Scammers are becoming increasingly intelligent and are developing new ways to access consumer funds and personal information. Here at CTFCU, our biggest priority is the financial wellness of our members, and that includes keeping them and their money safe. To ensure member safety, we put together this series to help you recognize the signs of fraud and ways to protect yourself.
Next in our series: Phishing Scams
Phishing is a tactic used by scammers to obtain sensitive personal information like your social security number, account credentials, credit/debit card numbers, etc. With this information, scammers have the ability to potentially steal your identity, access your funds, or open other accounts under your name.
Spotting a “Phish”
Phishing communications come in many forms like emails and text messages, often appearing to be from reliable sources. The messages usually contain an urgent reason for the communication. For example, the fraudster may send an email stating that your payment information is no longer valid for your streaming service. To prevent from having your subscription canceled, the message directs you to click a link to update your payment details.
Before clicking any links or opening attachments in an email, think about the following:
- Is this an unexpected communication? If so, try to contact the sender using a verified phone number or email address to confirm the legitimacy of the email. Do not reply to the email or call any phone numbers listed in the communication.
- Does the sender address look unfamiliar? Always double-check the sender’s email address. If the message looks to be from a familiar company, but not from the official corporate email address, this is likely a phishing email and should be deleted.
- Is there an attachment or link? Links and attachments in any unverified email are suspicious. You can check the link by hovering your mouse over it to see where it actually goes. See the example below.
- Urgent action is required. Be wary of messages that request urgent action. This is a common tactic used by criminals to convince consumers to act without thinking. Take time to verify the email before acting.
- Does the sender request sensitive information? Be wary of any communications that request information like your passwords, account numbers, or messages that ask you to click a link and log in to a secure profile. Never log into a secure account using a link from an email. Open your browser or a secure mobile app to log in from a verified website URL.
Protecting Yourself from Phishing Scams
While spam filters can help keep malicious emails out of your inbox, scammers are consistently finding new ways around those parameters. The following can help prevent their tactics:
- Arm your devices with up to date security software. The software should be set to update automatically to fight new security threats.
- Backup all data consistently on an external hard drive or cloud storage.
- Avoid entering your email on random websites.
- Never use the “Auto-fill” function to enter your personal information (name, address, phone, or payment information). Crooks can access this information without your knowledge if you do happen to visit a fraudulent web page.
- Update your passwords often.
If You Are a Victim of a Phishing Scam
Consumers who have received a phishing message should report the attack to the FTC at ftc.gov/complaint or the Anti-Phishing Working Group at firstname.lastname@example.org then delete the message. If you clicked a link in a phishing email and believe you may have downloaded any malware, update your computer’s security system and run a scan. Those who may have responded to the message with personal information should go to IdentityTheft.gov.