If you’re like most people, the internet is likely a large part of your life these days. You can stay in touch with faraway friends and family, pay your bills, conduct business and even buy new products without leaving the comfort of home. While it’s an easy and convenient lifestyle, be sure to protect your identity when you’re online and avoid leaving your information vulnerable to fraudsters.
One of the most common ways that cybercriminals attempt to get this valuable information from you is through phishing. They’ll call or email you or even set up copycat websites to trick you into revealing personal information like bank account numbers, credit accounts, your Social Security Number, login IDs and passwords. And, once you click on a link or visit these fraudulent websites, they’ll download malware that can even track what you type to nab it all.
Believe it or not, their phishing attempts extend to wire transfers, too. While those who are closing a new home are typically top targets for these particular scams, anyone is vulnerable. In these scenarios, a scammer sends what appears to be a legitimate email requesting a wire transfer to cover title, escrow or any number of other costs. Unfortunately, any money transferred as a result of the fraudster’s email ends up in the scammer’s bank account and you’re not likely to get it back. Call your financial institution to verify they’ve made this request.
Phishers may employ a number of tactics to steal your information and money:
- Names of real companies. Many phishers use legitimate company names and copy the look of official websites to fool you.
- “From” an employee. Some even make it appear the email is from an actual employee of the company. Be wary of unexpected emails from a “company employee” looking for information.
- Official-looking URLs. Sometimes the URL (web address) will look right, but in reality, it will lead you to a copycat website. Check to see if the URL begins with “https://” to see if it’s a secure site—most phishing scams won’t have a secure website. Never click on a URL within an email; instead, type the official URL into your browser.
- Threats and urgent messages. Many fraudsters try to use scare tactics to obtain information by threatening something like the deletion of your account if you don’t respond. Don’t be fooled.
Luckily, you can take steps to protect yourself from phishers:
- Call and verify. If you have reason to believe something is amiss, call the company to verify. Be sure not to use a number provided in a suspicious email or even in the Caller ID. Use numbers on your statements or policies or from the official website.
- Look for bad spelling. Large companies and organizations use professional writers and editors. Phishing emails often have unnatural or incorrect grammar and misspellings. Keep an eye out for grammar and spelling mistakes.
- Beware of links. Did you get an unexpected email telling you to sign in to take care of a problem or get a bonus? It pays to be wary of emails you’re not expecting. If you’re suspicious of an email, don’t click on any links or buttons. Hover your mouse over the link and see if the address that appears matches the link typed in the message. If it doesn’t match, don’t click on the link, as it could take you to fraudulent websites or download malicious software. If you think it could be a legitimate email, such as from your bank, click your bookmark or type in the URL and sign in.
- Read your statements. Take a close look at your monthly financial statements. This can help you detect fraudulent transactions faster if your identity has been stolen.
- Increase your security. If you engage in online financial transactions, frequently updating personal firewalls and security software installed on your computer is essential to keeping your information safe.
- Use a different computer. If you find fraudulent transactions on your account or suspect your info has been compromised, use a different computer to change your passwords. And, make sure you notify your financial institution right away.
- Keep up on the news. Stay up-to-date on news of phishing attacks to protect yourself. Anti-phishing organizations, such as Anti-Phishing Working Group, provide lists of new and current phishing scams.
If you believe you’ve received a phishing message from “Navy Federal,” email us at firstname.lastname@example.org and include the original message when possible. This address is for incoming mail only; you won't receive a response to your message. If you believe you may have responded to a phishing request, please contact Navy Federal immediately at 1-888-842-6328. Call us collect internationally at 703-255-8837. Visit our Security Center to learn about other ways to protect your information and accounts.