5 ways to protect yourself from the common email con of a phishing scam
The emails look official from addresses and with logos that appear to be the real deal.
Maybe it’s a message from your bank, claiming that there’s something wrong with your account; or Microsoft, raising concerns about unusual sign-in activity on your computer; or from e-commerce giant Amazon to inform you that you’ve won shopping points; or even a long-time friend or family member.
At first glance, it might look like the business or friend is just trying to be helpful with a useful link or important information. In reality, it’s mostly likely a phishing scam. Those emails are not from the companies or the people that they appear to represent, but from fraudsters who are just trying to steal your identity and your money.
And it’s likely you’ve been a target. More than half of all email is spam, which often is sent by those with malicious intentions. And not just individuals are targeted. Business -- big and small -- fall for the con. From October 2013 to December 2016, the FBI reports that it had looked into phishing-related crimes that cost businesses $1.6 billion.
Thankfully, if you know what to look out for, it’s easy to steer clear of these schemes.
Never ever -- not once! -- enter your personal information into a site that you land on from a link in an email. That email might look completely legitimate, but it could very well be a trap that’s designed to steal your sensitive and personal information. Any links or files that are included in an email -- especially emails that are unexpected -- could very well connect you to the bad guys. Steer clear.
Go to the company’s website on your own. If you’re wondering if that email actually is from Amazon, Microsoft or your friend, for instance, then contact that company or person on your own. If it’s a company, instead of clicking the link in a suspicious email, open another tab on your browser and punch in the website for the company yourself. From that site, you can log into your account or contact customer service to determine if there is something that you need to know.
Know how banks and financial institutions communicate. Here’s what they won’t do: Email you out of the blue, send you a link and ask you to share personal information such as account numbers and PINs, says the FDIC. “In fact, most institutions publicize that they will never ask for customer personal information over the phone or in an email,” the federal agency writes. Why? Because they already have it.
Consider two-factor authentication: Major email providers, e-commerce sites and social media platforms offer this service to its users to provide them with an extra layer of protection in case they fall victim to a phishing scam. With two-factor authentication, users will need both their password and another factor to log in to their account. That second factor, for instance, might be a special code that is texted to your phone when you sign in to your Gmail account or your Facebook page. With it, if your password is stolen, bad actors still won’t be able to take over your account because it’s unlikely they’ll have access to that second factor.
Know that if it’s too good to be true, it’s too good to be true. We all hope to win millions of dollars or even just some extra shopping points from Amazon. But if you suddenly win a prize that you’re not expecting or receive some other offer out of the blue, it’s likely too good to be true. If you have any doubts, contact the business separately, on your own, by either calling it or typing in its website on your browser.
If you think you’ve received a phishing scam email, the Federal Trade Commission recommends that you report it. Consumers should:
Consumer Education Services, Inc. (CESI) is a non-profit committed to empowering and inspiring consumers nationwide to make wise financial decisions and live debt free. Speak with a certified counselor for a free debt analysis today.
Consumer Education Services, Inc. empowers people to overcome their financial challenges and lead financially-healthy lives.
CESI is NOT A LOAN COMPANY