Phishing: A fraud method in which the fraudster sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. The fraudster sends an email to an unsuspecting customer. That fraudulent email might look just like a legitimate Walmart email (including use of the Walmart logo). If the customer falls for the bait (thus the “fishing” reference), the thief could get credit card numbers, PINs, expiration dates credit card / bank account numbers and even Social Security numbers. Learn more about phishing here.
Vishing: Vishing is very similar to "phishing" but instead of occurring through e-mail it is over the phone. The fraudster will typically pretend to be a legitimate business, and fools the customer into thinking they will profit, such as through a Secret Shopper scam. In these scams, fraudsters pose as a trusted retailer or bank and obtain personal information from the customer by requesting they "verify" the information on file. The information is then used to generate fraudulent transactions.
A good rule of thumb: If someone is contacting you to verify your personal information, it is very likely you did not provide it to them in the first place, and it is not a legitimate request. Legitimate companies will not expect you to provide your social security number or other personal information when they call you. If you receive a call like this, do not provide any information. If in doubt, call back a trusted number for the company, such as in the one on a statement or invoice, the back of your credit/debit card, or on their official website (not the one sent through a suspicious email. Do not use the phone number provided by the person on the phone.)
Smishing: A combination of the terms "SMS" and "phishing." It is similar to phishing, but refers to fraudulent messages sent over SMS (text messaging) rather than email. The fraudster may text you saying you’ve won a free gift card. Remember, you can’t win a contest you didn’t enter. Walmart doesn’t notify winners of any context via text message.
Tips to avoid these scams
- Never provide personal information in response to an unsolicited request, whether it is over the phone or internet.
- Do not respond to any suspicious looking email, automated calls or text messages. A trusted company will never ask a customer for sensitive information over a call you didn’t initiate.
- Don’t trust the Caller Id. Fraudsters can manipulate the Caller ID to have it display a legitimate business’s name. To be safe you can check to see if the phone number matches the number that appears on your bank statement, credit/debit card, or phone book.
- If a credit/debit card company actually calls to notify you of suspicious charges, they will not ask for your personal information. Instead they will verify that they have reached the cardholder and ask for them by name. Then they may ask the cardholder to verify the last 4-digits of their Social Security Number (Note: They will NOT ask for the entire Social, Account, Expiration, or PIN). They will then verify if you made that particular charge or not. If anything sounds suspicious, hang up and call your financial institution directly.
- Avoid fraudulent sites by entering web addresses directly into the browser yourself or by using bookmarks you create.
- If you have fallen victim to such a scam and given out your personal account information, contact your financial institution immediately to protect your accounts, block your cards, fill out a fraud affidavit, and take other protective measures as necessary.
Don't respond or reply to an email, phone call, or text message that:
- Requires you to supply personal or account information directly in the email
- Threatens to close or suspend your account if you do not take immediate action
- Invites you to answer a survey that asks you to enter personal or account information,
- States that your account has been compromised or that there has been third-party activity on your account, then asks you to enter or confirm your personal or account information
- States that there are unauthorized charges on your account, then asks you to provide your personal or account information
- Asks you to enter your User ID, Password or account numbers, PIN or card expiration dates into an email, webpage or text message