What is “phishing”? Phishing is an attempt to steal your personal information, such as passwords, account numbers, or Social Security numbers. Phishing scams use email or text messages to trick you into giving access to this information. If the scam is successful, identity thieves could gain access to your email, bank, or other accounts.
Phishing scams are one of the most common ways for data to be breached. The FBI’s Internet Crime Complaint Center reported that people lost $57 million to phishing schemes in one year.
Now for the good news: there are simple precautions you can use to protect yourself against these scammers. Here are five red flags to keep an eye out for when determining whether an email or text is a phishing attempt:
- Sense of urgency or threatening language
- Unfamiliar or unusual senders or recipients
- Spelling or grammar errors
- Request for money or personal information
- Call to action, such as clicking a link or downloading an attachment
If you are unsure about an email or text you’ve received, there are additional measures you can take to inspect it closely.
- Hover over any email links to display the preview URL
- If the URL is from an unfamiliar or suspicious domain, don’t click on it.
- Independently navigate to the website of the organization in question to confirm any information provided in the text/email
- Scam emails or texts may lead to “spoof” websites that mimic legitimate sites. Instead of clicking through links, access the website in question using a trusted method.
Training yourself to identify phishing emails or texts is a good step toward keeping your information safe and avoiding data breaches.
You should also report the phishing message to the FTC at ftc.gov/complaint.