What is Phishing?
Phishing is the act of attempting to gain personal information (and sometimes, money) through electronic communications by posing as a trustworthy entity. Communications professing to be from popular social web sites, auction sites, banks, online payment processors, or IT administrators are commonly used to lure the unsuspecting public.
These communications are typically carried out by e-mail spoofing and instant messaging. The e-mails and/or messages contain links to websites that are infected with malware and often direct users to enter details at a fake web site whose look and feel are almost identical to the legitimate one. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.
What is Vishing?
Vishing, or Voice Phishing, is the act of using social engineering over the telephone system to gain access to private personal and financial information for the purpose of financial reward. This fraud technique is typically used to steal credit card numbers and other information used in identity theft schemes. Vishing is difficult for legal authorities to monitor and trace, therefore, consumers are encouraged to take steps to protect themselves.
We encourage you to be highly suspicious when receiving phone calls directing you to provide any personal information. When in doubt, we recommend calling the company's telephone number listed on your billing statement or other official sources as opposed to calling numbers received from messages or callers of dubious authenticity.
What is Smishing?
Smishing, or SMS Phishing, uses cellular phone text messages to deliver a "bait," inducing consumers to divulge their personal information, and a "hook," the method used to capture the information. The message usually contains something that demands the target's immediate attention.
Here is an example of a complete Smishing message that has been in circulation: "Notice-this is an automated message from (a local credit union or bank), your ATM card has been suspended. To reactivate, call 866-
When this number is dialed, the caller is directed to a legitimate-sounding automated voice response system, similar to those used by financial institutions, that will ask that they "confirm" their personal information. This information is then used to create duplicate credit/debit cards that are sold on the Black Market.
What is Malware?
Malware, short for malicious software, is software used to disrupt computer operation, gather sensitive information, and gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. Malware includes, but is not limited to, computer viruses, ransomware, worms, trojan horses, rootkits, keyloggers, spyware, adware, malicious BHOs, and rogue security software.
Whenever any of these are used for malicious purposes, their presence is typically hidden from the user and can be difficult to detect. They can collect almost any type of data, including personal information such as internet surfing habits, user logins/passwords, and bank or credit account information. We highly recommend that you keep your antivirus software up to date and run virus scans on your computer frequently.
Online Security Resources
National Cybersecurity Alliance
Cybersecurity & Infrastructure Security Agency