Phishing Scams and How to Avoid Them
Phishing is a type of scam where the scammer pretends to be a trusted company or individual in order to steal your personal information. Phishing can happen by email, phone, text message, social media message, or another type of communication.
Phishing scams often try to create urgency by telling you that something is wrong. For example, a scammer may impersonate PayPal, Amazon, a credit card company, or another business and say that someone changed your password or made a transaction on your account. They are hoping you will react quickly, without thinking it through.
In one common phishing scam, you receive an email that appears to be from your bank. The email says that your account has had suspicious activity and asks you to click a link to “verify” your personal information. The link takes you to a “look-alike website” that mimics your bank’s website in order to steal your login information when you enter your username and password. The phishing email could also contain a link or attachment that will begin downloading malicious software when clicked.
The best way to avoid being caught in a phishing scam is to take your time. Stop and think before you click a link or respond to a call or message.
Tips for Avoiding Phishing Scams:
- Do not respond to emails, phone calls, text messages, or social media messages that ask for your personal information.
- If you think it might be legitimate, call the company or individual directly in order to verify. Use a phone number you know is correct, instead of using a number provided by a potential scammer.
- Look closely at the sender’s email address.
- Scammers often use an email address that has a very small difference from the legitimate email address of the individual or company.
- Only open links or email attachments when you are sure they are safe.
- You can hover over links without clicking them in order to see where they go.
- Only enter your personal information into websites that begin with “https” – the “s” stands for “secure” and means the site has extra protection.
- Personal information includes your birthdate, Social Security number, bank account information, credit card number, passwords, and other sensitive information.
Test your knowledge by playing the Federal Trade Commission (FTC)’s “Phishing Scams” game at https://www.consumer.ftc.gov/media/game-0011-phishing-scams.