Even the savviest internet users can unwittingly fall victim to phishing scams. Learn more about what phishing is, how to protect yourself from these scams, and what to do if you become the victim of a phishing scam.
2. What is Phishing?
âPhishing is a cybercrime in which a target or targets are contacted by email, telephone or text
message by someone posing as a legitimate institution to lure individuals into providing
sensitive data such as personally identiïŹable information, banking and credit card details, and
passwords.
The information is then used to access important accounts and can result in identity theft and
ïŹnancial loss.â
Source: Phishing.org
3. Common Ploys Used in Phishing Emails
Scammers have been known to use a wide range of messages to get people to provide
their personal information and theyâre always looking for new ways to take advantage
of people. Some common ploys used by phishers include:
â Fake invoices
â Messages about suspicious account activity or other problems with an account
â Links to make a payment
â OïŹers for free things
â Messages about being eligible for a government refund
4. Common Features of Phishing Emails
According to Phishing.org, phishing emails very often have some of the following
features:
â âToo good to be trueâ oïŹers and statements
â Messages that create a sense of urgency to get people to act quickly
â Hyperlinks that are misspelled or, when hovered over with a mouse pointer, show
a URL thatâs diïŹerent from what you expect
â Unusual attachments
â The message was sent from an unfamiliar sender
8. How Can You Tell This is a Phishing Email?
The email looks like itâs from a familiar, trusted company and even uses the companyâs
logo. But the following signs signify the email is part of a phishing scam:
â The email says your account is on hold because of a billing problem, a common
phishing ploy.
â The email uses the greeting, âHi Dear.â A real email would likely use your real
name, not a generic greeting like this.
â The email also includes a link to provide payment information.
10. Protecting Yourself from Phishing Scams
â Install a SPAM ïŹlter to reduce the number of fraudulent and malicious emails you receive.
â Donât trust any email urgently requesting personal information, such as checking account or credit card numbers, Social
Security numbers, user names, passwords, PIN codes or other ïŹnancial information.
â When clicking on links in an email, watch the âaddress barâ of your browser to ensure youâre directed to the authentic,
branded domain. It is easy for a phisher to spoof a web link and redirect it to another web site.
â Rather than using hyperlinks in an email that you suspect may not be authentic, you should directly type in the URL in the
Internet browser address bar. CertiïŹcates for the site ensure that the site you type in is where youâre going. In an email,
hyperlinks may appear to be going to one site, but can direct you to another.
â When entering personal information on secure sites, look for the locked padlock on the Internet browserâs status bar or make
sure that you see https:// at the start of the URL in the address bar. This indicates SSL security is in place, although it does not
guarantee the siteâs legitimacy. Without these, however, the web site is deïŹnitely not secure.
â Be alert to scammers phishing using any communication method and asking you to conïŹrm using any communication
method (phone, fax, email, etc.)
â Keep in mind that legitimate companies would never ask their customers for private information in an email.
Source: USC Credit Union
12. Steps to Take After Becoming a Phishing Victim
â File a police report. Get a copy of the report to submit to your creditors and others that may require proof of the crime.
â Contact the fraud departments of any of the three major credit bureaus to place a fraud alert on your credit ïŹle. The fraud
alert requests creditors to contact you before opening any new accounts or changing information on existing accounts. The
credit bureau is required to notify the other two bureaus after conïŹrming your fraud alert. You will then receive a copy of your
credit report from all three credit bureaus. (See below for contact information for all three major credit bureaus.)
â Contact your credit union or bank and notify all with whom you have a ïŹnancial relationship.
â Immediately close those accounts that you know or suspect have been tampered with or opened fraudulently.
â File your complaint with the Federal Trade Commission (FTC). The FTC maintains a database of identity theft cases used by
law enforcement agencies for investigation. Further information regarding identity theft can be obtained from the FTC at
www.consumer.gov/idtheft or 1-877-ID-THEFT.
â Report the theft of your checks to check veriïŹcation companies.
â Check the post oïŹce for unauthorized change of address requests on your behalf.
â Follow-up all telephone calls with letters and keep a copy of all correspondence.
Source: USC Credit Union