How to Identify & Avoid Phishing Scams

POSTED March 23

How to Identify & Avoid Phishing Scams

Phishing is the fraudulent practice of sending emails or other messages purporting to be from reputable sources in order to induce individuals to reveal personal information, such as passwords and credit card numbers. With the sensitive information obtained from a successful phishing scam, cybercriminals can do severe damage to your financial history and personal reputation that can take years to unravel. According to AAG-IT, it is the most common form of cybercrime with an estimated 3.4 billion spam emails sent every day. However, there are many things that you can do to protect yourself from these attacks.

The first step would be to be wary of any unsolicited emails and text messages. Phishing attacks will try their best to appear to be sent from a legitimate source, such as a bank, social media platform, government agency, business, etc. If you receive an unexpected email, you should avoid clicking on any links or attachments until you have verified the sender. Some ways that you can verify the sender include checking the email or phone number to see if it matches any known contact information from the organization, calling the organization, or visiting the institution’s website directly.

Phishing emails and messages will often have many telltale signs that you should look out for. These signs could be an urgent call to action or threats, first-time or infrequent senders, poor spelling and grammar, generic greetings, mismatched email domains, and suspicious links or attachments. If you spot any of these signs and were unable to verify the sender, you should avoid clicking anything and immediately report the message. You can forward phishing emails to the Anti-Phishing Working Group at reportphishing@awpg. To report a phishing text message, you can forward it to SPAM (7726). You can also report any phishing attempt to the FTC at

Other steps that you can take to protect yourself and your information would be to update your passwords frequently, enable two-factor authentication, review your account statements regularly to ensure all charges are correct, keep your operating systems up to date, use anti-virus software, and much more. If you think you may have fallen victim to a phishing attack, you should contact your financial institution immediately and alert them to the situation. You can also contact one of the three major credit bureaus and discuss whether you need to place a fraud alert on your file, which will help prevent thieves from opening a new account in your name. These three bureaus are Equifax, Experian, and TransUnion

In conclusion, protecting yourself from phishing attacks requires diligence and awareness. Always be wary of any unsolicited messages and make sure to report anything that you think is suspicious. 

Find out more: