FightCybercrime.org

Recognize, report and recover from cybercrime.

Phishing Scams

Stay vigilant, don’t get hooked!

The Impact of Phishing Scams

Experts estimate that cybercriminals send over three billion phishing messages a day, which often contain fraudulent links or attachments that trick you into sharing sensitive information, such as login credentials or credit card details.

$52M

Losses reported to the IC3
due to phishing scams in 2022

37.5%

Of all internet crimes reported to the IC3
in 2022 were phishing scams

Learn more about the different types of phishing scams:

    Email Phishing Scams

    Email Phishing Scams

    Scammers send emails that appear to be from a legitimate source, such as a bank or a trusted company, but are actually designed to trick you into sharing sensitive information or downloading malicious software.

    RECOGNIZE:

    Follow these guidelines to spot email phishing scams:

    • Check the sender’s email address. Look closely at the email address to ensure it’s from a legitimate source.
    • Watch for urgency. Phishing emails often create a sense of urgency or fear, urging you to act immediately in order to avoid negative consequences.
    • Don’t click unknown links. If an email contains a link, hover your cursor over it to see where it leads.
    • Be wary of attachments. Don’t open attachments from unfamiliar sources or those that seem out of context.
    • Be cautious of unsolicited emails from unknown senders. If the email appears to be from a real company, contact them directly to confirm the legitimacy of the email.

    REPORT AND RECOVER:

    Follow these steps to minimize damage from a phishing email and protect yourself from further harm:

    • If you provided financial information, contact the bank or credit card company right away.
    • If you provided personal information, keep an eye on your credit report and accounts for any unusual activity.
    • If you clicked on a link or downloaded an attachment, run a full system scan using antivirus software to check if your device was infected with malware.
    • If you entered your login credentials, change your password immediately and be sure multi-factor authentication is enabled.
    • Report it to the FTC— even if you didn’t lose money or provide sensitive information —at ReportFraud.ftc.gov.
    • Once you have taken the necessary steps, delete the email from your computer. Do not forward it to friends or family.

    5 COMMON PHISHING EMAILS TO WATCH OUT FOR:

    Banking Icon

    Banking

    The email claims that there’s a problem with your account and it asks you to click on a link to verify your information. 

    Government

    Government

    The email says that there’s an issue with your taxes or benefits and that you need to take action immediately to avoid penalties or loss of benefits.

    Social Media

    Social Media

    The email alleges that there’s an issue with your account or that you need to log in to see a message or notification.

    Billing Problem

    Billing Problem

    The email warns that you need to update your billing or account information to avoid service interruption or late fees.

    Online Shopping

    Online Shopping

    The email claims that there’s a problem with your recent order or that you’re eligible for a special discount or reward. 

    Smishing Scams

    Smishing Scams

    Also known as SMS phishing, scammers use text messages that appear to be from legitimate sources in an attempt to trick you into sharing sensitive information or downloading malicious software onto your mobile device.

    RECOGNIZE:

    Follow these guidelines to spot smishing scams:

    • Be cautious of requests for immediate action. These messages create a sense of urgency and ask you to take immediate action to avoid negative consequences.
    • Watch out for unsolicited texts from unknown senders. If the text appears to be from a real company, contact them directly to confirm the legitimacy of the message.
    • Be cautious of messages that contain suspicious links. They could lead to fraudulent websites or install malware on your device.
    • If the offer seems too good to be true, trust your gut—such as free gifts in exchange for sensitive information.
    • Beware of messages that ask for sensitive information. Legitimate companies would not request this information via text message.

    REPORT AND RECOVER:

    Follow these steps to minimize damage from smishing scams and protect yourself from further harm:

    • If you provided personal information, keep an eye on your credit report and accounts for any unusual activity.
    • If you provided personal information, keep an eye on your credit report and accounts for any unusual activity.
    • If you clicked on a link, run a full system scan using antivirus software to check if your device was infected with malware.
    • If you entered your login credentials, change your password immediately and be sure multi-factor authentication is enabled.
    • Forward the message to the shortcode 7726 (SPAM).
    • Report it to the FTC—even if you didn’t lose money or provide sensitive information—at ReportFraud.ftc.gov.
    • Once you have taken the necessary steps, delete the message from your phone. Do not forward the text to friends or family.

    COMMON TYPES OF SMISHING TEXT MESSAGES

    Delivery

    Missed Delivery

    The text claims that there’s a problem with the delivery of your package and asks you to click on a link to solve the issue.

    Banking Icon

    Locked Bank Account

    The text claims that there’s a problem with your account and it asks you to click on a link or call a phone number to verify your information.

    “Is This You?”

    Hackers send text messages asking, “Is this you?” to tempt you to click a a malicious link.

    Payment Issue

    The text claims your payment didn’t go through and prompts you to to click on a link in order to update your payment information. 

    Fake MFA Verification

    The text mimics a legitimate multi-factor authentication request, aiming to trick you into sharing you login credentials and other sensitive information. 

    Vishing Scams

    Vishing Scams

    Also known as voice phishing, scammers use phone calls or voice messages that appear to be from legitimate sources in an attempt to trick you into sharing sensitive information or performing a specific action, such as transferring funds or downloading malware.

    RECOGNIZE:

    Follow these guidelines to spot vishing scams:

    • Be wary of requests for personal information. Legitimate organizations typically do not call you to ask for sensitive information over the phone.
    • Watch out for a sense of urgency or fear. The caller may use scare tactics or create a sense of urgency to pressure you into providing personal information or making a payment.
    • If the offer seems too good to be true, trust your gut—such as a reward or prize in exchange for your personal information. 
    • If the offer seems too good to be true, trust your gut—such as a reward or prize in exchange for your personal information.
    • Take notice if the caller is aggressive or rude when you refuse to provide your personal information or make a payment.

    REPORT AND RECOVER:

    Follow these steps to minimize damage and protect yourself from further harm:

    • If you provided financial information, contact the bank or credit card company right away.
    • If you provided personal information, keep an eye on your credit report and accounts for any unusual activity.
    • If you gave them your login credentials, change your password immediately and be sure multi-factor authentication is enabled.
    • Report it to the National Do Not Call Registry at DoNotCall.gov.
    • Report it to the FTC—even if you didn’t lose money or provide sensitive information—at ReportFraud.ftc.gov.
    • Once you have taken the necessary steps, block the number from your phone.

    5 COMMON VISHING SCAMS TO WATCH OUT FOR:

    Vehicle Warranty

    The caller tells you that your vehicle warranty is about to expire or has expired, and they offer to help extend it for you.

    Healthcare

    The caller claims to be from a healthcare provider or insurance company and tells you that there is a problem with your records or insurance policy. 

    Banking Icon

    Banking

    The caller tells you that there is a problem with your account and asks for sensitive info under the guise of fixing the issue.

    Social Security

    The caller threatens to suspend your Social Security benefits or file criminal charges against you to pressure you into giving them your information.

    Student Loan Forgiveness

    The caller claims to be from a student loan company or agency and offers to help you with forgiveness in exchange for upfront fees or sensitive info.

    Stay Informed, Download Now!

    Don’t get hooked by a phishing scam!

    Latest News

    The latest and greatest from our blog.

    > Protect Yourself on Amazon Prime Day: 5 Common Scams to Watch For

    Protect Yourself on Amazon Prime Day: 5 Common Scams to Watch For

    Discover the dark side of Amazon Prime Day. Arm yourself with vital knowledge to avoid Amazon Prime Day Scams.

    Read Full Article
    > Puppy Love or Puppy Scam? The Truth About Buying Pets Online

    Puppy Love or Puppy Scam? The Truth About Buying Pets Online

    Avoid the heartbreak of online puppy scams. Discover how these scams work, how to spot them, and what steps to take if you’ve been scammed.

    Read Full Article
    > A Safer Digital World: Target and CSN Partner to Fight Financial Fraud

    A Safer Digital World: Target and CSN Partner to Fight Financial Fraud

    Target and CSN team up to expand the public’s knowledge of common financial scams. Learn more about this new initiative.

    Read Full Article

    In partnership with:

    Branding