Every year millions of Americans receive suspicious emails that spoof legitimate entities and aim to deceive. Four out of five of these scam emails target the security fears of their victims to gain access to sensitive financial data. Using urgent sounding subject lines, scammers entice their victims to click embedded links that lead to malicious sites. Below are five types of subject lines phishing scams use to get you to open an email and click on dangerous links:
- Unauthorized Transactions on Your Account
- Suspicious Activity on Your Account
- Verify Your Account Activity
- (Your Bank’s Name) Customer Service Message
- Regarding Your Recent Transaction
Subject lines that claim that there is something wrong with your bank account are probably one of the most common ploys of phishing scammers. They may even use an email that looks just like it came from your bank. For example, the email may say firstname.lastname@example.org instead of email@example.com. The scammer’s omission of the “f” in “of” might be overlooked by the panicky recipient worried about their bank account. While many banks do in fact send alerts via email, recipients should take the following precautions to avoid becoming a victim:
- Do not click any links embedded in the email. If you want to verify if the information is true, use your browser to go directly to your bank’s website. Alternatively, pick up the phone and call your bank.
- Do not respond to the email. Sometimes a phishing attack may use language like “we need you to respond directly to this email within 24 hours.” Just ignore that statement and contact your bank directly. Go directly to the bank’s website and use their contact form or give them a call.
- Do not call the phone number given in the email. Some scams lure you into calling them and once you’re on the phone, they will ask to verify information such as your bank account number. Don’t give out information over the phone unless you’re 100 percent certain that the person on the other end is trustworthy. Only call numbers that are on your bank’s website or bank statements you’ve received.
Another way to avoid becoming a phishing victim is to fortify your computer systems with tools that help keep scammers at bay. Below are some common sense efforts you can take:
- Install anti-virus and anti-spyware that also blocks phishing websites.
- Keep all of your web browsers upgraded to the latest version and download anti-phishing toolbars and plugins. Web browser anti-phishing tools will alert you to websites that may be malicious.
- Also consider installing software that is specifically designed to identify spoofed websites.
If you receive suspicious email that you suspect is from a scammer, report it to the Federal Trade Commission (FTC) at firstname.lastname@example.org. Or, call (877) 382-4357 to file a complaint. To learn more about how you can file a phishing scam complaint visit the Federal Trade Commission web site: ftc.gov/video.
Remember that while software tools can help you fight phishing scams, it is your careful scrutiny of every email that is the first line of defense. To avoid becoming a victim, be leery of emails that push your panic buttons and avoid clicking embedded links.