It’s more important than ever that people know about phishing scams. These can take the form of price offers, threats of sanctions, or even an email or text message.
The sender usually trusts a victim’s curiosity, tries to get them to click, or downloads something dangerous. Other phishing formats may not have links to click on, but rather a phone call to inquire about an account or subscription.
Any unexpected communication asking you for personal information or asking you to download an attachment is a red flag. Many of these messages come from impostors claiming to be trustworthy businesses and organizations. This is “phishing” for social security or social insurance number, banking information, passwords, credit card information, or other personal information to be used in identity theft. Don’t fall for the bait!
How the scam works:
Scammers have a creative variety of cover stories to disguise their true intentions. Phishing messages typically use one of the following three methods to trick victims:
- The message promises a reward (gift card, free item)
- Threat of punishment (unpaid taxes, missed jury, deactivated bank account)
- Seems harmless (a file from the office or colleague’s scanner).
Phishing scams tend to follow a pattern. The victim receives an e-mail, a phone call or an SMS (called “smishing” or SMS phishing). The message urges the target to click a link, share information, call a phone number, or download an attachment that likely contains malware.
Tips to avoid this scam:
- If anything seems suspicious to you, call the company directly or go directly to the company’s website. Don’t click on links in an unexpected email – type the business URL into the browser or search the web to find the right website.
- Do not click, download or open anything that is from an anonymous sender. This is most likely an attempt to access your personal information or install malware on your computer.
- Query generic emails. Scammers cast a wide net by including little or no specific information in their fake emails. Always be aware of unsolicited messages that do not contain your name, the last digits of your account number, or other personal information.