Contact Your Local Banking Expert Today
Financial Literacy

How to Spot a Phishing Scam


Phishing is the most common attack for cybercriminals. Due to the increasing amount and complexity of phishing scams, knowing how to spot a phishing scam is more important than ever.

Cybercriminals or scammers use email or text messages to trick victims into sharing personal and financial information. Being the victim of a phishing scam can be scary, but Highlands Community Bank is here to share the ways you can protect yourself.

Recognizing a Phishing Scam

The first step to protecting yourself is to understand the basics of a phishing scam and what to look out for. Scammers may use email or text messages to try and steal your information (i.e., passwords, account numbers, logins, or social security numbers).

Falling victim to a phishing scam means scammers could get access to your email, bank, or other accounts and potentially sell that information to other scammers. Collectively, over three billion phishing emails are sent each day, and a lot of those scammers are successful in their search for information.

Common Phishing Tactics

Phishing attacks often hook you in by telling a story to try and convince you to click a link or open an attachment. These scams might look like an official email or text message from a company you know or trust, like a bank, credit card, or even a streaming service. Here are a few examples of messaging they might use:

  • “We’ve noticed suspicious activity or login attempts.”
  • “There’s a problem with your account or payment information.”
  • “Confirm personal information or financial information to receive your [good or service].”
  • “Click to view this invoice.”
  • “Click on the link to make a payment.”
  • “You’re eligible to register for a government refund.”
  • “Download this coupon for free [item].”

Better Safe Than Sorry

Here is a real-world example of a phishing email from the FTC:


At first glance, a phishing attack can look real. But rest assured, there are signs you can look for when you receive an email or text, even if the message looks legitimate. The message will likely:

  • Have a generic greeting, “Hi Dear, Hello You, Dear Customer”.
  • Mention your account is on hold or your goods will not arrive because of a billing problem, “Your USPS package will not arrive if your payment has not been processed”.
  • Invite you to visit a link to update payment details, “Your transaction was not completed. Click the link to update your payment details”.

If you’re ever weary after receiving a mysterious message, take a beat to remember that legitimate companies will never email or text with a link to update payment information. If you receive a message that asks you to open an attachment or follow a link, ask yourself if you have an account with the company or know of the person who sent you the message.

If you know the sender, contact the company or individual directly using a phone number or website you know is real – do not use the contact information from the message. It could be a phishing scam if you do not know the sender. When in doubt, report the message and remove it from your inbox.

What To Do If You Get Caught in a Phishing Attack

Phishing attacks look very convincing these days. If you find yourself a victim of a phishing attack, there’s no need to feel embarrassed or ashamed. If you think cybercriminals have your information, visit to learn the steps you can take based on the stolen information.

If you think you may have clicked on a link or downloaded an attachment that caused viruses, malware, or ransomware, update your computer’s security software. Most security software can scan your computer and remove those issues.

How to Protect Yourself from Future Phishing Attacks

It’s important to protect your personal data from cybercriminals. The good news is most of the technology we use has built-in spam filters to stop malicious messages from coming through.

But scammers are getting smarter and wiser, and taking these steps can help add some extra layers of protection.

  • Update your computer and its security software regularly: Most software will update automatically, but it’s always a good idea to check for updates regularly.
  • Change the settings on your cell phone to update automatically: Mobile providers, like Apple, will push security updates regularly. If you set up automatic updates, most cellular devices will update at night when you’re not using them.
  • Use multi-factor authentication (MFA): If there is an option, always opt for MFA on your accounts. MFA means it takes more than just a username and password to log in to your account. Usually, it’s third-party software that will link to your accounts and will require extra credentials to log in. MFA makes it more difficult for scammers and cybercriminals to access your account if they acquire your username and password.

If you ever receive a suspicious message that could be spam, take a moment to think. Trust your instincts, and don’t open or click on anything you do not trust. Highlands Community Bank does what we can to ensure your personal and financial information never enters the hands of a scammer. If you ever have any concerns about the safety of your bank account, one of our team members would be happy to answer your questions.

Explore More Like This

View All Articles
Leaving so soon?

You are leaving Highlands Community Bank's website and linking to a third party site. Please be advised that you will then link to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Highlands Community Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Highlands Community Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.