Don’t Take the Bait: Information on Phishing
April 21, 2019 | Return to Financial Education
According to the FBI’s Internet Crime Report victims lost nearly $30 million due to phishing scams in 2017 compared to $8 million just two years earlier.
In a phishing scam, criminals send an email, text, or call a victim disguised as a company or person they know. The goal of the phisher is to steal the victim’s money, identity or both by convincing the unsuspecting consumer to click on a link or share sensitive information, such as a password. The fraudsters often pressure victims to act quickly by saying something bad will happen if they do not comply.
“We’re thrilled to continue our collaboration with the FTC to help consumers combat a scam that continues to target bank customers at an alarming rate,” said Corey Carlisle, executive director of the ABA Foundation. “Phishing scams aren’t as obvious as they used to be. The criminals’ techniques have become much more sophisticated, so it’s more important than ever that consumers understand the scam and how they can protect themselves.”
“One of the best ways to combat phishing is to implement multi-factor authentication, which is a second step to verify you are you, like sending a text to your phone with a confirmation code,” said Paul Benda, senior vice president, risk and cybersecurity policy at ABA. “We encourage consumers to use MFA for any of their accounts that support it, especially email and financial accounts.”
The ABA Foundation/FTC joint infographic, released today in recognition of National Consumer Protection Week, describes how phishing scams work and provides the following tips for consumers:
- Check it out.
- Look up the website or phone number for the company or person who’s contacting you.
- Call that company or person directly. Use a number you know to be correct, not the number in the email or text.
- Tell them about the message you got.
- Look for scam tip-offs.
- You don’t have an account with the company.
- The message is missing your name or uses bad grammar and spelling.
- The person asks for personal information, including passwords.
- But note: some phishing schemes are sophisticated and look very real, so check it out and protect yourself.
- Protect yourself.
- Keep your computer security up to date and back up your data often.
- Consider multi-factor authentication — a second step to verify who you are, like a text with a code — for accounts that support it.
- Change any compromised passwords right away and don’t use them for any other accounts.