Imagine this: you receive an email from your financial institution (or so you think), and they're asking you to provide your login info to help you fix an issue on your account. You provide them with your account information. Later, you see that there are fraudulent charges on your credit card and your identity has been stolen. Next thing you know, you've become a victim of a spoofing scam.

What is a spoofing?

Spoofing is when someone pretends to be someone else to access information and data or spread malware. Spoofing can take many forms, with emails, text messages, IP addresses, and phone calls being the most prominent.

How does a spoofing scam work?

Spoofing takes phishing, vishing, and smishing up a notch. Through spoofing, hackers can access an organization's owned phone numbers and email addresses. Doing so allows them to look more credible to a potential victim by appearing to be coming from the actual organization instead of from an unrecognizable and otherwise random email address or phone number.

How do hackers and fraudsters gain access to these emails and phone numbers?

While cybercriminals have many tricks up their sleeves, services are available to help them get the job done. They can use these services to gain access - or spoof - a phone number or any caller ID or email address they'd like. This way, they can call (or email or text) you with all the authority of an organization that you'd trust.

How can you prevent falling victim to a spoofing scam?

Stay aware

We understand how one can fall victim to spoofing, especially when it appears as though a trusted organization – such as your financial institution – is reaching out to you. But you've got enough cybersecurity tools in your toolbox to know that you should never willingly give up your personal information to anyone!

Call the organization and verify if it was them

If you receive a call, email, or text message from what you think is a trusted organization asking you for your personal information, data, or access to a system, hang up the phone and do not answer. The best next step is to call the organization's main business line and inform them about the communication you received. That way, they're informed of the spoofing attack and can stop it as quickly as possible to prevent anyone else from falling victim.

Take proper precautions

If you believe you've received a spoofing attack or you'd like to prevent it, here are some steps to ensure your personal information is secure:

• Change your passwords regularly.
• Use a secure browser and peruse the internet only on secure sites.
• Keep your devices up to date with the latest software.  

Important Note

Vibe Credit Union will never call, email, or text you and ask for your confidential and personal information. Contact us if you receive a communication that you suspect is fraudulent and presents itself as originating from Vibe Credit Union.