Close Notification Bar
Skip to main content Skip to footer site map
Login Form
Site Search Form
Exit Search

Security Articles

Understanding Phishing, Vishing, and Smishing

Select to go Back to Security Articles

UNDERSTANDING PHISHING, VISHING AND SMISHING

E-mail Phishing

Phishing (pronounced "fishing") is a scam to steal valuable information such as credit card and Social Security numbers, user IDs, and passwords. In phishing, also known as "brand spoofing," an official-looking e-mail is sent to potential victims pretending to be from their ISP, credit union, bank, or retail establishment. E-mails can be sent to people on selected lists or on any list, and the scammers expect some percentage of recipients will actually have an account with the real organization.

Land Line Telephone Vishing & VoIP (Internet Phones) Vishing

Vishing (Voice phISHING), also called "VoIP phishing for Internet phones," is the voice counterpart to phishing. Instead of being directed by e-mail to a Web site, an e-mail message asks the user to make a telephone call. The call triggers a voice response system that asks for the user's card number or other personal or financial information. The initial bait can also be a telephone call with a recording that instructs the user to phone an 800 number or another area code within or outside of the United States.

In either case, because people are used to entering card numbers over the phone, this technique can be effective. Voice over IP (VoIP) is used for vishing because caller IDs can be spoofed and the entire operation can be brought up and taken down in a short time, compared to a land line telephone.

Text Message Smishing

Smishing (SMS phISHING) is the mobile phone counterpart to phishing. Instead of being directed by e-mail to a Web site, a text message is sent to the user's cell phone or other mobile device with some ploy to click on a link. The link causes a Trojan to be installed in the cell phone or other mobile device.

Mail Letter Phishing

This new scam occurs where the phisher is creating a letter and sending it through the mail to individuals to respond to the letter by calling a phone number. The phisher outlines in the letter that the individual must respond for their own protection. This scam is used in conjunction with other channels to steal valuable personal and financial information of the individual receiving the letter.

Protect Yourself

NASA Federal will never send an e-mail or call you to verify your account information. Be sure to use only the phone numbers that you know to be true for the Credit Union when responding to phone messages. If you have responded to such an e-mail or phone scam and provided any confidential account information, please notify NASA Federal immediately at support@nasafcu.com or call 1-301-249-1800 or toll-free at 1-888-NASA-FCU (627-2328).

  1. Education & Tools
  2. Security
  3. Security Articles
  4. Understanding Phishing, Vishing, and Smishing
Equal Housing Lender LogoNCUA Logo

Your savings federally insured to at least $250,000 and backed by the full faith & credit of the U.S. Government. NMLS #486583.

©
 
NASA Federal Credit Union

Confidential information such as account numbers and social security numbers should not be sent by email for security reasons. Instead, please contact us directly at 1-888-NASA-FCU, send us a secure message through Online Banking or Mobile Banking, or visit your nearest branch.

You are now leaving nasafcu.com and entering a third party website that is not part of NASA Federal Credit Union.

The content you are about to view is produced by a third party unaffiliated to NASA Federal Credit Union. NASA Federal takes no responsibility for the content of the page.