According to the FBI’s Internet Crime Report, victims lost nearly $30 million due to phishing scams in 2017 compared to $8 million just two years earlier.
In a phishing scam, criminals send an email or a text, or call a victim disguised as a company or person they know. The goal of the phisher is to steal the victim’s money, identity or both by convincing the unsuspecting consumer to click on a link or share sensitive information, such as a password. The fraudsters often pressure victims to act quickly by saying something bad will happen if they do not comply.
Phishing scams are not as obvious as they used to be. The criminals’ techniques have become much more sophisticated, so it is more important than ever that consumers understand the scam and how they can protect themselves.
One way to combat phishing is to use multi-factor authentication, which is a second step to verify you are you, like sending a text to your phone with a confirmation code. Use multi-factor authentication for any of your accounts that support it, especially email and financial accounts.
The American Bankers Association Foundation and the Federal Trade Commission have released an infographic, which describes how phishing scams work and provides the following tips for consumers:
- Check it out.
- Independently look up the website or phone number for the company or person who is contacting you.
- Call that company or person directly. Use a number you know to be correct, not the number in the email or text.
- Tell them about the message you got.
- Look for scam tip-offs.
- You do not have an account with the company.
- The message is missing your name or uses bad grammar and spelling.
- The person asks for personal information, including passwords.
- But note: some phishing schemes are sophisticated and look very real, so check it out and protect yourself.
- Protect yourself.
- Keep your computer security up to date and back up your data often.
- Consider multi-factor authentication — a second step to verify who you are, like a text with a code — for accounts that support it.
- Change any compromised passwords right away and do not use them for any other accounts.
For more information on phishing scams, visit aba.com/phishing.
Click here to view the phishing infographic.