How to Avoid Phishing Scams
Can you believe that 347 billion emails are sent and received each day worldwide? That’s a lot of emails!
Sadly, about 3.4 of them are phishing emails…sent and received every single day.
This is validation that we all need to think before we click!
Phishing is the practice of sending fraudulent emails or other messages claiming to be from reputable companies, with the purpose of getting the recipients to reveal personal information like such as passwords and credit card numbers. The criminals who send those emails use that information to steal money and identities from other people.
Tips to Avoid Becoming a Phishing Victim
- Use security software to protect your computer, tablet and mobile phone. Allow the software to update patches automatically so it fixes any new security threats.
- Traditional passwords no longer work. Create passwords using hard-to-guess phrases. Make them long and strong (e.g. B@dt1mZ4Fr@udsterz).
- Protect your accounts by using multi-factor authentication. Some accounts offer extra security by requiring two or more credentials to log in to your account. This is called multi-factor authentication. Use it! The extra credentials you need to log in to your account fall into three categories:
- Something you know — like a passcode, a PIN or the answer to a security question
- Something you have — like a one-time verification passcode you get by text, email or from an authenticator app; or a security key
- Something you are — like a scan of your fingerprint, your retina or your face
When set up properly, multi-factor authentication stops over 90% of phishing attempts and makes it more difficult for scammers to steal your credentials, log in to your accounts and take control of them if they do not have your username and password.
- Protect your data by backing it up. Have redundant backups for your data to a cloud or external hard drive. Remember to backup data on your phone as well.
If you realize you clicked or responded to a phishing email involving your credit union account, contact us immediately. You can also report the incident to the FTC at ReportFraud.ftc.gov or the Internet Crime Center at ic3.gov.