How To Outsmart Sophisticated Phishing Scams

Can you spot a phishing email, text, or phone call? Stay on top of the latest tips for identifying phishing to protect your money and personal info from scammers.

You’ve probably heard of phishing. But do you really know what it is – and more importantly, how to protect yourself from falling victim to it? Phishing scams have become very sophisticated, but there are some simple things you can do to help protect yourself and keep your personal information safe.

Tips To Avoid Phishing Scams

What Is Phishing?

Let’s start with a basic description: Phishing is a type of scam in which an attacker sends a fraudulent message to trick you into revealing sensitive information, often to access your accounts or commit identity theft.

Phishing attempts usually occur through email, over the phone, or via text message. They can be very well-designed to look or sound like legitimate messages from those you know and trust, such as your financial institution, and may contain a link that directs you to a fake website that also looks legitimate.

How To Detect Phishing Scams

There are ways to avoid phishing scams if you know what to look and listen for. Be on the lookout for these identifying factors:

• Inconsistencies in email addresses. Phishing emails will typically come from an unfamiliar, unusual email address. The easiest way to detect this is to hover your cursor over the sender’s email to reveal the true “from” address. This can help you spot fake emails and can be done without actually clicking into the email itself. For example, if an email allegedly originates from your financial institution, but the domain name reads something else, it’s likely a phishing email. Delete it immediately.
• Unfamiliar greeting or salutation. If a salutation seems overly informal or out of the ordinary, it should provoke suspicion. Pay attention to this kind of irregularity in emails, texts, or even phone calls. For instance, if your financial institution greets you with a nickname you don’t use with your accounts, it’s an indication of phishing.
• Bad grammar, spelling mistakes, or unusual language. Legitimate emails and text messages won’t have these mistakes. However, they’re often found in phishing scams.
• Demand for urgent action. This is a major red flag! Emails, texts, and phone calls threatening some type of negative consequence, loss of money, or missed opportunity are key factors in phishing scams. The urgency prompts you to act without thinking and is what ultimately gets intelligent consumers to fall for these well-designed phishing scams. The scams have flaws, but the panic they create can cause you to act before errors can be spotted.
• Requests for passwords. Do not respond to a text alert, email, or phone call asking for a password, PIN, or any other security information. Never give this information to anyone, even if you think it’s your bank or credit union. They’ll never ask you for this information. Ever.

More Dos & Don’ts To Protect Yourself

• Don’t click on links in an unsolicited email or text message.
• Don’t use the phone number a potential scammer provided in an email or text message. Look up the company’s phone number on your own and call to verify the authenticity of the message or request.
• Don’t give out personal information such as passwords, credit card numbers, bank account numbers, dates of birth, or Social Security numbers.
• Don’t respond to suspected phishing emails, texts, or phone calls, even if you think it would be fun to tease or trick them. It’s best to avoid responding in any way.
• Do be suspicious of anyone pressing you to act immediately.

Summary

If you detect suspicious activity, contact the alleged company directly – don’t click on any links or do anything they’re asking. In the case of your financial institution, call the number listed on the back of your bank/credit union-issued debit card, in your mobile banking app, or the bank/credit union’s official website.

Learn more about scams and ways to protect yourself by visiting aplusfcu.org/security.