(See below for the best ways to report these "phishing" scams.)
Using e-mail at work is about as routine as it gets for many. But when Tracy Simon opened her e-mail this week, she got a note that was anything but the usual.
"(It said) my identity had been tampered with; my account was frozen," Simon recalled reading.
The e-mail provided a link to what it called a secure form, asking for personal information, presumably bank routing numbers, account numbers and credit card information. And it appeared to come from her credit union.
"Service@LAFCU.com, you don't question it," Simon said.
Still she was a bit skeptical, so she sent a copy of the e-mail along to LAFCU immediately.
"The credit union and system administrators were able to get it down in roughly an hour," LAFCU Marketing Vice President Pat Spyke said.
It's the second so-called "phishing" scam reported to LAFCU in the last month. And credit union spokesman Pat Spyke says Simon made the right call.
"We have that information. We don't need it."
It appears the e-mails went around across the country, meaning they didn't hack into the LAFCU computers. Still, it's a growing problem, according to Michigan Attorney General Mike Cox.
"If you think about it, it really is a great scam," Cox said.
He says his office gets more than 100 complaints a year on the topic. And he has an additional warning about the scams:
"Even if you start interacting, and you get afraid, and you say, 'I'm going to stop,' they may have set a cookie to get personal information or passwords when you get onto a different website," Cox said.
The credit union stopped this scam before too many made that mistake. But the scammers behind it couldn't be found and likely won't be prosecuted, meaning folks like Tracy Simon...
"If it had been sent to my home I might have clicked on it."
...Could be targeted again.
You can report "phishing" to the financial institution in question, the Michigan Attorney General's Office at 517-373-1140 or the Federal Trade Commission at www.ftc.gov.