More and more, the techniques scam artists use are sophisticated and convincing, so it’s important to know what to watch for to keep yourself safe from these “phishing” attacks.
First of all, you need a good understanding of what phishing is. Simply put, it’s an email designed to look like it was sent from someone you know or trust, but its goal is to get you to provide personal information – or click a link or open an attachment, causing a download of malicious software onto your device.
Oftentimes, the emails look like they come from a bank, retailer, or even myPSFCU, but here are the top things to look for:
- The email claims there has been a problem with or suspicious activity in your account.
- The email requests personal information. Please remember that PSFCU already has the information we need to service your accounts, so we will never email you to request your personal information.
- The email requests payment by including an “invoice” attachment or providing a payment link.
- The email promises a refund or a loan.
- The writing is full of spelling or grammatical errors.
- The language of the email is threatening in tone, which could include a fake warning of suspension of service or benefits or a problem with your payment information.
- The email refers to services you don’t have or service changes you did not make.
- The sender’s email address does not match or relate to the company website domain or URL. You can find sender information by hovering over the sender’s name or clicking on it.
As scam artists perfect their methods, they are likely to become even more convincing, so even if an email you receive does not appear to contain any of the above red flags, exercise caution with any email you receive when it asks for you to provide information or take action. Here’s what to do:
- Ask yourself if what the email is requesting is reasonable. If not, the email is likely a phishing attempt.
- If you feel the need to take action, do so with the contact information you can verify independently, such as by calling a phone number from a receipt instead of the number provided in the email.
- Install and/or update security software, including firewall and virus protection, and keep your device’s operating system up to date.
- Enable multi-factor authentication whenever possible. Multi-factor authentication requires multiple steps for verifying your identity when you log in to an account.
- Back up your data regularly.
If you do discover you’ve been the target of a phishing attack, report the incident to the FTC and reach out to myPSFCU if you have any questions.