Michigan Schools & Government Credit Union
Michigan Schools & Government Credit Union
Michigan Schools & Government Credit Union Go to main content
Home > MSGCU Security Center> Protect My Phone

Phone Security

What You Should Know About “Vishing”

What is vishing?

The term vishing comes from mixing "voice" with "phishing," which are scams that intend to trick consumers into supplying personal information usually financial in nature. Vishing is the term for stealing information or money from consumers over the telephone.

How does vishing work?

Usually the thief will use caller ID spoofing, which makes the telephone network display a number from a legitimate or well-known source, when in fact that is not where the call originated. This is very similar to e-mail spoofing, which makes e-mails look like they are coming from a trusted source.

Vishing attacks usually have an automated recording setup to call a consumer telling them that their credit card(s) or ATM/Debit Card has been flagged for fraudulent activity. The recording then asks the consumer to provide a card number, PIN code, and/or Social Security number to verify their account, or the recording provides a toll-free number directing the consumer to call and provide account details.

Note: Michigan Schools and Government Credit Union will never ask you for personal information via e-mail. You will never be asked to provide your full social security number, VISA card number, account number, or PIN through e-mail.

What can you do to protect yourself?

  • Be suspicious of all unknown callers. You should be just as suspicious of phone calls as you are of e-mails asking for personal information.
  • Do not trust caller ID. Just because your caller ID displays a phone number or name of a legitimate company, it does not guarantee the call is really coming from that number.
  • Call them back. If someone is selling you something or asking for information, tell them you will call them back. Verify the company is legitimate by calling them back using a telephone number from a bill, statement, or other trustworthy source – rather than what they provided you in the call.
  • Register your number. Visit the National Do Not Call registry at www.donotcall.gov. If you are on the list and receive a call from a suspected telemarketer, this could be a tip that the offer is fake.
  • Report incidents. Report vishing calls to www.ftc.gov or call 888.382.1222 . The FTC would like to know the number and name that appeared on your caller ID, as well as the time of day and the information discussed or heard in a recorded message.

It is all part of setting things right for yourself and protecting your path to financial success.

Reardon, Marguerite. “Protect Yourself From Vishing Attacks.” CNet News. 19 May 2009 <http://news.cnet.com/8301-1035_3-10244200-94.html>

Text Message Security

What You Should Know About “Smishing”

What is smishing?

The term smishing is short for SMS (short message service) phishing, which is a mobile text scam intending to trick a consumer into downloading malicious software such as a Trojan horse virus or to request someone to provide personal information. The text message may direct the recipient to a website URL or a phone number that connects to an automated voice response system where personal information is collected.

How does smishing work?

The smishing message usually contains something that requires the consumer’s "immediate attention” such as reactivating a suspended credit card. It may direct them to a legitimate looking website that will ask them to “confirm” their personal financial information, such as their credit/debit card number or CVV code (on the back of their credit card). If a phone number is given, an automated voice response system will ask the consumer for the same information. Once obtained, the fraudsters will use this information to create new cards to make unauthorized purchases or withdrawals.

Here is an example of a smishing message:

"Notice - this is an automated message from (a credit union or bank), your ATM card has been suspended. To reactivate immediately call 866-###-####."

In many cases, the smishing message will show that it came from "5000" instead of displaying an actual phone number. This usually indicates the SMS message was sent via e-mail to the cell phone, and not sent from another cell phone.

Note: Michigan Schools and Government Credit Union will never ask you for personal information via text message. However, we may contact you via the telephone to verify suspicious credit card activity and may ask you to confirm your address, birth date, and the last four digits of your social security number to verify your identity. You will never be asked to provide your full social security number, VISA card number, account number, or PIN.

Setting things right for yourself on the path to financial success includes protecting your account information. What can you do to protect yourself?

  • Be suspicious of all unknown text messages. You should be just as suspicious of text messages as you are of e-mails asking for personal information.
  • Register your number. Visit the National Do Not Call registry at www.donotcall.gov. If you are on the list and receive a text message from a suspected number, this could be a tip that the message is fake.
  • Report incidents. Report smishing text messages to www.ftc.gov or call 888.382.1222. The FTC would like to know the number that appeared on your caller ID, as well as the time of day and the website address or telephone number listed.
  • Contact the Credit Union using published telephone numbers from your statement or via secure e-mail within our Internet Account Access. Our telephone number is 586.263.8800 or toll-free at 866.674.2848.