Phishing and Smishing Scams

Phishing & Smishing Scams

Phishing is an unsolicited email that claims to be legitimate. You will be asked to verify, by email or clicking on a web link, personal or financial information, such as your credit card number passwords and social insurance number. Smishing is the same thing via text. 

  • Be vigilant – a reputable company or organization will never ask for personal information by email or text. Hover over the ‘from’ email address and you will see the actual email address. Ignore and delete emails from unknown contacts as they can carry viruses.
  • Be skeptical – fake emails can look like they came from a real organization. If you have any doubts, don’t use the toll-free number, email address, or website address provided because they may link you to the scammer. Use the contact information listed on their verified website.
  • Never click on suspicious links or attachments – does the email include an attachment that you weren’t expecting? Phishing emails often include embedded links that look valid. Hover over the link and to see the real hyperlink. Carefully check if it’s accurate before clicking.
  • Protect your devices – Install anti-spam, anti-spyware and anti-virus software on your home computer and make sure it’s kept up to date.
  • If you receive a phishing email – report and delete it. Whether you’ve been scammed or targeted, you should always report it. Authorities may be able to warn others and alert the media to minimize the scam spreading. You should also warn your friends and family.

Tips to Protect Yourself

  • Remember a reputable organization will never ask for your personal information through email or text message
  • Ignore communications from unknown contacts
  • Verify a hyperlinks without clicking (hover your mouse over it and carefully check if it is accurate)
  • Update your antivirus software on all devices
  • Never call the phone number or response to the email address provided in the suspicious message, always use the contact information listed on the company’s verified website

Red flags

  • The message is urgent and uses threatening language
  • The message requests sensitive information
  • The senders email address is incorrect and does not match the organizations information
  • Suspicious attachments included in the email
  • Unprofessional design, look for incorrect or blurry logos, or company emails with little, poor, or no formatting