Internet Safety: Your Guide to the Most Important Concepts and Practices of Avoiding Identity Theft and Fraud

Previous Lesson
Next Lesson

What is Phishing?

Internet Safety: Your Guide to the Most Important Concepts and Practices of Avoiding Identity Theft and Fraud What is Phishing?

Phishing is fraud involving someone pretending to represent a legitimate company or agency to gain your trust. . Scammers frequently pose as government officials, computer technicians, bank employees, or company executives. Phishing is the starting point for many kinds of fraud, like financial identity theft, password theft, and account theft.

A few of the most common categories for phishing scams last year included:

  • Postal Scams. Scams that start with an official-looking email about a failed delivery attempt to your home fall in this category.
  • Urgency. Emails claiming to be from a friend stranded in a foreign country without cash, failed package delivery attempts or claims that your bank account has been attacked create a sense of urgency but lead to a bogus website or include an infected attachment.
  • Banking or tax. One of the top scams last year was an email from your bank asking you to simply “verify” the email listed on your bank account— by entering in your debit card and PIN number.
  • Airline and travel. Posing as travel agencies and offering travel deals is too good to pass up! Sign up with your personal information and credit card information.
  • Employment. Fake employers promise a job for a fee or a way to make easy money by just cashing checks or being a secret shopper.

What to look for

Phishing attacks often begin with email or text messages. Signs that an email or text is fraudulent include poor grammar, misspellings, and poor language use or unfamiliar phrases. Some messages may enclose telephone numbers in odd sets of parenthesis or spell out certain parts of an email in an attempt to get by spam filters.

Double check senders

The “From” box can say anything. The sender’s email address, however, cannot easily be spoofed. Banks and the government do not use Gmail or other third-party email services. Double-check the sender’s actual address for validity and to match with the sender’s purported identity.

Phishing links

Phishing messages often contain links. The links may look legitimate but you should never click on one. Phishing links lead to dangerous websites designed to steal your information or download malware to your computer.

If a message directs you to click a link to go to your bank’s website (or any other website), and you have any reason to be suspicious, don’t click the link. Instead, open a browser and go to your bank (or other) website by typing in the address yourself.

Links can be deceptive.

Previous Lesson
Back to Course
Next Lesson
Scroll to Top