Protect Your Online Accounts From Phishing
Phishing is a common way for scammers to learn your personal information and access your financial accounts. To help prevent yourself from falling victim to a scam, it’s wise to learn exactly how phishing works. 

What is phishing
Phishing is a social engineering technique that aims to trick you into sharing information, such as your password or account number. Rather than hacking into your computer, social engineering works by gaining your trust and manipulating you. With phishing in particular, a scammer may pose as your friend or a company sending you a text message or an email.

Often times, the message or email will relay a story to convince you to click on an attachment or link. They may say you have an issue with your accounts, you need to confirm confidential information or you need to make a payment. If you click on the attachment or link, malware may install onto your computer or you may be prompted to enter your username and password on a page that is similar to an online financial site or company’s login page. With this information, a hacker can then access your account and steal your information or money.

How to spot a phishing scam
Phishing purposefully disguises messages to look like they are from a trusted source, making it difficult to tell that they are scams. However, there are many clues that indicate when an email isn’t actually from your financial partners. A phishing email may have grammatical errors that a legitimate email wouldn’t have.

Phishing emails may also link to sites with URLs like are either completely different or slightly altered from the URLs of a company’s sites. Before clicking a link, hover your mouse over it, and check that the URL exactly matches the URL of the real site. Even better, do not click any link in an email that asks for your personal information. A reputable site will not ask for your password through an email or text message. If you are concerned about the content of an email, you can call the institution or business directly or log in to your account using a website that you know is real.  

What to do if you think you have been scammed
If you believe, you may have fallen victim to phishing, there is still hope that the scammer has not been able to access your account. According to the FTC, multi-factor authentication, which requires at least two different credentials to access your account, can help protect against phishing. For example, if you only give your password to a scammer, but your account requires both a password and a face scan to log in, they may not be able to log in.

Whether or not you have multi-factor authentication, you should call your financial institution if you believe you gave your credit card number or account information to a scammer. Also, delete any software you downloaded from an email and change your passwords as soon as possible. By acting fast, you may be able to change your password before a scammer even attempts to log in to your account.

Hopefully, by more cautiously reading emails and knowing the signs of phishing, you can avoid these scams. For more information about preventing phishing and scams, visit our Fraud Prevention Center. You can also learn more by watching a quick video about how to protect yourself from identity theft.