How to Avoid Phishing Scams
You’ve probably heard of phishing before, but do you really know what it is - and more importantly, how to protect yourself?
Phishing is a type of social engineering where an attacker sends a fraudulent message to trick you into revealing sensitive information - often in order to access your accounts or commit identity theft.
These attempts typically occur through email, over the phone, or via text message - all designed to look like legitimate messages from those you know and trust. Phishing attempts often include an unexpected “urgent request” demanding immediate action. This could be signing onto a fake website, opening an email attachment containing malware, or simply responding with your personal or account information. Be on the lookout for any unusual language, including spelling and grammatical errors, and pay special attention to odd or unfamiliar phone numbers and email address domains.
When it comes to phishing, remember to slow down and ask yourself questions.
If you detect suspicious activity, hang up and contact your financial institution directly at the number listed on the back of your bank-issued debit card, in your banking app, or the bank’s official website.
Phishing Emails Pretending to be from Zelle®
Cybercriminal scammers pretend to be from lots of different businesses, including payment technology companies like Zelle®. Here’s an example of an actual phishing scheme where the scammer sends the victim an email pretending to be from Zelle®.
How can you tell this is a phishing email?
The only domain extension used by Zelle® is @Zellepay.com. Zelle® does not use <@gmail.com> or any other domain such as <@aol.com>, <@yahoo.com>, or any other common email domain.
How do I know an email is legitimately from Zelle®?
Look at the domain at the end of the email string. If it’s from Zelle® or your bank, the domain will be @Zellepay.com or @YourBank.com. Be sure to look for misspellings.
What should I do if I receive an email like this pretending to be from Zelle®?
- Do not click any links in the email and report the scam to Zelle®
- Contact your bank or credit union directly to report the scam
- Report scams and identity theft to the Federal Trade Commission and the Internet Crime Complaint Center.
- Don’t reply to any texts or calls even if it seems to be from Zelle® or your bank. If it’s a call, hang up and call your bank directly
Additional reporting steps:
- If you got a phishing email, forward it to the Anti-Phishing Working Group at reportphishing@apwg.org
- If you got a phishing text message, forward it to SPAM (7726)
Check out these resources to learn more about how to recognize, avoid and report phishing scams: