Phishing is a scam through which one receives a fraudulent email programmed to steal one’s identity or personal information, such as credit card numbers, SSN, bank account numbers, debit card PINs, and passwords. The email typically states that your account has been compromised or accessed, or that one of your accounts was charged incorrectly. The email will instruct you to click a link in the email or reply with your bank account number and password to confirm your identity or verify your account. The email oftentimes threatens to disable your account if you don’t reply. Don’t believe it!
True and legitimate companies should never ask for your account number or password via email correspondence. If you receive a phishing email, consider one or all of the below listed recommendations:
- Do not click any links contained in the email as they typically contain a virus that can harm your computer. Even if links in the email indicate the name of the company, don’t trust them. The links may redirect you to a fraudulent website that appears to be legitimate.
- Don’t reply to the email itself. Instead, you should forward the email to the Federal Trade Commission at spam@uce.gov.
- If you believe that the email is valid you may contact the company using the phone numbers listed on your statements, on the company’s website, or in the phone book. Tell the customer service agent about the email and ask if your account has been compromised.
- If you clicked on any links in the phishing email or replied with the requested personal information, contact the company directly to let them know about the email and ask to have fraud alerts placed on your accounts, have new credit cards issued, or set new passwords.
Vishing
Similar to phishing, vishing scammers also seek to get you to provide your personal information. However, vishing scams use the phone to make their requests, instead of email. You may be directed to call a phone number to verify an account or to reactivate a debit or credit card. If you have received one of these calls, report it to the Internet Crime Complaint Center.