Spoofing

Monitor your accounts 

Contact us immediately

Do not respond to texts or click links

Beware of spoofing scams: think before you click

In today’s digital world, scammers are becoming increasingly sophisticated in their methods. One common and dangerous technique is spoofing a form of deception where criminals disguise themselves as a trusted source to steal your personal information or money.

What is Spoofing?

Spoofing is when a scammer falsifies information to make it appear as though their communication is coming from someone you trust like your bank, a government agency, or even a family member. Spoofing can happen over:

  • Phone calls (caller ID spoofing)
  • Emails (email address spoofing)
  • Text messages (SMS text spoofing)
  • Websites (URL spoofing)

The goal is to trick you into giving up sensitive data like passwords, credit card numbers, or to convince you to send money.

Common Types of Spoofing Scams

  • Phone Spoofing
    Scammers can fake the number that appears on your caller ID, making it seem like the call is from your bank, a government office (like the IRS or SSA), or even a local number. They may claim your account is compromised, you owe money, or you're facing legal trouble.
     
  • Email Spoofing
    Emails may look like they’re from a legitimate company, but if you check closely, the email address may be slightly off. These emails often contain urgent messages and ask you to click a link or download an attachment leading to malware or phishing sites.
     
  • Text Message Spoofing (Smishing)
    You may receive a text claiming to be from your bank or a delivery service, asking you to click on a link. These links often lead to fake websites designed to steal your login credentials.
     
  • Website Spoofing
    Fraudsters create fake websites that look exactly like legitimate ones, often using a similar domain name (e.g., g00gle.com instead of google.com). Unsuspecting users may enter their login info or credit card details, handing them over to scammers.

How to Protect Yourself

  • Verify the Source: Don’t trust caller ID or email names alone. If in doubt, hang up or delete the message, and contact the company or person directly using a verified method.
  • Check Links Carefully: Hover over links in emails and texts to preview the URL. If it looks suspicious or unfamiliar, don’t click.
  • Use Multi-Factor Authentication (MFA): Even if your password is stolen, MFA adds a layer of security to prevent unauthorized access.
  • Don’t Share Personal Information: No legitimate organization will ask for your full Social Security number, passwords, or banking PINs via phone or email.
  • Report Suspicious Activity: In the U.S., report spoofing to the Federal Trade Commission at reportfraud.ftc.gov or to your local authorities..
WHAT TO DO IF YOU'VE BEEN SPOOFED

Contact Philadelphia Federal Credit Union’s Loss Prevention department immediately to report any suspicious activity.

Philadelphia Federal Credit Union is a full-service financial institution with locations in Philadelphia, Montgomery and Columbia County, PA.