What are some scams to be on the lookout for?


Phishing is the attempt to acquire sensitive information  such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, financial institutions, online payment processors or IT administrators are commonly used to lure unsuspecting victims. Phishing emails may contain links to websites that are infected with malware.] Phishing is typically carried out by email spoofing or instant messaging,[ and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users,[6] and exploits the poor usability of current web security technologies.

Phishing is a continual threat that keeps growing to this day.


Short for SMS Phishing, smishing is a variant of phishing email scams that instead utilizes Short Message Service (SMS) systems to send bogus text messages. Also written as SMiShing, SMS phishing made recent headlines when a vulnerability in the iPhone's SMS text messaging system was discovered that made smishing on the mobile device possible.

Smishing scams frequently seek to direct the text message recipient to visit a website or call a phone number, at which point the person being scammed is enticed to provide sensitive information such as credit card details or passwords. Smishing websites are also known to attempt to infect the person's computer with malware.


Voice phishing also known as Vishing is the criminal practice of using social engineering over the telephone system to gain access to private personal and financial information from the public for the purpose of financial reward. Sometimes referred to as 'vishing', the word is a combination of "voice" and phishing. Voice phishing exploits the public's trust in landline telephone services, which have traditionally terminated in physical locations known to the telephone company, and associated with a bill-payer. Voice phishing is typically used to steal credit card numbers or other information used in identity theft schemes from individuals.

Some fraudsters use features facilitated by Voice over IP (VoIP). Features such as caller ID spoofing (to display a number of their choosing on the recipients phone line), and automated systems (IVR).

How to Avoid Phishing, Smishing, and Vishing

  • If you're asked to provide personal or financial information, don't bite. No honest company will ever ask you to transmit personal or financial such info to them over email or the phone.
  • Look for inconsistencies. Maybe there's some bad misspellings in the message, or the company name is capitalized when it should be in lowercase. Phishers are getting better at writing "realistic" copy, but often strange grammar is another giveaway.
  • Is the URL suspicious? If you get a message that claims to be from Amazon but you end up linking to a website without in the URL, you're probably being taken for a ride.
  • Go straight to the source. If you're suspicious about a request made of you, go straight to the official website of the company in question (not the link given to you in the email) and log into your account. If you have an official customer service number on hand, call it and double-check.
  • Protect your email. Make sure you're up to date on anti-virus software, firewalls, and email spam filters.
  • Review your credit card and account statements regularly. If by chance you do happen to get hooked by a phishing scam, you should be able to detect illegal activity on your account through reviewing your statements.

New Fraud Detection and Notification System

As part of our continuing effort to bring the best technology and service to our members, we at Alabama Rural Electric Credit Union are upgrading our Fraud Detection and Notification System. Learn More