Phishing Scams



You receive an email, phone call, text, letter or pop-up message on your computer from what appears to be a reputable source advising something has taken place and they need to confirm your information for security reasons.


They may ask you to provide any of the following "for verification purposes":

  • Account numbers

  • Date of birth

  • Address

  • Phone Number

  • Password

  • Mother’s maiden name

  • Social Security Number

  • Or any other personal information

In reality, they aren’t verifying anything. They’re stealing that information so they can either sell it, use it against you, or both.   


Why Phishing Scams Work:

With so many security breaches, it becomes difficult to know when something is real and when somebody is simply phishing for your information.  You feel concerned that your personal information or accounts have been compromised, so of course you want to make sure you’re protected. The notification appeared to be official looking, so without thinking or researching, you provide the information requested.  Only later, you start to wonder if you did the right thing.  


What You Need to Know/Do:

  1. Phishing attempts typically come from what appear to be reputable businesses.  Emails and letter will look official, even including the company logo on the document.   Example: If you receive notification from Bank of America that your account has been compromised, ask yourself if you even have an account there or do business with them. Phishing emails get sent to thousands of people. They will typically pick a large bank or company so that the chances of somebody actually having a relationship with them will be higher than if they used a lesser known entity.  If the notification was sent electronically, focus on the “sent address” by hovering over it with your mouse. Make sure it shows the company name in the URL AFTER the @ sign, and make sure it’s the correct address. It should say: xxxxx@bankofamerica.com.   Not bankofamerica@yahoo.com and not xxxxx@bofa.com.  No matter how you receive notification, check it out before you provide any information.  

  2. Never call the number they provide to you unless you verify it from another source.

  3. Never click on any embedded links as those can also download viruses or malware.  

  4. Make sure you have a relationship with the company that allegedly sent the notification.  

  5. Look up the company where your information has been compromised, and call them at a phone number you know to be correct.  

  6. If you receive a phishing attempt, report it!

  • If you receive a phishing email, you can report it to the Federal Trade Commission (FTC) by forwarding it to spam@uce.gov.

  • If you received a phishing text, you can forward it to SPAM (7726).

  • If you receive a phishing letter or phone call, you can report it to the FTC at www.ftc.gov/complaint

7 views0 comments