Scammers use email or text messages to trick you into giving them your personal information. These are some helpful tips from the Federal Trade Commission to help you protect yourself.
Scammers use email or text messages to try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could gain access to your email, bank, or other accounts. Scammers launch thousands of phishing attacks like these every day — and they’re often successful. The FBI’s Internet Crime Complaint Center reported that people lost $57 million to phishing schemes in one year.
Scammers often update their tactics, but there are some signs that will help you recognize a phishing email or text message.
Check the Email ID
When you receive an email from an unknown source, check the email domain. Be aware that phishing emails may appear to be coming from a company or person you trust.
Check for Links
Spam emails or texts often come with a link asking you to click it, usually to steal your data. Never click within an email or text coming from an unknown source or within an email or text containing any red flags.
Check Spelling and Grammar
One of the easiest ways to identify a phishing email or text is simply by the poor language used in the subject line and even in the body of the message. Read the message and check for spelling and grammatical mistakes.
Check Email Subject
Spammers will often try to panic you by including an urgent subject line. A missing subject line is also red flag.
Fraudulent emails often contain an attachment. Never click on attachments from unknown sources unless you’re confident that it’s from some authentic person. Often attachments contain malicious files that could harm your computer.
Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. They may:
- say they’ve noticed some suspicious activity or log-in attempts
- claim there’s a problem with your account or your payment information
- say you must confirm some personal information
- include a fake invoice
- want you to click on a link to make a payment
- say you’re eligible to register for a government refund
- offer a coupon for free stuff
Phishing emails can have real consequences for people who give scammers their information. And they can harm the reputation of the companies they’re spoofing.
What To Do if You Suspect a Phishing Attack
If you get an email or a text message that asks you to click on a link or open an attachment, answer this question: Do I have an account with the company or know the person that contacted me?
If the answer is “No,” it could be a phishing scam. Go back and review the tips in How to recognize phishing and look for signs of a phishing scam. If you see them, report the message and then delete it.
If the answer is “Yes,” contact the company using a phone number or website you know is real. Not the information in the email. Attachments and links can install harmful malware.
What To Do if You Responded to a Phishing Email
If you think a scammer has your information, like your Social Security, credit card, or bank account number, go to IdentityTheft.gov. There you’ll see the specific steps to take based on the information that you lost.
If you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer’s security software. Then run a scan.
How To Report Phishing
If you got a phishing email or text message, report it to the FTC at reportfraud.ftc.gov. The information you give can help fight the scammers.
How To Protect Yourself From Phishing Attacks
Your email spam filters may keep many phishing emails out of your inbox. But scammers are always trying to outsmart spam filters, so it’s a good idea to add extra layers of protection.
Four Steps To Protect Yourself From Phishing
1. Protect your computer by using security software. Set the software to update automatically so it can deal with any new security threats.
2. Protect your mobile phone by setting software to update automatically. These updates could give you critical protection against security threats.
3. Protect your accounts by using multi-factor authentication. Some accounts offer extra security by requiring two or more credentials to log in to your account. This is called multi-factor authentication. The additional credentials you need to log in to your account fall into two categories:
Multi-factor authentication makes it harder for scammers to log in to your accounts if they do get your username and password.
4. Protect your data by backing it up. Back up your data and make sure those backups aren’t connected to your home network. You can copy your computer files to an external hard drive or cloud storage. Back up the data on your phone, too.