Phishing scams are malicious emails claiming to be from a legitimate source. The cybercriminals sending these emails want your personal information (e.g. card numbers, Social Security numbers, birthday information, passwords, etc.) that can be used to access your bank accounts and other sensitive information.
A phishing email...
- Claims your information has been compromised, demanding personal information such as your bank information or Social Security number. No legitimate source will ask for this information via email, and most legitimate sources won't ask for it at all.
- Offers something that sounds “too good to be true", like extravagant prizes for a contest you never entered, large sums of money, or amazing deals. These are always scams; ignore them.
- Comes from an unfamiliar address. If you don’t recognize the entity sending you the email, chances are the email (and what’s hiding within it) is something you could gladly live without.
- Contains spelling or grammar mistakes. An email might claim to be from eBay but refer to you as a “costumer” instead of a “customer.” Emails from legitimate companies won't make these errors.
- Tells you “direct action” is required, and to “click this link” to perform an action. You should never click links offered to you like this, and they’re probably false anyway. If you’re worried the email might be legitimate, log into the account in question, verify if the account needs your action, and perform the requested actions directly from that account if needed.