How to spot and protect yourself from phishing

How to spot and protect yourself from phishing


Play all audios:

Loading...

Phishing is a tactic that scammers use to acquire valuable personal and financial data, such as your Social Security number, credit card details or passwords for online accounts, and to


steal your identity, your money or both. They are mostly associated with email but can come in many forms, including: social media messages, pop-up ads, vishing (phishing by phone), smishing


 (phishing by text message), pharming (phishing by drawing victims to bogus websites).​​ By digital-age standards, phishing is an old-school tool, dating to the mid-1990s, but it continues


to grow in use and sophistication. The FBI’s latest Internet Crime Report says the most frequently reported crimes in 2024 were phishing-related; it received more than 193,000 such reports


last year, citing more than $70 million in total losses (though scams are notoriously underreported, so the actual numbers are likely to be far higher).   ​​ The scam often relies on


impersonation, and phishers can be very good at it. They sound authoritative on the phone, change caller IDs to show a real corporate or government number, and use well-known logos to make


their emails and websites look genuine.​​ They bait the hook by promising goodies — free products or services, a big lottery prize, a government grant — or threatening legal or financial


harm over a supposed unpaid tax or utility bill, for example. You might get a call or an official-looking email from your bank or from a tech company like Apple or Netflix, claiming that


there’s a problem with your account.​​ Another common version: fake package delivery messages, seemingly from the U.S. Postal Service, FedEx or UPS, warning about some sort of delivery


problem.