Help I Think I’ve Been Phished What Do I Do
If you believe you’ve been scammed, file your complaint with the FTC, and then visit the FTC’s Identity Theft website at ftc.gov/idtheft. Victims of phishing can become victims of identity theft.
Follow the guide below for specific steps to take according to the type of information you shared:
I accidentally sent…my email/username & password/passphrase.
Report It To Your Email Provider
Your email provider probably has a process you can follow to report phishing emails. The mechanism varies from provider to provider, but the reason is the same. The more data the company has on phishing emails, the better it can make its spam/junk filters to prevent scams from getting through to you.
If Google or Microsoft provide your email account, they have a reporting mechanism built into their clients.
In Google, click the three dots next to the Reply option in the email, and then select Report phishing.
A panel opens and asks you to confirm you want to report the email. Click Report Phishing Message, and then Google reviews the email.
The Outlook client doesnt provide an option to report an email to Microsoft, but the Outlook web app does. It works the same way as Gmail. Click the three dots next to the Reply option in the email, and then select Mark as phishing.
This opens a panel to confirm you want to report the email. Click Report, and then Microsoft reviews the email.
You cant report a phishing email directly within the Apple Mail client. Instead, Apple requests you forward the message to .
For any other mail providers, search online to see how you report phishing emails to them.
Protecting Yourself From Phishing Phone Calls
Similar to phishing emails and texts, fraudsters may also try to collect personal information over the phone, either on a mobile phone or landline.
If you receive an unexpected and suspicious call, take a moment, pause and ask yourself:
Is the caller asking for personal or sensitive information?
Is the caller trying to create a sense of urgency and/or pressuring you to take action, suggesting something bad may happen if you do not follow their instructions?
Does the caller say they are calling from a trusted, reputable company or organization you know would not usually treat their customers like this?
If the answer is yes to any of these questions, the call is likely a phishing or scam attempt.
Read Also: My Email Isn T Updating
Review The Emails Salutation
When reviewing an email for a possible phishing scheme, also take a closer look at how the sender of the email addresses you. Is it sent to Dear Customer, My Dear, Dearest or one of numerous other odd-sounding salutations?
A legitimate business that you have had dealings with before will likely use a personalized salutation, such as Dear Jeff, Mr. Lebowski or simply Jeff Lebowski instead of a generic Customer greeting.
Phishers count on you not being aware that a major company youve dealt with will have your information on file and will be able to access that for such a simple thing as an email greeting. Its called mail merge, and its great.
Check For Spelling And Grammar Mistakes
At first blush, this may seem a bit weird, but major corporations are pretty strict on their employees using proper spelling and grammar. If an email you have supposedly received from a major banking concern or government agency contains a number of misspellings, grammar errors, and awkward formatting, its likely a phishing email.
You would think that phishers would take the time to make sure spelling and grammar are correct in their fraudulent emails, but a couple of factors likely contribute to the mistakes.
- Just because someone is good at hacking doesnt mean they received passing grades in English class.
- For many of these con artists, English is a second language. I even see this in communications from legitimate sources who reside in China, Russia, and other non-English-speaking countries.
While bad spelling and incorrect grammar arent always an accurate indicator that you may be looking at a phishing email, its a good enough reason for you to take a closer look at things.
Read Also: My Email Is Not Updating
Report Scams To The Federal Government
You can report scams to the federal government. Your report may keep others from experiencing a scam. Government agencies use reports of scams to track scam patterns. They may even take legal action against a company or industry based on the reports. However, agencies usually dont follow up after you report, and can’t recover lost money.
Do not use the agency contact information included in scam messages. Use contact information in the federal agency directory to report other government imposters.
Report Disaster and Emergency Scams
Report coronavirus scams and other scams about disasters and emergencies.
Use the National Center for Disaster Fraud’s web complaint form or call .
Find more information on identifying and reporting coronavirus scams.
Report Most Common Scams
The Federal Trade Commission is the main agency that collects scam reports. Report the scam to the FTC online, or by phone at . The FTC accepts complaints about most scams, including these popular ones:
- Phone calls
- Demands for you to send money
- Student loan or scholarship scams
- Prize, grants, and sweepstakes offers
The FTC also collects reports of identity theft. Report identity theft online at IdentityTheft.gov or by phone at .
Report Online and International Scams
Report IRS or Social Security Imposter Scams
Scammers often pretend to work for the Social Security Administration or Internal Revenue Service . Common signs include:
How To Report Phishing By Email In Outlook
Outlook on the web or Outlook.com lets you report dangerous phishing emails to Microsoft, and in this post, well show you how.The problem is that changes to the Outlook user interface made things difficult to find. Dont worry, because we are going to help you during this difficult time.
Before we go any further, we must point out that we are going to talk about how to report any email scams to Microsoft in both the old and new versions of Outlook.com.
Read Also: How To Unarchive Emails In Outlook
What Is Spam Why Do I Need To Worry About It
Spam email will often:
Have typos and use poor grammar
Try to create a sense of urgency or give an immediate incentive to trick users into clicking on links or attachments
Spam and phishing are very similar. However, the biggest differentiator is that a spam email will usually not ask you to provide personal or confidential information, while a phishing email or text are written in a way that encourages you to share personal or confidential information.
Key tip: To protect yourself from phishing and spam, it is important to allow yourself to slow down and think critically about what you are being asked to do. Fraudsters rely on our instinct to move quickly in the online world and to click without thinking. Always allow yourself to pause and consider if anything seems suspicious or unexpected think before you click and ask yourself the questions above.
Dont Open That Attachment Either
In addition to malicious links, the bad actors of the world love to include attachments in their phishing emails. These attachments appear for all the world to be an innocent PDF or Microsoft Word document.
However, they could contain viruses and malware designed to damage files on your computer, grab administrator status so it can make changes, steal your passwords or otherwise spy on your every online move.
The attachment may be posing as an invoice for an unpaid bill or a schedule for a corporate retreat. Malware-powered documents can take many forms. Youll particularly want to be vigilant for emails that appear to be from known sources, such as your childs school or your bowling league, that may actually send you unsolicited attachments.
Don’t Miss: How To Email A Large Amount Of Photos
How To Identify Fraudulent Emails And Messages
Scammers try to copy email and text messages from legitimate companies to trick you into giving them your personal information and passwords. These signs can help you identify phishing emails:
- The senders email or phone doesnt match the name of the company that it claims to be from.
- The email or phone they used to contact you is different from the one that you gave that company.
- A link in a message looks right, but the URL doesnt match the companys website.2
- The message looks significantly different from other messages that youve received from the company.
- The message requests personal information, like a credit card number or account password.
- The message is unsolicited and contains an attachment.
Verify The Phone Number
Square always requires your customer code for phone support. To contact support, visit Squares contact page and sign in to your account. Keep in mind, if our phone line is unavailable or you are contacting us outside of our business hours, you will not see the option to call, but are able to request a callback or send us an email.
If a third party provides you with contact information for Square, please verify the information through an official Square channel before calling.
Recommended Reading: How To Send Big Videos
Scams Are Especially Common On The Internet Where New Technologies And Anonymity Can Help Fool You Here Are A Few Examples Of Online Scams And How To Stay Safe Online
Educate yourself on these common warning signs that can help prevent you from falling victim to scam websites.
Your web browser warns you
Most web browsers have built-in features designed to alert you about dangerous or deceptive websites. If you receive one of these warnings, do not visit the site. However, just because a website does not generate a warning, does not mean it is legitimate. Scammers are constantly creating fake websites and it takes time for the browsers to detect them.
Unusual URL Structure
The URL is the address of the website, found at the top of your web browser, for example, . Carefully examine the URL of the website you are visiting. Look for subtle misspellings .
Also, watch for URLs that begin with the website you expect, but have extra characters at the end or unusual punctuation .
If there are any characters or words that look out of place in an otherwise normal URL, you may be on a phishing site built to look just like a trusted website. Read carefully.
No Business Contact Information is Listed
Reputable businesses provide legitimate contact information. If a website does not list an address or phone number, be wary of providing personal information.
How To Deal With Phishing Emails
When you receive a phishing email, do not respond in any way. Do not supply any of the information the emails may ask for. Never click on any website links or call any phone numbers that are listed in the email.
Do not click on, open, or save any attachments that may be included in the email. File attachments can contain malware, viruses, or a link to a website that could facilitate the download of such malware.
Do not furnish any personal, financial, or login information to the senders of the phishing email. If you want to check if the communication is actually from the company the email purports it to be, contact the company using a known, official method, such as their known email address, website URL, or customer support phone number.
Be sure to review all banking and credit card statements as soon as you receive them. Make sure there are no unauthorized withdrawals or charges. If you notice suspicious account activity, contact the institutions customer support department immediately via the contact information provided on the bank or credit card statement.
If your banking or credit card statement doesnt show up within at least a few days of its usual date, and check your current balances.
Smartphone and tablet users can also usually view their account information, including recent transactions and current account balances, via an app on their mobile device. The apps are available in your devices app store. Check with your bank for more details.
Recommended Reading: How Do I Send A Large Video Through Email
Report A Message As Phishing In Outlookcom
In the message list, select the message or messages you want to report.
Above the reading pane, select > Phishing> Report to report the message sender.
Note: When you mark a message as phishing, it reports the sender but doesn’t block them from sending you messages in the future. To block the sender, you need to add them to your blocked senders list. For more information, see Block senders or mark email as junk in Outlook.com.
If You Think Youve Been A Victim Of An Online Scam Or Fraud
Contact Action Fraud if you think youve lost money or been hacked because of an online scam or fraud and youre in England or Wales. You can:
- report online – either sign up for an account or continue as a guest
If youre in Scotland and youve lost money because of an online scam or fraud, report the crime to Police Scotland.
Recommended Reading: How Do You Print Out An Email
Phishing And Email Safety
“Phishing” is an online safety concern that involves fake emails written to appear as if they have been sent by a genuine organization with the intent of luring the recipient into revealing sensitive and confidential information such as usernames, passwords, account credentials, personal identifying numbers or credit card details. Typically, phishing attacks will direct the recipient to a web page to get the user’s personal information.
Phishing can lead to financial losses, identity theft or viruses on your computer.
What To Do If You Have Received A Suspected Phishing Text To Your Telus Mobile Device:
Do not respond or click on links or instructions within the message
Report the text to TELUS by forwarding the message to 7726 with the word SPAM in the body of the message. Instructions on how to forward text messages can be found on your device manufacturers website
For more tips on smartphone safety, visit telus.com/wise.
You May Like: Unarchive In Outlook
What To Do If You Suspect A Phishing Attack
If you get an email or a text message that asks you to click on a link or open an attachment, answer this question: Do I have an account with the company or know the person that contacted me?
If the answer is No, it could be a phishing scam. Go back and review the tips in How to recognize phishing and look for signs of a phishing scam. If you see them, report the message and then delete it.
If the answer is Yes, contact the company using a phone number or website you know is real. Not the information in the email.Attachments and links can install harmfulmalware.