Phishing: How to Recognize It and Protect Yourself

The FBI reports that Internet-enabled theft, fraud and exploitation continue to rise. By 2018, these crimes were responsible for $2.7 billion in financial losses.

According to Inc. magazine, scams that are generated through email — namely phishing — are successful for criminals because these sorts of cyberattacks are simple, low-tech and exploit weakness in human nature.

What is phishing? According to the Federal Trade Commission (FTC), phishing is when:

  • You get emails, texts, or calls that seem to be from companies you know or trust (your financial institution, an online store, etc.), but they’re actually from scammers.
  • You’re encouraged to click on a link and give personal information (like a password) so that they can steal your money, identity, or gain access to your computer. The link (or verbal request for information) often looks legitimate or convincing and may deal with invoices, payments, government refunds, coupons, etc.

RBFCU never distributes emails or other messages, nor will a representative place phone calls to its members asking for sign-in information, including passwords.

RBFCU offers its members additional peace of mind in the event they are among the millions of people affected by identity theft each year with IDProtect Plus. It’s affordable coverage that offers timely, unlimited security alerts for your accounts and active, in-depth monitoring of more than 1,000 databases for changes to your personal or financial information.

If you work at a company that offers security awareness training, take advantage of the opportunity if it isn’t already mandatory. According to, detection of phishing increased nearly 60 percent when people were better trained to identify possible attacks.

The FTC provides four steps to protect yourself from phishing:

  1. Protect your computer by using security software, making sure to set the software to update automatically so it can protect against any new security threats.
  2. Protect your mobile phone by setting software to update automatically.
  3. Protect your accounts by using multi-factor authentication (this could include a scan of your fingerprint, retina or face).
  4. Protect your data by backing it up through an external hard drive or cloud storage.

The FTC also offers information on what to do if you suspect a phishing attack, what to do if you think you may have responded to a phishing attack and how to report phishing.

Information in this article is general in nature and for your consideration, not as financial advice. Please contact your own financial advisors regarding your specific needs before taking any action based upon this information.

IDProtect Plus is a personal identity theft protection service available to account owner(s) and their family. Family includes: spouse, persons qualifying as a domestic partner, children under 25 years of age and parent(s) who are residents of the same household. Service is not available to a “signer” on the account who is not an account owner. Service is not available to businesses and their employees, clubs and/or churches and their members, schools and their employees/students. Identity Theft Insurance underwritten by insurance company subsidiaries or affiliates of Chartis Inc. The description herein is a summary and intended for informational purposes only and does not include all terms, conditions and exclusions of the policies described. Please refer to the actual policies for terms, conditions, and exclusions of coverage. Registration/activation required. Coverage may not be available in all jurisdictions. Insurance products are not deposits; not NCUA insured; not an obligation of Randolph-Brooks Federal Credit Union (RBFCU); and not guaranteed by RBFCU or any affiliated entity.