As a credit union, we do our best to keep our members’ information and accounts safe. As a result, criminals might try other angles. Instead of trying to get account information from us, they may target our members.

One common strategy involves impersonating the credit union, another financial institution, or their fraud departments, via text messages. These texts can appear to be authentic and may request validation of recent card transactions. The purpose is to gather more information and gain access to your accounts.

SMishing — fraud by text

Sending fraudulent texts is sometimes known as “SMishing” and refers to SMS text phishing. When scammers represent themselves as fraud services, they’re often trying to obtain card numbers, CV2 security codes (the three-digit number on the back of the card), expiration dates, PINs and sign-in information.

Links that go to fraudulent websites may also be included in the text messages. For example, you may be asked to sign in to your account through a link. The linked website may look authentic, but the real purpose is to collect your sign-in credentials.

Valid fraud text alerts do not ask for personal information. Typically, a brief yes or no response is all that’s required to validate or decline a transaction. If you receive a questionable fraud alert from any financial institution:

• Do not click on any links in the text message.
• Do not respond to texts with any personal or account information.
• Contact the financial institution directly to validate or report the text.

Vishing — fraud by phone

Similar attempts to steal personal information may also be made through phone calls. This is sometimes called “vishing.”

If you receive a phone call that seems suspicious, don’t respond. Contact your financial institution or credit card company through a trusted method, such as secure messaging or a primary contact phone number.

Legitimate WSECU texts and calls

WSECU members may receive information regarding loan payments from an automated text system, or they may receive fraud and account alerts via text or email if they have enabled alert notifications. Here are two example WSECU texts:

The only action required for this and any other fraud text alert WSECU sends is to respond with a “Y” or “N.”

All WSECU loan payment reminder texts are sent from the short code 77376 and never ask for personal information, such as Social Security numbers, sign-in credentials or account information.

We may also call members at their request, or if we suspect fraudulent activity related to their accounts. Because it isn’t always easy to discern the difference between a legitimate phone call and a fraudulent phone call, we often ask members to call the Contact Center to continue the conversation.

How to report fraudulent activity

If you received a text, email or phone call from WSECU and believe it is fraudulent, you can report it at phishing@wsecu.org. Please be sure to attach the email or a screenshot of the text so it can be reviewed by our fraud team.

If you responded to the text, email or caller, clicked any links, or believe your accounts have been compromised in any way, please call our Contact Center at 800.562.0999. We’re available 7:00 am-7:00 pm Monday-Friday and 9:00 am-2:00 pm Saturday.