How to Protect Your Personal Information Online

Your email inbox may sometimes be flooded with offers from online retails promoting sales, coupons and special deals. Unfortunately, some of these messages may actually be instances of phishing.

What’s phishing? It’s when hackers send emails or text messages pretending to be from reputable companies in order to trick you into giving them what they want: typically, your personal information—like passwords or credit card numbers.

Internet scams are targeting seniors.1 Scammers want to catch you with your guard down and get you to offer up your personal, protected information. To protect yourself from phishing, it’s important to learn the common forms, ways to spot a phishing message and how to report phishing scams.

What are the most common forms of phishing?

  1. Emails or text messages claiming to be from a legitimate retailer, shipper, bank, organization or government agency. The sender may ask you to confirm your personal information for a phony reason (e.g., an order has been placed in your name, your account is about to be closed, or your information has been lost because of a computer problem).
  2. Requests for charitable donations. There are many fake charities that have legitimate sounding names, so thoroughly research charities before donating. The Federal Trade Commission has a helpful Charity Checklist (link opens in new window) for this reason.
  3. IRS and tax-related emails. These emails may reference unpaid taxes or a potential audit but are often a scam. The Internal Revenue Service (IRS) website states that it “does not initiate contact with taxpayers by email to request personal or financial information. This includes any type of electronic communication, such as text messages and social media channels.”2

Phishing could happen to anyone. If you receive a phishing email, report it. Below are some great resources and steps to report phishing emails.

  • Forward phishing emails to spam@uce.gov – and to the organization impersonated in the email. Your report is most effective when you include the full email header, but most email programs hide this information. To ensure the header is included, search the name of your email service with “full email header” into your favorite search engine.
  • File a report with the Federal Trade Commission at FTC.gov/complaint (link opens in new window).
  • You can also report phishing email to reportphishing@apwg.org. The Anti-Phishing Working Group – which includes ISPs, security vendors, financial institutions and law enforcement agencies – uses these reports to fight phishing.

Sources: