Imagine this. You receive an email from your local utility company, saying that a bill is two weeks overdue and you must settle payment immediately. You’re positive you already paid the bill, but just to be sure, you click on the link in the email. Now, you’re taken to an unfamiliar website and asked to provide your credit card number in order to settle the bill. There may even be a pop-up saying that if you don’t pay the bill immediately, your electricity will be switched off.
What do you do?
This is an example of phishing. Sadly, phishing is a common scam used by criminals to steal money and personal information from thousands of people every year. To learn more about phishing (what it is, how to recognize it and how to avoid it), read on!
What Is Phishing?
Phishing is a type of scam wherein the victim is incentivized to share personal details with the scammer, or to perform some action—such as downloading a file—which gives the scammer access to the victim’s credit card number or other sensitive information. Phishing happens most commonly via a phone call or email, but phishers may also contact victims via text message, social media, or mail.
What do Phishers Want?
Fraudsters pulling a phishing scam are looking for information. They may be hunting for your full name, address, Social Security Number, employment history, bank account details, driver’s license number, passwords and so on. Depending on what information they’re able to get, the scammer might open a credit card in your name, withdraw money from your bank account, or sell your information to the highest bidder.
How Can I Recognize Phishing?
A phishing scam usually attempts to trick you into believing that you are being contacted by a legitimate organization, such as your bank, a utility company, the IRS or an insurance agency. You may be contacted via telephone or email, with a request for personal information. Look out for communication in which the person demands urgent action and promises a severe consequence if action isn’t taken soon. This is a strong sign that you’re not dealing with a legitimate representative.
In particular, it’s a good idea to be wary of:
What Should I Do in a Phishing Attack?
If you’ve received a suspicious communication and suspect a phishing attack, don’t open the communication, click on any hyperlinks, or download any files. Assuming the communication is coming from a company you recognize, such as your bank or utility provider, call the business at their official phone number to make further inquiries. If you don’t recognize the sender, delete the communication and report it. Either way, be on the lookout for fraudulent charges or suspicious account activity in the coming weeks.
Do I Need to Report Phishing?
It’s a good idea to report suspected phishing attacks, to help anti-phishing groups keep people safe. Head to ReportFraud.ftc.gov to report any attacks or potential attacks to the Federal Trade Commission (FTC). When consumers report their experiences, it helps the FTC to keep updated data on common scams and frauds in your area, which you can also access from the FTC online.
How Do I Protect Myself from Phishers?
Avoiding a phishing scam starts with awareness. Understanding the threats posed by phishing, and what to do if you suspect an attack, is the first step!
In addition be sure to: