Avoiding Phishing Emails

Protect Yourself Against a Phishing Email

What is email phishing?

Email phishing refers to scammers sending fraudulent emails asking for sensitive information like passwords and account numbers. The senders of these emails typically act as a trusted or reputable source so consumers feel both obligated and safe to send such information.

How email phishing works

In most phishing schemes, a fraudster will imitate a known or trusted source to trick a person into releasing sensitive information. These sources commonly misrepresent themselves as banks, schools, retailers and charities. Sophisticated perpetrators will take care to reproduce a source’s brand, logos and styling conventions to enhance their credibility.1

With phishing emails, a fraudster will often ask for login or password information. (Nationwide will never send an email to customers requesting login/password information). The request will frequently be phrased as though the source – bank, retail site, etc. – needs to verify your account or password information. Other times these emails request that you access your account and verify recent charges, but the link provided actually delivers you to an imitation site set up by the criminals — which is then used to harvest the information you enter.

Trustworthy companies should never ask you to confirm passwords or sensitive information over email or text message. Such companies understand that these channels are susceptible to fraud.2

Common phishing scams

Protecting yourself from phishing

To protect yourself from email phishing and email fraud, be wary of any email that requests personal information.

Never send account login, password or personal information through a link provided in an email. Even if a company you know and trust sends an email that asks you to follow a link or provide information, you should still navigate directly to the company website or your account in a browser to respond to the message. If your account has a message center, there is a good chance you will be able to access the message there after you log in.

If you’re suspicious of the origin of an email, you can also call and speak with a representative at the organization from which the email was sent. Representatives from human resources or information technology should be able to verify if a message has been sent.

Phishing criminals rely on the mechanical, unsuspecting behavior many users display when accessing emails they believe derive from known, trusted sources. By recognizing the common phishing tactics described above, and by educating yourself on banking safely online, you can better spot and avoid phishing scams.

Share Article