How Do I Protect Against Fraud?

Overview

GCI values you as a customer and is committed to protecting your privacy. We are in the process of updating our spam and virus filter application supporting email. This update requires no action by you. If you get any email messages requesting your username or password for any update, those are phishing attempts. Do not respond to the email — just delete it.

Do not hesitate to contact us if you have any questions or concerns about an email, text message, or phone call you receive from someone identifying themselves as a GCI representative. We encourage you to do one of the following to validate that kind of inquiry:

• Email support@gci.net
• Call GCI customer service directly
  • Residential: 907-265-5400 in Anchorage or 800-800-4800 statewide and in the Lower 49
  • Business: 907-265-5454 in Anchorage or 800-800-7754 statewide and in the Lower 49

Phone scam

Here is an example of a pretexting attempt:

The caller has personal information about the customer, like name, address, or phone number. The caller says they would be willing to take remote control of the GCI customer's computer to install an applicaiton to fix malware or virus issues, requesting permission to connect and get a credit card number. Just hang up on the caller. This is not GCI, nor is GCI providing anyone your personal information.

For more information on this subject and to report possible identity theft, visit the Federal Trade Commission (FTC) website.

In the past, several GCI customers received calls from an individual claiming to be working with different companies, asking what problem the GCI customer had with Windows 7. The calling company name changes, but "Microsoft" and "MB Industries" have been used.

The unidentified caller said they could easily find the problem, and all the GCI customer had to do was to allow the caller to remotely connect to the computer. In these cases, the GCI customer said no and hung up. That was the correct response. This is not GCI technical support, nor is it, to the best of our knowledge, a representative from any valid company. It is a strong phishing/pretexting event. The phone number displayed by caller ID was a disconnected phone number, which means the caller was spoofing the number.

Again, just say no and hang up on the caller.

Fraudulent email alert

GCI internet customers have reported receiving suspicious emails that appear to be from GCI requesting GCI account information. As a general policy, GCI never requests your account information such as account numbers, usernames, or passwords via unsolicited email.

If you get an unexpected email claiming to be from GCI and the message requests you to update or provide sensitive account information or confirm your username or password, do not reply. This is most likely a scam known online as a "phishing scam." Please note that these third parties often send messages that appear to come from GCI email addresses, but they are not.

In addition, do not click on web links sent to you in email and then provide personal or account information on those sites. These links may take you to pages that look similar to GCI, your financial institution, or other familiar sites but are in fact imitation sites set up to acquire your personal information with malicious intent.

The most secure way to access a website it to open your web browser and either type in the site address yourself or use your existing bookmark, not to click on any links in an email. If you receive a phishing message that appears to be from GCI, please forward that message to us at support@gci.net so we can address the issue.

Text messages and SMSishing

Wireless users need to be aware of this possibility. A user receives a text message from a financial instituion indicating their account is locked.

The message provides an 888 phone number to verify the account. If you call the number, a message prompts you for your Social Security Number, credit card number, and driver license number. This then exposes you to identity theft or credit card fraud. Just delete the spam text.

Phishing and pretexting

Phishing and pretexting are attempts to obtain personal information such as usernames, passwords, or credit card information. This information is then used for criminal purposes such as spamming, theft, or identity theft.

• Phishing: The attempt to criminally and fraudulently acquire sensitive information such as usernames, passwords, or credit card details by masquerading as a trustworthy entity
• Pretexting: The act of creating and using an invented scenario (the pretext) to persuade a target (you) to release information or perform an action, typically over the phone

Here are some steps you can take to protect yourself:

• Be suspicious of unsolicited emails and phone calls
  • Delete the email
  • Hang up on the caller
• Do not provide usernames, passwords, credit card information, Social Security Numbers, or dates of birth in an email or over the phone to an unknown source
  • Call them on a phone number you acquire from a different source
  • Visit their website directly or by doing a web search
• Do not click on the links of an email if you need to contact the company
  • Call them on a phone number you acquire from a different source
  • Visit their website directly or by doing a web search
• Do not click on links to coupons in emails from retailers
  • Security experts believe this will lead recipients into phishing schemes
  • It is recommended you go to the retailer's website and navigate to special coupons or promotions listed on the site
• Keep your computer and programs up to date
• Use anti-virus and anti-spyware programs
• If you think the email or phone call may have come from GCI, you should call GCI

GCI takes these attempts seriously and will shut down accounts of GCI customers knowingly participating in such activities. If you are in doubt, please contact GCI.

More subject matter information about these issues can be found online:

• Phishing: Wikipedia and Webopedia
• Pretexting: Wikipedia

More information about how to protect yourself can be found online also:

• Microsoft support
• Yahoo support
• FTC facts for consumers
• eWeek, ways to defend against pretexting

What is phishing?

Phishing is when a scammer tries to impersonate a legitimate entity and requests personal or sensitive information from an unsuspecting person. This information could include financial information, credit card numbers, passwords, or other personal identifying information.

GCI values our customers and is committed to protecting your privacy. We will never ask for your personal information via unsolicited calls, texts, or emails. If you get a questionable request from someone who presents themselves as a GCI rep, hang up or delete the message and contact us through our official GCI support avenues on our website or by phone at 800-800-4800.

What are some common signs of a phishing attempt?

• Incorrect spelling and grammar. GCI and other large corporations have a team that verifies spelling and grammar before sending out external communications.
• Low quality images. We use high resolution GCI logos in all official communications. If it looks grainy, old, or out of place, it's not from us.
• It leads you to an unsecured site. We use high level encryption on our website and communications. Check the URL. If you do not see "https://" at the beginning of the URL, it's not an official GCI site.

How should I respond when I suspect a phishing attempt?

If the scammer claims to be a GCI official, please send us an email at support@gci.net, then delete the original message.

If the sender is not claiming to be GCI, you can report it to the FTC at reportfraud.ftc.gov.

Always be vigilant when entering or transmitting your personal information. If you need further assistance on spam, phishing, or fraud, check out consumer.ftc.gov and identitytheft.gov.

Phishing examples