Protect Yourself from Phishing and Cyber Threats

Identity theft affects millions of individuals each year. Phishing scams are one of the most common ways fraudsters gain access to your personal information. There are different types of phishing attacks, including smishing, vishing, and pharming. Knowing how to identify them is the first step in protecting yourself.

What is phishing?

Phishing occurs when criminals pose as trustworthy sources such as your bank, a utility company, or another institution you recognize in order to obtain sensitive information.

Even if a phone call, email, or text message looks official, always pause before sharing personal or financial details.

Types of phishing

Smishing (SMS phishing)

Smishing occurs when scammers send fraudulent text messages designed to trick you into sharing your information or clicking on malicious links. These texts often appear to come from your bank or another trusted company. They may ask you to click a link, call a phone number, or verify account details.

Tips to protect yourself from smishing:

• Do not reply, even if the message says you can “text STOP.”
• Never click on links or call numbers you don’t recognize. Use the number on the back of your card or the company’s official website.
• Screenshot and report suspicious texts to your bank or the company being impersonated.
• Keep your phone and security software up to date.
• Consider anti-malware software for added protection.

Vishing (voice phishing)

Vishing involves fraudulent phone calls or voicemails that try to trick you into providing sensitive information, sending money, or granting access to your computer.

Examples of vishing:

• Calls asking you to verify your account or card information.
• Recorded messages prompting you to call back and provide personal details.
• Fraudsters pretending to be from a legitimate software company asking for remote access to your computer.

Tips to protect yourself from vishing:

• Be skeptical of anyone calling to request personal information.
• If you’re unsure, hang up and call the number on the back of your card or the official website.
• Do not rely on phone numbers provided during a suspicious call—they may be part of the scam.
• Be cautious of any caller requesting money, account credentials, or computer access.

Pharming

Pharming directs you to fake websites in order to steal your personal information. In some cases, your browser or computer may be compromised without your knowledge, sending you to an imposter site even when you type in the correct address.

Pharming websites are often designed to look legitimate but may have small differences in the URL, such as replacing a lowercase “l” with the number “1.” Once you enter your login credentials or card details, the scammer can use them to steal your identity.

Tips to protect yourself from pharming:

• Be cautious with what you download and share online.
• Ensure your security software is up to date.
• Use a custom password for your Wi-Fi router.
• Double-check website addresses before entering personal information.

How to identify phishing emails & scams

Smishing, vishing, and pharming are all similar versions of the same scam. The goal is to steal your information and/or money by taking advantage of the trust you have with an institution, friend, or family member. This is also referred to as social engineering, a tactic often used by scammers. But you can help protect yourself by being skeptical and learning how to recognize phishing attempts. The FTC offers a few general phishing red flags to keep an eye out for:

• If emails or texts sound overly urgent and ask you to respond right away.
• If emails or texts use generic titles (Mr., Mrs., Sir, Madam) instead of your legal name.
• If a caller asks you to validate information with a Social Security number or account number.
• If emails come from addresses that don’t match the names of the companies supposedly sending you the emails. Keep in mind, phishing emails may use official logos and headers.
• If emails or texts invite you to click links to update payment or access account information.
• If emails or texts contain links asking you to provide information without signing in through the secure site you typically use to access your account. Or if links lead to a site that looks familiar but the web address is incorrect or has subtle differences.

If you experience any of these phishing scam techniques, don’t risk responding directly—and avoid clicking on any links in the email or text you received. If you have questions or concerns, contact the company through its official website or phone number to ask about the suspicious message.

Monitor your information

• Check your credit reports regularly to look for accounts or inquiries you don’t recognize.
• Review your account statements and bills for unusual activity. Scammers often start with small, hard-to-notice transactions.

If you believe you are a victim of a phishing scam:

• Contact your bank and credit card companies immediately.
• Report the incident to the Federal Trade Commission at ReportFraud.ftc.gov.
• File a complaint with the FBI’s Internet Crime Complaint Center (IC3).

‍