You are here: Consumer Guides Fraud & Privacy Issues Phishing Scams - Don't Get Hooked

Phishing Scams - Don't Get Hooked


What is phishing? These are scams that are trying to steal personal and financial information. Phishing has primarily been online in the form of email or pop-up messages but can also occur over the phone or through the mail.

Phishers impersonate legitimate financial institutions—banks, credit unions—and businesses. The phishers cast a wide net that's bound to find persons that do business with the impersonated financial institution or company.

Email and pop-up messages may have a link to click or a phone number to call. In the case of the link, it usually goes to a fake website that mimics a legitimate site.

Here are some tips to avoid being caught by a phishing scam.

  • Reputable companies and financial institutions, like your credit union and bank, NEVER, EVER send emails, make phone calls or send letters asking for personal information and account number information they already have on file. Always be suspicious of any request for information that comes from an unsolicited email or phone call. When you initiate the contact (online or by phone) with your bank or a reputable business, you may provide information to purchase merchandise or handle your account.
  • If you want to make sure this is a scam or if you think the email, phone call or letter might be genuine, simply call your financial institution, using the number on your statement or that you looked up in the phone book, and ask if they sent the email, letter, or made the phone call.
  • Never include account numbers and passwords in an email message.
  • Never call the phone number in an email message, or left on your answering machine. Use the phone number listed on a recent statement.
  • Never click on links in these sorts of emails.
  • Never enter personal or financial information in a pop-up window. Some forms of phishing use a pop-up window on a legitimate site.
  • Protect your computers by using a firewall, anti-virus and anti-spyware software and spam filters.

Pharming is similar to phishing but much harder to detect. It works like this. Scammers create a fake, malicious web site that looks like the site of a real company. Then these criminals "hijack" your browser through malicious software on your computer or Domain Name System (DNS) poisoning and send you to the fake site.

Take the SonicWALL Phishing IQ Test to see how savvy you are about these scams. This test shows how hard it is to distinguish between a real and a fake message.

For more information

Phishing from the FTC

Free Credit Reports from the FTC

Internet Crime Complaint Center is a partnership between the FBI and National White Collar Crime Center. If you think you've been scammed, you can report it here.

Reviewed and updated August 2014.