How to Spot Phishing Attempts


According to the Federal Trade Commission, people in the United States lost $10 billion to scams in 2023. One in four people reported losing money to scams, with a median loss of $500 per person1. Any loss of money to scams is too much, so it’s important that you know how to recognize a scam when you see it and learn how to protect yourself and your money.

This article will focus on one of the most common scams – phishing.

What is Phishing

Phishing is when a fraudster sends an email or text that looks like it’s from one of your contacts or an organization you trust, such as your bank. Phishing attempts seek to gain your trust in order to get you to share personal information like credit card numbers.

In a phishing scam, you might receive an email that looks as if it is coming from a legitimate business. You’re asked to update or verify your personal information by replying to the email or visiting a website. If you take the bait and click on a link from a fraudulent email, you’re sent to a spoofed website that looks legitimate (and sometimes nearly identical to the real thing) and prompted to enter sensitive information like passwords, credit card numbers, banking PINs, etc. In some cases, clicking on a link in a fraudulent email can install malicious code or malware on your computer to steal your data.

How to Recognize Phishing

Phishing is a significant threat because it exploits people rather than technology. Fraudsters don't need to breach computer systems directly. They can simply trick people into giving away their personal information and money. That’s why it’s so important to be able to recognize the signs of a phishing attempt.

Here are just a few signs:

Requesting sensitive information
Be wary of requests asking you for personal information that you would not casually give out or to confirm personal or account information the fraudster claims to have.

Threats or a sense of urgency
Communications that threaten negative consequences or demand immediate action should be treated with suspicion. The fraudster is hoping you will be scared or flustered into acting without thinking.

Inconsistencies in phone numbers, email addresses, links, and domain names
Does the text message say it’s from a local business but has an out-of-state area code? Is the link in the email showing a different website than what you know to be the real one? Inconsistencies can be clues that something is not right.

Unusual requests
Being asked to do something that is not the norm can be an indicator that a message is malicious. Examples include being asked to download and install programs on your computer or to allow remote access to your computer.

Grammar and spelling errors
One of the most common signs of phishing is bad spelling and incorrect use of grammar. Communications coming from legitimate sources will have, most likely, been reviewed multiple times to be free of grammar and spelling errors.

Suspicious attachments
Emails with an attached file should be treated with caution, especially if the email is from an unfamiliar source or was unexpected. If the attached file has an extension commonly associated with malware, such as .zip or .exe, don’t open it.

Unprompted messages
Phishing emails and texts are unsolicited. If you did not initiate the conversation or if the message promises something too good to be true (like winning a prize in a contest you didn’t enter), it’s probably a scam.

How to Protect Yourself

Here are a few ways you can protect yourself, your data, and your money from phishing attacks:

Awareness
Just knowing how to recognize phishing attempts is the first line of defense. If you think you have received a text or email message that could be phishing, do not respond and delete it immediately.

Research and validate
If you are unsure about the legitimacy of an email or text message, call the sender directly using an official number from their website or consult with a trusted family member or friend.

Protect your computer and phone
Make sure to use security software and set it to update automatically so you will be protected against any new security threats.

Protect your accounts
Use multi-factor authentication to protect your online accounts. This feature adds an extra layer of security by requiring two or more credentials to log in to your account. Even if scammers get your username and password, multi-factor authentication makes it harder for them to log into your account.

For more information, visit our Security webpage to learn about common scams, identity theft, and more.

Have questions or need assistance?

If you have questions about this topic or need assistance with your banking needs, please speak to one of our knowledgeable staff at your local Bar Harbor Bank & Trust branch. We’re here to help you build a solid financial future.












1Larissa Bungo. “Think you know what the top scam of 2023 was? Take a guess.” https://consumer.ftc.gov/consumer-alerts/2024/02/think-you-know-what-top-scam-2023-was-take-guess

A family of four sitting on a couch and reading a book

Financial Education

From budgeting basics to planning for the future, our financial education content will help you make confident financial decisions.

Read the articles

Woman typing on laptop

Security

Your safety is our priority. Learn how we help protect you and get helpful tips on how to protect yourself.

Read more