Phishing scams are widely used by cybercriminals to trick unsuspecting individuals into giving up their personal information.  They can be easy to fall for, and according to the FTC, have cost victims over $57 million in one year alone.

What does a phishing scam look like?

Phishing scams operate by a cybercriminal impersonating a legitimate business, and tricking victims into giving up personal information like passwords, bank information, or social security numbers.  Through using a well-known company’s logo and branding, at first glance it could be hard to tell it’s a fake message.  Also, they will often ask you to click a link or open an attachment.

A phishing email might say “we need you to update your billing information, click to log in,” or “download your e-statement here.”  In reality, you are either giving away your log in information, or potentially downloading malicious software.

How do you spot a fraudulent email?

Since phishing attacks tend to look legitimate, they can be hard to identify.  However, there are some details to pay attention to.  If there are spelling or grammar errors in the body of the email or text, this could be a sign of a fraudulent message.  Informal and generic greetings (example: “Hello Friend”) could also indicate it’s not the actual business reaching out.

Be wary of clicking any links without knowing where they go.  If you hover your mouse over a link without clicking, you can usually see the destination address, sometimes on the bottom of your screen or in a box over the link.  Do not click it unless you’re 100% sure it leads to a legitimate website.  Also, if the request or message seems out of place, it could be a red flag.  For example, a message from a company you don’t have an account with might ask you to update your contact information.

As a best practice, do not click any links or open any attachments when you are not 100% sure who it’s from.  If you have any doubt, find the supposed company’s website on your own (do not click links from the email or text) and reach out to their help department.

To learn more about phishing emails, check out the FTC’s website.  If you’re interested in learning how Bank of Southern California keeps your accounts safe, talk to your local banker today.