Phishing is a scam in which you receive a fraudulent e-mail designed to steal your identity or personal information, such as credit card numbers, bank account numbers, debit card PINs, and account passwords. The e-mail may state that your account has been compromised or that one of your accounts was charged incorrectly. The email will instruct you to click on a link in the e-mail or reply with your bank account number to confirm your identity or verify your account. The e-mail may even threaten to disable your account, if you don’t reply, but don’t believe it.
Legitimate companies never ask for your password or account number via e-mail. If you receive a phishing e-mail there are several actions you should take:
Don’t click on any links in the e-mail. They can contain a virus that can harm your computer. Even if links in the e-mail say the name of the company, don’t trust them. They may redirect to a fraudulent website.
Don’t reply to the e-mail itself. Instead forward the e-mail to the Federal Trade Commission at firstname.lastname@example.org.
If you believe that the e-mail is valid, contact the company using the phone numbers listed on your statements, on the company’s website, or in the phone book. Tell the customer service representative about the e-mail and ask if your account has been compromised. You can also contact the company online by typing the company’s web address directly into the address bar; never use the links to provided in the e-mail.
If you clicked on any links in the phishing e-mail or replied with the requested personal information, Contact the company directly to let them know about the email and ask to have fraud alerts placed on your accounts, have new credit cards issued, or set new passwords.
Similar to phishing, vishing scammers also seek to get you to provide your personal information. However, vishing scams use the phone to make their requests, instead of e-mail. You may be directed to call a phone number to verify an account or to reactivate a debit or credit card. If you have received one of these calls, report it to the Internet Crime Complaint Center.