Cyber thieves are becoming more sophisticated, making it harder to tell whether a spam message may have been sent to you. The number of phishing cases reported continues to rise each year and experts estimate that 3.4 billion phishing emails are sent each day.Disclosure 1 Luckily, there are ways you can help protect yourself so you can confidently scroll and swipe through the digital world.
What to know about phishing scams
Phishing is the process of fraudulently accessing your personal data by posing as a person, brand, or company you trust. If they're successful, scammers can use your passwords, Social Security number, birthday, credit card numbers, or bank account info to try to make purchases, transfer funds from your accounts, or open new accounts using your identity.
Scammers are creative in their ploys but often predictable in their mindset. The whole idea is to fool you as much as they can, for as long as they can, to steal as much as they can. Scammers will take different approaches to try to get your info—it can start with an email asking you to reset your password, claiming your account was compromised, or appearing to be a friend request from a fake profile. While phishing scams continue to evolve, cybercriminals often use the same strategies and schemes to try and lure potential victims. Look for company name misspellings or URLs that are slightly different from a legitimate website. Read on to see examples of common phishing scams.
Four different types of phishing scams.
Americans lost approximately $12.5 billion to online fraud in 2023, according to the FBI's Internet Crime Complaint Center. The more you know about phishing scams, the easier it can be to identify these risks—and the more confident you can feel online. No doubt you’ve been bombarded with pop-ups claiming you have a virus or text messages that provide fake package tracking links. Those types of scams are only the beginning—watch out for these other common types of phishing attacks:
1. Social media phishing: You know that random account that followed you on Instagram? There’s a chance it could be a fake profile set up to target you and others in your friend circle. Social media phishing accounts sometimes have minimal traffic and lack authentic content and engagement when you dig into their profiles. Cyber thieves often pose as a relative or a friend of a friend.
2. Email phishing: Scammers have gotten really good at creating emails that look official, posing as your bank or a retailer you shop with. They may claim that you need to reset your password or update your payment information, often making the matter out to be urgent. Their goal is to trick you into handing over your account information or clicking a link that contains malware.
3. SMS phishing (smishing): Similar to the types of messages you may receive from email or social media phishing, scammers who are able to get your phone number may also send text messages that contain harmful links or urgently request sensitive information.
4. Spear phishing: A targeted scam that zeroes in on people or companies with status or wealth. Typical targets include the elderly, organizations, and employees who have access to money or sensitive account information.
5 steps to help protect yourself from phishing
These steps can help you take action quickly if your information is compromised.
- Monitor your credit and know how to freeze it. Regularly monitor your credit report and dispute any false information. If you have no big purchases planned and aren’t looking to get a new line of credit or loan, you can simply freeze your credit. Freezing your credit is free but requires you to contact each credit bureau (Equifax, Experian, and TransUnion).
- Keep an up-to-date digital financial inventory. Using a password manager or a password protected document, keep track of your account numbers, login IDs, passwords, and customer service numbers. Having this list handy can allow you to quickly change your passwords and contact your bank/creditors.
- Know how to file a report with your credit or banking institutions. They may also have an internal fraud investigation team that can provide an additional layer of support. Truist customers can file online or call 844.487.8478.
- Know how to notify the right authorities. Ensure you file a report with the Federal Trade Commission at ftc.gov/complaint. If you’ve been the victim of fraud through a phishing scam, your local authorities may be able to pursue criminal charges. Report phishing email cases to the Anti-Phishing Working Group at reportphishing@apwg.org. Phishing text messages should be forwarded to SPAM (7726).
- See something? Say something. If someone is targeting you with a fake profile, report the profile on the site or app and inform family and friends so they know to watch out.
If you’re a Truist client, you should call 844-4TRUIST (844-487-8478) if you think you’re a victim of fraud or think you’ve received fraudulent contact from someone impersonating Truist. You should also forward any suspicious emails to EmailAbuse@Truist.com. Visit Truist’s Fraud and Security center for additional instructions on what to do if you’ve been targeted.
Next step suggestions:
Your best line of defense against cybercriminals is to arm yourself with knowledge and be proactive. Consider the following:
- Trust your instincts: Accept friend requests with care—and don’t click suspicious links, answer emails from senders you don’t know, download unsolicited attachments, or give out your personal info via email, text message, or unsecured site.
- Secure your network: You can install a firewall (software that blocks unauthorized access), a virtual private network or VPN (where a private network uses encryption over a public network), or a two-step authentication system (where you have to receive a code or text message to verify the account) to help prevent potential attacks.
- Update passwords and browsing software: Change passwords frequently to help prevent breaches. Also, update your browser when prompted—older versions could have security risks.
- Have a backup plan: Back up important data to prevent losing it.
- Pay attention in public: If you’re in a public setting, be careful of sharing sensitive information online (or on your phone). Use the same precautions with public Wi-Fi because bad actors may be able to capture your personal information.
Following these strategies can help guard your sensitive information from online threats. Hopefully, doing so will give you a confidence boost while browsing. Download this checklist for additional ways to help protect your data.
