Don’t Get Hooked: How to Recognize and Avoid Phishing Scams

Don’t get caught in a phishing scam! Here’s how to stay safe.

What is phishing?

Phishing is a cybercrime where scammers use deceptive messages to steal victims’ personal information. These messages can impersonate well-known companies, government agencies, celebrities or even people the victim knows. The goal is to create a sense of urgency, fear or curiosity, which often dupes people into clicking a malicious link or providing confidential details.

There are several ways phishing scams play out, including fake emails or texts from banks or credit unions, phone calls posing as tech support, messages pretending to be from a delivery service with links to “track your package” and fraudulent text alerts about unusual activity on your accounts.

Let’s take a closer look at the three most common variations of phishing scams.

1. Email phishing

Email phishing is the most common type of phishing scam. In this ruse, criminals send fraudulent emails that look trustworthy and encourage you to click a link or download an attachment. For example, an email that appears to be from your credit union or bank may instruct you to verify your account by clicking a link and logging in. Unfortunately, the link leads to a fake website where your credentials are stolen.

Red flags to watch for:

  • Urgent language
  • Generic greetings
  • Suspicious email addresses
  • Spelling and grammar errors
  • Unexpected attachments

2. Vishing (voice phishing)

In vishing scams, scammers call victims and pretend to be legit representatives, often pressuring the victim into providing sensitive information. For example, a scammer calls, claiming to be from your credit union’s fraud department. They’ll tell you your account has been compromised and will ask for your PIN to secure it.

Red flags to watch for:

  • Unsolicited calls
  • Requests for personal info
  • High-pressure tactics
  • Spoofed numbers

3. Smishing (text phishing)

Smishing uses text messages to trick victims into clicking on malicious links or sharing private information. For example, a text claims there’s a problem with your delivery and asks you to click a link to update your shipping details. The link leads to a fraudulent site.

Red flags to watch for:

  • Unexpected texts
  • Links to unfamiliar websites
  • Grammatical errors
  • Too-good-to-be-true offers

How to protect yourself

Here’s how to defend yourself from a phishing attack:

  1. Think before you click. Don’t click on links or download attachments from unknown sources.
  2. Verify the source. Contact the organization directly using official contact information, not what’s provided in the message.
  3. Enable multi-factor authentication (MFA). Add an extra layer of security to your accounts.
  4. Inspect URLs. Before choosing to click or not, hover over links to check for inconsistencies.
  5. Avoid sharing sensitive information. Legitimate organizations won’t ask for passwords or personal details by email, text or phone.
  6. Use antivirus software. Keep your devices protected and ensure your software is updated.
  7. Educate yourself. Learn to recognize phishing attempts and stay informed about the latest scams.

Stay safe!

Video Banking