You’ve probably heard of phishing before, but do you really know what it is - and more importantly, how to protect yourself?

Phishing is a type of social engineering where an attacker sends a fraudulent message to trick you into revealing sensitive information - often in order to access your accounts or commit identity theft.

These attempts typically occur through email, over the phone, or via text message - all designed to look like legitimate messages from those you know and trust. Phishing attempts often include an unexpected “urgent request” demanding immediate action. This could be signing onto a fake website, opening an email attachment containing malware, or simply responding with your personal or account information. Be on the lookout for any unusual language, including spelling and grammatical errors, and pay special attention to odd or unfamiliar phone numbers and email address domains.

When it comes to phishing, remember to slow down and ask yourself questions.

If you detect suspicious activity, hang up and contact your financial institution directly at the number listed on the back of your bank-issued debit card, in your banking app, or the bank’s official website.

Additional reporting steps:

If you got a phishing email, forward it to the Anti-Phishing Working Group at reportphishing@apwg.org 
If you got a phishing text message, forward it to SPAM (7726)

Check out these resources to learn more about how to recognize, avoid and report phishing scams:

https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams 
https://fightcybercrime.org/blog/phishing-exposed-how-to-spot-and-avoid-different-types-of-phishing-attacks/ 
https://www.zellepay.com/safety-education/pay-it-safe