What is Phishing?
Phishing is the act of criminals sending convincing-looking but fraudulent emails or phone calls to lure people into providing their confidential information. Examples of information they try to gather are debit card numbers, social security numbers, or other sensitive information for the purpose of defrauding an online account holder. Fraudsters use this information to gain access to your accounts and money or to steal your identity. Criminals can also use hyperlinks or attached files within phishing emails as a way to infect your computer or device with malicious software (malware).
How to Spot a Phishing Scam Via Email
When you receive an email, check it for signs that it may not be from the company it appears to be from. These steps will help you verify an email.
- Check the email address – Is it the same as the email address you usually receive emails from, or just similar?
- Look for an emotive prompt to click on a hyperlink or a button or to download a file, such as ‘Verify your account or password’ or ‘Update your security details.’ This will likely take you to a copycat website where they will prompt you to enter your full details.
- Be suspicious of any message that creates a sense of urgency, such as ‘If you don’t respond within 48 hours, your account will be suspended.’ A legitimate company will not create a false sense of urgency.
Check the wording for casual or informal words.
- Check the grammar and spelling for mistakes or inconsistencies.
How to Avoid Phishing On Phone Calls
Phishing can also take place during phone calls. Below are a few tips to help prevent you from becoming a victim of fraud.
- Never give your full PIN or Online/Telephone Banking login details to anyone, even a caller claiming to be from your bank or the police. If you get a call asking you for this information, end the call immediately.
- If you receive a suspicious or unexpected call, always verify the caller, the purpose of the call, and the phone number the person is calling from.
Unfortunately, there are a lot of very creative people out there that would love to get their hands on your sensitive and confidential information. Fidelity Bank would like to remind you of a few things that you can do to help protect your information from fraudsters.
NEVER provide your passwords to anyone. That information is yours, and yours alone, and you should be suspicious of the intent of anyone that asks for it. As a reminder, Fidelity Bank will never ask you for your passwords.
You should never type confidential information, including your password, into a website that is unsecured. Any website that starts with HTTP://, and not HTTPS://, is not secure. Your browser, depending on which one you use, will normally indicate whether a site is secure by displaying a locked padlock in the address bar.
The days of emails using broken English in a scam/phishing attempt are gone. Even if an email looks and sounds official, if the email is coming from an unrecognized email address, or uses terms that aren’t typically used in the email’s context, be suspicious of it. Do not click on any links that are in the email until you verify the validity of them.
If you cannot verify the identity of the person on the other end of the phone line or the purpose of their call, don’t provide any confidential information to them. The fraudster will try all kinds of tricks, including playing on your emotions, and may even drop a name or two of people at the Bank, but be suspicious. Having to use the word “suspicious” is unfortunate, but it is a part of the world that we live in now. The importance of maintaining a cautious level of suspicion is critical. Keeping the above tips in mind will help to avoid fraudulent situations.