ABB Alert: Phishing

What is Phishing?

Phishing is when you get emails, texts, or calls that seem to be from companies or people you know, but they’re actually from scammers. They want you to click on a link or share personal information (like a password or social security number) so that they can use that information to steal your money and/or identity.

Don't Take the Bait

It's important to be cautious when receiving communications from familiar company names, friends, family members, or employees of trusted organizations. Scammers will often use these tactics to try to obtain personal information such as passwords or bank account numbers. They may even have access to some of your personal information already, like your date of birth.

Be wary if they pressure you to act immediately or warn of dire consequences. Clicking on links or sharing sensitive information can lead to malicious programs being installed on your computer or unauthorized access to your personal or financial information. Stay vigilant and report suspicious activity to the appropriate authorities.

Avoid the Hook

Before giving someone access to your bank account, it's important to take a few minutes to check them out. You wouldn't just hand over your house keys to a stranger, and the same goes for your financial information. If someone calls asking for information or wants you to take action, it's best to tell them you'll call back, then use the number on your billing statement or credit card to report the call. If they try to keep you on the phone, it's likely a scam, so it's best to hang up and call the trusted number.

When it comes to emails, it's best not to click on them. Instead, go directly to the company's website using a bookmark or by typing in the URL to check for any alerts on your account. And if you're ever unsure about a request, don't hesitate to ask for help from a friend, coworker, family member, or caregiver.

Look for These Scam Tip-Offs

  • You don’t have an account with the company.
  • The email, text or caller is asking for account information, including passwords.
  • Grammatical errors or something just seems fishy or not right.

Protect Yourself

  • Keep your computer and mobile device security software up to date and regularly back up your data.
  • Change your security settings to enable multi-factor authentication—a second step to verify who you are, like a text with a code—for accounts that support it.
  • Change any compromised passwords right away and do not reuse those passwords for other accounts.
  • Use a cloud-based account such as Google Drive or Microsoft OneDrive that can allow you to restore your data if your computer is comprised.
  • Don’t provide any information to anyone who calls or emails you out of the blue. Only do it if you’ve called or emailed them.
  • Stay current on scams, check out the FTC’s scam site at https://consumer.ftc.gov/features/scam-alerts

Report Phishing

  • Immediately file a complaint with the FBI's Internet Crime Complaint Center (IC3).
  • Forward phishing emails to spam@uce.gov – and to the company, bank, or organization impersonated in the email. You also may report phishing email to reportphishing@antiphishing.org. The Anti-Phishing Working Group, a group of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.
  • Visit Identitytheft.gov. Victims of phishing could become victims of identity theft; there are steps you can take to minimize your risk.