What are Phishing, Vishing & Smishing?

The Dangers of Phishing, Vishing and Smishing

Phishing, vishing and smishing are methods criminals use to trick you into giving them personal financial information such as credit card numbers, bank account numbers, Social Security numbers, passwords and other sensitive information. They use that information to steal your money or use your good name to open new loans or credit cards.

Phishing uses an email message to gather that information. Vishing uses phone calls or voicemail. Smishing uses an SMS text message to your phone.

How the Scams Work

Criminals create these messages to look like they are coming from your financial institution or another trusted company. Usually, they will tell you that your bank account, your credit card account or other electronic payment account needs to be “updated” or “validated.”

The message will say there are dire consequences if you don't take action, such as your account being frozen or closed.

The message typically provides a link or a phone number, and you are told to follow the link, or make the call, in order to update and validate your account to fix the problem.

By responding to these messages, you allow the criminals to steal your information because you are sent to a website or call center that is structured to seem legitimate. However, any information you enter into this website or give over the phone is captured directly by the thieves.

Know Our Protocol

United Community Bank will never request the following information over the phone, email or text message:

  1. A full debit card number or personal identification number (PIN). If a United representative calls you to verify a recent transaction, we will only ask security questions as set up in your account to verify your identity. We have all other information needed on file, such as your debit card number, Social Security Number and login ID.
  2. An email or text requesting personal information (i.e. social security number) or bank account information of any type. We will never request this kind of information via email or text message. Even if the email appears to be official, ignore this or call us at 1-800-UBANK1 if you’re unsure.
  3. A reply to an email with links requesting online banking credentials. This is a well-known phishing scam. We will never request online banking credentials via an email communication. Avoid clicking on suspicious links, especially if they direct to websites other than ucbi.com.
  4. An offer to facilitate a transfer of funds to a ‘safe’ account or mobile deposit on the customer’s behalf. All transfers and deposits should be made directly by you. We will never prompt you to transfer funds or move your money to an outside account. 

How to Protect Yourself

The U.S. Department of Justice suggests three simple steps to help you avoid becoming a phishing, vishing or smishing victim.

  1. STOP. The message is designed to get an immediate reaction from you by making it seem like an emergency. Do not click any link or call any number included in the message.
  2. LOOK. Think about the message. Does it make sense that your account would be closed if you don't respond immediately to a link in an unexpected message? A safer choice would be to log into your account normally or call Customer Service at 1-800-UCBANK1; don't use the link or phone number inside the unexpected message. If there are no problems or alerts when you log in to Online and Mobile Banking normally or call United directly, you know the unexpected message is fraudulent.
  3. CALL. Let us know that you received a suspicious message purportedly coming from them. A United team member will confirm there’s no problem, and they can warn others about these fraudulent activities.
Access our Identity Theft Emergency Repair Kit for additional detailed information about identity theft and what actions to take if you believe you are a victim of fraud.