Phishing Q&A - The Penny Hoarder

ScoreCard Research

Phishing Q&A

What is phishing?

Phishing is a scam in which someone pretends to be someone else in order to gain your trust—usually contacting you over email or by message on a social media platform, but also occasionally by a telephone call—with the ultimate goal of stealing your personal or financial information.

Many companies, like ours, have branded images that are easily recognizable, and scammers have used those images to take phishing to the next level by reaching out to a company’s fans or customers under the guise of that company and using that company’s branded images.

How can I detect phishing?

Identifying a phishing scam is harder than it once was because scammers are getting better at designing emails and messages to look legitimate. But we will never ask for your bank account number, social security number, or any other personal information in an email or message. No matter how official the email or message may look, if the sender asks for personal information, it is likely a phishing scam. Do not reply to or click on links in these emails.

Not every email you receive is a scam, and occasionally you really will need to reach out to a company with regard to your personal information. For instance, we love to do sweepstakes and giveaways, and if we are going to send you prizes, we’ll need to know where to send them. But you don’t have to follow the steps in every email or telephone call—especially the suspicious ones. Instead:

  • Call the company directly. If the company called you, ask to call them right back. When you call back, don’t use the number they gave you. Instead, search for the company online and get the contact information directly from their website.
  • If you have an online account with the company, go to their official website (but not via the link in the email or message!), and log in. Many companies will send important messages to your online account as well as your email.

What if I think I’ve been hooked or want to report a scam?

Contact the institution the phishing email or message was purporting to be. If they have no record of asking for your information, change your account immediately to minimize the damage. If you receive a suspicious email or message purporting to be from us, please forward that message to [email protected]. If the message is sent via a social media platform, please report that message to the respective social media platform for removal.