Phishing & Spoofing
What is Phishing & Spoofing?
Phishing is a technique used to gain personal information for purposes of identity theft, using fraudulent "spoofed" e-mail messages that appear to come from legitimate businesses. These authentic-looking messages are designed to lure recipients to "spoofed" websites which attempt to trick the individual into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc.
What should you look for?
- E-mail requesting personal financial information
- E-mails that are not personalized with your name
- E-mails that sound overly dramatic, extreme, or urgent
- E-mail or websites that look unprofessional, often with misspellings and missing images
What are common Phishing scams?
- Bank Account Scam: An e-mail from what appears to be your bank or credit union inquiring about changes to your account.
- IRS E-Audit Scam: An e-mail from what appears to be the IRS encouraging you to complete a questionnaire within 48 hours to avoid penalties and interest.
- Big Purchase Scam: An e-mail from what appears to be a retailer asking you to confirm "a recent large purchase."
- Expired Credit Card Scam: An e-mail from what appears to be your Internet Service Provider asking you to update credit card information.
- Employment Site Scam: An e-mail that appears to be a wonderful job opportunity. You are asked to complete an application that includes your social security number.
How to protect yourself?
- Do not click on links within suspicious emails.
- Report phishing of your Fellowship CU accounts, please send links or forward emails as attachments to .
- Delete the email. No company will ever email you asking you to verify personal information online.
- Log into your online accounts on a regular basis. Keep an eye on your account activity and watch for anything suspicious.
- Make sure an online application or form is secure before filling in your personal/financial information. Look for the “lock” symbol on your browser and check your browsers address bar - it should be "https://" rather than just "http://"
- Don’t fill out forms in e-mail messages that ask for personal or financial information.
- Keep your browser up to date with the latest security patches. Visit your browser developer’s website for information.
Report Phishing or Spoofing:
Forward the e-mail as an attachment:
- If your Fellowship CU account is involved report to
- Company being spoofed using website address you know to be legitimate
- Anti-Phishing Working Group email@example.com
- Federal Trade Commission at firstname.lastname@example.org
- Internet Fraud Complaint Center of the FBI by filing a complaint on their website: www.ifccfbi.gov