Phishing scams are an attempt to steal your personal and financial information. These scams typically involve email, fake web sites or pop-up messages that are used to trick you into handing over personal information such as bank account or credit card information, Social Security numbers, passwords, etc. Knowing how to recognize and avoid phishing can help you protect your information on the web.
Tip 1: Don’t reply.
E-mails requesting personal or financial information are a red flag. Banks and other organizations are aware of phishing schemes and will generally not ask for personal information via email.
Tip 2: Check the URL or link.
If you’re not sure whether you can trust the site or the sender, don’t click on the web site link, even if it purports to come from an official company. Instead, open up a new window, do a search on the company and go to the web site from there. Or, try contacting the company to verify the information. These fake web sites are created to trick you out of personal information. If you find out that the site isn’t legitimate, report it to the FTC. https://www.FTCComplaintAssistant.gov/
Tip 3: Don’t click on links within an email.
Whether you receive an email from your actual bank or a scammer, the safe thing to do is not click on any links within an email. Instead, open your bank web site by typing in the address or using your bookmarks/favorites.
Tip 4: Don’t open it.
If you don’t recognize the person or organization sending you an e-mail, the best thing to do is delete it without opening it. If bank.com emails you asking you to reset your password, but you don’t have an account at bank.com – watch out. This is phishing. Email attachments from unknown senders are also a red flag. Do not open an attachment if you’re not sure who sent it. In general, it’s best to use caution when downloading attachments.
Tip 5: Pay attention to the email subject and spelling.
While each phishing schemer may use a different subject, they tend to be similar. Watch for emails with subjects such as: “Update your account or security features” and “Confirm your username and/or password.” Spammers also seem to misspell a lot in their emails. If you see several spelling or grammar errors, it may be phishing.