Cybercriminals have recently begun sending text messages that appear to be from the U.S. Postal Service (USPS) saying that you have a package at the post office that cannot be delivered due to an incomplete address and a link or PDF directing you to open.

Once you click on the link/PDF, it’ll open what looks like the USPS website. The page instructs you to enter your personal information (name, address, personal data, credit card number) for your package to be redelivered. The catch is it was a fake site and your information was stolen.

Avoid falling victim to this smishing scam by being wary of unsolicited text messages or unknown numbers. Delete the text message, DO NOT reply and NEVER click on unknown links or attachments. Contact your local USPS office to verify or ask questions.

Additional tips to help you outsmart the fraudsters for any scenario:

• Enroll in push notifications, enable two-factor authentication, and ensure your financial institution has your up-to-date contact information.
• Scammers can use urgency to put you at risk of making sensitive decisions quickly. Don’t rush! Take the time to think through the request and consider whether the call, text or email is real.
• Be suspicious of communications asking for sensitive information – don’t provide personal information.
• Call the family member, friend or company directly. All from a number you know or google search the company and find their phone number on their website.

Questions? Call/text 503.588.0211 or email creditunion@ourgrovecu.com.