Phishing, SMishing & Vishing
Phishing
Phishing is when Internet fraudsters impersonate a business to trick you into giving them your personal information, such as usernames, passwords and credit card details. Legitimate businesses don’t ask you to send sensitive information through insecure channels.

For example, a fraudulent e-mail may state that NCUA will add money to the member's account for taking part in a survey. The link embedded in the message directs members to a counterfeit version of NCUA's website with an illicit survey that solicits credit card account numbers and confidential personal information. NCUA will never ask credit union members or the general public for personal account or personally identifiable information as part of a survey.

Tips:

Don’t select links in e-mails that ask for personal information.
Never open unexpected attachments.
Delete suspicious messages, even if you know the source.
 

SMishing
Phishing via SMS, or SMishing, uses cell phone text messages or SMS (Short Message Service) to trick you into providing personal and financial information. Smishers may use URLs or an automated voice response system to try and collect your information.

Tip: In some instances, criminals have used malicious software in their text messages solicitations. To prevent further security issues, completely remove unsolicited text messages from your phone. This may take two steps: deleting the text and then completely removing it from your device.

Vishing
Phishing by voice, or vishing, exploits a general trust in landline telephone services. The victim is often unaware that voice over Internet Protocol (VoIP) allows for caller ID spoofing, thus providing anonymity for the criminal caller. Rather than providing any information to the caller, the consumer should verify the call by contacting the financial institution or credit card company directly, being sure to use the institution’s accurate contact information (i.e., do not use contact information the caller provides).