Expanded Lesson
5 min read
5 Ways to Recognize a Phishing Scam
-
-
Copied link to Clipboard!
You know scammers are out there, lurking behind friendly, seemingly legitimate emails and text messages. They attempt to get your personal information, often by asking you to click on a link. The link will bring you to a website that looks like a legitimate website, but it only exists solely for fraudulent purposes. Did you know that most phishing scams arrive by email? Just 1% attempt to scam you by phone. How can you recognize a phishing scam so you don’t fall prey to one? There are five common giveaways that an email may not be legitimate.
LESSON CONTENTS
1. Companies don’t request your personal information via email.
Unsolicited emails from a company that provide a link or ask you to verify your account details are often a scam. Companies don’t ask you for your bank account information or Social Security number.
2. Companies usually call you by name.
Scammers are sophisticated, but phishing attacks are usually sent to thousands of people at the same time. They often begin with something like, “Dear Customer” or “Dear Amazon Customer.” If this email was actually from your bank, your credit union, or a personal account, they would know who you were and call you by name.
3. Phishing emails prey on fear.
Common phrases used in phishing attacks are:
- Changes to your health benefits
- Action required: new login attempt
- Payment declined
- Security update required
- Important: please read
Sometimes scammers will send an invoice for something that you didn’t order in the hopes that you will click on the link they’ve helpfully provided to cancel this order so they can get your sensitive information.
Certain companies are impersonated more often than others. The most impersonated companies in the first quarter of 2021 were:
- Microsoft
- Amazon
- DHL
- IKEA
- Chase
- Rakuten
- PayPal
If you get an email from any of these companies, you should be suspicious. If you have any doubts, go directly to the website (DO NOT click on a link!) and log into your account. Some scam emails are one gigantic hyperlink, so if you click anywhere on the email, it will initiate a malicious attack.
Hackers are pretty good at recognizing opportunities. During times of general uncertainty, they know people are more anxious and might not be paying as much attention. At the start of the Covid-19 pandemic, phishing attacks increased significantly. During hotly contested political contests, they send out scam emails looking for contributions. The last round of stimulus checks brought a new set of scams.
If an email is targeted to you specifically, that’s called spear phishing. They could be after your financial information, but they could be gathering information to use later.
A newer scam is “sextortion”. Attackers claim they have video of you doing something compromising, and they ask for a ransom in exchange for not releasing the information. Delete the email immediately—they don’t have any such video.
Another thing you can do is enter the exact wording of the email message into a search engine. This will often identify scams.
4. Legitimate companies know how to spell and use grammar.
This is the easiest way to recognize a phishing scam. Legitimate companies employ people with excellent grammar and spelling skills to write emails for them. Did you know that hackers do this on purpose? They use awkward syntax and bad grammar as an attempt to pry on the uneducated.
If the email doesn’t read right, or there are errors especially in grammar or syntax, you should be suspicious.
5. Check the domain address.
This is often overlooked by even savvy consumers. Hover your mouse or your cursor over the link in the email address, and the destination address should appear in a bar along the bottom of the browser. If there is a string of random letters and numbers after the company name, it could be a phishing attack. Sometimes companies do include varied domains to send emails, in which case you should make sure that the link in the text matches the URL.
What to do if you’ve been phished.
If you think a scammer has obtained your information, go to IdentityTheft.gov and follow the instructions. You should also:
- Change all of your passwords immediately. You should change your passwords every three months or so, but especially after a phishing attack. Consider using a password manager to keep track of them all.
- Get anti-virus software and scan for viruses as soon as possible.
- Disconnect from the internet as soon as possible. You may be able to prevent the hacker from gaining remote access to your computer or from installing malware.
- Contact the company that was spoofed. Companies have departments dedicated to dealing with fraud. You can also report what happened to you to the Anti-phishing Work Group, which analyzes and works to prevent phishing attacks.
- Watch carefully for signs of identity theft. If you gave out financial information, check your bank accounts and credit card accounts for signs of fraud. You should also contact credit reporting agencies to let them know. Keep an eye out for new credit inquires that you didn’t authorize.
- File a report with the Federal Trade Commission (FTC).
- Don’t be too hard on yourself. While most people think they can recognize a phishing scam, hackers know that it only takes one moment of inattention.
Hopefully, you won’t fall victim to a phishing scam but if you do, you’re definitely not alone. Scammers send phishing emails because they work. Not clicking on random links or attachments will go a long way towards protecting yourself.
Related Resources
View All
Expanded Lesson
5 min read
5 Ways to Recognize a Phishing Scam
You know scammers are out there, lurking behind friendly, seemingly legitimate emails and text messages. They attempt to get your personal information, often by asking you to click on a link. The link will bring you to a website that looks like a legitimate website, but it only exists solely for fraudulent purposes. Did you know that most phishing scams arrive by email? Just 1% attempt to scam you by phone. How can you recognize a phishing scam so you don’t fall prey to one? There are five common giveaways that an email may not be legitimate.
Expanded Lesson
5 min read
How Do I Know If I've Been Scammed? Common Red Flags
If you suspect you are being scammed, Ent Credit Union is here to help. Money scams can take many different forms. Criminals may claim to be the government, such as the IRS, or even your local financial institution to con you out of your hard-earned money. There are several ways to find out if you are indeed the victim of a scam. Use this guide to protect yourself from scams online and over the phone.
Expanded Lesson
5 min read
What is Phishing & How Does it Work?
You can never be too careful when it comes to managing your money. Cybercriminals and digital hackers often use a technique known as “phishing” to get customers like you to turn over their personal data, including PIN numbers, credit and debit cards, bank statements and other financial information. These kinds of cyberattacks can happen to anyone at any time. That’s why it’s important to learn about phishing, so you can protect yourself and your money from online scams.
Expanded Lesson
5 min read
What is Spoofing and How Does it Work?
Chances are that you’ve been the victim of a spoofing attempt by now. Spoofing is a type of cyberattack where someone pretends to be a trusted source so they can gain access to your personal information. In this article, you’ll learn what spoofing is, and more importantly, what you can do to keep your personal information safe.
Quick Lesson
3 min read
Multi-Factor Authentication: Why It's Important & How to Set It Up
You have passwords for every online store, financial institution and social media website, yet you were still hacked. How is that even possible? Sadly, this is becoming more and more common, which is why multi-factor authentication (MFA) has become more widespread.
Expanded Lesson
6 min read
Scammers Are After Your Money: Here’s How to Stop Them
Most of us know that there are scammers out there, but could you identify one if they called or emailed you? Due to COVID-19, scammers have gotten increasingly clever. Unlike credit card scams where federal law limits your liability to $50, there is no real protection for bank or credit union scams. You could lose thousands of dollars, and you won’t get that money back. Bank scammers can make it look like they are calling from Ent with a fake caller I.D. What can you do to protect yourself from those scammers?
Expanded Lesson
6 min read
Don't Be Fooled: Know What Information Ent Will Never Ask You For
Here at Ent Credit Union, we go to great lengths to protect our members. A new scam has started affecting some of our patrons, and we want to help you stay safe. Learn how to protect your financial and personal information online, so you don’t have to worry about a stranger taking your money. Instead of robbing banks with black hoods over their faces, today’s thieves spend their time scamming everyday consumers and businesses out of their hard-earned money. Suspicious calls, texts, and emails can catch some people off guard, giving fraudsters a chance to drain their bank account.
Expanded Lesson
5 min read
What is Unemployment Fraud? Unemployment Insurance Fraud on the Rise
Since the pandemic, unemployment insurance fraud has been increasing. If you have been the victim of fraud, read this article for steps to take.
Quick Lesson
2 min read
Three Tips to Stay Ahead of Skimming
Don't let thieves steal your card information. Use these tips to help minimize your risk of debit and credit card fraud.
Quick Lesson
2 min read
Check Fraud: Check Fraud Prevention and Tips to Spot Check Fraud
Scams can take many forms as fraudsters are always trying to find ways to be more convincing. They take advantage of gaps in financial knowledge, and weak links in the financial system. By keeping an eye out for these red flags, you can see through the schemes and protect your hard-earned money. Keep this tip from the Federal Trade Commission (FTC) in mind as you read on.
Quick Lesson
4 min read
Protect Your Account: Secure online banking tools and how to protect your account
Ent’s online and mobile banking systems offer multiple fast and easy ways to monitor and control access to your account, helping you watch for fraudulent transactions and providing you with piece of mind. The more quickly and easily you can spot a fraudulent transaction – and alert your financial institution to have it resolved – the less stress and impact it could have on your day-to-day financial activity. Here are a few online banking features we recommend for protecting your accounts:
Expanded Lesson
6 min read
Identity Theft: What to Do If Your Identity is Stolen
Protecting your identity and personal information is especially important in today's digital age. Look for suspicious activity like accounts you didn't open or purchases you didn't make. If you suspect you're a target of identity theft, read this article to learn what steps you can take to help protect yourself.