Recognizing Phishing Attempts


We’ve talked before about the most common scams to look out for. Now we’re going to review some clues that can help you determine whether you’re dealing with a phishing attempt over email or text, how to protect yourself, and what to do when you think you are conversing with a scammer.

Phishing Through Email and Text

Scammers perform thousands of attacks against people every day to try and access information like passwords, Social Security numbers, account numbers, and more. This sensitive information getting into the hands of a scammer leaves your hard-earned funds, email, and other private data vulnerable.

The quickest way for scammers to try and get this information is through email and text. You might notice you’re getting a message claiming to come from a trusted company. These messages often seem urgent and/or believable and press you to take action quickly. They may mention things like:

  • Suspicious activity or log-in attempts in your account
  • There's something wrong with your payment info.
  • You need to confirm some personal information.
  • An invoice you don’t recognize.
  • Suspicious links to make payments.

While the above examples are intended to scare you into acting, some scammers try to lure you into clicking or revealing personal information by saying things like:

  • You have an offer you must claim now.
  • You're eligible for a government refund.
  • A great deal that you must take advantage of now.

As you see from these examples, a common theme is the sense or urgency these scammers will use. They will push you to take action, whether that be clicking on a link or sending personal information to them. Remember to take a moment to pause and determine whether the sender is legitimate.

Here are some other signs that a message may be a scam:

  • There is a link that looks odd- it is short, scrambled, or contains misspellings.
  • The phone number or email is random.
  • The message is unsolicited- you weren’t expecting to hear from whoever is claiming to contact you.
  • Written with urgency.
  • Grammar or spelling mistakes.
  • Promises of a reward.
  • Requests to call, or for a refund.

Familiarizing yourself with the common scenarios that scammers concoct to get you to handover you information is key in protecting yourself from these attacks. Read up on our previous article about common scams, and check out trusted sources like these articles from Experian and the Consumer Financial Protection Bureau.

Protecting yourself from Phishing Attempts

  • Use security software. Installing security software on your computer is an easy way to protect yourself from accidentally clicking on or visiting malicious links or sites. You can set these softwares to update automatically so you never have to worry about it! Some softwares include: Norton, McAfee, Kaspersky, Avast, and Webroot.
  • Keep software and browsers up to date. This includes your phone apps and software; recent updates often have better security.
  • Use multi-factor authentication for your accounts. This extra security lets you have extra measures of protection like a security question, secret PIN, or security key sent to one of your devices. This way if your password is compromised, your account is still safe, and you can log in and change your password.
  • Add spam filters to your email and phone. This will stop any phishing attempts from making it to your inbox at all! If you suspect a phishing email or message has made it through, make sure to report it.
  • Use strong passwords.
  • Don't click on unknown links or attachments.

Phishing Awareness Checklist

  • Does the email contain poor spelling or bad grammar?
  • Is the email awkwardly worded or nonsensical?
  • Is the "from" address unrecognizable or just plain weird?
  • Does the email promise large sums of money or other unbelievable offers?
  • Does the email use threatening language?
  • Does the email have a sense of urgency?
  • Does the email have a call-to-action such as clicking a link?
  • Does the email contain an unexpected attachment or request for money?

If you suspect a phishing attempt

So, you receive a message, and you are pretty sure it’s a phishing attempt, or you're just not sure. What do you do?

If you don't have an account or relationship with whoever is saying they are messaging you, you can be sure it is a phishing attempt.

If you do have an account with the named company, don’t reply to the message. Instead, reach out to a verified phone number, not one listed in the message. A quick call to the company can often clear up any confusion.

If you have been scammed

If you think you've been the victim of a scam, and your information like social security number, credit card, or bank accounts have been compromised, visit They will walk you through the steps you need to take.

We receive messages and emails every day. When in doubt, take a moment to double check. Make sure not to click on any links or reply unless you are sure of the sender’s identity and can verify the message is legitimate.


Related Articles

Ready to open an account or have some questions?

Reach out to us or visit your nearest branch!