By: Jim Stickley and Tina Davis
It’s not what you’d expect with the usual phishing attacks, but it seems that’s the point. A new flurry of phishing is sending written letters to prospective victims. The letter in your mailbox appears to be from your financial institution, and that leads to trusting what it says. Using the mail is an old school tactic from scammers and it only takes one victim to bite the hook.
This scam likely works because these days we expect to get phished via email, text, or phone. But the regular mail? Nonsense! As such, we lower our guard when a letter from the bank ends up in our mailbox. But make no mistake, this phishing letter uses the same tactics. That means we can expect a message about a problem with our bank account that needs our attention asap.
The new twist with this phishing scam is that it includs a “convenient” QR code should you want to further investigate the situation. But scanning the code brings you to a bogus, duplicate website that looks like the real deal. It’ll ask you to enter your account details like account number, username, and password. Once done, your credentials are now in the hands of the scammers behind the phishing letter.
There’s quite an effort going into this phishing scam starting by using a financial institutions’ logo for authenticity. Then, addressing them along with postage and then finally gets mailed.
Protecting yourself from this phishing scam means first calling your financial institution, never using contact info in the letter. Use a bookmarked website to find the contact information. And never scan a QR code without verifying it’s from a legitimate source.
So, the next time you get a letter about an account problem, no matter how legit it looks, pick up the phone and verify it’s for real.
The views, opinions, and ideas expressed in this blog do not constitute legal or financial advice. The writers of these blogs are educated on the topics they are writing about, but they are not attorneys, licensed financial advisors, or registered investment advisors. The information presented in this blog post was deemed to be accurate at the time of publication. First Heritage Federal Credit Union is not responsible for any actions a person may take as a result of the information they read in this blog.
Leave a Reply