In observance of Indigenous Peoples Day we will be closed on Monday, October 14th. We'll reopen on Tuesday, October 15th.

Security

Can You Spot a Phishing Scam?

Every day, thousands of people fall victim to fraudulent emails, texts and calls from scammers pretending to be their bank. And in this time of expanded use of online and mobile banking, the problem is only growing worse. Do you think you know how to protect yourself from these scams? Take a quick look or take this quiz and find out!

The Federal Trade Commission’s report on fraud estimates that American consumers lost a staggering $8.8 billion to phishing scams and other fraud in 2022—an increase of 44% over 2021. It’s time to put scammers in their place!

Online scams aren’t so scary when you know what to look for. And at OlyFed, we’re committed to helping you spot them as an extra layer of protection for your account. We want every bank customer to become a pro at spotting a phishing scam. It starts with these four words: Banks Never Ask That. Because when you know something sounds suspicious, you’ll be less likely to be fooled.

THESE 4 PHISHING SCAMS ARE FULL OF RED FLAGS. CAN YOU SPOT THEM?

An example of a text scamText Messages

If you receive a text message from someone claiming to be OlyFed and asking you to sign in, or offer up your personal information, it’s a scam. Look for …

Strange Phone Numbers: Slow it down. Is that the number OlyFed usually uses to send text messages? Legit text message updates come from an official 4-5 digit number used by your bank.

Urgent Warnings or Requests: Take a breath. Phishing texts try to create a sense of panic, such as threatening to suspend your account or urging you to log in to verify. OlyFed would never do that!

Odd Grammar or Spelling Mistakes: Spot check! If you see misspelled words or odd grammar they are all clear signs of an impersonator.

Requests for Personal Information: If a text message requests personal or sensitive information, such as account numbers, PINs, passwords, or social security numbers, you KNOW it’s a scam.

Suspicious Links: OlyFed rarely — if ever — sends links via text. Don’t click them. Instead, verify the message by visiting olyfed.com or calling the number on the back of your card.


An email scam exampleEmails

Watch out for emails that ask you to click a suspicious link or provide personal information. The sender may claim to be us, but it’s a scam. Look for …

Unusual Email Address: Slow it down. Does that look like an email address we would use? Be wary of unexpected emails from addresses that aren’t like the ones OlyFed typically uses.

Misspelled Words: Spot check! If you see misspelled words or odd grammar, they are all clear signs of an impersonator.

Scare Tactics: Don’t panic. If an email uses scare tactics, such as urgent warnings of account closure or security breaches, you can safely assume it’s a scam.

Suspicious URLs: Hold up — OlyFed will never ask you to log in via email. Phishing emails use deceptive URLs to take you to malicious websites. Never click links that you weren’t expecting.

Unexpected Attachments: Something’s phishy, because OlyFed will never send an email attachment — especially when you didn’t ask for it. Attachments can contain malware that can compromise your computer or personal information. Never click on attachments from emails supposedly from your bank.


An example of a phone scamPhone Calls

Would OlyFed ever call you to verify your account number? No! Banks Never Ask That. If you’re ever in doubt that the caller is legitimate, just hang up and call us right back at 360-754-3400. Look for …

Unusual Caller ID: While caller ID can be spoofed, legitimate calls from OlyFed are more likely to display an official phone number or a known identifier. If not, be very skeptical.

Scare Tactics or Threats: Phishing calls rely on a sense of urgency. If the caller pressures you into immediate action or threatens negative consequences, just hang up and call the number on the back of your card.

Asking for Personal Information: OlyFed will rarely ask for your account number, PIN or password during a phone call — and will NEVER ask for a one-time login code. Never share such confidential details unless you’ve called the number on the back of your card.

Calling you unexpectedly: Be very skeptical of calls you receive out of the blue. Normally, our bank representatives will only reach out if you initiate contact first. Stay safe by ending the call and dialing the number on the back of your card.


An example of a text scamPayment Apps

Beware of text messages from someone claiming to OlyFed and saying your account has been hacked. The scammer may ask you to send money to a new account they’ve created for you but that’s a scam!

Unexpected Requests: Be cautious if you receive unexpected requests from strangers or organizations asking you to send money through a payment app. This is a scammer move.

Sending Money to Yourself: If someone who claims to be an OlyFed representative and you have to send money to yourself, you can be 100% certain it’s a scam. Banks never ask that.

Overpayment Claims: Be skeptical if a sender claims to have accidentally overpaid you through Zelle® and requests a refund of the excess amount. Scammers use this tactic to trick you into sending them money.

Suspicious Links: If you receive a payment app-related message that contains a link, never click it. Scammers often send links to fake login pages to steal your username and password.

Pressure and Urgency: Scammers attempt to trick you by creating a sense of urgency. If they mention unforeseen emergencies, unverified transactions, account suspension or unsolicited prize winnings, it’s a scam.

Woman using cell phoneYou’ve probably seen some of these scams before and it could be helpful to share them with younger or older people that may not be as savvy yet. For tips, videos and an interactive quiz to help you keep phishing criminals at bay, visit www.BanksNeverAskThat.com. And be sure to share the webpage with your friends and family or download the easy-to-read PDF below.

Scam ID (English)