Advice Center Blog

blog home Blog Home » Security and Fraud Protection » Protect Yourself From Phishing Attacks

Protect Yourself From Phishing Attacks

    

SUMMARY: Phishing attacks are a popular way for cybercriminals to bypass your security measures and trick you into providing personal and financial information.

10-12735-March-Security-Awareness-Social-Graphic-web

In today's digital world, threat protection options are abundant. We can protect our devices with firewalls, virus protection, authentication apps, biometric security, password managers, and much more. We can even protect our financial transactions with digital wallets and card control apps. Technology is getting safer and smarter, which means cyber criminals are focusing their attention on taking advantage of the most obvious weakness: human error.

With sophisticated techniques and convincing messaging, these scam artists deploy phishing attacks – messages, usually emails or text messages, designed to manipulate and trick people into providing personal and financial information.

And it works. Tens of billions of dollars are lost to phishing scams each year, but it doesn't have to be your money. We're sharing the details you need to know to stay safe from phishing:

How phishing works

Most phishing attacks are in the form of an email or text message, designed to look like they are from a person or a company you trust. The email or text message can look like it came from TDECU, the IRS, or the Social Security Administration. Usually, the message informs you there is a problem, and you need to take immediate action. Other times, the email invites you to claim a reward. Either way, the messages are crafted to play on your emotions, by fear or excitement, so that you act before thinking.

Clicking a link in the message results in a download of malware (malicious software) or directs you to a website where you are prompted to provide information, such as an account number, Social Security Number, or other personal information. Criminals can lock your device through malware until you pay a ransom. The criminals can get credit in your name or access your accounts with your personal information.

What to look for:

  • Check the sender's actual email address, rather than just the display name. If the names don’t match or the sender’s address is from an unknown URL, it’s suspicious.
  • Check the phone number if you receive a text message, any communication you receive via SMS must first be authorized by you so if you aren't familiar with the number don't respond and click any links. 
  • Hover your mouse over a link to see the real address. If the URL is different than the link description, it’s a sign of phishing. If the address has “http:” instead of “https:” at the beginning, it’s not a secure site.
  • Poor writing and typos are the hallmark sign of phishing attempts.
  • An urgent tone used to get you to act quickly without thinking through the details of the message is a typical strategy. Look for phrases like “urgent,” “immediate,” or “action required.”

What to do:

If you are targeted and receive a phishing attempt, here are the steps to take:

  • Avoid clicking on any links.
  • Notify the business the phishing scammer impersonated so they can investigate. Be sure to use a phone number you can independently verify is real. You may be asked to forward the email to them as well.
  • Forward the email to the Federal Trade Commission at spam@uce.gov.
  • Delete the email and block the sender.
  • Review account statements and your credit reports regularly and take action if you notice any irregularities by contacting the creditor.

If you become a phishing victim:

  • Alert your financial institutions immediately.
  • Close fraudulent accounts.
  • Place fraud alerts on your credit files with the three credit reporting agencies: Equifax, Experian, and Transunion. Visit com, experian.com, and transunion.com for more details.
  • File a report with your local police department and the Secret Service, which investigates financial cybercrimes.


Browse through our Security and Fraud Center to find more resources and tips for staying safe.

Comments