Phishing scams are an attempt by scammers to trick you into giving out personal information such as financial account numbers, passwords, personal information, and even credit card numbers. A scammer pretends to be from a legitimate business, such as a credit union, credit card provider, or even a mobile phone provider. They may contact you via email, text, social media, or by phone all in an effort to steal personal or financial information to commit fraud.

The Federal Trade Commission (FTC) reported more than 2.1 million fraud reports from consumers in 2020, with imposter scams remaining the most common type of fraud reported to the agency. According to the FTC, consumers reported losing more than $3.3 billion to fraud in 2020. It’s important to know how to identify a scam.

How to spot phishing scams

 As mentioned above, scammers often use email and text messages to trick you into providing information, such as passwords or even social security numbers. Once in possession of this information, a scammer may be able to access your financial accounts.

Be on the lookout for emails, texts, or calls requesting sensitive information. Your credit union and other legitimate organizations will never ask for social security numbers, passwords, or credit card information via text or email. We will not ask you to verify your account or debit card number via email. Scammers may try to gain your trust by saying they’ve noticed suspicious activity or a problem with your account. If you’ve received an unsolicited email or text from an organization that provides a link and asks you to click and provide sensitive information, it’s a scam.

Take a close look at the email. Legitimate companies will have domain emails. They do not send unsolicited attachments, which are also a sign of a scammer. Be wary of hyperlinks. Avoid clicking a link or image without first verifying the link is legitimate. Hover over the link without clicking to verify authenticity. Watch out for web addresses that resemble legitimate companies but are slightly altered. Never click on an attachment unless you know it’s legit. It’s one of the most common mays to spread computer viruses and give someone else control of your device.

Social media-based phishing uses messages sent via social media instead of email. Scammers may send a malicious link via Facebook, Twitter, Instagram, or LinkedIn. They may pose as a friend to get you to share confidential information.

Phishing emails or messages may come in the guise of a friend needing you to send them money to help with an emergency or being alerted you’ve won a contest but need to click a link for your prize. Look for misspellings, typos, and grammatical errors in emails and texts. Look for generic greetings, such as Dear Customer. They are all signs of a phishing attempt. 

10 ways to protect yourself from a phishing attempt

  • Don’t give your financial account or credit card number to someone who calls you, even for verification purposes.
  • Protect your computer by keeping all software applications up to date. Install anti-virus software and firewalls.
  • Delete a suspicious email or text without opening it.
  • Manually block the sender of suspicious emails.
  • Protect your mobile devices by setting software to update automatically.
  • Do not click on any embedded links, attachments, or pop-ups. Hover to check a link.
  • Protect your accounts by using multi-factor authentication.
  • Routinely review your financial and credit card accounts and statements.
  • Think before you act. Legitimate businesses will not pressure to act immediately.
  • Watch for unsecure warnings from your web browser.

Report phishing and other scams

Think before you click! If you think you’ve provided your account information to a scammer, contact your credit union immediately. Report phishing attempts to the FTC at ReportFraud.ftc.gov.