Don’t get hooked by scammers out ‘phishing’!
Internet scammers casting about for people’s financial information have a new way to lure unsuspecting victims: They go “phishing.”
Also called “carding,” phishing is a high-tech scam that uses spam to deceive consumers into disclosing their credit card numbers, bank account information, Social Security numbers, passwords, and other sensitive information.
How it works
The scammers send you an e-mail that appears to be from a business you deal with. It could be your internet service provider, online payment service, or bank, for example.
The e-mail says you need to “update” or “validate” your billing information to keep your account active. You are directed to a “look-alike” web site of the legitimate business, further tricking you into thinking you are responding to a valid request.
Unknowingly, you would end up submitting your financial information to the scammers, who would then use it to order goods and services and obtain credit – in your name.
Winchester Savings Bank does not send e-mails requesting personal information under any circumstance. If you receive a message that looks like it came from the Bank and requests personal information, do not respond to the e-mail. Please forward the e-mail to phishing@winchestersavings.com along with your name and phone number, and keep the e-mail since the Bank may have questions about it. Your personal information is secure with us and we want to help you keep your personal information secure from anyone else attempting to use fraudulent methods to obtain it. Do not use the e-mail address provided in this paragraph for general questions about the Bank or your account. Please use the Contact Us tab on the homepage.
Be aware
The Federal Trade Commission (FTC) urges you to take the following precautions to avoid getting hooked by a phishing scam:
- If you get an e-mail that warns you, with little or no notice, that an account of yours will be shut down unless you reconfirm your billing information, do not reply or click on the link in the e-mail. Instead, contact the company cited in the e-mail, using a telephone number or web site address you know to be genuine.
- Avoid e-mailing personal and financial information. Before submitting financial information through a web site, look for the “lock” icon on the browser’s status bar. It signals that your information is secure during transmission.
- Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
- Report suspicious activity to the Federal Trade Commission. Send the actual spam to uce@ftc.gov. If you believe you’ve been scammed, file your complaint at www.ftc.gov, and then visit the FTC’s Identity Theft web site (www.ftc.gov/idtheft) to learn how to minimize your risk of damage from identity theft.
- Visit www.ftc.gov/spam to learn other ways to avoid e-mail scams and deal with deceptive spam.
Don't be an on-line victim
Learn how to guard against internet thieves and electronic scams. Visit the Federal Deposit Insurance Corporation (FDIC) web site www.fdic.gov/consumers/consumer/guard/ for more information on identity theft.

