Understanding Phishing and Spoofing
In today’s age, where everything is digital, fraud awareness is more important than ever for bank customers. Two common types of fraud are spoofing and phishing. Understanding these threats and knowing how to protect yourself can help you avoid becoming a victim.
What is Spoofing?
Spoofing involves a scammer disguising themselves as a trusted entity such as a person, brand, company or representative to deceive you. This can occur through various channels, such as email, phone calls or websites. For example, a scammer might spoof an email address to make it appear as if it’s coming from your bank, urging you to provide sensitive information. They try to appear to be your cell phone carrier or a streaming service you subscribe to, like Netflix, to make you think you’re receiving legitimate communication from that company.
What is Phishing?
Phishing is a type of cyber attack in which scammers send fraudulent messages, often via email or text, to trick you into revealing personal information like passwords, account numbers or Social Security numbers. These messages often look legitimate but may contain dangerous links to fake websites or malware downloads designed to steal your information or compromise your device.
How to Recognize Spoofing and Phishing
- Check the sender’s information. Look closely at the sender’s email or phone number. Scammers often use addresses that are similar to legitimate ones with slight variations. This is a red flag. Sometimes, scammers are able to spoof legitimate emails or phone numbers exactly. Pay close attention to the content of the message. The bank will never ask you to withdraw funds from your account to "safeguard" the funds or deposit funds into Bitcoin via an ATM. If you’re being asked to do this, it’s a big red flag.
- Additional red flags to be cautious of are “urgent” requests for personal information, grammatical errors, or unusual greetings. Some scammers will pretend to be a company's security department, urging you to take swift action to prevent fraud or hackers. By making it seem like an emergency, they hope to give you less time to think critically about who is contacting you.
- Verify links before clicking. Hover over links without clicking to reveal the URL. If they look suspicious or don’t match the official websites of the supposed senders, don’t click them!
- Contact the source directly. If you receive a suspicious message, look up the official website and customer service number or chat feature and contact them using a known and trusted method you normally use to contact the company. Once you initiate contact with the company through a known and trusted source, ask them to verbally verify any communication in which you were asked to complete a transaction involving personal or business funds.
What to Do If You Suspect You’ve Been the Victim of Fraud
- Report it immediately. Contact your bank and report any suspicious activity. They can help secure your accounts and guide you on the next steps.
- Monitor your accounts. Regularly check your online banking activity, statements and credit card activity for any unauthorized transactions.
- File a complaint. You can report incidents to the Federal Trade Commission (FTC) or the FBI’s Internet Crime Complaint Center (IC3).
By staying informed and vigilant, you can be safer from scams, deceptive tactics and fraud. To learn more about how to deal with fraud and identity theft, visit the Cadence Fraud & Security Center.
Sources:
https://www.consumerfinance.gov/consumer-tools/fraud/answers/key-terms/
https://consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams
This article is provided as a free service to you and is for general informational purposes only. Cadence Bank makes no representations or warranties as to the accuracy, completeness or timeliness of the content in the article. The article is not intended to provide legal, accounting or tax advice and should not be relied upon for such purposes.