Phishing is the attempt by fraudsters to trick you into handing over personal information such as your credit union details, usernames, or passwords via email, by pretending to be from a trustworthy source such as your Credit Union. The information they gain can then be used to access your current account or debit cards.

The criminal typically sends thousands of generic emails out (like bait when fishing – hence the name phishing) to people whose email addresses have been obtained from an unknown source, in the hope of getting a “bite”.

These emails tend to have generic greetings such as “Dear Customer” or “Account Holder”. However, in some cases, a tactic called “spear phishing” is used. In these cases the fraudster has some detail about you (frequently sourced through social media) and may use your name or some other specific detail about you in the email.

The emails try to trick you into clicking on a link in the email by claiming that you need to “verify”, “update” or “reactivate” your account or that you can claim a refund. The link brings you to a bogus website where you are asked to key in your financial or security information. The website will look almost identical to the real thing.

To make phishing emails look like they are genuinely from a well-known company, they include logos and other identifying information taken directly from that company’s website such as your bank, online payment services, or Revenue Commissioners.

The email often imparts a sense of urgency, threatening that your account will be blocked, closed, deactivated or that you will suffer some other negative consequence, if you do not act immediately.

Vishing (a combination of the words Voice and Phishing) is a phone scam where fraudsters target you by phone and try to trick you into divulging personal, financial or security information or into making a financial transfer to them.

A fraudster can phone you, claiming to be from a bank, Credit Union, the Gardaí/Police or a service provider such as a telephone company, internet provider or computer company. They trick you into believing they are a legitimate representative of the organisation and that it is in your interest to give the information they ask for.

Fraudsters can try to extract information from you such as debit card details, PIN number, online banking details, password and personal details such as name, address and date of birth. This information is then used to access your bank account or carry out transactions with your card.

The following are some variations of vishing:

• Fraud on your account: The criminal tells you that there has been fraud on your account and in order to protect the rest of your money you need to move it to a “safe account”. They provide you with account details and get you to transfer money out of your account to a fake account (which belongs to the criminals) either via an electronic transfer or via a money transfer service such as Western Union or Money Gram
• Technical/Phone support Scam: You receive a call from a company saying that there is a problem with your PC, laptop or modem (interne , broad band)that urgently needs to be fixed. For more details click here.
• Courier fraud: The fraudster makes contact with you by phone, advising you that something is wrong with your card and asking for personal information in relation to the card. They then advise you that they will send a courier to collect the card.
• Number Spoofing: The criminal makes contact with you by phone. They hide the number they are really calling from and make it look like they are calling from the phone number of the genuine company.
• There have also been cases where the fraudster encourages the victim to check the validity of their identity or to make an immediate report to the Gardaí/Police. When the individual hangs up their landline, the fraudster holds the line open (by not hanging up). When the individual picks up the phone again to ring the genuine company or the Gardaí /Police they do not realise that they are still talking to the fraudster.

Smishing (a combination of the words SMS (text message) and Phishing) is a scam where fraudsters send text messages to random mobile phones.  The text messages claim to come from a reputable organisation such as a bank, credit union or a service provider e.g. a mobile phone company.

The message will typically ask you to click on a link to a website or to call a phone number in order to “verify”, “update” or to “reactivate” your account. The website link leads to a bogus website and the phone number leads to a fraudster pretending to be the legitimate company. The criminal attempts to get you to disclose personal, financial or security information, which will then be used to steal your money.

Similar to phishing, the messages often attempt to alarm you, claiming that urgent action is needed or it will have negative consequences.