You’ve probably gotten an email that looks like it’s from an institution you do business with. It says if you don’t act now, your financial account will be deactivated immediately. This is a common phishing lure used by thieves to get you to take action. They then steal your private information.
Thieves prey on your belief that the threat is real. Many different kinds of phishing threats exist. If you can spot some of their common elements, you may reduce your risk of taking the bait. Here’s how.
Common email phishing techniques
Spear phishing: The attacker learns specific information about you before sending an email. For example, if you recently shared details on social media about buying a new cell phone, the thief may craft a fake email claiming to be your cell phone provider. The message directs you to a fake website to log in and pay your new balance.
Bank phishing: The thief makes an urgent plea for you to log in to a site that looks like your bank or credit union site. It says you must update personal or financial information. That’s where they can steal your personal details.
Link fraud: Thieves send a link in an email. Clicking on it directs you to an unsecure website where they steal your private information.
Don’t take the bait
Keep the following tips in mind before responding to a potentially suspicious email:
- Check the sender’s email address. The address may be so similar to a legitimate business that you could easily overlook a fake (e.g. email@example.com vs firstname.lastname@example.org).
- Review the greeting. If you don’t normally receive emails addressed to ‘Dear Sir or Madam,’ delete the email.
- Read the content of the email. Don’t click on links directing you to unfamiliar sites. Also, look for unsolicited requests for you to log in and view your financial details. When in doubt, directly type in the web address for your bank or credit union.
Use these tips to keep from getting hooked by email phishing attacks.
Article provided by Local Government Federal Credit Union.
The advice provided is for informational purposes only.