To most of us fishing refers to casting out a line and hoping to catch a fish. To the identity thief “Phishing” refers to casting out hundreds of thousands of bogus and misleading e-mails and web sites to land your personal and financial information.

The most common approach is the use of an unwanted e-mail message falsely warning of some problem with your credit card, bank, or other account. You are directed to an official-looking web site that asks for your social security number, bank account or credit card information, or other personal and financial information. Recently the game got a little trickier.

I receive about 80 to 100 e-mails everyday. Most I dispose of right away because they are advertisements and newsletters that I requested but don’t have the time to read. Of course there is the spam mail that my security program highlights, but unfortunately a lot still gets through.

One message caught my eye because it was from my credit union, at least that’s what I thought. It said I had been chosen to participate in a survey and for my troubles they would credit $100 into my account. I thought “wow a hundred bucks for taking a customer service survey – piece a cake”!

Now this credit union had given us $100 before as an enticement to move our account from a local bank to their credit union. So I wasn’t surprised that they once again used money to get people to participate in their survey. But when I clicked on the site they told me to I knew something was amiss.

Since I do all my banking on-line I am very well aware of the design and look of this credit unions web site. This new page was just too different and it asked for information that they already had and really didn’t need for a survey about customer service. In addition there was no log in screen which allowed me to use my user name and password. They wanted me to fill in all my personal information, social security number and banking information, etc. before I took the survey. It also didn’t address me as Fred or Mr. Goldenberg; it just said “Dear Credit Union Customer”. If I was chosen by the CU to participate then they must know who I am.

I am not sure these thieves knew that the credit union had given away $100 certificates to people who opened new accounts in the past or it was just dumb luck, but most Phishing expeditions encompass sending out hundreds of thousands of e-mails hoping to reel in some big “phish” on the end of their line and offering some easy money, not enough to seem outrageous but enough to entice, is a new wrinkle that has lots of folks worried.

So I called and spoke to Joanne Anderson, a Member’s Service Supervisor at TBA Credit Union in Traverse City, who was well aware of the e-mail I had received because there had been several other clients who had received the same e-mail and called about it. She stated that, “Phishing has become a real worry for the Credit Union. In our last newsletter (TBA CU) and e-statements we once again reiterated our policy of never asking for personal information. Plus we never e-mail members indiscriminately regarding their accounts or anything like that. We want our members to feel safe and secure when dealing with any of our staff members. As a matter of fact when a member does include information in either an e-mail or phone message we instruct them not to do it again in future correspondence because of the possibility of someone getting the information and stealing their identity”.

Joann went on to say that she receives all of the credit union information about scams being perpetrated throughout the United States and she uses that information to warn the staff and members about scams to watch out for. She said that one of the newest versions of identity thief was called “Vishing”, combining internet and voice, where the e-mail directs you to call a phone number immediately to take care of a banking problem. Once you call you’re asked to provide all the information so they can look up your account and take care of the issue. Of course it a fraud and the only thing that happens are your identity and bank account gets ripped off.

No matter how many warnings are given or how many times it’s said there is always someone who takes the bait and gets hooked.

But I will say it again!

• The Internal Revenue Service, the FDIC, the NCUA, individual Banks and Credit Unions do not send e-mails to customers to get information or correct problems.
• Never give out your personal information online or over the phone – that includes your Social Security number (when I’ve been asked to verify my SS number I tell them to tell me it and I’ll let them know if it’s right or not), credit card number, ATM information or driver’s license number.
• If you think you’ve been a victim of identity theft because of bank fraud you can contact the FDIC at 877-275-3342 or if you receive an e-mail involving a bank you can forward it to alert@fdic.gov; for credit unions contact the NCUA at 800-827-9650 or if you receive an e-mail involving a Credit Union you can forward it to Phishing@ncua.gov
• You can also file a complaint regarding any suspected fraudulent e-mail with the Internal Fraud Complaint Center (IFCC) at www.ic3.gov. The IFCC is a partnership between the Federal Bureau of Investigation, and the National White Collar Crime Center
• Also contact your local police department and file a report. You’ll need it in case there is identity thief involved and you have to prove you’re who you are and what happened to you.

Fred L. Goldenberg is a Certified Senior Advisor and the owner of Senior Benefit Solutions of Michigan. He is also a founding member of the Senior Resource Alliance of Northern Michigan.