Introduction
Phishing scams are a real problem for individuals and businesses. In fact, in 2017 alone, almost $1 billion was lost to phishing scams. If you receive an email that appears to be from your bank or another financial institution asking you to take action on it (such as changing account information), do not respond to it. Legitimate companies will never contact you by email requesting private information such as passwords or usernames.
The most common way phishers attempt to get information is by posing as someone you know (typically someone high up within the company) who has asked them for confidential information through email. So if you receive an email from someone claiming themselves to be from your bank or other financial institution asking for personal information such as account number(s), password(s), user name(s) etc., DO NOT UNDER ANY CIRCUMSTANCES provide them with this information!
Don’t open suspicious emails.
The best way to avoid falling victim to a phishing scam is to not open suspicious emails.
If you receive an email from an unknown sender, don’t open it. If the sender’s name doesn’t match up with your records or if you’re unsure about whether or not they actually sent the message, don’t click on any links or attachments in the message body. If there are spelling mistakes or grammatical errors within their emails (e.g., “your account” instead of “you’re account”), delete them immediately–it could mean that scammers have compromised your account and are trying to trick others into giving away personal information by impersonating trusted sources like banks and websites
If you receive an email from someone claiming to be from your bank, other financial institution or credit card company and asking you to take action, contact that company directly using a different communication channel (such as phone or in-person) and ask for confirmation of their request.
If possible, use a secure communication channel such as encrypted email when contacting your financial institution.
Avoid attachments and links to unknown sites.
If you are unsure, ask the sender to resend the email without an attachment or link.
If you receive an attachment from a person or organization that you do not know, be cautious about opening it as it could contain viruses that may damage your computer and steal personal information.
If you receive an email with broken spelling or grammatical mistakes, it is likely fraudulent.
If you receive an email with broken spelling or grammatical mistakes, it is likely fraudulent.
The sender may be using a fake email address and could have sent the message from an untraceable location. A scammer may also use a free email service that does not require a password, so they can’t be traced by their IP address (the number assigned to your computer when connected to the internet).
Some email phishing scams are obvious and easily detected by the recipient’s common sense and skepticism. Others are more sophisticated and designed to look like they come from a familiar source like your bank or a friend, so they may be more difficult to spot as fraudulent.
If you receive an email that looks like it has been sent by someone you know but is asking for personal information or money, don’t click on any links in the message–instead, contact that person directly using another method of communication (phone call or text message) to confirm whether it really was them who sent the email before responding.
Be wary of suspicious emails that ask you to action items that usually require human interaction such as changing account information.
Phishing emails are designed to trick you into giving up your personal information. If an email asks you to click on a link or open an attachment, don’t do it!
Be wary of suspicious emails that ask you to action items that usually require human interaction such as changing account information (e.g., password resets). These types of phishing attacks may be sent by email or text message and often appear as coming from legitimate companies like banks or other financial institutions.
Conclusion
If you receive an email from someone claiming to be from your bank, other financial institution or credit card company and asking you to take action, contact that company directly using a different communication channel and ask for confirmation of their request. Some phishing scams are obvious and easily detected by the recipient’s common sense and skepticism. Others are more sophisticated and designed to look like they come from a familiar source like your bank or a friend so they may be more difficult to spot as fraudulent.