Let’s get right to the point: Everett-based Cascade Bank is not e-mailing you trying to get you to verify your account or to do anything else with online banking.
But somebody else is.
And what they’re really looking to do is to rip you off.
Like many of its counterparts around the country, Cascade has been targeted recently in an Internet scheme called phishing.
You’ve probably heard of it before. Phishing (pronounced fishing) is where someone masquerades as a trusted organization, government agency or business and tries to hook you into revealing information so they can tap into your financial accounts or your credit.
Carol Nelson, Cascade’s president and CEO, has been learning a lot about phishing these days as the bank has brought in some federal agents to help it crack down on mass e-mails and to shut down the fake bank sites that the messages direct people to.
“We’ve been the target of several phishing e-mails that are circulating out there,” Nelson said late last week. “There’s a real flock of these.”
In addition to learning more about these scam attempts, Nelson has been learning about new terms like “scraping”.
“The Web site looks good, but it’s not us,” she said of the destination forwarded to e-mail recipients. “They scrape off the face of your Web site.”
Nelson sent a letter to bank customers on Friday and wanted other recipients to know that Cascade wouldn’t send out an e-mail soliciting personal financial information, such as Social Security numbers, bank account numbers and passwords.
“We would never solicit that information by e-mail, nor would any other legitimate financial institution,” Nelson said.
She warned any recipients not to go to any of the links or to open any attachments in the e-mail to ensure they don’t infect their personal computers with a virus or other damaging software that might take over their PC or search it for personal information.
Recipients of any suspicious e-mails that are labeled as sent by the bank should be forwarded to fraudunit@cascadebank.com, Nelson said, adding recipients should then delete the e-mail.
Nelson said the bank installed additional protection for online customers earlier this year and that she knows of no customers who have fallen victim to the e-mailers. None of the bank’s online accounts have been breached, she added.
Phishing is a common and growing ploy that sends out massive numbers of e-mails in hopes of tricking a few people into financial fraud.
Here’s some advice on avoiding it from the Federal Deposit Insurance Corp.:
Never provide personal information in response to an unsolicited request on the phone, by mail or through the Internet.
If you believe the request is legitimate, contact the financial institution using phone numbers or Web sites you have obtained yourself, not the links or numbers provided in the e-mail.
Never provide passwords over the phone or in response to an Internet request.
Check your financial accounts regularly to ensure all charges are correct.
As I mentioned a few weeks ago, the three major credit bureaus have recently set up a process for people who fear they might be a victim to put a credit freeze on their account for a $15 fee.
If you’ve disclosed information in a phishing attack like the one focused on Cascade, you should consider a freeze, which prevents the credit bureaus from responding to requests from retailers, credit card companies and others who want to look at your record before issuing more credit in your name.
That doesn’t prevent someone from doing that, but most companies won’t if the credit bureaus won’t give them any information about you.
To do that, you’ll need to contact all three companies.
Here’s how:
Equifax, 800-525-6285
Experian, 888-397-3742
TransUnion, 800-680-7289
Reporter Mike Benbow: 425-339-3459 or benbow@heraldnet.com.
Talk to us
> Give us your news tips.
> Send us a letter to the editor.
> More Herald contact information.
