5 tips for recognizing scams and phishing attempts and protecting yourself from would-be thieves
You get email that says your bank account is about to be frozen if you don’t act now. Your heart rate quickens a bit. Your mind races. Did I forget to pay a bill? Did someone take my card? Is someone stealing my money?!
It’s unnerving, for sure. It’s also probably a scam.
Take a deep breath and remember: If you have the knowledge, you have the power. You’re in control. You just need to know what to look for.
5 Tips for Identifying Phishing Scams
Phishing is the practice of making calls or sending emails and texts that seem legitimate but are actually attempts to steal valuable information like passwords, credit card numbers and Social Security numbers. Fortunately, there are several ways to identify these phishy feelers.
Tip 1: Look at the language. Are you being pressured into doing something before you have a chance to think? Is the message full of scare tactics threatening to deactivate your account or charge you fees? That menacing sense of urgency almost certainly signals a scam, designed to make you act out of panic. Keep in mind: Your bank will not talk to you like that. When your bank sends you important information, it will be calmly and clearly worded — not an emotional ploy.
Tip 2: Grammar counts. If you receive an email or text marked by grammar errors, misspellings, and incorrect pronunciation, you’re probably being phished. Though no one is perfect, your real bank will take care to communicate with you professionally. It won’t use emojis or informal language in its messages to you.
Tip 3: Your bank will never call, text or email you to ask for sensitive information. A communication requesting account numbers, passwords, PIN or your Social Security Number is a definite red flag. Absolutely do not give out personal information over the phone or via email.
Tip 4: Avoid the unknown. If a message asks you to visit an unfamiliar website or call a number different from the one on the back of your check or credit card, don’t do it! Contact your bank using that phone number on your card instead. Also, check web addresses carefully. Often, scammers will use a url that’s very similar to your bank’s but off by a letter or two. To communicate with your bank digitally, go directly to its website or use the bank’s secure mobile app.
Tip 5: Don’t click on that! Phishing scams frequently include an attachment to download or a link to click. Resist the urge! You’re only one click away from a scammer installing malware on your computer and using it to steal your personal information. Your bank will not send you an attachment. Your bank might ask you to log in to your account, so as mentioned in tip No. 4, look carefully at the link for misspellings or anything else that looks strange. It’s always safer to go straight to your bank’s website and log in from there.
How to Protect Yourself
Even though phishing and other scams are more and more common these days, the good news is there are steps you can take to avoid falling prey. Fraud prevention and scam prevention are easier than you might think.
- Set up multifactor authentication on your bank and email logins. This makes it much harder for a hacker to log in to your accounts, even if they’ve stolen your password.
- Use random or complicated passwords. And please, don’t use the same password over and over again.
- Call or stop by a branch to verify. It’s always better to be safe than sorry. If you’ve gotten an email, call or text that you’re not sure about, contact your bank using a trusted phone number or visit your local branch to talk to someone you can trust.
- Use the latest virus protection software. Scammers and hackers are always coming up with new ways to do their dirty work. Make sure you’re using updated tools to stay ahead of them.
- See something, say something. In addition to blocking sketchy numbers and identifying emails as spam, reporting scams is a critical step to stopping the bad guys. Forward any suspected phishing emails to the Anti-Phishing Working Group at firstname.lastname@example.org. If you got a phishing text message, forward it to SPAM (7726). Then, report the phishing attack to the FTC at ftc.gov
Heritage Bank. Member FDIC.