What’s the Difference Between Phishing, Smishing and Vishing?

Cybercrime is on the rise and with it are evolving methods that fraudsters use to steal from you. Phishing, smishing, and vishing are common scams that try to steal your money, personal info, or identity.

Phishing is when fraudsters pose as a company you do business with or trust, like your bank, credit card company, or mobile provider to lure you into becoming a victim and providing sensitive information like your Online Banking credentials. These lures often come in the form of an email that may include a malicious hyperlink or attached document. If you click on these, they could download malware onto your device, or they may lead you to a site that collects your personal data and log-in credentials.  If the fraudster successfully gains access to your sensitive information, the result could lead to a loss of funds, a data breach or loss, identity fraud, or ransomware. Bottom line, always double-check to confirm who you’re communicating with before giving out sensitive information.

Vishing is known as voice phishing. A fraudster calls pretending to be someone from an organization you’re familiar with and tries to gain access to your bank account information, credit card information, or Online Banking login credentials to seize accounts and steal money. To seem more credible, the fraudster could use fake caller ID or automated voice, or leave a threatening voicemail with a sense of urgency. You can confirm the legitimacy of a caller by first verifying the phone number on the organization’s official website and then calling it directly to ask if the request is authentic.

Smishing is similar to phishing but uses text messages instead of email. Smishing text messages often convey a sense of urgency and contain a hyperlink that directs you to a website with a request for personal information. Clicking on that link could also download malware onto your device.

Prevent getting hooked by a phishing, vishing, or smishing attack:

• Block the bait!
  • Phishing: Block the bait by making sure to install the latest versions and updates on your devices and setting up added protection.
    • Use strong passwords and multi-factor authentication and never share your credentials with others (no matter who they claim to be!)
    • Install and perform regular updates to antivirus and anti-spyware.
    • Consider setting up a firewall or utilizing secure VPN services which can act as a barrier against risky networks and malicious Internet content.
    • Back up your data so you can recover anything lost in case of a data breach or ransomware attack.
  • Vishing: Block the bait by blocking calls from suspicious numbers or deleting voicemails from unknown callers with requests that may contain a sense of urgency. If such an urgent request includes a demand for your personal information, account numbers, or log-in credentials, beware!  Legitimate businesses, and especially financial and government institutions, should never request this type of information over the phone.
  • Smishing: Block the bait by deleting text messages from unfamiliar phone numbers, especially when they contain hyperlinks, grammatical errors, or contain a threat or sense of urgency. Block the number the text message came from, too.
• Don’t take the bait from suspicious senders.
  • • Stay educated on common scams that cybercriminals use so you can recognize red flags.
      • Look out for suspicious email addresses, generic greetings, spoofed hyperlinks, suspicious attachments, and typos.
      • Check out our Prevent Fraud webpage where you can learn to spot scams and how to stop them.
• Report the hook and protect the waters.
  • If you believe you are a victim of fraud, take immediate action to minimize loss.
    • Contact the financial institution (bank or credit card company) from which you sent the money or leaked your account information and let them know what happened so they can flag your account for possible identity theft.
    • Report the fraud to the FTC at ftc.gov.
    • Alert any other financial institutions you may use, the three credit bureaus, Social Security, and the IRS that you were a victim of a scam and that your personal information may have been compromised to they can flag your account(s), too.
    • Reach out to our Customer Care team and we can help!

bankESB is looking out for you.

We’re committed to keeping you informed about the latest scams and ways to protect your money and personal information. For more information and valuable tools to help you from fraud, visit our Fraud Prevention webpage, stop by your nearest office, or call Customer Care at 855.527.4111.