Vishing attack using REGIONAL Federal Credit Union

Phishing, vishing and SMiShing perpetrators usually go for the larger, national retail banks (Chase, Fifth Third, etc.). Their reasoning is that these banks have millions of customers, so if you send out ten million emails, half a million of those people will actually be customers of whatever bank you’ve chosen to impersonate (and several thousand will actually fall for it).

Sometimes they go for the smaller financial institutions, though. Just over the past few days, people have reported receiving calls that claim to come from REGIONAL. Hey, that’s us!

These calls attempt to trick victims into entering their debit card numbers on the phone’s keypad. Since we’ve received several reports from people who tell us they just hung up, I take it as a good sign that many of our members aren’t being fooled, but as I’ve said before: nobody is invulnerable. Even a jaded, cynical scam blogger can be tricked, given the right (or wrong, I suppose) circumstances.

This is one of those cases where asking, “Who initiated contact?” is your best friend. Your phone rang and someone asked you to reveal personal information. That’s your cue to hang up the telephone. No financial institution has any reason to call you and ask for information that they gave to you in the first place.