Email Phishing Scams
Email scams account for 96 percent of all phishing attacks, making email the most popular tool for the bad guys. Often, the scammer will disguise the email to look and sound like it's from your bank.
Avoid clicking suspicious links
If an email pressures you to click a link — whether it's to verify your login credentials or make a payment, you can be sure it's a scam. Banks never ask you to do that. It's best to avoid clicking links in an email. Before you click, hover over the link to reveal where it really leads. When in doubt, call your bank directly or visit their website by typing the URL directly into your browser.
Raise the red flag on scare tactics
Banks will never use scare tactics, threats or high-pressure language to get you to act quickly, but scammers will. Demands for urgent action should put you on high alert. No matter how authentic an email may appear, never reply with personal information like your password, PIN, or social security number.
Be skeptical of every email
In the same way defensive driving prevents car accidents, always treating incoming email as a potential risk will protect you from scams. Fraudulent emails can appear very convincing, using official language and logos, and even similar URLs. Always be alert.
Watch for attachments and typos
Your bank will never send attachments like a PDF in an unexpected email. Misspellings and poor grammar are also warning signs of a phishing scam.
What to do if you fall for an email scam
1. Change your password if you clicked on a link and entered any personal information like your username and password into a fake site.
2. Contact your bank by calling the number on the back of your card.
3. If you lost money, file a police report.
4. File a complaint with the Federal Trade Commission or call 1-877-FTC-HELP (382-4357).