Your safety is our priority: Essential tips to recognize and prevent spoofing attacks

At Central Pacific Bank, safeguarding your assets and personal information is our top priority. Recently, we've received reports of our customers receiving suspicious phone calls from people claiming to be from CPB, asking for customer’s personal information or online banking login details. Please note that these calls, known as “spoofing,” are not originating from CPB and that we will never ask for confidential information over the phone, email, or text message.

Rest assured that our systems remain secure, allowing you to bank online with confidence. However, it's crucial for everyone to stay informed about these prevalent cyber threats. With the increasing use of spoofing techniques, it is more important than ever to stay vigilant and knowledgeable in safeguarding your personal information.

What is “Spoofing?”

“Spoofing” is the deceptive technique used by cybercriminals to impersonate a trusted source and trick individuals into revealing confidential information, spreading malware, performing an action, or gaining unauthorized access. In a spoofing attack, the scammer disguises themselves as a trusted entity through emails, websites, or caller ID, making it challenging to distinguish between what's real and what's fake.

How to Identify Spoofing

Spoofing can come in various forms, often by just changing one letter, symbol, or number. Keep an eye out for spoofing in the following most common forms:

• Phone calls 
• Emails
• Website
• SMS

Using the methods, criminals will often try to lead you to download malicious software, send money, or disclose personal, financial, or other sensitive information.

Tips to Avoid Being Spoofed

• Phone Calls
  • Don’t answer calls from unknown numbers. Look up the company’s phone number and call the company directly to ask if the request is legitimate.
  • Never give out personal information. Examples include your Social Security Number, username/password, PINs, or answers to security questions you’ve set.

• Emails
  • Examine the email address, URL, and spelling. Scammers will use slight differences to trick you.
  • Don’t click on anything unsolicited. Never open an email attachment or download a link from someone you don’t know.

• Websites
  • Check the URL for any irregularities. Attackers often use similar-looking domains to mimic legitimate sites.
  • Keep your routers, web browser and security software up to date. Oftentimes, they will have the latest security features and protections against spoofing techniques.

• SMS
  • Be wary of fake delivery notifications. Fraudsters may send text messages about fake deliveries or tracking codes with a link. Never click these links.
  • Verify the sender’s email address or phone number. Visit the official website directly to confirm.

Other Ways to Protect Yourself

1. Two-factor authentication: Use a two-factor (or multi-factor) authentication on any account that allows it.
2. Avoid sharing personal information: Be careful what information you share publicly on social media and online. Sharing things like pet names, birthdays, etc. can give scammer information needed to guess your password or answer your security questions.

As CPB’s Executive Vice President and Chief Technology Officer Manny Edmondson emphasizes, “If you are unsure whether a call, email, or text message is genuinely from CPB, please refrain from responding directly to the communication or using any provided contact details. Instead, immediately verify its authenticity by contacting your assigned banking officer, our Customer Service Center at (808) 544-0500, or by visiting any of our branches.”

Discover valuable insights on preventing fraud and scams here.

Additional Information:

• Federal Bureau of Investigation (FBI): Spoofing and Phishing
• American Bankers Association: Protect against phishing scams
• Federal Communications Commission: Tips to Avoid Being Spoofed
• Usecure: How to prevent spoofing attacks and keep your business secure