A form of Phishing, Smishing is a criminal activity that uses social engineering techniques to obtain personal information such as credit card numbers, etc. via text messages. The name is derived from "SMs phISHING". SMS (Short Message Service) is the technology used for text messages on cell phones*.

Many of us have done away with land lines at home and are now providing our cell phone number as our main phone number. By doing this, we increase the risk of being solicited through our cell phones. Receiving a phone call from a number we don't know isn't that big of a deal (caller identity + ignore button = awesome!). However, receiving a startling text message (“PFCU: Your account has been suspended. Call ###.###.#### immediately to reactivate" or "PFCU: is confirming your purchase of $2000 for a Sony TV") is sometimes hard to delete without responding. With industry standard services like eAlerts!, these messages can be very misleading and hard to distinguish between legitimate and criminal.

Go with your gut reaction!
If you have any suspicions about a text message, e-mail or phone call, do not trust it! If you want to know for sure, find the number of the financial institution/company yourself (from their website or other means) and call them to confirm the message is a scam. Never trust the links to websites, phone numbers to call, etc.

Do not respond to anything that asks for your personal information, and do not click on any link in a suspicious messages. Delete it or forward the information to the Federal Trade Commission (FTC) at

* Definition taken from Wikipedia Four actions to take if you are a victim of phishing

Four actions to take if you are a victim of phishing

  1. Contact the credit union (and the company represented in the e-mail) immediately.
  2. Review all credit card and other account statements for unauthorized transactions immediately upon receipt. Take note of when your statements arrive every month and if any of them are more than a day or two late, notify the appropriate companies.
  3. If you've disclosed personally identifying information, contact the three major credit reporting agencies (list links). They will help you determine if a fraud alert should be placed on your file, which will help prevent thieves from opening accounts in your name.
    a. Experian
    b. TransUnion
    c. Equifax
  4. If your response to a smishing attack results in your becoming a victim of identity theft, file a complaint with the Federal Trade Commission and the Internet Crime Complaint Center. Click the "File a Complaint" link on screen.

I have been a customer for over 17 years.  PFCU has competitive rates, personable customer service, and your loan processes are very user friendly.   

Tom Flynn
Member since 1998