Security Best Practices
Vishing, Phishing and Smishing
Security Best Practices: Vishing, Phishing and SmishingComment February 19, 2015 by Triangle Credit Union
A recent vishing attempt targeting local financial institutions has reminded us of the need to remain vigilant in the digital age. In this post, I’ll share some information on three of the most common tactics used by fraudsters and best practices to avoid falling prey to such attacks.
Vishing is the act of using a telephone to collect personal information by imitating a trusted source, like your financial institution.
Best practice: If you receive a phone call and suspect it might be fraudulent, look up the organization’s customer service number and call the trusted number rather than the number provided in the solicitation.
Phishing is the act of using email to collect personal information by imitating a trusted source, like your financial institution. Be wary of any attachments in a suspicious email with the following extensions: .exe, .bat, .vbs, .reg, .msi, .pif, .pl, .php. Clicking on any links with the aforementioned extensions could trigger an unwanted download of malicious software.
Best practice: Only open emails from a trusted source. Be on the lookout for bad grammar, it’s usually a good tip-off that the sender is not who they say they are. If you receive a suspicious email purporting to be Triangle Credit Union contact us before clicking on any links and we’ll help you determine the validity of the email.
Smishing is the act of using text messages to collect personal information by imitating a trusted source, like your financial institution.
Best practice: As with phone calls and emails, don’t communicate any personal information via text unless it is a request that you have initiated. Always be wary of unfamiliar numbers.
The digital world is rife with constant threats to your personal information and security. But, by following these simple best practices you can ensure that you can enjoy the benefits and convenience of banking, shopping and communicating in the digital world without sacrificing protections on your privacy. In my next post in this series, I’ll cover the topic of Social Engineering and share best practices to help you avoid the type of over-sharing that can make you vulnerable to such an extreme attack.