Products & Services
Checking AccountsSavings Accounts Business Services Public Finance Group Merchant Card ServicesResource Online
(Merchant Service Customers)
Convenience Products Visa Check CardMobile Banking First Call Banking Online Banking Apply for Online Banking Apply for Online Bill PayAccess Online Banking NowDirect Deposit Overdraft Protection
About Your Bank
Who We Are Our LocationsHours of Operations Items For Sale Job Opportunities Contact UsBank Holidays

Find ATMs
Member FDIC/ Equal Housing Lender

How Phishing Works

What is Phishing?
How Phishing Works
How to Protect Yourself from Phishers
Browsers Can Help Protect You from Phishing




How Phishing Works

Phishing is a form of Internet fraud that aims to steal valuable information such as credit cards, social security numbers, user IDs and passwords.

By Email
The most common form of phishing is by email. Pretending to be from your financial institution, or a legitimate retailer or government agency, the sender asks you to “confirm” your personal information for some made-up reason. Typically, the email contains a link to a phony Web site that looks just like the real thing – with sophisticated graphics and images. In fact, the fake Web sites are near-replicas of the real one, making it hard even for experts to distinguish between the real and fake Web sites. You enter your personal information onto the Web site – and into the hands of identity thieves.

By Phone (Referred to as: “Vishing”)
Phishers also use the phone to hunt for personal information. Some, posing as employers, call or send emails to people who have listed themselves on job search Web sites.

By Mobile Phone (Referred to as “Smishing”)
"Smishing" is the sending of text messages to cell phones to solicit personal information. In a banking context, SMS text messages often appear to come from the victim's own financial institution and may indicate that his or her ATM or Check Card is being deactivated or has expired. The text asks the recipient to contact a phone number to reactivate the card and provide his card number, PIN, and the three-digit security code. This stolen information is then used to withdraw funds from the customer's account.

Smishing also can be used to send messages that include a URL (Web address), which, if activated by the victim, downloads malicious software to the mobile phone that could allow a phone with Internet capabilities to be controlled by hackers.

Something’s Phishy If…
While phishing scams can be sophisticated, the following features are often indicators that something is “phishy.”


Be aware of a potential scam if:
… someone contacts you unexpectedly and asks for your personal information such as your financial institution account number, an account password or PIN, credit card number or Social Security number. Legitimate companies and agencies do not operate that way.
… the sender, who is a supposed representative of a company you do business with, asks you to confirm that you have a relationship with the company. This information is on record with the real company.
… you are warned that your account will be shut down unless you “reconfirm” your financial information.
… links in an email you receive ask you to provide personal information. To check whether an email or call is really from the company or agency, call it directly or go to the company’s Web site (use a search engine to find it).
… you are a job seeker who is contacted by someone claiming to be a prospective employer who wants your personal information.

Sample Phone Calls

Sample #1:
"Is this Mr. Smith? I'm calling from XYC Bank. Do you have a Visa® card? I need to verify your account number because it appears that someone may be fraudulently charging purchases to your account. Can you read me the account number and expiration date on the front? OK, now the last four digits on the back..."

Sample #2:
"Hello, Mildred Brown? I represent the ABC Company and our records show that you have an overdue bill of $500 plus interest and penalties. You don't know anything about this bill? Well, there could be a mix-up. Is your address 123 Main Street ? What is your Social Security number...?"

Sample #3:
"This is Detective Thompson calling from the Federal Consumer Agency. Are you Mr. White? We have received several reports of telemarketing fraud involving attempted withdrawals from bank accounts in your area. In order to safeguard your account, we need to confirm your account number..."

Sample Phishing emails


Please remember that First Bank & Trust Company employees will NEVER ask you for your PIN or password.

First Bank & Trust Company will NEVER send e-mails asking for personal or account information, such as passwords, Social Security Numbers, PINs, credit or Check Card numbers, or other confidential information.



 

© First Bank & Trust Company All Rights Reserved. Privacy Policy | Terms of Use | Disclaimer | Site Map