Cybersecurity Best Practices

Scammers use phone calls, email, or text messages to trick you into giving them your personal information. They may try to steal your passwords, account numbers, or other important information. If they get that information, they could gain access to your email, bank, or other accounts.  Scammers launch thousands of phishing attacks like these every day — and they’re often successful.

Scammers often update their tactics, but there are some signs that will help you recognize a phishing or fraudulent phone call, email or text message.

  • Phishing calls, emails and text messages may look or sound like they’re from a company you know or trust. They may look like they’re from a bank, a credit card company, a social networking site, an online payment website or app, or an online store.
  • Phishing calls, emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. They may:
    • say they’ve noticed some suspicious activity or log-in attempts
    • claim there’s a problem with your account or your payment information
    • say you must confirm some personal information
    • include a fake invoice
    • want you to click on a link to make a payment
    • say you’re eligible to register for a government refund
    • offer a coupon for free stuff

What to Do If You Suspect a Phishing Attack

  • If you get a phone call, email or a text message that asks you to change your password or click on a link or open an attachment, answer this question: Do I have an account with the company or know the person that contacted me?
    • If the answer is “No,” it could be a phishing scam.
    • If the answer is “Yes,” contact the company using a phone number or website you know is real. Not the information in the email. Attachments and links can install harmful malware.
  • If you think a scammer has your information, like your Social Security, credit card, or bank account number, contact your bank to notify them.  Also, go to for steps to take based on the information that you lost.
  • If you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer’s security software. Then run a scan.
  • If you received a phishing call, email, or text message, report it. The information you give can help fight the scammers.  You can report through the Federal Trade Commission’s website.

Reference:  Federal Trade Commission website