Phishing scams occur online when data thieves trick victims into giving them personal or financial information like passwords, bank account numbers and even Social Security numbers. From there, they can gain access to your email, money or other online accounts.
In 2018, phishing scams accounted for more than $48 million in losses, up 62% from the previous year, according to the FBI’s Internet Crime Complaint Center. Washington state, in particular, had the sixth highest number of cybercrime victims. 1
Most phishing scams come in the form of email and text messages that seem legitimate on the surface. The deceptive message will usually include a call to action like a request for more information or an invitation to check out a link. Scammers may even try to contact you by phone.
Keep a sharp lookout for the following:
Reports of suspicious activity on an account
Notices about payment processing issues
Phony invoices or receipts
Requests to verify your personal information
Messages asking you to click on a link to confirm data
Offers for free goods or services
Often times, phishing emails will include brand logos or official seals to make them seem more genuine. People frequently fall victim to scammers impersonating the IRS or other government agencies, especially during tax time. But no matter how legitimate these messages may seem, always treat them with a healthy dose of suspicion.
If you don’t know the person or company an email is coming from, there’s a good chance it could be a phishing scam. Never click on a link or open an attachment from a sender you don’t recognize.
It’s not uncommon for scammers to demand you take immediate action or face dire consequences. Their goal is to cause you to panic so that you’re more likely to make a mistake and give them your personal or financial information.
Legitimate companies that want to do business with you — or that want to keep your business — won’t send you threatening messages.
Even if you do recognize an email’s sender, it’s always safest to reach out to the person or company directly using contact information you know you can trust.
Protect yourself from phishing scams.
The key to safeguarding your data and accounts from phishing scams is reading email and text messages carefully. Avoid clicking on links or offering any information without first confirming the legitimacy of a message.
First, go to your browser and look up the website or phone number for the business or person contacting you. A simple online search will tell you if the message is part of a scam others have fallen for. You can also try contacting the business with a number or email address you know is correct — not the contact information in the message.
If you’re still unsure, you can visit the Washington attorney general’s website to see if there have been any consumer scam alerts issued for the company or person contacting you.
You can protect yourself from the majority of phishing scams by simply ensuring your email spam blocker is turned on. Spam filters can block fraudulent messages before they ever get to your inbox.
In addition, security experts strongly recommend keeping your internet security software up to date on your phone and computer. That way, if you click on a link that tries to install viruses or malware, the security software can block it.
Turning on automatic updates for your operating system, internet browsers and other system software is another easy way to keep your devices secure. This will ensure you get the latest security patches as soon as they’re released.
Where available, use two-factor authentication to add an extra layer of digital security to your online accounts — especially those storing any of your personal information. If you do fall for a phishing scam, immediately change any account passwords that may have become compromised.
Report phishing scams.
It’s important to report phishing scams to help protect other consumers from becoming victims. Your report could lead to an arrest or, at the very least, put the scammers out of business.
You can report phishing scams to the Federal Trade Commission (FTC) on their website. You can also file a consumer complaint online with the Washington attorney general’s office. The more people you can warn about a phishing scam, the less likely they will be to fall victim to it. Then the scam will be less lucrative to cybercriminals in the future.
In short, data thieves launch thousands of successful phishing scams each day. Your best bet to keep your personal and financial data secure is knowing how to spot a scam before you become a victim.
Remember, cybercriminals often create sophisticated phishing scams that are hard to detect. So before you respond to what may seem like a legitimate message, check it out first.
Research the company or person sending you the message. Make sure your devices have the latest internet security software and system updates. And safeguard your online accounts by always using strong passwords and changing them regularly.
Lastly, you can protect others from phishing scams by reporting them to the FTC, consumer protection agencies and your local law enforcement.
If you ever have concerns about your WSECU account — or if you receive a suspicious call or message, you can always reach out to our Contact Center directly. You can also bolster security by adding a secret code word to your account and signing up for fraud alerts.
Is your contact information up to date?
Keep your account safe and ensure you never miss a fraud alert. Update your contact information today.