Security Note: Virginia529 will never ask you to provide, update or verify personal or account information through an unsolicited email, phone call, text or social media message.
What is “phishing”? Phishing is an attempt to steal your personal information, such as passwords, account numbers, or Social Security numbers. Phishing scams use email or text messages to trick you into giving access to this information. If the scam is successful, identity thieves could gain access to your email, bank, or other accounts.
Phishing scams are one of the most common ways for data to be breached. The FBI’s Internet Crime Complaint Center reported that people lost $57 million to phishing schemes in one year.
Now for the good news: there are simple precautions you can use to protect yourself against these scammers. Here are five red flags to keep an eye out for when determining whether an email or text is a phishing attempt:
- Sense of urgency or threatening language
- Unfamiliar or unusual senders or recipients
- Spelling or grammar errors
- Request for money or personal information
- Call to action, such as clicking a link or downloading an attachment
If you are unsure about an email or text you’ve received, there are additional measures you can take to inspect it closely.
- Hover over any email links to display the preview URL
- If the URL is from an unfamiliar or suspicious domain, don’t click on it.
- Independently navigate to the website of the organization in question to confirm any information provided in the text/email
- Scam emails or texts may lead to “spoof” websites that mimic legitimate sites. Instead of clicking through links, access the website in question using a trusted method.
Training yourself to identify phishing emails or texts is a good step toward keeping your information safe and avoiding data breaches.
If you receive a suspected phishing message claiming to be from Virginia529, please notify Virginia529 by emailing [email protected].
You should also report the phishing message to the FTC at ftc.gov/complaint.
FAQs
Phishing is a form of social engineering and a scam where attackers deceive people into revealing sensitive information or installing malware such as viruses, worms, adware, or ransomware.
What is phishing 5 points? ›
Phishing is a form of social engineering and a scam where attackers deceive people into revealing sensitive information or installing malware such as viruses, worms, adware, or ransomware.
What are the red flags for BEC phishing? ›
Common Indicators & Red Flags
Emailed transaction instructions for direct payment to a beneficiary with which the customer has no payment history or documented business relationship, and the payment is in an amount similar to or in excess of payments sent to beneficiaries whom the customer has historically paid.
What are 4 things to look for in phishing messages? ›
Protect Yourself From Becoming a Phishing Victim
- Treat with suspicion any email that you didn't expect to receive.
- Legitimate subject lines are usually detailed and specific. ...
- Look for unprofessional spelling and grammar errors.
- Unnecessary urgency is suspect. ...
- If it seems too good to be true, it probably is.
What are the red flags of email security? ›
Suspicious email addresses
Misspelled domains: attackers may use domain names that are near-identical to legitimate ones - changing just a single letter or adding a number. Unfamiliar sender: Phishing emails will often come from unknown or unfamiliar email addresses.
What are the 7 red flags of phishing? ›
- A GENERIC GREETING. Because phishing emails are sent out en masse, they often use generic greetings with no personalization, like "Dear Member". ...
- A DECEPTIVE EMAIL ADDRESS. ...
- REQUEST TO UPDATE OR VERIFY. ...
- A SENSE OF URGENCY. ...
- DECEPTIVE URL'S. ...
- PRIZE OR AWARD NOTIFICATION. ...
- ANY MESSAGE THAT SEEMS ODD OR OUT.
What are the 4 P's of phishing? ›
One way is to remember “the four Ps”: Pretend, problem, pressure, pay. Many scam tactics boil down to these four words.
What is red flag rule in cyber security? ›
The Red Flags Rule requires organizations to implement a written identity theft prevention program to help them identify any of the relevant “red flags” that indicate identity theft in daily operations. The Rule also offers steps to help prevent the crime and to mitigate its damage.
What are red flags of possible suspicious activity? ›
Other actions that are considered AML red flags in terms of suspicious transactions include large cash payments, unexplained third-party transactions, the use of multiple accounts, or the use of foreign bank accounts or virtual wallets, especially if they originate from diverse jurisdictions.
What is a common indicator of a phishing? ›
Grammatical or spelling errors
Recipients should consider emails riddled with grammatical or spelling errors as a potential indicator of a phishing attempt. Other common indicators of phishing attempts are: Data that doesn't make sense. Wrong synonyms.
Rethink
- Reveal actual URLs before clicking. Before clicking, make sure you trust the destination of the URL. ...
- Avoid clicking links in emails. ...
- Think critically about the message. ...
- View emails in plain text. ...
- Report the message in Outlook. ...
- Never open attachments from unverified senders.
What are the red flags of a scammer? ›
Unsolicited offers: Don't respond to unsolicited cold calls, emails, junk mail, late-night commercials or infomercials, or social media posts that are either overly attractive or fear-inducing. These are all common tactics scammers use to entice you to engage.
What is the red flag in security? ›
RedFlags™ is a highly innovative security awareness software service; applying behavioural and learning science to deliver ongoing, context-aware and real time security awareness.
What is the red flag for in Outlook? ›
Flag and Reminders
flag icon in an email message to make it a to-do item. The flag turns red. Or for more details, right-click the flag. Select Add Reminder to open the menu.
What is phishing? ›
Phishing is a type of cyberattack that uses fraudulent emails, text messages, phone calls or websites to trick people into sharing sensitive data, downloading malware or otherwise exposing themselves to cybercrime.
What is phishing short answer? ›
“Phishing” refers to an attempt to steal sensitive information, typically in the form of usernames, passwords, credit card numbers, bank account information or other important data in order to utilize or sell the stolen information.
What is phishing bullet points? ›
Phishing is a type of cybercrime in which hackers attempt to defraud victims to steal confidential information such as usernames, passwords, credit card numbers, and other sensitive data. Phishing attacks typically use email messages that look like they're from a legitimate company or organization.
What is phishing class 5? ›
What Is Phishing? Phishing attacks are the practice of sending fraudulent communications that appear to come from a reputable source.