Beware Phishing Attempts and How to Avoid Them

If you have an e-mail account, you’ve probably gotten an e-mail that looks like it is from a financial institution that reads something like this:

In a routine update of our customer records, we couldn’t confirm your information. Please click here to verify your customer information.

If you receive such an e-mail, watch out! It’s definitely not from a bank. It’s fraud called “phishing”.

What’s Phishing?

Phishing is when con artists send spam messages that attempt to get you to hand over sensitive personal information like bank accounts, credit card numbers, your Social Security number, or bank Website passwords.

According to the Federal Trade Commission (FTC), “phishers send an e-mail or pop-up message that claims to be from a business or organization that you may deal with — for example, an Internet service provider (ISP), bank, online payment service, or even a government agency. The message may ask you to “update,” “validate,” or “confirm” your account information. Some phishing e-mails threaten a dire consequence if you don’t respond. The messages direct you to a website that looks just like a legitimate organization’s site. But it isn’t…”

Phishers have gotten extremely good at creating e-mails accounts and Websites that look deceivingly like they belong to a legitimate financial institution. Often, the Website names may only be a letter or two different than the actual banks’ URL. Do not be fooled!

How to Avoid Becoming a Victim

To ensure you don’t become a victim of a phishing attempt, follow these rules.

1. Don’t provide personal information. Never, ever, provide sensitive financial information in response to an e-mail or phone call. Your financial institutions will never ask for account numbers or passwords when they contact you.

2. Use anti-virus and anti-spy ware software and a firewall, and keep them up-to-date. If malicious software finds its way to your computer, phishers can create pop-up windows when you are trying to visit your actual bank. These windows will look like the bank’s Website but will actually feed your account information to the scammers. Advanced spy ware can even steal your bank account login without you even knowing it and automatically take money out of your account!

3. Review bank account and credit card statements regularly. Report any suspicious or unauthorized charges to your financial institution immediately. The sooner you catch fraud, the less damage the scammer can do and the faster you’ll get your money back.

4. If you’ve been the victim of a phishing attack, file a complaint. You can do this at, and then visit the FTC’s Identity Theft Website. Follow the FTC’s information for obtaining a free copy of your credit report to check for any signs of identity theft. Optionally, you can also try identity theft protection services.

Note: Next week, the National Foundation for Credit Counseling and the Council of Better Business Bureaus will promote “National Protect Your Identity Week”. This article is the second in a series of four posts on ways you can protect your identity and financial information. For more on protecting yourself from identity theft, check out, a non-profit Website featuring lots of useful resources.

Get access to our best money hacks:

Join over 13,207 other young professionals and learn how to get out of debt by 30, increase your income this year and invest for financial freedom.

100% free! I will NOT spam you and I will NOT share your email.

About David Weliver

David Weliver is the founding editor of Money Under 30. He's a cited authority on personal finance and the unique money issues we face during our first two decades as adults. He lives in Maine with his wife and two children.