“Phishing” (pronounced “fishing”) is when criminals use e-mail to try to lure you to fake websites, where you’re asked to disclose confidential financial and personal information, like passwords, credit card account numbers or Social Security Numbers.
The most common type of phish is an e-mail threatening some dire consequence if you do not immediately log in and take action.
You should never respond or reply to e-mail that:
- Requires you to enter personal information directly into the e-mail or submit that information some other way.
- Threatens to close or suspend your account if you do not take immediate action by providing personal information.
- Solicits your participation in a survey where you are asked to enter personal information.
- States that your account has been compromised or that there has been third-party activity on your account and requests you to enter or confirm your account information.
- States that there are unauthorized charges on your account and requests your account information.
- Asks you to enter your User ID, password or account numbers into an e-mail or non-secure webpage.
- Asks you to confirm, verify, or refresh your account, credit card, or billing information.
Go to Reporting Fraud to find out what to do if you’ve received or responded to a suspicious e-mail, or to review our list of Frequently Asked Questions (FAQs).