Phishing, Vishing, and Smishing

First there was phishing: scammers using emails to trick people into giving up confidential information. Now there’s also vishing (they con you into calling to verify information) and smishing (same idea, but they contact you via text).

  • SEFCU, the FDIC, the NCUA, and other reputable organizations (or companies) won’t ask for personal or account information through email, phone call, or text.
  • Consider adding the email address of unsolicited emails to your spam filter.
  • If you think your SEFCU accounts have been compromised, call 800-727-3328.
  • Don’t click any links or call any phone numbers you receive from an unsolicited email.
  • Don’t open attachments in unsolicited emails.
  • If you think the email is legitimate, manually type the company’s web address (the one you know to be accurate) into your browser.
  • Look for the “padlock” icon on any site where you enter personal information.
  • Verify you’re on a legitimate site by right-clicking on the web page; you should see a list of properties (like the web address). If those addresses don’t exactly match your financial institution’s addresses, don’t enter your information.
  • Don’t give out PIN, credit card numbers, or other account-related info over the phone.
  • Never display your wireless number on a public website, chat room, or membership directory.
  • Opt out of receiving text messages from companies you don’t want to hear from.
  • Sign up for the National Do Not Call Registry
  • Report suspicious calls to the Federal Trade Commission at or 1-877-FTC-HELP.