“Phishing” is an attempt to steal your information. Criminals pretend to be a legitimate business to get you to disclose sensitive personal information, such as credit and debit card numbers, bank information, account passwords, or Social Security numbers.

One of the most common phishing scams involves sending an email that pretends to be from a well-known company. However, it can also be carried out in person, over the phone, via malicious pop-up windows, and “spoof” (fake) websites.

How phishing works:

• A criminal sends emails to people that appear to be from a well-known company. A common tactic involves a made-up story designed to lure you into clicking on a link or calling a phone number.
• The phishing email may ask you to fill out a form, or click on a link or button that takes you to a fraudulent website.
• The fraudulent website mimics the company referenced in the email, and aims to trick you into volunteering sensitive, personal data.

How to spot a fake email:There are many telltale signs of a fraudulent email:

• A false sense of urgency. Many scam emails tell you that your account will be in jeopardy if something critical is not updated right away.
• Fake links. These may look real, but they can lead you into trouble. Check where a link is going before you click by hovering over the URL. If it looks suspicious, don’t click.
• Attachments. Attachments can contain malware, so you should never open one unless you are 100% sure it’s legitimate.

In essence, you think you’re giving your information to a trusted company when, in fact, you’re giving it to a criminal.

Note that phishing emails can also lure you to open suspicious attachments or visit websites that can infect your computer with malicious software or malware. This is a useful link to learn more about phishing.