Email and Phone Scam Awareness

Don't Get Hooked: How to Spot Email & Phone Scams

Scammers are getting smarter — but so can you. Whether it’s a fake bank alert or an urgent call from “tech support,” knowing the warning signs can save you from losing money, personal data, or your identity. Follow these six simple practices to protect yourself.

Check the Sender's Email Address

A scam email might display a familiar name like "PayPal Support" or "Your Bank," but the actual sending address tells a different story. Always click on or hover over the sender's name to reveal the real email address. If the domain looks off misspelled, oddly long, or completely unrelated to the company treat it as a red flag.

Don't Click Suspicious Links

Before clicking any link in an email, hover your mouse over it to preview the actual destination URL. If the address looks unfamiliar, contains misspellings, or doesn't match the company it claims to be from, don't click it. One wrong click can lead to a fake website designed to steal your information or install malware on your device.

Watch for Urgency or Threats

"Your account will be closed in 24 hours." "Immediate action required." These are classic pressure tactics used by scammers to make you panic and act before you think. Legitimate companies rarely demand immediate responses or threaten serious consequences over email. If a message feels alarmist, slow down and verify before doing anything.

Never Share Sensitive Information

No legitimate company, not your bank, not the IRS, not your internet provider, will ever ask for your password, Social Security number, or full payment details via email or text. If a message is requesting this kind of information, it's a scam. Period.

Go Directly to the Source

If an email claims to be from a company you do business with, don't use any links or phone numbers provided in that message. Instead, open a new browser window and navigate directly to the company's official website. This simple habit bypasses any fake pages scammers have set up to trick you.

When in Doubt, Call Them

Still not sure if an email or call is legitimate? Look up the company's official phone number from their verified website and call them directly. Never use a callback number provided in a suspicious email or voicemail scammers control those lines. A quick call to the real company can confirm whether the message was genuine or a scam.

Stay alert! Scammers rely on you acting fast and without thinking. Taking even 60 seconds to verify can make all the difference.

What to Do If You've Been Scammed

If You Clicked a Suspicious Link

1. Don’t Enter Any Information If a page loaded after clicking the link, close it immediately without typing anything into it. Even if the site looks legitimate, do not enter login credentials, payment details, or personal information of any kind.

2. Disconnect from the Internet If you suspect the link may have downloaded malware, disconnect your device from Wi-Fi or unplug your ethernet cable right away. This can stop malicious software from sending your data to scammers.

3. Run a Security Scan Use a trusted antivirus or anti-malware program to scan your device immediately. If you don’t have one installed, contact a trusted IT professional for help. Do not download security software from an unfamiliar source, as scammers often disguise malware as “antivirus” tools.

4. Change Your Passwords If there’s any chance your login credentials were exposed, change your passwords immediately starting with your email, bank accounts, and any accounts that share the same password. Use a unique, strong password for each account.

5. Enable Two-Factor Authentication Wherever possible, turn on two-factor authentication (2FA) on your accounts. This adds an extra layer of protection even if a scammer has your password.

If You Shared Personal Information

1. Contact Your Bank or Financial Institution Immediately If you shared any payment information, account numbers, or banking details, call your bank right away using the number on the back of your card or their official website. Ask them to flag your account, freeze transactions if necessary, and issue new cards.

2. Place a Fraud Alert or Credit Freeze Contact one of the three major credit bureaus Equifax, Experian, or TransUnion to place a fraud alert on your credit file. For stronger protection, request a credit freeze, which prevents new accounts from being opened in your name.

3. Report a Stolen Social Security Number If you shared your Social Security number, visit IdentityTheft.gov immediately. This is the federal government’s official resource for identity theft victims and will walk you through a personalized recovery plan.

4. Change Compromised Passwords If you shared a password or entered it on a fake site, change it everywhere it was used. Scammers routinely try stolen credentials across multiple platforms.

5. Document Everything Save copies of the suspicious email, text, or any communications related to the scam. Note the date, time, and any details you remember about what happened. This information will be important when reporting the incident.

Report the Scam

Reporting scams helps protect others from falling victim to the same scheme.

Scammers are getting smarter but so can you. Whether it’s a fake bank alert or an urgent call from “tech support,” knowing the warning signs can save you from losing money, personal data, or your identity. Follow these six simple practices to protect yourself.

Federal Trade Commission: ReportFraud.ftc.gov
FBI Internet Crime Complaint Center: IC3.gov
Your state’s Attorney General office
The company being impersonated most major companies have a dedicated email address for reporting phishing attempts

Acting quickly is the most important thing you can do. Even if you feel embarrassed, remember scammers are professionals at deception. Reporting it could prevent someone else from going through the same experience.

If you believe you’ve been targeted by a scam or have questions about protecting your personal information, don’t hesitate to reach out.