March 10, 2023

Overview

Do not hesitate to contact us if you have any questions or concerns about an email, text message, or phone call you receive from someone identifying themselves as a GCI representative. We encourage you do one of the following to validate that kind of inquiry:

1. Email support@gci.net to validate the authenticity of the message if received via email;
2. Call GCI’s customer service directly at:

• Residential: 907-265-5400 (Anchorage) or 800-800-4800 (Statewide & Lower 49)
• Business: 907-265-5454 (Anchorage) or 800-800-7754 (Statewide & Lower 49)

Phone Scam

Here is an example of a pretexting attempt: 

The caller has personal information about customer, like name, address, or telephone number. The caller states that they would be willing to take remote control of the GCI customer’s computer to install an application to fix malware or viruses issues, requesting permission to connect and get a credit card number. Just hang up on the caller. This is not GCI, nor is GCI providing anyone your personal information.

Information on this subject and to report possible identity theft can be found on the Federal Trade Commission site at: http://www.ftc.gov/bcp/edu/pubs/consumer/credit/cre10.shtm

In the past, several GCI customers received a call from an individual claiming to be working with different companies, asking what problem the GCI customer had with Windows 7. The "calling company" name changes, but Microsoft and MB Industries have been used.

The unidentified caller said they could easily find the problem, and all the GCI customer had to do was to allow the caller to remotely connect to the computer. In these cases, the GCI customer said no and hung up. That was the correct response. This is not GCI technical support, nor is it, to the best of our knowledge, a representative from any valid company. It is a strong Phishing / Pretexting event. The phone number displayed by Caller ID was to a disconnected phone number, which means the caller is spoofing the number.

Again, just say no and hang up on the caller.

Fraudulent Email Alert

GCI internet customers have reported receiving suspicious emails that appear to be from GCI requesting GCI account information. As a general policy, GCI never requests your account information such as account numbers, user names or passwords via unsolicited email.

If you get an unexpected email claiming to be from GCI, and the message requests you to update or provide sensitive account information or confirm your username/password, do not reply as it is most likely a scam (also known online as a “phishing scam”). Please note that these third parties often send messages that appear to come from GCI email addresses, but they are not.

In addition, do not click on web links sent to you in email and then provide personal or account information on those sites. These links may take you to pages that look similar to GCI, your financial institution, or other familiar sites but are in fact imitation sites set up to acquire your personal information with malicious intent.

The most secure way to access a web site is to open your web browser and either type in the site address yourself (gci.com) or use your existing bookmark, not clicking on any links in an email. If you receive a phishing message that appears to be from GCI, please forward that message to us at support@gci.net so we can address the issue.

Texting Messages & SMSishing

Wireless users need to be aware of this possibility. A user receives a text message from a financial institution, indicating their account is locked.

The message provides an 888 phone number to “verify” the account. If you call the number, a message prompts you for your Social Security Number, credit card number, and driver license number. This then exposes you to identity theft, or credit card fraud. Just delete the spam text.

Phishing and Pretexting Explained

Phishing and pretexting are attempts to obtain personal information such as username, passwords, or credit card information. This information is then used for criminal purposes such as spamming, theft, or identity theft.

• Phishing: The attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords, and credit card details by masquerading as a trustworthy entity.
• Pretexting: The act of creating and using an invented scenario (the pretext) to persuade a target (you) to release information or perform an action and is typically done over the telephone

Some steps you can take to help protect yourself

• Be suspicious of unsolicited email and phone calls
  • Delete the email
  • Hang up on the caller
• Do not provide usernames, passwords, credit card, social security number, and date of birth on an email or over the phone to an unknown source
  • Call them on a phone number you acquire from a different source
  • Visit their web site, directly or by a performing a web search.
• Do not click on the links of the email, if you need to contact the company
  • Call them on a phone number you acquire from a different source
  • Visit their web site, directly or by a performing a web search.
• This includes emails with coupons to a retailer
  • Security experts believe this will lead recipients into phishing schemes.
  • It is recommended you go to the retailer’s web site and navigate to special coupons or promotions listed on the site
• Keep your computer and programs up-to-date
• Use an anti-virus and anti-spy ware program
• If you think the email or phone call may have come from GCI, you should call GCI.

GCI takes these attempts seriously, and will shut down accounts of GCI customers knowingly participating in such activities. If you are in doubt, please contact GCI.

More subject information about these issues may be found online:

• Wikipedia – phishing
• Wikipedia – pretexting
• Webopedia – phishing

More information about how to protect yourself can be found at these sites:

• Federal Trade Commission: http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.shtm
• Microsoft: https://www.microsoft.com/en-us/safety/online-privacy/phishing-symptoms.aspx 
• YAHOO: https://safety.yahoo.com/Security/PHISHING-SITE.html
• Facts for Consumers, Pretexting, Federal Trade Commission:http://www.ftc.gov/bcp/edu/pubs/consumer/credit/cre10.shtm
• Eight Ways to Defend Against Pretexting: http://www.eweek.com/security/eight-ways-to-defend-against-pretexting

What is Phishing?

Phishing is when a scammer tries to impersonate a legitimate entity and requests personal or sensitive information from an unsuspecting person. This information could include financial information, credit card numbers, passwords, or other personal identifying information.

GCI values our customers and is committed to protecting your privacy. We will never ask for your personal information via unsolicited calls, texts, or emails. If you get a questionable request from someone who presents themselves as a GCI rep, hang up or delete the message and contact us through the official GCI support avenues on our website or by phone at 800-800-4800.

What are some common signs of a phishing attempt?

• Incorrect spelling and grammar. GCI and other large corporations have a team that verifies spelling and grammar before sending out external communications.
• Low quality images. We use high resolution GCI logos in all official communications. If it looks grainy, old, or out of place, it’s not from us.
• It leads you to an unsecured site. GCI use high level encryption on our website and communications. Check the URL. If you do not see "https://" at the beginning of the URL, it’s not an official GCI site.
• It uses an incorrect or misspelled URL. GCI will only link users to https://www.GCI.com. Any other communication is not coming from us.
• It is addressed to several people. All GCI marketing emails and communications will be addressed to only you. If you see several unfamiliar names in the “To” section of an email, it’s probably a phishing attempt.
• Links in text messages. If you receive a text message from an unknown number and it includes a link to an unknown site, it’s probably a scamming attempt.
• A pop-up ad claiming you have won a prize. GCI does not utilize online pop-up advertising. If you see a pop-up ad claiming to be GCI, do not click on it
• You are threatened or extorted to provide personal information. 

How should I respond when I suspect a phishing attempt?

If the scammer claims to be a GCI official please send us an email at support@gci.net, then delete the original message.

If the sender is not claiming to be GCI, you can report it to the FTC at https://www.ftccomplaintassistant.gov/.

Always be vigilant when entering or transmitting your personal information. If you need further assistance on spam, phishing, or fraud, check out these resources:

• https://www.consumer.ftc.gov/
• https://www.identitytheft.gov/

Phishing examples