters who use email (phishing), telephone calls (vishing) or text messages (smishing) to obtain personal information such as bank account information, credit card numbers and social insurance numbers from unsuspecting victims.
While an internet fraudster can easily obtain and share your email address on the internet, it is unlikely he or she will have a lot of additional information about you. To obtain additional information a fraudster may use an official looking, but fake email known as a phishing email.
Phishing emails usually include links to websites that appear to direct you to a legitimate company. However, these links go to fraudulent websites and any information you submit via the website is gathered by a fraudster. Fraudsters often target companies with a large customer/member base and send thousands of phishing emails to reach as many potential victims as possible.
Envision Financial has clear guidelines about the information they will request via phone or email. If you have any concerns about a request, please contact us immediately.
Trojan Horses
Fraudsters have successfully found a way to extract banking information from computers by using virus programs known as Trojan horse. A Trojan horse lies dormant on your computer, monitors your activity and then activates if you visit a targeted website, such as an online retailer or a financial institution. The program can then record keystrokes, such as usernames and passwords, and other information stored on your computer and sends them to the creator of the Trojan horse.
A Trojan horse may also allow hackers remote access to your system. Operations which can then be conducted by the hacker include:
- Use of the machine as part of a botnet (performing automated spamming or distributing denial of service attacks)
- Data theft (e.g. retrieving passwords or credit card information)
- Installation of software, including third-party malware
- Downloading or uploading of files on the user's computer
- Modification or deletion of files
- Keystroke logging
- Watching the user's screen
- Crashing the computer
How to Protect Yourself
- Never disclose your passwords (including your PIN and personal access code (PAC)) to anyone
- Do not set your email program to “auto-run” attachments –always check that run your antivirus software when an email attachment is received
- If you are unsure of the authenticity of an email, delete it and call your branch
- Do not choose the “save password on this computer” option
- Never click on an email that you suspect may be fake
- Before entering confidential or financial information online, check for the lock icon on your browser, which means that your data is encrypted and cannot be read
Additional Resources
There are numerous websites with useful security information and tips. Whether you are looking for general security advice or free security tools (antivirus, firewall, malware removal, browser security, encryption, vulnerability scanner, just to name a few) these listed sites are great security resources:
- Free Security Software/Tools
- Security Tips
- Security Information